 |
 |
 |
 |
 |
 |
|
|
||||||
|
|||||||
"Back to Work", A. Hagg. (CPM, Vol 6, 6, p. 14) After recovering critical operations within 24 hours and relocating 8000 employees just five days after terrorists attacked lower Manhattan, Merrill Lynch's business continuity team ensured that the company would be ready for business at the opening bell. "Collapse: World Trade Center Aftermath", J. Nicholson, H. Touger. (NFPA, Vol 95, 6, p. 36) NFPA examines the response to the terrorist attack on the World Trade Center, from cause of collapse to evacuation to search and rescue. "Disaster Recovery", P. Rothstein. (IS, Vol 4, 11, p. 48) Sept. 11 changes everything. "EMAC Provides Help in Time of Need", K. Cormier. (IAEM, Vol 18, 11, p. 15) During the response to the Sept. 11 terrorist attacks, assistance from states was on the scene swiftly after help was requested because of a mutual aid program operated by the National Emergency Management Association (NEMA). "Facilitation, Cooperation Guide New York To Recovery", T. D'Auria. (DRJ, Vol 15, 1, p. 14) In the wake of tragic events of New York City's World Trade Center attacks, city officials were faced with the daunting task of not only responding to the most horrific event in U.S. history, but also to simultaneously manage response efforts and guide New York to a quick recovery. "I Thought I Was Prepared For Anything…Not So", M. Fagel. (IAEM, Vol 18, 11, p. 5) I am still overcome at times by the destruction, the surreal nature of the scene- the horror that those 6,000 innocents must have felt. "Industry Vendors Meet Demands of Clients During WTC Events", . Editor. (DRJ, Vol 14, 4, p. 30) Comdisco, IBM, Strohl Systems and SunGard discuss what happened within their companies during the World Trade Center terrorist attack. "Learning from September 11th", D. Mileti. (NHO, Vol 26, 2, p. 1) On September 11th, Americans shared a common bond- the sense of being under siege from an enemy force. "Merrill Lynch Resumes Critical Business Functions Within Minutes of Attack", J. Ballman. (DRJ, Vol 14, 4, p. 26) For Merrill Lynch and Co. Inc. preparedness and proper testing of contingency plans kept their company doing 'business as usual' following the terrorist attacks of September 11. "Preparing for the Unthinkable", J. Toigo. (ESJ, Vol 16, 12, p. 34) The aftermath of the Sept. 11 attacks may include hundreds of companies that will go out of business because they didn't have a disaster recovery plan. Jon Toigo spoke with survivors and spokespersons from businesses affected both directly and indirectly by the tragedy. Here are 10 best practices for disaster recovery planning. "Preparing for the Unthinkable", J. Dyslin. (SH, Vol 164, 6, p. 34) After the Sept. 11 tragedies, safety and health professionals must re-examine what they need to do to keep workers safe and secure. "Providing Radiological Assistance to the WTC Complex", S. Centore. (IAEM, Vol 18, 11, p. 9) DOE Region 1 received a request from the NYC Department of Health (DOH) to provide radiological assistance to the WTC complex. "Rebuilding On Security's Solid Foundation", S. Harowitz. (SM, Vol 45, 11, p. 42) What are companies doing in the wake of September 11, and what preliminary lessons have been learned? "Report From Ground Zero", G. Pickett. (IAEM, Vol 18, 11, p. 6) One week and one day after the terrorist attacks that shook the very foundation of this country, I wake up full charged despite a restless night. "Searching for Survivors", E. Comeau. (NFPA, Vol 96, 1, p. 62) Nearly all the nation's Urban Search and Rescue teams were dispatched to Ground Zero and the Pentagon in the aftermath of September 11. "Terrorist Attacks Have Far Reaching Effects On Business", J. Ballman. (DRJ, Vol 14, 4, p. 22) Contingency planners are trained to prepare for business interruptions of any type. But no contingency planner could have imagined the devastating events that occurred on September 11, 2001. The destruction and loss of life caused by the terrorist attack was astounding. "The Day We All Became New Yorkers", R. Duncan. (IAEM, Vol 18, 11, p. 3) I sat on the left side of the airplane and looked out the window. Below me, as we were on final approach over Manhattan into La Guardia, was a column of smoke and soot. "The Sept. 11 Attacks: Not Without Precedence", G. Kuepper. (IAEM, Vol 18, 11, p. 11) The worst terrorist attack in human history happened on the morning of Sept. 11, 2001, when four airplanes were seized in flight by 19 hijackers, committed to suicide. "What Disaster Recovery Experts Were Thinking Just After The Attacks", R. Chandler& J.D. Wallace. (DRJ, Vol 15, 1, p. 26) The disastrous events of Sept. 11, 2001 were a tragic and devastating national calamity. The thinking of disaster recovery experts is particularly insightful and important for the general level of preparedness across the nation
Building the Plan"12 Point Check-up", J. Persson. (DRJ, Vol 14, 2, p. 60) This article will reach outside the more traditional views and identify a few points you may want to look at in an effort to strengthen the plan and keep pace with change. "All the World's a Staging Ground", E. Bowron. (SM, Apr. 01) While contingency planning is important in executive protection, it should not be implemented at the expense of threat assessment and advance planning. "An Ounce of Prevention and a Pound of Planning", R. Nicklin. (SM, Feb. 01) A forward-looking approach can help a company identify and head off potential problems before they reach the crisis stage. "Business Continuity Best Practices", R. Koch. (DRJ, Vol 14, 1, p. 58) This article describes nine best practices for business continuity. These are universal best practices that apply to any organization and all technologies. "Business Continuity Mythology
101", L. Wenzel. (DR "Disaster Recovery: No Longer Enough", R. LaPedis. (DRJ, Vol 14, 3, p. 14) In the business world, computer disaster recovery planning is evolving toward business continuity planning. What is the difference between disaster recovery and continuity planning? "Disaster Recovery: Predicated On Fallacies", N. Koehler. (DRJ, Vol 15, 1, p. 68) Years ago, I was often amazed at the number of businesses that had no viable recovery plan in place. Even more disturbing was to encounter those who believed that they had a recovery plan, when, as a matter of fact, they didn't. "Emergency Preparedness Exercises",
R. Phelps. (DR "Exercising in Public", S. Vivian. (IAEM, Vol 18, 4, p. 10) Since its inception, the Langley Emergency Program has favored the exercise process as a solid way to test emergency procedures and protocols. "Food for Thought as You Prepare for Your Company's BIA", H. Dolgin. (DRJ, Vol 14, 4, p. 62) For anyone who has performed a BIA, you know that there are many choices to make in how it is structured. This article will give you some food for thought on decisions that may impact the results for your BIA. "Remembering the Basics in Disaster Preparedness", W. Johnson, S. Wiens & A. Johnson. (DRJ, Vol 14, 2, p. 58) Making companies and governments disaster resistant is not an option. It is an obligation. We may not have the technology to prevent disasters, but we can put contingency systems in place to minimize disaster damage. "Scenarios In BC Plan Validation", C. Rohrs. (DRJ, Vol 15, 1, p. 70) This article will discuss the use of scenarios in validating business continuity plans. Some of the validations exercises can be as simple as a notification test to make sure that all the branches of the calling trees are still attached, or they can be as elaborate as a full scale exercise covering several days involving the police, fire and FBI. "Ten 'Suggested' Commandments of Business Continuity Planning", D. Greb. (DRJ, Vol 14, 1, p. 32) We face a very normal tendency to become bogged down in the technological, the arcane, and the finely detailed aspects of business continuity planning. These Ten Commandments can help us keep sight of the forest, even though we often must focus on the leaves on the trees. "The Acceptable Deductible", E. Burns. (DRJ, Vol 14, 1, p. 16) The Business Continuity industry has changed since I wrote my first article on Business Resumption Planning. Advances in technology and changes in the way business is done, has spun the growth of this industry and planning has expanded to cover the entire organization. "The Death of World Based BCP Software - A Myth or Reality", N. Koehler. (DRJ, Vol 14, 1, p. 46) Almost all experienced continuity planners know that the devolopment of complex BCP plans cannot be accomplished utilizing just word processing techniques. "What Is Business Continuity Planning?", J. Glenn. (DRJ, Vol 15, 1, p. 75) There are many articles addressing how to create a business continuity plan, but few actually describe the purpose of business continuity planning. This then is my biased attempt to explain what business continuity is and what it is intended to accomplish; it is not intended to describe a business continuity plan or how to create a business continuity plan. Establishing The Program"Avantages in Utilizing E-Commerce for Claim Services: Timely Claims for Mold Contamination", B. Fultz. (DRJ, Vol 14, 4, p. 14) The restoration industry is constantly changing. With insurance providers adopting new e-commerce initiatives, restoration vendors also must adapt and implement e-commerce initiatives in their business. "Common Pitfalls in DR Contract Services", J. Nicolet. (DRJ, Vol 14, 2, p. 70) Over the years I've worked on both sides of the disaster recovery engagement, as en employer hiring vendor services and as a DR consultant serving many different industries. During this time I've been gratified and frustrated at how some engagements were handled. I came up with a short list of pitfalls that can negatively affect your engagement. "Court in Session: Intellectual Property at Risk", J. Pearson. (RM, Vol 48, 2) Internet start-ups