| PLANNING & MANAGEMENT
"501 Reasons Levi Strauss
Maintains Its Business Continuity Commitment", B. Rojas. (CPM,
Vol 3, 10, p. 10) That its headquarters are located in earthquake-prone
San Francisco would be reason enough to plan. But, at Levi Strauss, BCP
plays a vital role in strategic business decisions.
"A Broader Vision: Strategic Risk Management",
K. Rahardjo, M. Dowling. (RM, Sept. 98, p. 44) As companies face a growing
variety of threats to their balance sheet, addressing these challenges
requires an enterprise-wide framework that shows clearly how these risks
interact.
"A Growing Role: Environmental Risk Management
in 1998", D. Telego. (RM, Mar. 98, p. 19) As effective environmental
management gains recognition as a sound business practice, several trends
are changing how risk managers address environmental exposures.
"A United Approach: Creating Integrated Risk
Plans", W. Thornhill, A. Derksen. (RM, Aug. 98, p. 36) As
the various products and approaches used in integrated risk management
programs continue to mature, a growing number of risk managers are working
with insurers to define the best form and level of protection.
"Accelerated Access to Disaster Zones By
Private Sector Business", J. Hammill. (DRJ, Vol 11, 1, p.
11) This white paper examines the potential for accelerated access to
designated disaster sites.
"Allying with Auditors Adds BCP Value", A. Ferraro, J.
Hayes. (CPM, Vol 3, 3, p. 20) Auditors frequently receive criticism for
highlighting only the negative aspects of any organizational process or
control. Business continuity planners have not been exempt from this scrutiny.
Solution: make your auditors your ally.
"Anthrax Scare Highlights Chemical, Biological
Threats", (SEC, Vol 35, 4, p. 34) Experts warn it is just
a matter of time before a terrorist succeeds in releasing some sort of
chemical or biological weapon in the United States.
"Bombs In America--Things Are Changing!",
J. Wiles. (DRJ, Vol 11, 3, p. 14) I'm writing this article at a time when
there have been no major bombings in the country for at least a year.
Just because things appear to be quiet as far as national headlines go,
doesn't mean that all is well.
"Business as Unusual", G. Jacobsen.
(DRJ, Vol 11, 2, p. 92) For the Business Continuity Planner/Consultant,
one of the more difficult aspects of the project is gaining the cooperation
of critical process owners.
"Business Partners: The Corporate Treasurer
and the Contingency Planner", J. Nicholas, N. Raymont. (CPM,
Vol 3, 9, p. 16) When cash is king, how can a corporation ensure that
it is not deposed? The contingency planner can assist the corporate treasurer
to help ensure effective liquidity management.
"Catastrophe Modeling: A New Tool for Risk
Managers", P. Sandri, J. Guin, B. Richardson. (RM, May, 98,
p. 29) As risk managers gain access to improved technology and a growing
array of risk financing options, catastrophe loss modeling is helping
them better assess risk and choose the most effective management strategies.
"Checks and Balances", A. McIlwraith.
(SC, Vol 9, 12, p. 61) Angus McIlwraith looks at the least boring way
of maintaining balance.
"CIGNA Embarks on Corporate-Wide Recovery
Program to Protect Critical Locations Nationwide", L. Willumstad.
(DRJ, Vol 11, 2, p. 49) While many organizations have built recovery programs
for their data centers and key application platforms, the balance of their
enterprises are increasingly at risk.
"Community Give And Take: Lending--and Getting--A
Helping Hand", M. Simonelli . (CPM, Vol 3, 2, p. 16) Be a
good neighbor and your business will have friends when it needs them most--during
a crisis. Building relationships within communities is a win-win game
plan for both public- and private-sector entities.
"Conduct a Hard-Hitting Business Impact Analysis:
Proven Tips for Success!", L. Wrobel. (DRJ, Vol 11, 1, p.
16) Constructing a BIA can be a challengng and frustrating process. To
help the struggling DR planner, the author reviews common mistakes made
while creating a BIA.
"Contingency Planners Make the Pitch for
Corporate Support", V. Van Gilson. (CPM, Vol 3, 7, p. 14)
Seasoned contingency planners present personal examples of successful
and unsuccessful attempts to gain CEO approval and funding for their contingency
plans based on a variety of techniques. Adopt approaches that succeeded
and learn from the approaches that failed, without making the same mistakes.
"Controlling Change", P. Morrison.
(SURV, Nov. 98, p. 18) Change control is a key factor in ensuring business
continuity.