and software developers are not the only ones looking to protect intellectual property. There are many avenues of exposure that could lead any company to costly court cases and bankrupting results. "CRO: Here to Stay", J. Lam. (RM, Vol 48, 3) The role of chief risk officer (CRO) has begun to gain worldwide acceptance and momentum over the past several years. A trend that began in the U.S. financial services industry has extended into Europe and Asia, as well as other industries, such as energy and nonfinancial corporations. "Do Your Secrets Pass the Test?", M. Halligan. (SM, Mar. 01) To make sure that trade secrets are protected by the law, companies must meet these legal standards. "Early Selling for Business Continuity Planning", D. Derby. (DRJ, Vol 14, 2, p. 18) Everyone agrees, upper management commitment is key to DRP/Business Continuity program success. However, no one tells you how to generate those first critical attention getting conversations to get that support and preliminary funding. "How Mature Is Your Business Continuity Program?", S. Ream. (CPM, Vol 7, 1, p. 26) A new model helps measure the development of your organization's business continuity management program. "How To Avoid An Identity Crisis", R. Del Grosso. (SM, Vol 45, 12, p. 72) Businesses can win the esteem of their employees and improve the bottom line by helping staff prevent or deal with identity theft. "How To Highlight Security's Strategic Value", N. Smith, Jr.. (SM, Vol 45, 11, p. 85) Without executive support, security initiatives are doomed. Find out how to get the support you need. "How to Keep Your Organizational Reality from Sabotaging Your Outsource Strategy", P. Harper. (DRJ, Vol 14, 3, p. 38) As companies look for new ways to grow in an unstable economic climate, strategic outsourcing, the strategy of outsourcing entire business functions, is gaining popularity. However, there's more to successfully executing an outsourcing strategy than meets the eye. "Keeping Paper Trail Intact After Disaster Strikes", N. Anderson. (DRJ, Vol 15, 1, p. 32) A virus has damaged the network irreversibly. Weather conditions force an area evacuation. The building has caught fire. No matter what the crisis, preparing paychecks and handling payables is one of the last things organizations should worry about in a disaster situation. "Keeping Your Name Safe-Effective Corporate Reputation Management", N. Ross. (CPM, Vol 6, 5, p. 24) Failing to include a crisis communication plan in your overall business continuity plan may jeopardize one of your most important corporate assets- your reputation. "Lead the Way to Your Future Leaders", J. Morris-Lee. (CPM, Vol 6, 6, p. 18) Succession planning is an issue of leadership development, not management training. Here's how to avoid business collapse by identifying and cultivating your future leaders long before disaster strikes or attrition erodes the upper ranks. "Paradigm Shift In Handling Disasters", M. Talon. (DRJ, Vol 15, 1, p. 42) Every member of a corporation, from the CEO to the mailroom, is influenced by data loss and system outages. Regardless of who is directly and/or indirectly affected, the results of these interruptions are always the same at their most basic level- loss of time, loss of money, loss of business. "Selling BCP to Executives", T. Brown. (CPM, Vol 6, 4, p. 26) Gaining senior management buy-in has always been a challenge for the planning professional, and the problem most often is in the presentation. When presenting your initiatives to executives, don't be a contingency planner. Be a salesperson. "Technology Transforming our Industry",
J. Bell. (DR "The Board of Directors Should Be Involved in a BCP…", R. Atkins, J. Hoye. (DRJ, Vol 14, 4, p. 64) When's the last time you heard someone talking about the Board of Directors and a Business Continuity Program? If you haven't, you will. "The Challenge Of Getting Back To Business", M. Redmond& J. Hammill. (DRJ, Vol 15, 1, p. 92) In light of recent events, we know that getting back to business as usual is a challenge. Leaders are faced with issues that were once unthinkable. The ramifications are impacting all aspects of business dealings and operations. At this time, it is critical to identify, to respond, and manage the unique risks associated with recovery and business continuity. "Walking on Eggshells. The Evolution from Disaster Recovery to Business Continuity", R. Davis. (DRJ, Vol 14, 4, p. 32) When working to assure business survival, business unit leaders and personnel (Business Units) face a survival challenge. Business Units must assume ownership, as well as authorship when designing a strategy to face various types of business interruptions. "What A Difference A Day Makes", D. Perry. (DRJ, Vol 15, 1, p. 72) This article is intended, believe it or not, to be a positive prediction of the contingency planning direction necessary to prepare the industry for the mid to long-term contingency planning future. Industry Sectors"Business Continuity Needs in
the Industrial Environment", J. King. (DR "Business Continuity Planning
in the Healthcare Environment", P. Coleman. (DR "Business Continuity--Is it Really Important?" ,
B. Blue. (DR "Gearing Up for HIPAA: The Role of DRP and BCP in HIPAA Compliance", W. Rider. (CPM, Vol 6, 1, p. 28) The clock is ticking, and while the healthcare industry's focus is presently fixed on other matters of HIPAA compliance, there are significant lead-time issues with recovery strategy implementation. The time to start drawing up compliant contingency plans is now. Here's how to get started, and how to get management on board. "Getting Started in Healthcare Disaster Recovery. Now for Something Completely Different!", K. Patterson. (DRJ, Vol 14, 4, p. 46) As a BCP or DR expert, have you had the opportunity to perform a BIA for a healthcare provider? Well it doesn't take long to realize business is conducted in a far different manner. Hospitals have a culture all of their own. "Keeping the Process Going: Keys to Manufacturing, Supply Chain, and Distribution Recovery", K. Douglass. (CPM, Vol 6, 1, p. 23) Original equipment manufacturers can keep their revenue streams flowing in the wake of a disaster with a robust contingency plan that addresses everything from documentation retrieval to production outsourcing. "Managing Risk on College Campus", T. Query. (RM, Vol 48, 6) One of the most diverse and challenging environments for risk managers today is found on college campuses. The range of loss control issues can involve a vast array of fields, including construction, perilous scientific and medical experiments, hospitals or health care centers, security details or police forces, services such as mass transportation and day care centers, athletics, Greek organizations and special events. "Meeting the Unique Challenges of Manufacturing & Distribution Environments", P. Moore. (DRGUIDE, Vol 7, p.26) "Success: Coming Together as an Industry", J. Grove, C. Moffitt. (DRJ, Vol 14, 1, p. 36) The old saying "two brains are better than one", holds true for the Financial Services Industry as multiple organizations come together to position themselves to manage through potential and real situations that could impact the industry and its members within. While unique for an industry to be so co-operative, the benefits to their clients continues to outweigh concerns. "Special Focus on Themed Entertainment-Lodging No Complaints", C. Callaghan. (SM, Jun. 01) Lodging industry solutions must continually evolve to meet changing threats. Practitioners are meeting the challenge. "The State of the Business Continuity Industry", N. Ross. (CPM, Vol 7, 1, p. 20) A panel of experts in the disaster recovery and business continuity arena discusses the present and future state of the business continuity industry, the results of organizations' heightened awareness after 9/11, and what new challenges planners face in the new year. "What Does HIPAA Mean to You?. . .", R. Koch. (DRJ, Vol 14, 3, p. 26) The final version of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 will be published soon. Among other things, HIPAA requires broad security and disaster recovery protection for "individually identifiable healthcare information." Risk Management"Are You Covered?", N. Ross. (CPM, Vol 6, 6, p.22) With the tremendous benefits of conducting business online comes a deluge of vulnerabilities. Cyberinsurance can help shelter you from a number of risks to your e-business. "Business Interruption: A Risk Management Primer", G. Massowd. (CPM, Vol 6, 3, p. 18) An overview of risk management objectives, decision-making processes, and techniques can help business continuity professionals better understand how risk management can aid in the development of their contingency plans. "Categorizing Risk", J. Hampton. (RM, Vol 48, 9) Over the past year, as executive director of RIMS, I have seen a number of efforts to categorize the specific risks that are managed by risk professionals. Even as they integrate knowledge, these professionals are specific in their skills; it is not sufficient to say that they manage "all risks." "Cyberinsurance", C. Brush. (IS, Vol 4, 11, p. 56) As the risk increase, so will the interest in policies and the cost of premiums. "Does Enterprise Risk Management Count?", B. Merkley. (RM, Vol 48, 3) Since the mid-1990's, managers of companies in North America, Europe and Australia have paid increasing attention to managing- holistically- the risks to which their organizations are exposed. Their intent, they say, is to apply a rigorous and coordinated approach to assessing and responding to all risks that affect the achievement of an organization's strategic and financial objectives, including both upside and downside risks. This is enterprise risk management (ERM). "Enhanced Risk Mapping", H. Kestenbaum. (RM, Vol 48, 10) In the February 2001 issue of Risk Management Magazine, Mark Jablonowski discusses an approach to assessing corporate risk in which he urges risk managers to create a holistic risk map. By assessing (a) the probability of occurrence and (b) the range of possible losses to potential future loss scenarios, he shows how a risk manger can use intuition to create the risk map and to obtain useful quantitative insights. A risk map forms the foundation on which a corporation can focus risk areas on need of mitigation, elimination and insurance solutions. "Enterprisewide: Building a Risk Management Program from the Ground Up", L. Sullivan. (RM, Vol 48, 12) In 1994 Gert Cruywagen came to the Iscor Corporation, based in Pretoria, South Africa, faced with an almost insurmountable task: establish an enterprisewide risk management program for a resources company that deals in the industries of steel, iron ore, coal, base metals and heavy minerals. The tough part: not only was there no risk management program, but Iscor had only begun buying conventional insurance two years previously. "Enterprising Solutions", J. Lam. (RM, Vol 48, 11) Although operational risk is difficult to quantify, significant benefits can be gained from its successful management. The following ten steps to operational risk management can help increase the likelihood of achieving business objectives and reduce operational losses. "Insurance Coverage for Lost Electronic Data: Are You Covered When You Crash", C. Ichter. (DRJ, Vol 14, 1, p. 84) This is the "Information Age," meaning that today, access to and the use of information is critical to virtually every aspect of our lives. Nowhere is this more true than in business. "Not Guilty by Reason of Security", J. Lombardi. (SM, May. 01) It is possible to minimize the risk negligent security claims by developing and implementing the right prevention strategy. "Product Liability Claims: A Commonsense Approach to Prevention", E. Bernabei. (RM, Vol 48, 3) Too many manufacturers have focused on the wrong stage in product liability claims. They look at how to defend or resolve litigation, but neglect to consider how to avoid claims before they become lawsuits--it is all reactive instead of proactive. "So You Want to be a Contingency Planner", W. Alvord. (DRJ, Vol 14, 3, p. 85) In your other life you may have been a computer programmer, a telecommunications expert, a computer operator, or a scheduling clerk. One fateful day, you were asked, or directed, to head up the contingency planning department for your organization. "Stealing the Show", J. Nolan. (SM, Mar. 01) Find out how to protect against information collection efforts that competitors might target at staff attending trade shows. "Step-by-Step Enterprise Risk Management", B. Brown. (RM, Vol 48, 9) The purpose of this article is to explain to CEOs and other senior managers the scope, mechanics and potential benefits of enterprise risk management. In addition, risk managers with a more targeted purview. "The Benefits of Business Interruption", A. Penz. (CPM, Vol 6, 4, p. 18) If an organization has been served lemons in the form of disrupted business activities due to an unexpected operations interruption, it can make lemonade by using the experience to identify opportunities for overall business improvement. "The Treasure In Risk Mapping", F. Phelps. (SM, Vol 45, 11, p. 51) Risk mapping can help security managers communicate the security picture to senior executives. "The Advantages and Challenges of Online Loss Control", S. Di Pilla. (RM, Vol 48, 10) Have you ever asked an employee to show you a copy of your loss control program? If so, what condition was it in? Odds are, if it could be found at all, you got an out-of-date document, and that could cost you. "Thinking in Numbers", M. Jablonowski. (RM, Vol 48, 2) Holistic risk management is the brave new frontier of the profession. This approach makes no distinction between traditional hazard risks, financial risks, and operating risks. "TipToeing through Mass Tort Litigation", B. Beglin& D. Cohen. (RM, Vol 48, 3) Quietly, it starts on Tuesday. A small trickle of legal complaints. By Friday, the mailroom is swamped. By the following week, you are no longer in denial; your client or company is entering a land that for some is one of no return--mass tort litigation. You have read the headlines about massive settlements, awards and bankruptcies from suits involving asbestos, breast implants, tobacco and, more recently, diet drugs. And now it is happening to you.
Assessment & Performance "Background Checks Step by Step", J. Long. (SM, Feb. 01) Companies need to understand the rules for conducting criminal background checks so that they can do them legally to help in hiring decisions. "Getting Through It: How to Deal with Stress in the Workplace", N. Ross. (CPM, Vol 6, 5, p. 18) Whether disturbed by a common business interruption, or traumatized by a disaster, stress can affect the well-being and performance of your associates. Here's how you can help them handle it. "I Just Want It To Stop", S. Millwee. (SM, Mar. 01) Companies can reduce the damage sexual harassment causes in the workplace by responding quickly and professionally. "Locking Down the Laptop", P. Korzeniowski. (INFO SEC, Vol 4, 2, p.68) Laptop security can be broken down into three phases: physical security, access control/authentication and tracking/recovery. But the biggest challenge may be changing users' attitudes and habits. "Tackling Workplace Violence", M. Conley. (Safety & Health, Vol 163, 4, p. 40) As worksite shootings grab headlines, finding solutions to the problem is no easy task. "The Human Resources Balancing Act", S. Nickson. (RM, Vol 48, 2) When it comes down to sharing responsibility and workload, how open are the lines of communication between your risk management and their human resources department? "The Marks of a Leader", R. Chandler. (CPM, Vol 6, 5, p. 20) What sort of individual makes the best crisis or recovery team leader? Pepperdine University conducted a survey of crisis management experts, and here are 14 characteristics they identified. "To Fire, or Not to Fire?", E. Shaw. (INFO SEC, Vol 4, 1, p.50) Many companies simply terminate "problem" IT staffers, fearing they may hack or sabotage internal systems. While that may be the quickest solution, it's usually not the best one. Preparedness & Protection"Creating Your Family Disaster Plan", K. Baker. (DRJ, Vol 15, 1, p. 78) A disaster can strike quickly and without warning. It can force you to evacuate your location or trap you at home. Your family could be scattered and separated, located at schools, work, home, or in cars. How will you find each other? How can you determine if they are safe? Do you know what to do if basic services such as gas, water, electricity or telephones were cut off? "Happy Trails", B. Cremin. (SM, Jul. 01) Follow these four points to map out a successful corporate travel security program. "Is Your VIP Protected?", A. Nichter. (SM, May. 01) Bodyguards are plentiful, but not all of them are well trained. How can you be sure you are getting the best? "Keeping Violent Employees Out of the Workplace", W. Atkinson. (RM, Vol 48, 3) Under an arrangement with a home nursing organization, a health care employer was paid to hire nurses, then contract these nurses out to the home nursing organization, which assigned the nurses to work with home-bound patients. Not long after being hired by the health care employer and being assigned by the home nursing organization to the home of a paraplegic, one "nurse" murdered the patient and then robbed him. "Not By Force Alone", R. Haynes. (SM, Vol 45, 10, p. 65) Security officers need more than just physical self-defense techniques; a thorough knowledge of conflict-avoidance strategies, company policy, and street tactics is essential as well. “Put in a Policy or Pay the Price", J. George. (SM, Jul. 01) Mitsubishi paid a $34 million settlement in a sexual harassment claim, then developed a clear policy. Other companies can learn from that expensive lesson. "The Mobile Communications Threat: Drivers in Danger", P. Moser. (RM, Vol 48, 5) Overall, the mobile phone, along with other on-the-go communication mechanisms--personal digital assistants, navigational systems and onboard computers--have made business more efficient. But when your employees get behind the wheel, these mobile marvels can become deadly distractions. "The Safety Myth--It Won't Happen
to Me.', D. Theune, M. Topf. (DR "Violence in the Workplace: A Spreading Phenomenon",
C. VanZandt. (DR "Assembling and Coaching a Crisis Team: 5 Common Problems and How to Avoid Them", D. Chard. (CPM, Vol 6, 4, p. 30) Teamwork is essential to successfully addressing the challenges of a crisis and being able to emerge with the least overall damage to a company's reputation and other assets. "Creating a Culture of Commitment", A. Haag. (CPM, Vol 6, 2, p. 14) Contingency planning at The Home Depot benefits from a corporate culture in which associates are encouraged to demonstrate teamwork, communication, and dedication to family, home, company, and community. "Launching High Performance Teams", M. Rosenthal. (DRJ, Vol 14, 1, p. 14) Companies consistently create cross-funcitonal project teams to implement technology, reengineering, product launch and other complex initiatives in the workplace. Yet in our constantly accelerating marketplace, we find that more and more of our time is being spent getting teams back on track. "Practice What You Teach", P. Kane. (SM, Vol 45, 10, p. 55) Role-playing and penetration testing are two effective ways to train security and nonsecurity personnel alike. "Rally 'Round the Flag! Using Logos to Strengthen Your Recovery Team", R. Fuhr. (CPM, Vol 6, 1, p. 33) History shows us that symbols can be powerful motivators. By harnessing that power through the use of a logo, you can help give your disaster recovery team an identity they can be proud of.