"Criminal Threat to Business",
G. Williams. (SURV, May 98, p. 40) Minimizing the potential hazards for
businesses establishing practices in Eastern Bloc countries.
"Cross-departmental Cooperation and the Politics
of Planning", J. Marinstein. (CPM, Vol 3, 2, p. 12) Since
disasters do not respect the lines of organization charts, effective recovery
plans must cross departmental boundaries. Planners who wish to cross such
lines without stepping on toes must be able to successfully navigate corporate
politics in order to negotiate appropriate solutions.
"Driving Change", (RM, Dec. 98,
p. 56) Johnny Centineo slashes costs and spreads the risk management word
at the University of Houston.
"Energy Efficiency: Proactive Strategies
for Risk Managers", E. Mills, A. Deering, E. Vine. (RM, Mar.
98, p. 12) New cost-saving technologies for saving energy can also help
companies manage risks and prevent losses.
"Ensure Recovery Success with Business Income
Insurance", V. Van Gilson. (CPM, Vol 3, 5, p. 21) Business
income insurance, if properly purchased, will do exactly what business
would have done under normal operating conditions, no more and no less.
"Enterprise Risk Management: Pulling It Together",
A. Berry, J. Phillips. (RM, Sept. 98, p. 53) Implementing an effective
enterprise risk management strategy requires uniting different organizational
departments to identify potential causes of loss and develop integrated
approaches to address exposures on a portfolio basis.
"Focus on Risk", P. Feldman.
(RM, Sept. 98, p. 12) We visited with executives in fields ranging from
coal mining to managed care to explore the challenges they face, how they
meet them and what they see for the future of risk management.
"Geographic Risks: Natural Wonders",
V. Van Gilson. (CPM, Vol 3, 6, p. 12) One of the most important things
businesses can do to protect against geographic risks is to understand
the environment in which they are located and the threats that the environment
poses.
"Getting a Grip on EMU", C. Johnson.
(SURV, May 98, p.12) Getting a grip on the business implications of EMU.
"Government-Business Partnerships",
E. Martin. (DRJ, Vol 11, 3, p. 36) The federal government has identified
efficacy problems with the traditional disaster recovery model (FEMA IG,
1995). It is based on bureaucratic processes, established administrative
practices and procedures and local governments.
"Harnessing the Super Powers of Contingency
Planning Catalysts", V. Van Gilson. (CPM, Vol 3, 10, p. 12)
How do you convince corporate superpowers--board memebers, CEOs, CFOs,
CIOs--that a non-revenue-generating activity is in the best interest of
business well-being?
"Holding the Line Against Organized Crime",
R. Williams. (SM, Apr. 98) Once the criminal operators wrap their tentacles
around a business, it is difficult to remove them--but not impossible.
"Home Away From Home", B. Rojas.
(CPM, Vol 3, 7, p. 10) Alternate sites have come in handy for many types
of businesses--including the New York Yankees baseball team, which moved
from Yankee Stadium to Shea Stadium on short notice.
"Honey I Blew Up the Data Center",
P. Kelley. (DRJ, Vol 11, 3, p. 72) It is human nature to assume that better
times are just around the corner. We fool ourselves by thinking disasters
will never happen to us.
"Implementing an Enterprise-Wide Security
Program", K. Tudor. (DRJ, Vol 11, 2, p. 24) The process of
identifying threats and the risks they pose within your organization is
a cost-effective way to eliminate the risk, or reduce its impact and frequencey.
For these reasons, the importance of performing this type of critical
analysis cannot be overstated.
"In Perfect Harmony", D. Owens.
(SURV, Aug. 98, p. 37) The London Stock Exchange has signed up to an historic
allliance.
"In the Line of Fire", D. Cooper.
(SURV, Aug. 98, p. 17) Changes in firearms legislation have had a dramatic
effect on the industry.
"In the Realm of Contingency Planning, Predictions
Aren't Crystal Clear", M. Simonelli, B. Vouglas. (CPM, Vol
3, 1, p. 24) What will 1998 bring for contingency planning professionals?
Truth be told, no one knows for sure. But our sources offered their educated
guesses.
"Industry Make Over: 3 'Tions' Collide",
B. Zalud. (SEC, Vol 35, 12, p. 41) Services from security businesses and
innovative partnering among market players--driven by the three "tions"
of globalization, consolidation and integration--continue to redraw the
lines between corporate security buyers and the industry.