Availability "Adopting a Managed Availability Philosophy", B. Merchantz. (CPM, Vol 7, 1, p. 31) The holistic methodology of managed availability encompasses an end-to-end view of a computing environment to guarantee consistent, predictable access to any data or applications wherever, whenever, and however users require them. "Advantages of Network Backup", W. Mathis. (DRJ, Vol 14, 3, p. 52) Data. . .a company's most valuable asset, the one piece of real estate that all businesses, large or small, cannot afford to lose. When you consider this fearful fact there are many variables within a network environment that can produce data loss. "Business Continuity for Critical Enterprise Applications.", B. Zonis. (CPM, Vol 6, 6, p. 26) Enterprise-wide applications have created enterprise-wide downtime vulnerabilities, requiring enterprise-wide teamwork for continuity and recovery strategies. "Business Implications of Network Downtime and How to Mitigate Its Risk", E. Rabinovitch. (DRJ, Vol 14, 4, p. 66) It is difficult to overestimate the importance of Information Technology today. If, a few years ago, this statement was mainly applicable to large enterprises, now it is certainly true for any business, regardless of size or industry. Information is power in the current economic climate. So, having the right information available whenever it's needed will help businesses remain competitive in the marketplace. "Continuous Availability. . .A Reflection on Mirroring", B. Bruhahn. (DRJ, Vol 14, 3, p. 66) "I'm sorry, the computers are down!" How often have we heard this in our everyday lives? How many times can a company experience computer system downtime and not lose business? "Data Replication is the Key to Business Continuance (Conclusion)", R. Collar. (DRJ, Vol 14, 4, p. 50) The conclusion of a three part series dealing with the many possible solutions for replication in different environments. "Data Replication is the Key to Business Continuance (Part 1)", R. Collar. (DRJ, Vol 14, 2, p. 50) This article is about replication of information, not just disaster recovery, and how it can help improve business continuance for users of Information Technology. "Data Replication is the Key to Business Continuance (Part 2)", R. Collar. (DRJ, Vol 14, 3, p. 64) In the first part of this series, the decisions and steps needed to replicate data efficiently set the stage for the next logical question: How does a business proceed? "Does Your Disaster Tolerant IT Solution Measure Up?", R. Lyons. (DRJ, Vol 15, 1, p. 90) How well is your computer system protected if a disaster were to occur? This article explores the three ways of configuring computer systems in order to provide disaster tolerance: remote copy, remote computing, wide area clustering. "Electronic Vaulting Service Improves Recovery Economically", J. Murtaugh. (DRJ, Vol 14, 1, p. 48) Have you analyzed your facility, equipment, systems, processes, and procedures, of your organization in order to evaluate the ability of your business to continue operations in case of a disaster? A thorough evaluation of the strengths and weaknesses of your company's 'preparedness' can give you a clear idea of the possible impact in lost opportunity and real dollars that an interruption or outage may cause. "Enterprise Security: Pandora's Box or Panacea?", R. Bragg. (ESJ, Vol 16, 9) PKI's promise is to help make e-commerce transactions truly secure. But because it's built on a fragile underlying web of trust, be careful when implementing it in your enterprise. "Enterprise Storage", J. Toigo. (ESJ, Vol 16, 12, p. 30) You Can Always Get What You Want. "Enterprise Storage: Beat the Heat in the Storage Pool", J. Toigo. (ESJ, Vol 16, 7) "Enterprise Storage: BlueArc or Blue Flame?", J. Toigo. (ESJ, Vol 16, 6) "Enterprise Storage: Let's Get Virtual: Who Said Storage Isn't Sexy?", J. Toigo. (ESJ, Vol 16, 1) "Enterprise Storage: Storage Buyers: Beware the Ides of March", J. Toigo. (ESJ, Vol 16, 3) "Enterprise Storage: Storage Dollars and Sense", J. Toigo. (ESJ, Vol 16, 5) "Enterprise Storage: Storage Is Like a Box of Chocolates", J. Toigo. (ESJ, Vol 16, 2) "Enterprise Storage: Storage's Endless Summer", J. Toigo. (ESJ, Vol 16, 8) While the growth of networked storage has seen some vendors sharing swells while others fight over the surf, in general, you as the technology consumer have benefited. "Enterprise Storage: To the DAT Cave!", J. Toigo. (ESJ, Vol 16, 10) Risking death, our crack storage columnist infiltrated the lair of a top-secret industry group to bring you the inside scoop on storage. "Enterprise Storage: Wrong Time for an End Run", J. Toigo. (ESJ, Vol 16, 9) When you buy "standards-compliant" storage products before standards are finalized, you run the risk of significant upgrade costs later. "Enterprise Storage--SAN April Foolery: Be Sure That Your Storage Spending is Practical, Not a Practical Joke", J. Toigo. (ESJ, Vol 16, 4) "Flirting with Disaster: How to Ensure Business Continuity", J. McKendrick. (ESJ, Vol 16, 8) With the growth of distributed systems, companies aren't adequately planning for business continuity or disaster recovery across the enterprise. Is your firm guilty? "Global Area Network (GAN) and IT Contingency Planning", D. Perry. (DRJ, Vol 14, 1, p. 86) The advent of Global Area Networks and equipment redundancy combined with the emergence of new technologies like Storage Area Networks (SAN's) and Network Attached Storage (NAS) pose some very interesting IT contingency planning alternatives. "If Your Server Crashes, Will You Be Prepared? . . .", A. Bakman. (DRJ, Vol 14, 3, p. 58) Your server is, in so many ways, the heart of your organization. When that heart suddenly stops beating-in other words, when the server crashes-many bad things happen in a hurry. "Mitigating the Risk of Network Service Outage by Automating Device Configuaration", J. Wolf. (DRJ, Vol 14, 3, p. 46) As the Internet expands, reaching out to more parts of the world, it will infiltrate most every business and home. As it almost effortlessly sweeps into the daily routine of all our lives, we are developing a pervasive dependence on its availability. "New SAN Architectures Benefit Business Continuity", D. Cozzens. (DRJ, Vol 14, 1, p. 72) In today's data intensive business world, companies need to ensure the integrity of their critical systems by developing a comprehensive business continuity plan. "SANs for the Masses", S. Burd. (ESJ, Vol 16, 9) Xand Corp. left RAID storage behind to build a storage area network that would optimize distributed storage space and support growing business needs. Xand's choice: IBM's Enterprise Storage Server (ESS). "Special Challenges Over Extended Distance", T. Flesher. (DRJ, Vol 15, 1, p. 54) Why replicate your database? The simple answer is- to have a hot standby copy of your organization's most critical data in case you need it. This article will focus on special challenges encountered when contemplating data replication over extended distances. "Squeezing More Stuff into Less Storage Space", J. Toigo. (ESJ, Vol 16, 9) Our enterprise storage expert offers 10 tips to extend your current storage investment--plan wisely for the future. "Subsystem Recovery for ERP Systems Made Simple", R. Starnes. (ESJ, Vol 16, 2) ERP systems are typically business-critical applications that must remain online. Systems and database administrators must juggle the pressing requirements for fail-safe and responsive recoveries with non-stop database availability. Additionally, finding and keeping well-trained ERP systems staff is becoming increasingly difficult. Although subsystem recoveries for ERP systems are difficult, there are several strategies and tips to design a fast and effective ERP recovery strategy. "Telecommuters: Reliable Staff or Security Risk?", D. Norfolk. (DCM, Vol 22, 1, p. 34) "Flexible working." This feature of the 21st century working landscape is here to stay- thus bringing the home PC inside the corporate security perimeter. Here are secure telecommuting principles that can be applied to any offsite computing. "Think Time: The Key to Recovery", J. Peltier.