"Insurance & Disaster Recovery Planning",
S. Van Mill, A. Gliane. (DRJ, Vol 11, 2, p. 89) During a recent seminar
for disaster recovery for small and medium-sized businesses, it became
evident that many company managers are unaware of some of the ways that
insurance can be effectively used to recover from a disaster.
"Joining Forces Against Crime",
D. Green. (SM, May, 98) These two partnerships show how public and private
security can work together.
"Keeping on Target", (SURV, Nov.
98, p. 39) Basics of business continuity--project initiation.
"Loss Control Strategies for Downsizing",
L. Hansen. (RM, Oct. 98, p. 38) When faced with a facility shutdown, a
comprehensive loss mitigation strategy is the key to reducing the potential
for worker unrest, an increase in claims and damage to the company's image.
"Managing Mother Nature", B.
Rojas. (CPM, Vol 3, 8, p. 10) Nothing disrupts business like a good, old-fashioned
natural disaster. That's why you need to know what wicked weather is heading
your way.
"Managing the Recovery Planning Project:
Part 2", D. Johnson. (DRJ, Vol 11, 1, p. 79) The second installment
form a two-part series, this article focuses its attention on the Five
Key Principles of project management.
"Negotiating the Pre-employment Background
Check Mine Field", (SEC, Vol 35, 4, p. 81) For many prospective
and former employers, the process of background checking gives them a
headache at best. At worst, it could give them a lawsuit.
"No Pressure, Only Solutions Found At IS
Expo", K. Riccio. (EMI, Vol 18, 3, p. 25) You've heard the
sayings Don't mess with success; don't fix it if it isn't broken; leave
well enough alone. Well, IS Expo is happy to oblige. This year more than
1,700 IS professionals walked the aisles of the 60,000 square foot-plus
IS Expo.
"Objectively Selecting an Insurance Broker
or Other Service Provider", L. Cox. (DRJ, Vol 11, 1, p. 77)
The selection of insurance can be a headache. How do you represent the
best interests for your company?
"Pollution Prevention: The Best-Kept Secret
In Loss Control", L. Bagneschi. (RM, July, 98, p. 31) A number
of pollution control measures, such as eliminating the use of hazardous
chemicals in production processes, can provide direct loss-control benefits
and lead to reduced insurance rates.
"Project Impact: Building a Disaster Resistant
Community", J. Witt. (DRJ, Vol 11, 1, p. 83) FEMA recently
launched Project Impact: Building a Disaster Resistant Community, an initiative
designed to challenge the country to reduce the effects of natural disasters.
"Quantifying Contingency Planning: What Have
You Done for Me Lately?", G. Therkalsen. (CPM, Vol 3, 8, p.
12) How do you quantify the return on investment for business continuity?
While there is no hard and fast financial formula it is possible to quantify
business continuity's value.
"Seeking Responsibility: Recovery for Risk
Managers", J. Gerber, R. Glazer. (RM, Feb. 98, p. 40) Pursuing
legal recovery in the wake of a large loss can provide a way for risk
managers to help enhance the corporate bottom line, but successful recoveries
depend on thorough investigations being launched as quickly as possible.
"Softening the Blow", F. . (SURV,
Aug. 98, p. 23) FEMA initiative will change the way the US deals with
natural disasters.
"Suppliers Safeguarded", M. Keating.
(CPM, Vol 3, 10, p. 32) Is vicarious exposure a fact of life or can businesses
insulate themselves from their suppliers' losses?
"Supporting the 21st Century Workplace",
D. Knapp. (EMI, Vol 18, 3, p. 33) As we move into the 21st century, customer
support is going to increasingly be used to differentiate companies and
products. Every indication is that the demand for quality support will
continue to increase. Establishing a responsive, competent help desk is
no longer an option, it's a critical success factor.
"The Best Laid Plans", M. Arata.
(SM, Mar. 98) Employers must implement emergency action plans, not only
because it is the law but also because it can make the difference between
life and death when an incident does occur.
"The Big Picture", A. Maurice.
(SURV, Aug. 98, p. 10) To minimize losses companies need to look at the
big picture.
"The Big Picture", B. Taylor,
R. Ginn, B. Armstrong. (DR Guide, 1998, p. 25) The "big picture"
for planning and managing emergencies is similar, whether you're working
for buinsess or for government, two sectors which are highly interdependent,
no more so than during a disaster.
"The Challenge Ahead: Adopting an Enterprise-Wide
Approach to Risk", E. Busman, P. Van Zuiden. (RM, Jan. 98,
p. 14) A growing number of organizations are adopting integrated approaches
to risk management. For risk managers accustomed to managing hazard risks,
this movement represents both a threat and an opportunity.