(DR "Tough Choices in Enterprise Storage", J. Toigo. (ESJ, Vol 16, 9) You're seeing a huge surge in corporate data, but you have to balance that against budgetary belt-tightening. With SAN intelligence still years away, what should you buy now? Here's what's ahead in storage--and how to think and act strategically in making your storage plans. "Using Quota Management to Safeguard Windows NT Network Availability and Performance", S. Toole. (DRJ, Vol 14, 1, p. 52) Before the first drop of hurricane rain could hit the beaches, the Windows NT file servers began crashing at the County of Miami's office in Dade, Florida. It wasn't the hurricane's high winds, flooding, or power outages that caused these failures. It was the County's employees. E-Commerce"Addressing Disaster Tolerance in an e-World", D. Klein. (DRJ, Vol 14, 2, p. 36) In the pursuit of disaster tolerance, every business has different needs. Your business models are different, your economic models are different, and even different parts of your business have differing needs. All of these elements need to be evaluated and balanced to ensure that the result is not only the most appropriate technological solution but also the most efficient economic solution. "Banks Vault into Online Risk", J. Spivey. (SM, Jan. 01) Banks are finding ways to meet the challenge of cybersecurity. "E-Commerce, E-Risk, E-Gads", W. Kelly. (RM, Vol 48, 7) E-commerce, e-risks, e-gads! This title is intended to reflect the hype and hysteria so frequently heard in discussions of all things e. The objective of this article is to get past the noise and focus on those issues that are, in fact, critical. Because, to paraphrase Marx, Groucho Marx, beneath all the phony hysteria, is reason for real hysteria. "E-Continuity: The New Planning Paradigm", C.
Bieson. (DR "Fighting Fires on the Web", J. Toigo. (ESJ, Vol 16, 8) Companies are learning the hard way that moving internal applications onto the Web doesn't eliminate the need for disaster recovery planning--it complicates it. Choosing the wrong service provider or hosting platform could bring your company to a grinding halt. "Integrated Risk Management in
the Internet Age", L. Ramiro Hernandez. (DR "Protecting Data in Today's e-Business World: Online Data Backup and Recovery Management Takes Hold", T. Camera. (DRJ, Vol 14, 2, p. 42) Data is in constant motion, and is the cornerstone of today's e-Business and the new economy. Storage Support Services have become critical components in an organization's e-Business initiatives. "That Insecure Feeling", S. Swoyer. (ESJ, Vol 16, 8) The mighty mainframe may be in for a surprise. As the role of legacy systems in e-business increases, hackers may learn to crack new territory. "The Argument for a Credible Business Continuity Solution for your Telecommunication Systems", R. Floegel. (DRJ, Vol 14, 3, p. 76) Anne Robinson has brought to America the latest game show hit called The Weakest Link. In business, we play our own brand of "the weakest link" on a daily basis. "Think Gambling Only Happens in Casinos? e-business Without Business Continuity Processes Take High Risk Chances Daily", B. Wilson. (DRJ, Vol 14, 1, p. 62) At no other time in history has there been such a reliance on information systems than with the evolution of e-business and on-line transaction processing during the end of the 20th and beginning of the 21st century. "What If Virtual Walls Fall?", D. Klein, B. Canfied-Woods & P. Piazza. (SM, Vol 45, 8, p. 76) Traditional contingency planning is as critical for e-commerce as it is for bricks-and-mortar establishments. Management"Are You in Good Hands?", E. Osmanoglu, J. Schramm. (IS, Vol 4, 10, p. 70) Outsourcing key applications can make good business sense, but not if you sacrifice security. Here's how to choose an ASP that protects your enterprise. "Business as Usual in the Face of Adversity: Disaster Recovery Visions for the Future", S. Miller. (DCM, Vol 22, 1, p. 14) When it comes to disaster recovery, pushing the snooze button is no longer an option. This is your guide to what's in the works to keep organizations like your operating in future worst-case scenarios. "Corporate Technology Risk Assessment", A. Scrimenti. (CPM, Vol 7, 1, p. 43) Being prepared goes beyond creating a solid disaster recovery plan; it means constructing a technology environment that is always disaster-ready. Take this questionnaire to determine if your technology is disaster-ready, or a disaster waiting to happen. "Enterprise Security", R. Bragg. (ESJ, Vol 16, 12, p. 22) Critical Response Teamwork. "Going Paperless", C. Jaglinski. (CPM, Vol 6, 2, p. 41) Digital document imaging can allow the secure storage of critical documents, preventing them from being destroyed or carelessly misplaced. "Handing Off Security", M. McFadden. (ESJ, Vol 16, 12, p. 40) The connection of highly automated systems to public networks has brought new risks to enterprise systems. With security already in short supply and in high demand, many companies are turning to third-party vendors to furnish their networks with the most-up-to-date protection available. Should you do the same? "Hire Security", E. DeJesus. (INFO SEC, Vol 4, 1, p.45) Staffing technologies recruits secureworks to manage it's intrusion detection. "Managing Managed Security", E. DeJesus. (INFO SEC, Vol 4, 1, p.34) Several dozen companies now offer managed security services, and no two are exactly the same. Here's how to match up your organization's needs with the right provider. "Maximizing the Reliability of Communications Systems: A Total Protection Approach", D. Anderson. (DRJ, Vol 14, 3, p. 72) You can't prevent harmful power disturbances from occuring. But by instituting Total Protection, you'll prevent them from undermining the performance of your communications systems. "New Tools and Trends in Storage and How They Impact You", B. Avakian, C. Caprio, J. Ellis, J. Goins, B. Peldzus & S. Shah. (DCM, Vol 22, 1, p. 30) Don't expect data growth to hit a plateau any time soon. As technology rushes to keep pace with storage demands, data center mangers likewise rush to implement new tools effectively. These experts share what you can expect from an operational standpoint. "Online: E-ffective Risk Management", P. Vice. (RM, Vol 48, 12) Although separated by thousands of miles, two time zones and an international border, Connie Burkhard and John Kerr have one thing in common: an innovative use of Internet technology that makes their work more efficient and their customer service more effective. "Satellite-Based Backup Communications", J. Gross. (CPM, Vol 7, 1, p. 40) Is satellite technology right for your company's communications recovery needs? Here are a few features to consider. "Security Synergy", W. Schwartau. (IS, Vol 4, 11, p. 92) The new security triad: physical, information, and personnel. "What Happened to the E-Business Revolution?", D. Robb. (DCM, Vol 22, 1, p. 20) Hindsight does have 20/20 vision. As the dust and ashes settle from the dot-com explosion and implosion, we see how the data center is becoming a seamless part of every transaction and business decision. Security"10 Steps to Better IIS Security", R. Cooper. (IS, Vol 4, 9, p. 72) These quick and easy tips will help you harden your Microsoft Web Server. "Acquiring PKI", T. Austin. (IS, Vol 4, 3, p. 74) Having the right process and asking the right questions are critical to acquiring PKI. "Air-Gapping P2P Apps", M. Bobbitt. (INFO SEC, Vol 4, 2, p.50) Discouraged by the lackluster protection firewalls provide against P2P threats, you're probably wondering if throwing an air gap into the mix will help. Based on the three major types of air gaps available today, here's what we found. "An Assessment Of HIPAA Security Requirements", V. Miller& K. Lehman. (DRJ, Vol 15, 1, p. 62) Although not yet published in its final form, the "proposed" Rule CFR 45 Part 142 Security and Electronic Signature Standards associated with the Health Insurance Portability and Accountability Act (HIPAA) addresses physical safeguards to "guard data integrity, confidentiality and availability." "An Evolution in B-to-B Security: Integrating PKI with VPNs for Advanced Internet Communications", B. Pozerycki. (ESJ, Vol 16, 1) Virtual Private Networks (VPNs) that integrate Public Key Infrastructure (PKI) technologies could be the secure solution IT professionals need to protect network information accessed via the Internet. Before doing so, however, companies need to consider the business and technology issues involved in implementing a two-factor authorization process. "An Integrated Cure", P. Piazza. (SM, Vol 45, 9, p. 72) An integrated security system helped this hospital to lock down without becoming inhospitable to guests. "Battle Plans", K. Brandt, S. Green & E. Zuniga. (IS, Vol 4, 3, p. 86) 15 cracker exploits every security professional should know about--and how to defend against. "Biometrics", S. Garfinkel. (IS, Vol 4, 11, p. 62) The face of post-Sept. 11 security. "Center of Attention", R. Thieme. (IS, Vol 4, 8) Career FBI agent Ronald Dick has been given the mission of maturing the scope and capabilities of the National Infrastructure Protection Center. "CIP: IT Partners Up", A. Haag. (CPM, Vol 6, 2, p. 18) Information security makes for strange bedfellows. Some of the fiercest competitors in the IT industry have set aside their differences and teamed up to combat network intrusion and cyber-warfare. The government couldn't be more pleased. "CIP-What Auditing Can Add: Information Security from an Internal Auditor's Perspective", B. Pflumm. (CPM, Vol 6, 1, p. 30) With company-wide access and intimate knowledge of every department, internal auditing is starting to play a key role in the information security and risk management efforts of many companies. It can therefore be a source of great help to government and business alike in critical infrastructure protection (CIP). "Code Red", S. Gruper, O. Elzam. (SM, Vol 45, 8, p. 107) As virus writers get more creative, anti-virus techniques must shift from reactive to preventive methods that can limit the potential damage to a network. "Common Sense: The Anti-virus Software No Computer User
Can Do Without", I. Higginbotham. (DR "Creating A Trusted Information Environment", W. Rider. (CPM, Vol 6, 3, p. 24) The ongoing conflict in healthcare between the ease and efficiency of doing business and the implentation of additional security and privacy controls, which can impede business, is complex. But the solution to this dichotomy is what consumers demand, private and public sectors expect, and healthcare providers must ensure. "Denying Denial-of-Service", S. Harris. (IS, Vol 4, 9, p. 44) New solutions fight DoS/DDoS by automatically detecting and blocking potential attacks. "Designing A Safe House for Data", L. Reese. (SM, Feb. 01) As the repository for a company's computer information and equipment, a data center has special security needs. "E-Security: Growing Threats Require New Strategies", L. Cooper& J. Silver. (ESJ, Vol 16, 8) As organizations embrace e-business and open their databases to trading partners, they also open themselves to computer theft and other high-tech mischief. To keep systems and data safe, companies need to elevate e-security to strategic status. "E-Signed, Sealed, and Delivered", P. Piazza. (SM, Apr. 01) Two very different institutions roll out public key infrastructures to authenticate users and protect confidential information. "EC Does It", M. Ulsch. (IS, Vol 4, 7) Organizations hemorrhage volumes of low-value data that, when melded together, provide adversaries with tremendous intelligence. "Enterprise Security", R. Bragg. (ESJ, Vol 16, 11, p. 22) Locking down web services. "Enterprise Security: Don't Ask, Don't Tell", R. Bragg. (ESJ, Vol 16, 8) When mainframes ruled supreme, it was security through obscurity. Today we need better systems for keeping the entire enterprise secure. "Enterprise Security: Security Angst", R. Bragg. (ESJ, Vol 16, 10) Employees are rebelling against security practices and testing the boundaries of corporate controls. Clear policies and responsible enforcement can keep workers on your side. "Extending Scanner Range", R. Vibert. (INFO SEC, Vol 4, 2, p.52) Behavior blockers and other AV alternatives can enhance defenses against new malware. "Firewalls Fill the Gap", I. Slepner. (ESJ, Vol 16, 8) Firewalls are evolving to provide a blanket of security protection across dispersed systems. Take a look at some of the firewall products currently on the market. "Firms Pay More Attention To Data Protection", R. St. Cyr. (DRJ, Vol 14, 4, p. 36) Today, enlightened U.S. companies are paying more attention to protecting their data from possible disasters like flood, fire, earthquake, storm, and terrorism. "Hackers, Spies & Thieves: How to Shield Your System From Cyber-Criminals", D. Norfolk. (DCM, Vol 21, 6, p. 16) Shh... The modus operandi of typical cyber-criminals is revealed here, as well as their favorite flaws to exploit in data centers just like yours. Discover how to make your entire organization more security savvy. "Hardening EFS", R. Bragg. (INFO SEC, Vol 4, 2, p.76) Win2K's Encryption File System (EFS) provides users with a simple, transparent way to encrypt files. But before enabling this feature, make sure to set up and troubleshoot the backend key-management and -recovery infrastructure. "Hashing Out Encryption Solutions", J. Bumgarner. (SM, Jun. 01) Find out how three encryption solutions stacked up when this company ran them through their paces. "High-Level Issues in Information Security", A. Haag. (CPM, Vol 6, 4, p. 24) Information security systems and policies must originate at the uppermost levels of an organization. Suggestions from IIA and CIAO can help internal auditors, as well as IT personnel and business continuity managers, ensure that senior management understands the importance of security and makes it a business priority. "High-Tech Holmes", J. Wright. (SM, Jul. 01) Deductive reasoning is still at the heart of any investigation, but when computer crimes are involved, it helps to know how to sift through the data bits. "In Through the Side Window", A. Berg. (IS, Vol 4, 6) Countering lesser-known or hidden vulnerabilities is just as important as plugging the big holes. "Instant Messaging: Balancing Security with Real World Business Needs", C. Biggs. (ESJ, Vol 16, 1) "It's Not What You Know", P. van de Gohm. (SM, Vol 45, 9, p. 93) It's not what you know, it's how you protect it. Find out how one company keeps data secure. "Java Security Meets Smart Cards", G. McGraw, K. Ayer & M. McGovern. (IS, Vol 4, 3, p. 42) Security enhancements in Java Card 2.1.1. will help multi-application smart cards take off in U.S. markets. "Mitigating Risk with Integrated Security Management, The Convergence of Technology and Capability", J. Newton. (DRJ, Vol 14, 1, p. 70) Keeping the security and life safety operation going is essential, but as tenants' demands rise and technology changes at web speed simply maintaining services is not sufficient. "New Directions in Intrusion Detection", . Editor. (IS, Vol 4, 8) Problems with false positives? Traffic bottlenecks? Distinguishing serious attacks from nuisance alarms? If so, new IDS technologies and services are coming to the rescue. "On the Go: Protecting Corporate Data on Laptops, Mobile Desktops", C. Chronis. (DRJ, Vol 14, 3, p. 30) Every year more than 1 million mobile desktops and laptops are stolen, damaged or destroyed. What's a company to do? "Open Source Under the Hood", P. Loshin. (IS, Vol 4, 3, p. 56) Vendors are increasingly including open-source components in their commercial products. What impact does this trend have on product security? "Opening Up a Discussion on Computing: Finding Security Alternatives and More", B. Swift. (RM, Vol 48, 10) It started with the Melissa virus, then came the Anna Kournikova virus, and this summer, the two Code Red worm outbreaks. With the Hurricane-like dread these names inspire, it often feels as though the wave of the future has begun to swell into a dangerous tsunami. "P2P, or Not P2P?", A. Berg. (INFO SEC, Vol 4, 2, p.38) Napster, Gnutella, IM and other peer-to-peer applications are the "flavor of the week." But if you're not careful, these programs could be used to undermine your network