"The Effective Use of Consultants",
R. Schiesser. (EMI, Vol 18, 2, p. 53) When are consultants worthwhile?
When are they an expensive waste of time? In which areas of operations
are they most valuable? Least valuable? Learn the answers to these questions
plus others regarding the cost-effectiveness of hiring consultants.
"The Perfect Plan", B. Vouglas.
(CPM, Vol 3, 4, p. 10) When we asked six industry vendors to create the
perfect business continuity plan, we knew it was a tough assignment. Plan
proposals from Alpine Computer Systems, Comdisco Continuity Services,
IBM Business Recovery Services, MLC & Associates, Strohl Systems,
and SunGard Planning Services didn't let us down.
"Tips for Settling a Business Interruption
Claim", B. Kush, J. Schmitchel. (RM, Oct. 98, p. 42) Knowing
how to assemble and communicate a persuasive and supported business interruption
claim can make the difference between disputes or disappointment and a
favorable settlement.
"Trust, Truth & Fairness: Fiduciary Responsibility
Meets BCP", R. Campbell. (CPM, Vol 3, 5, p. 18) Historically,
legal implications, threats, and fear were used to gain commitment for
BCP. Today, enhanced market share, impact on bottom line profits, and
stakeholder value are the driving forces behind implementing enterprisewide
BCP.
"Unbelievable Interrruptions",
B. Rojas. (CPM, Vol 3, 9, p. 12) This collection of bizarre business disruptions
and nonsensical near misses gives planners the ammunition needed to combat
"it can't happen here" attitudes.
"Under Control", M. Redmond.
(SURV, Aug. 98, p. 20) Deloitte & Touche outline the critical business
continuity issues facing the financial sector.
"Value at Risk: The Effects of Catastrophe
on Share Price", R. Knight, D. Pretty. (RM, May, 98, p. 39)
In the wake of catastrophic losses, a variety of factors help determine
the immediate effects on a corporation's stock market valuation as well
as its future recovery.
"What is This Thing Called Risk Management?",
J. Schaming. (DR Guide, 1998, p. 26) The most frustrating part of being
a risk manager is responding to people's misconception of what risk management
is.
"When In Doubt, Simulate", M.
Jablonowski. (RM, Nov. 98, p. 44) Computer technology has introduced the
art of experimentation to the discipline of risk management. By testing
alternative techniques in a controlled setting, we can evaluate their
effectiveness like never before.
"Who's Next?", B. Vouglas. (CPM,
Vol 3, 1, p. 10) People planning paid off for Coca-Cola. The lack thereof
cost Disney, short-circuited AT&T, and proved in the process that
data isn't the only resource requiring backup. Succession planning can
help ensure the continuity of mission-critical positions from CEO on down.
INFORMATION
TECHNOLOGY & TELECOMMUNICATIONS
"A Rescue Plan for Your
LAN", M. Leary. (SM, Mar. 98) Learn how to develop a strong
disaster recovery plan for you LAN.
"A Systematic Approach to Continuous Operations",
W. Douglas. (DRJ, Vol 11, 3, p. 62) As the information revolution evolves,
corporate executives are becoming more concerned with ensuring their operations
are available when their customers want them.
"A View from Washington: Cyber-threat Prevention",
M. Braham. (DRJ, Vol 11, 1, p. 38) Companies and organizations are unknowingly
allowing themselves to be vulnerable towards the possibilities of internet-cyber-terrorism.
"A Viewpoint", M. Ranum. (SM,
Aug. 98) Is network intrusion detection software being used correctly?
"Access Control", (SC, Vol 9,
11, p. 38) The evolution of computer technology through the PC, Windows
and now the Internet has thrown wide the doors of access into your organization.
This month we look at eight soft- and hardware products that aim to help
you manage who sees what and when. They are: Latches, Norman Access Control,
PCShield, PD Secure, SafeBoot, SafeGuard DACS, Watchdog and XyLoc.
"Automating Messaging and Queing Middleware
in Your Enterprise", C. Dimond. (EMI, Vol 18, 2, p. 43) MQSeries
is a tool for integrating applications and providing connectivity in a
distributed environment. Unfortunately for users, MQSeries does not manage
itself. One of the key areas of MQSeries management is automation. Most
enterprises are experiencing a staffing crunch given the explosive nature
of IT growth across the nation. This means that less people are doing
more to ensure the health of IT. Couple this with the fact that MQSeries
is a new technology for most and that IT staff is sandwiching MQSeries
development between their regular jobs, and you have an incredibly stressful
atmosphere. This article examines how automation of MQSeries helps, and
how to determine if a task is appropriate for automation.