security. "Personal Firewalls Under Fire", G. Bahadur. (IS, Vol 4, 7) We hacked away at three personal firewalls to see how well they protect a remote system. "Portable Privacy", M. Bobbitt. (IS, Vol 4, 4, p. 88) The case for mobile VPNs is clear cut. But limitations in PDA bandwidth and processor capacity may slow market adoption. "Practice Safe Software Coding", G. McGraw, J. Viega. (IS, Vol 4, 9, p. 62) 10 principles for building secure software--the last line of defense in an operation's infrastructure. "Reach Out and ID Someone", M. Andress. (IS, Vol 4, 4, p. 42) For one ASP, tokens provide the best means of authenticating its VPN users. "SAN Virtualization: Enabling New Backup Architectures", M. Roberts. (EMI, Vol 21, 5, p. 28) Thinking about storage solutions? Scared by tapes or confused by optical platters? Skeptical of claims from salespeople? Here's your vendor-neutral guide to legality of media, back-up strategies and forward and backward compatibility. "Securing Privacy", M. Greisiger. (RM, Vol 48, 10) Today, technology has enhanced the capacity of most companies to collect, store, transfer and analyze vast amounts of information about consumers, in particular those who visit their Web sites. One can hardly visit a Web site today without encountering, knowingly or not, cookie or Web beacon technology. This, along with the myriad subsequent uses of the data, has raised public awareness and consumer concerns about online privacy. "Signed, Sealed & Delivered", F. Avolio& D. Piscitello. (IS, Vol 4, 5) A cadre of new-email security applications aims to solve the problems that have long plagued PGP and S/MIME. "Stronger Passwords Aren't", P. Tippett. (IS, Vol 4, 6) In the real world, an eight-character mixed alphanumeric password is no more secure than a simple four-character password. "The Case for BSD", P. Loshin. (IS, Vol 4, 5) Whether you're looking for reliability, security, interoperability or performance, chances are a BSD-based solution exists. "The Crypto Myth", P. Tippett. (IS, Vol 4, 5) If you assume SSL is essential to Internet Security, guess again. "The Danger of Remote Users", E. Goldberg. (DCM, Vol 21, 3, p. 22) Analysts claim that up to 80 percent of all broadband users have had their computers probed at some point and 50 percent of those systems have been hacked. Learn how technical and human factors relate to the security of your network. "The Reality of Hackers", J. Kates& S. Nickson. (RM, Vol 48, 7) Think of a corporation with high-security clearance. There are security guards and key tags and card swipes at multiple entrances. But if someone uses a chair or book to prop open a door to bring a box to the mail room, all these security measures are worthless. "Tips for Tracking the E-mail Trail", T. Poole& J. Hansen. (SM, Jan. 01) Investigating the origin of e-mail to catch criminals requires special skills and tools. "Understanding "Peopleware"", A. Saita. (IS, Vol 4, 6) Psychologists and other social scientists are lending their expertise to the technology-laden infosecurity industry. In return, they're getting an earful. "Vaulted Sealing", M. Bobbitt. (IS, Vol 4, 10, p. 48) Want to defend against attacks you haven't even heard of? Lock your systems in a cybervault. "VPNs: The Good, the Bad & the Ugly", C. King& C. Dalton. (IS, Vol 4, 5) VPNs solve many security problems, but in doing so they often introduce others. "Waive Goodbye to Liability", J. Bumgarner. (SM, Jan. 01) Before parties enter penetration testing of a computer network, they should document the scope of work and address the legal concerns to avoid liability down the road. "Wireless Insecurities", D. Gardner. (IS, Vol 5, 1, p. 28) Control mobile computing vulnerabilities before they get control of you.
Management "Building the Code", A. Wolf. (NFPA, Vol 95, 2, p. 42) From blueprints to bolts, a roundtable discussion of the NFPA Building Code. "Colocation Facilities", E. Comeau. (NFPA, Vol 95, 4, p. 51) The growth of businesses' computers sharing space in remote data centers outpaces fire protection standards. "Don't Let Your Guard Down", K. Vellani. (SM, Vol 45, 10, p. 88) Follow these simple steps to improve the management of contract guards. "Ergonomics: Back to Basics", S. Nickson. (RM, Vol 48, 12) The premise is simple: Most work-related back injuries are preventable. That is what motivated Don Norris, risk manager of the City of Modesto, California, and Marlin Buse, risk manager of the University of Colorado, to implement comprehensive back injury programming in their organizations. With the emphasis on prevention and behavior change, both organizations have experienced substantial reductions in the costs, prevalence and severity of work-related back injuries. "Examining the New Recordkeeping Standard", J. Dyslin. (SH, Vol 164, 5, p. 34) Easier to read and understand, the new standard clarifies employers' responsibilities when recording injuries and illnesses. "Globalization: Reshaping the Fire and Safety Business", A. Earls. (NFPA, Vol 95, 4, p. 54) As fire and life safety businesses expand globally, NFPA codes and standards are often citeD as global standards. "Safety in Numbers", H. Touger. (NFPA, Vol 96, 1, p. 40) The Life Safety Code takes an integrated, all-hazards systems approach to ensuring crowd safety. "Security Premises Standard", R. Bielen. (NFPA, Vol 95, 4, p. 48) After several false starts, NFPA has a renewed interest in establishing a standard addressing security system installations. "Smoke-Control Doors: From Recommended Practice to Standard", A. Freestone. (NFPA, Vol 95, 5, p. 57) NFPA examines the benefit of creating the industry's only performance standard. "The 10 Deadly Sins", A. Karr. (SH, Vol 164, 6, p. 42) The most serious, willful and repeat offenders show up in the 2001 edition of OSHA's Top 10 most often-violated standards. Power"4 Steps to a Reliable Power Program", J. Dalisky. (CPM, Vol 6, 2, p. 23) With weather-related power shortages, aging infrastructure, and energy-guzzling information systems, the California power crisis should serve as a wake-up call for business continuity professionals elsewhere. Here are four steps to take to ensure the continuance of power at your company. "Businesses Scramble for Power in California", C. Emerson. (DRJ, Vol 14, 2, p. 74) California has been experiencing a major decrease in its power supplies. Brownouts and even blackouts have been very common. Because of this, businesses have suffered. "Distributed Generation: Is It the Answer to Your Power Reliability Needs?", C. Gruber. (EMI, Vol 21, 5, p. 32) Power planners thinking of on-site power generation will benefit from this overview on selecting, installing, monitoring and operating successful distributed generation systems. "Distributed Power Generation", J. Gordes. (CPM, Vol 6, 2, p. 36) With the decreasing reliability of large, centralized electrical power grids, it may be time to investigate other sources of energy for critical operations. "Planning Your Emergency Power
Needs", M. Manint. (DR "Power Plays", E. Bramblett. (CPM, Vol 6, 2, p. 27) There have been some advances in power protection that can help ensure your networks have complete availability of energy. "The California Energy Crisis 'Illuminates' Cutting Edge Data Protection and Availability Solutions", S. Robinson. (DRJ, Vol 14, 3, p. 60) While regulators and public utility companies grapple with the economic issues of the California energy crisis, businesses are left scrambling, wondering if their information systems are prepared for the inevitable power outage. Restoration"Contingency Planning Aids Post-Disaster
Restoration", M. King. (DR "Knowledge is Power",