"Banking on a Secure Internet",
N. Hammond. (SM, Feb. 98) Security First Network Bank wanted to make cyberspace
the ultimate branch, but first it had to find a way to secure its virtual
vault.
"Best Practices In The Data Center",
M. Levin, W. Goeckel. (EMI, Vol 18, 2, p. 35) What are the world class
data centers doing to operate more efficiently and cost effectively than
their peers? This article presents a description of best practices for
many areas of the data center. It discusses how a data center's size,
technical configuration and workload affects achievement of best practices.
Surprisingly, even some very small data centers have learned how to operate
so efficiently that outsourcing vendors can't touch them.
"Business Continuance: Beyond Disaster Recovery",
J. Ogorchock. (DRJ, Vol 11, 1, p. 24) Over recent years, technological
advancements have reshaped the DR industry and have enabled a restructuring
of DR philosophies. This article examines the emerging mirroring techniques
being developed today.
"Capacity Planning for Open Systems Environments",
R. Schiesser, J. Hallbauer. (EMI, Vol 18, 4, p. 35) The dynamic nature
of open systems both necessitates and hinders effective capacity planning.
An awareness of practical tips, tools, and techniques can help lessen
the challenge and expand the benefits.
"Centralized Enterprise Storage",
J. Harper. (EMI, Vol 18, 6, p. 41) Growth in distributed client/server
computing, data warehousing, mixed-media, and Internet technologies has
fueled increased demand for storage, developments in intelligent storage
management, and a critical need for long-term storage planning in the
data center.
"Centralizing Server Backups",
K. Koski. (DRJ, Vol 11, 3, p. 28) Put yourself for a moment in the CIO's
chair at one of the nation's largest insurance firms. From corporate headquarters
in the midwest, you manage information systems for a Fortune 150 firm
with $60 billion dollars in assets, operating through 4,200 agencies across
the country.
"Centralizing Server Backups: An Update",
K. Koski. (DRJ, Vol 11, 4, p. 32) Originally printed in an earlier issue
of DRJ, the authors recently revised this article with newer data concerning
the IS departmental processes.
"Commercial Recovery Facilities",
T. Schreider. (DRJ, Vol 11, 1, p. 40) This article proposes a new set
of questions to help select a hot-site vendor for your company.
"Communications Security", (SC,
Vol 9, 9, p. 16) Doing business in real time is no longer a local or even
national operation--it's worldwide. With it comes serious security implications.
SC Magazine gives you the low-down.
"Computer Forensics", (SC, Vol
9, 10, p. 16) In the detection of all forms of crime, forensics are playing
an increasingly important part. What are the benefits and pitfalls for
the IT manager?
"Connection to Risk? Managing the Exposures
of Cyberspace", L. Jorgensen. (RM, Feb. 98, p. 14) When developing
plans for addressing the emerging exposures associated with conducting
business in cyberspace, risk managers must strike a balance between the
financial opportunities and the need to avoid liability.
"Consolidating in the '90s: Drinking From
the Firehose", P. Schlattman. (EMI, Vol 18, 5, p. 37) Using
a "real life" example of 12 data centers consolidated into one
centralized operation, this article addresses some of the key issues involved
in consolidation: asset management for computer hardware and software,
communications design, systems integration and migrating software.
"Continuity & Recovery of a Local Area
Network", M. Le Brun. (DRJ, Vol 11, 3, p. 54) Not so long
ago, continuity and recovery specialists in large corporations had to
deal with new challenges with the advent of client-server technology.
This approach once again added another level of complexity to all of the
plan and procedure management and operation functions.
"Corporate Security: the Way Ahead",
(SC, Vol 9, 11, p. 22) It is dawning on IT professionals just how incredibly
complex information security really is--even in small corporations, security
people have to somehow secure and manage thousands of workstations, servers,
passwords, nodes, networks and what-have-you. How will they be able to
do this securely?
"Data Backup Fundamentals", P.
Myatt. (CPM, Vol 3, 3, p. 12) Vital records are the keys to the success
of the business resumption process. Without vital records there is no
chance of the resumption of a business operation from a catastrophic loss
of function.
"Data Center Downtime Quiz",
B. Kolbl. (DRJ, Vol 11, 1, p. 54) This 10 question quiz is established
as an aide in determining how much your company is at risk.
"Data Marts: A New Path To Data Warehouse
Implementation", B. Pike. (EMI, Vol 18, 1, p. 39) The economics
and ergonomics of building and supporting data warehousing have significantly
improved. Over the last 18 months, the technology cost of data warehousing--computing
power, disk memory and adding bandwidth across the network--has dropped
by half, while performance has doubled. The same technological improvements
are, for the first time, making it relatively easy to justify the use
of multiple specialized data warehouses, popularly known as data marts,
at the deparmental level.
"Disaster Recovery in the AS/400 Arena",
H. Royster, R. Schiesser. (EMI, Vol 18, 1, p. 12) A decade or so ago,
the thought of a major disaster striking a mainframe computer center was
an utmost concern among data center managers. As the core businesses of
large corporations become more totally dependent on reliable mainframe
services, the need to formalize and test disaster recovery plans became
readily apparent. The courtship of computer reliability and disaster recovery
is now shifting to the arena of midrange computers.
"Disaster Recovery Services Help Keep Operations
Flowing for AS/400 Systems", M. Underwood. (DRJ, Vol 11, 4,
p. 22) With natural disasters and unforeseen computer glitches a constant
threat, the data that you must maintain is always at risk. Increased dependency
on computer systems requires proactive services to maintain constant availability.
"Documentation in the Digital Age",
S. van der Hof. (SM, Apr. 98) The status of digital signatures in electronic
commerce has been muddy at best. New legislation and regulations, both
in the United States and Europe, may be changing all that.
"Don't Get Hung Up on Call Center Contingencies",
M. Simonelli. (CPM, Vol 3, 7, p. 28) Take away the telephone and call
center-based businesses border on nonexistent. As call centers begin to
serve as revenue-generators, businesses are starting to understand their
importance in the overall corporate structure and the need to protect
them.
"Don't Let the Bugs Bite", M.
Gamley. (SURV, Nov. 98, p. 22) Public key infrastructure could be the
key to electronic commerce security.
"Economic Espionage Explosion",
(SEC, Vol 35, 5, p. 14) Breaches in information security and physical
security tied to competitive intelligence and corporate espionage are
on the rise.
"Electronic Access Security",
(SC, Vol 9, 8, p. 38) Monitoring legitimate Internet Traffic as well as
trying to curb flagrant misuse is a constant headache for MIS managers.
We look at eight products that help you to establish good electronic security
within your orgranization.
"Electronic Commerce", (SC, Vol
9, 8, p. 20) Business on the Internet is booming. We look at the pros
and cons of trading on the new digital frontier.
"Emerging New Security Companies",
(SC, Vol 9, 1, p. 20) We examine the trends in information security and
the companies who are delivering or are about to deliver appropriate solutions.
"Enterprise Management Issues and Tools",
T. Zigrossi. (EMI, Vol 18, 5, p. 59) Enterprise management is a popular
topic today as companies seek methods and products allowing them to easily
manage complex systems, accommodate changing technologies and user needs
and reduce costs. Find out the critical issues involved in enterprise
management and how to make it work in large companies.
"Firewalls", (SC, Vol 9, 5, p.
33) When it comes to implementing a corporate security policy, one of
the first items most network administrators consider is the firewall.
Of the three main architectures which are currently in use: static packet
filtering, dynamic packet filtering/statweful inspection and proxy servers,
which is the right type of product to use in your organization? We consider
ten products on the market and give our verdict.
"Firewalls: Inside, Outside and Integrated",
(SEC, Vol 35, 12, p. 94) Numerous networks nationwide are under fire from
hacker attacks and subterfuge, and firewalls, though not infallible, can
provide the necessary security and piece of mind to continue business
as usual.
"Hanging on the Telephone", R.
Gilbert. (SURV, Nov. 98, p. 15) Over 80% of businesses are dependent upon
the telephone for their critical business function.
"Hidden Hazard: Single Point of Failure Can
Be Catastrophic", S. Birge. (DRJ, Vol 11, 3, p. 74) Despite
sophisticated protection systems and a tremendous amount of redundancy,
one of the world's largest networks crashed, suddenly and completely.
"High-Tech Crimes Can Lead to High-Tech Disasters",
J. Wiles. (DRJ, Vol 11, 1, p. 46) The author takes a look at cyber-theft
and its ramifications on the DR industry.
"How to Cut Through the Hype about the World
Wide Web?", C. Braden. (DRJ, Vol 11, 3, p. 24) With all the
dazzling technology today, business owners are left with starry-eyed expectations
which, more often than not, lead them to disappointment. Others are more
realistic, but lacking the technical skills themselves, they rely on "web
experts."