L. Ackerman. (DR "Asbestos Problem Widespread in U.S.", . . (Safety & Health, Vol 163, 5, p. 24) Several state investigations uncover dangerous practices in asbestos removal. "Beryllium Risks Come Under Question", J. Willen. (SH, Vol 164, 5, p. 38) Used in a variety of industries, exposure to beryllium may put many workers at risk. "Beyond Sick Building Syndrome: Toxic Mold Litigation Enters the Main Stream", . Editor. (RM, Vol 48, 11) The $32 million verdict handed down by a Texas jury in June 2001 for toxic mold contamination is a warning sign for risk managers and their insurance carriers: Mold-related mitigation could hit the corporate sector even harder. The author examines how this latest environmental crisis developed, and outlines ways for companies to protect their buildings. "Bringing Hispanic Workers Safely into the Workforce", J. Dyslin. (Safety & Health, Vol 164, 2, p. 68) Employers must do what they can to make sure the fastest-growing population in the United States understands the importance of safety. "Combustible Storage", E. Comeau, R. Duval. (NFPA, Vol 95, 6, p. 70) Improperly stored oxidizers can pose a fire risk in warehouse occupancies. "Dangers of Combustible Metals", C. Rivkin. (NFPA, Vol 95, 1, p. 44) Metal fires burn more rapidly and at higher temperatures than fires involving other combustible materials. "Deadly Greed", E. Agnvall. (Safety & Health, Vol 163, 2, p. 36) An asbestos-abatement scandal in New York state finds that many workers and customers have been exposed to asbestos and its harmful effects. However, this scandal may be just the tip of the iceberg. "Designing Incentives for Earthquake
Hazard Mitigation", S. Ganz. (DR "Do Fence Me In", M. Lowers, T. Raker & J. Rodgers. (SM, Vol 45, 12, p. 64) Whether it's terrorism or an assault in the parking lot, the rsponse should be measured and targeted to the risk. "Electrical Safety 101", E. Mendenhall. (Safety & Health, Vol 163, 1, p. 42) Respecting the dangers of electricity can prevent you from getting the shock of your life. "Electricity essential to run your business, planning essential to protect it!", . . (Record, Vol 78, 1, p. 10) Deregulation in California has business owners concerned about the cost of electricity and the lack of it. Proper planning can help protect your business if you do experience scheduled and/or unplanned power interruptions, due to deregulation or other problems. "Electricity is Essential to Run Your Business, Planning is Essential to Protect It!", F. . (DRJ, Vol 14, 3, p. 32) What would you do if your business lost electrical power? How would you operate your production lines, heating and/or air conditioning systems, lighting, telecommunications, control systems, and computers? "Fine Service Considerations in Electronic and Computer Equipment Areas", T. Joo. (DRJ, Vol 14, 1, p. 18) Electronic and Computer Equipment areas are found in every local community across America. The primary purpose of this article is to address the specific construction principles and fire protection standards related to large data centers "Flying High Over Safety", M. Ruminski. (Safety & Health, Vol 164, 2, p. 74) Delta Air Lines' Jim Swartz follows a six-point plan to maximize safety. "ICSCA's Industry Guidance on Health & Safety at Work", . Editor. (RM, Vol 48, 12) The following is excerpted from the Industry Cooperation on Standards and Conformity Assessment summary of industry best practices. It outlines the essential elements necessary for an effective management system. "It's Up to Us to Keep Workers and Their Families Safe '24/7'", A. McMillan. (SH, Vol 165, 1, p. 27) "Making the Grade?", B. Agnvall. (Safety & Health, Vol 163, 7, p. 30) An annual report from the Department of Labor examines the success of its efforts to improve the workplace. "New data sheet helps keep high temperature in check", . . (Record, Vol 78, 1, p. 20) Good housekeeping and maintenance are essential in preventing fires associated with commercial oil cookers. "Planning A Company Gathering", J. Powell. (SM, Jan. 01) By doing such things as setting up a command center to respond to all security and emergency situations, this business ensured that a company meeting ran smoothly. "Preventing an Unthinkable Loss", M. Knopper. (Safety & Health, Vol 163, 2, p. 50) Equipment familiarity, training and care are vital to avoiding incidents that result in an amputation. "Slips, Falls and Suicide Bombers: Workplace Safety After 9/11", G. Krafcisin. (SH, Vol 165, 1, p. 30) "Staging a Successful Performance", A. Nichter. (SM, Jan. 01) Find out how to stage a security success before hosting your next special event. "The Facts and Fallacies of Indoor Air Quality", C. Salerno. (CPM, Vol 6, 3, p. 30) You may not see them, but airborne contaminants and organisms are in your building. While some are dangerous and others are hamrless (and still others are a mystery), all are perceived by the public as hazardous and could potentially shut down your business. "Top to Bottom Hotel Fire Safety", H. Touger. (NFPA, Vol 95, 2, p. 72) Hotels worldwide use NFPA's best practices and have become safer than ever. "What Manufacturers Are Doing to Enhance Automatic Door Safety", C. Johnson. (DRJ, Vol 14, 4, p. 74) Building owners should take nothing for granted when it comes to their occupants' safety -- even their normally reliable automatic doors, which open and close safely more than 50 billion times each year in the United States alone. "Who Decides What is a Safe Workplace?", J. Dyslin. (Safety & Health, Vol 163, 1, p. 24) The 9th Circuit Court of Appeals in California says it's up to the employee to determine if they can operate safely in the workplace. "Zen and the Art of Security Maintenance", F. D'Addario. (SM, May. 01) Starbucks' security team strives to master the fine art of maintaining security against the backdrop of the host of threats the company faces.
Communications "Are You Prepared to Communicate
in a Crisis?" , J. Newton, B. Mindszenthy. (DR "Talking to the Media - When it's the Last Thing You Want to Do", G. Rockower. (DRJ, Vol 14, 1, p. 40) During difficult times, reporters are about as welcome as a root canal. Of course, you don't have to talk to them. Instead you can employ what I call "Option Two--Freedom from the Press." Management & Response"Adapting the Incident Command System To Manage Business Emergencies", B. Wilson. (IAEM, Vol 18, 7, p. 15) When people lose their homes in a disaster, it is indeed tragic. But even more lives can be shattered when businesses close their doors, taking with them jobs and a community's economic lifeblood. "An Alternative to the Incident Command Structure", G. Fennell. (CPM, Vol 7, 1, p. 35) Companies wishing to avoid the overwhelming prospect of creating an incident command structure can use their existing management hierarchy to monitor, assess, manage, and communicate information about potential business disruptions. "Anticipating the Worst of Times", R. Jones. (SM, Apr. 01) By planning for the worst of times, these public and private organizations are learning how to be at their best when it counts most. "Critical Incident Protocol: The Emergency Response Phase.",
. . (DR "Full-Spectrum Incident Response Planning", R. Propst, C. Dunkle & C. Beirne. (DRJ, Vol 14, 1, p. 26) As you prepare your business for the 21st century, you have undoubtedly addressed a variety of concerns that could hamper your productivity and success. But in developing plans for enhanced IT capabilities and aggressive business development strategies, have you devoted comparable attention toward a blueprint to protect your employees and your facilities from a terrorist attack? "Integrating ICS Into Business Recovery Planning", J. Bell. (IAEM, Vol 18, 7, p. 17) When I received the notice that this issue would be devoted to business and industry, I was thrilled. "Learning From Losses", R. Clemons. (Record, Vol 78, 1, p. 8) Effective Emergency Response Team can help reduce your losses. "The Crisis Support Team: Saving Lives, Saving Business and Communities", M. Clouse. (IAEM, Vol 18, 7, p. 10) For over a decade, public emergency managers have been encouraging citizens to become self-sufficient in coping with the aftermath of disasters. "The Role of Industrial Facility Safety Director (Emergency Manager)", M. Fagel. (IAEM, Vol 18, 7, p. 13) Disaster management: what does it mean to the industrial site safety director? "Why Should a Business or Industry Have an Emergency Preparedness Program in Place?", R. Mease. (IAEM, Vol 18, 7, p. 12) The rationale for having an emergency preparedness program in place has its roots in the concept and principles of due dilig |