"In the Shadow of the Internet",
B. Bennett. (DRJ, Vol 11, 1, p. 86) This article examines the increasing
growth of the Internet in relation to DR.
"Integrating Disaster Recovery Into the High-Availability
Agenda", J. Jackson, M. Woodworth. (CPM, Vol 3, 6, p. 22)
Availability management is the discipline that helps companies prevent
most systems outages, and anticipate and manage outages that are not avoidable.
"Internet Intricacies: Don't Get Caught In
the Net", J. Kennedy. (CPM, Vol 3, 1, p. 12) Internet outages
and security breaches happen every day and can translate directly to lost
sales, lost revenues and even lost customers. How long can a business
run without a link to its customers, its suppliers, or without access
to critical information?
"Intranet Security: Contradiction in Terms?",
(SC, Vol 9, 5, p. 18) They're the big story this year. They're what client/servers
were a decade ago, what minis were in the '70s, and mainframes were in
the '60s. They are the way that business computing is going to be done
now. But no one (at least not among those with gold keys to the executive
washroom) seems to realize how dangerous they really are.
"Keeping Secrets", (SC, Vol 9,
9, p. 34) Encryption, despite the recent cracking of the 56-bit DES code,
still remains the safest way to part with digital information. We review
10 encryption products and assess just how safe they are for you to use.
"Less Is More", B. Jordan. (CPM,
Vol 3, 10, p. 24) A records management strategy that sends more to the
shredder than to the shelves may save you more than space.
"Millennium Mayhem", P. Fisher.
(DRJ, Vol 11, 3, p. 80) Over the past several years the world has become
increasingly interlinked and inter-connected. More and more businesses
are rarely out of touch with those who may need to reach us--to answer
questions, to respond to emergencies, and reply to opportunities that
might otherwise be missed.
"Mirroring and Failover Systems",
L. Stevens. (EMI, Vol 18, 2, p. 12) In order to protect against hardware
or software failures in client/server systems, many organizations use
clusters or RAID arrays. But those solutions do not protect against disasters
in which the entire site becomes inoperable. There are now a number of
mirroring and on-line backup products which replace data in real-time
or near real-time and send them over a WAN to an off-site location.
"Network Data Mirroring Delivers Wide-Area
Protection Augments, Tape Backup, & RAID Devices", J.
Welco. (DRJ, Vol 11, 1, p. 41) This article takes a look at the latest
techniques in network data mirroring.
"Network Vulnerability: Rate Your Relationships",
L. Wrobel. (DR Guide, 1998, p. 46) Do you have a business resumption plan
in place to address the vulnerabilities of your site's client/server system?
Would your network be safe in the event of a disaster?
"Network-Down Response", J. McFadden.
(DRJ, Vol 11, 1, p. 94) "As companies' requirements to deliver information
critical to daily business continue to grow, corporate data networks must
expand…"
"New Technology: New Risk", D.
Laux. (DRJ, Vol 11, 1, p. 34) There is evidence, based upon a 1997 survey,
more than 200 companies are at significant risk in the event of a disaster.
"Off-site Storage Enters the Digital Age",
K. Koski. (CPM, Vol 3, 10, p. 28) Here's how electronic vaulting helped
a fictional company to recover from a disaster.
"Past, Present, Future", C. Edfast,
G. Jannaway. (DR Guide, 1998, p. 45) Building a business operations recovery
capability is the primary directive of the enterprise-wide business continuity
plan.
"People Issues Prominent In Industrial Security",
(SEC, Vol 35, 5, p. 20) While emphasizing people issues more highly than
colleagues at other types of businesses, industrial security executives
nonetheless face other, sometimes more threatening concerns: economic
espionage, computer security, access and egress needs, employee theft
and burglaries.
"Physical Security and Insurance",
(SC, Vol 9, 2, p. 22) Insuring IT risks is almost as complex a jungle
as the IT security business itself. It is, however, a task crucial to
the long-term success of an organization, and one that should not be tackled
lightly, as SC Magazine discovers.
"Prepare or Fail", M. Sheehan.
(DRJ, Vol 11, 4, p. 18) When it comes to Disaster Recovery (DR), pre-planning
is of the utmost importance, especially if you are the one responsible
for timely restoration of IT resourses.
"Protecting the Portables", (SEC,
Vol 35, 8, p. 69) Laptops, palm tops and other computer equipment that
are made to be portable are increasingly popular business aides. And they
are a security risk.
"Public-key, Digital Documents Talk of Firms",
(SEC, Vol 35, 10, p. 88) Representatives from several firms in the security
industry met for a roundtable on the issue of public-key infrastructure
(PKI) and digital documents and how these new technologies have and can
aid businesses.
"Putting IT to the Ultimate Test",
S. Harwood. (SURV, Nov. 98, p. 33) A new model designed to get the most
out of software development.
"Relocating A Data Center", L.
Stevens. (EMI, Vol 18, 6, p. 25) Ten years ago, relocating a data center
was probably the most complex and difficult job an IS manager had to contend
with in his or her entire career. Now, it may be even harder. Not only
are systems more widely distributed throughout the enterprise, but those
distributed systems carry more mission critical applications and data
than ever before. So moving systems now often requires coordinating the
work of many different departments, and supervising groups from accounting
to human resources.
"Revolution--Computer Protection",
D. O'Mara. (SEC, Vol 35, 3, p. 73) Hardware devices lock everything from
personal computers, towers, notebooks, printers, fax machines, copiers
and network servers and even the information inside. It's a growing trend
meant to address the big business of computer theft.
"Scrutinizing Network Security",
G. Sanders, J. Johnson. (CPM, Vol 3, 5, p. 12) Our need to communicate
and share information necessitates the protection of intellectual assets
from misuse.
"Security on the Road", (SC,
Vol 9, 7, p. 34) Increasingly, the laptop PC is being seen as a means
of increased productivity--what better use of in-flight time than to get
some work done? But theft and security still pose problems. We look at
seven products that aim to keep you safe.
"Slaying the 'Net Dragons", J.
Harper. (EMI, Vol 18, 6, p. 17) With more and more companies creating
Web sites on the Internet--allowing users to download software upgrades,
make purchases, access the corporate directory, etc.-- security over the
Web is becoming a huge concern. Learn how hardware, software and common-sense
safe-computing practices can safeguard a company's sensitive information.
"So, You're Contemplating Changing Recovery
Software", M. Fels. (DRJ, Vol 11, 4, p. 54) In today's world,
it is unlikely that you will survive if you cannot embrace the constant
changes in technology, business practices, legislation, consumer demand
and a myriad of other things. The one constant in our world today is "change."
"Software Piracy", (SC, Vol 9,
6, p. 16) For software developers pirates are an obvious threat. But for
users they're even more deadly.
"Software Protects Encrypted Data",
(SEC, Vol 35, 12, p. 52) A new software program that controls distribution
of confidential information was released last month at the Computer Security
Institute Expo in Chicago by Digital Delivery, Bedford, Mass.
"Spotlight on: Document Management",
(SURV, Feb. 98, p. 42) A vibrant, hi-tech industry which has become an
essential ingredient of modern business practice.
"Tactical Computing: Peculiarities in Business
Continuity", R. Settergen, F. Aylstock. (DRJ, Vol 11, 1, p.
90) The two authors examine the need for a "business continuity awareness."
"Telecommuting", (SC, Vol 9,
3, p. 16) "…Telecommuting and remote access have initiated a
revolution in the way Corporate America does business. But they've brought
with them new and dramatically different kinds of security risks."
"The ABCs of Distributed Data Resilience",
A. Mudrow. (CPM, Vol 3, 9, p. 24) Any enterprise is subject to a variety
of man-made and natural disasters that could affect the viability of its
data. Today's machine-readable information necessitates the bringing together
and protection of both the media containing the information as well as
compatible reading equipment before it can be accessed.
"The Impact of the Telecommunications Act
on Business Continuity Plans", C. Barrow. (DRJ, Vol 11, 1,
p. 30) This article analyzes the effects of the industry on the Telecommunications
Act of 1996.
"The Myths of Automation", P.
Arsenault. (EMI, Vol 18, 3, p. 39) If automation is so important to the
success of the data center, why do automation projects never seem to reach
their original objectives? Why do they seem to go on forever? The answers
to these questions and others can be uncovered by exploring the myths
associated with an automation project.
"The New Cold War: Industrial Espionage",
(SC, Vol 9, 4, p. 20) Industrial and commercial espionage has been with
us for as long as there have been industries and commerce. Increasingly,
computer security professionals are the first line of defense against
ever more sophisticated corporate spies.
"The Security Component of Continuity Planning",
M. Braham. (DRJ, Vol 11, 3, p. 12) What does "security" really
mean to your organization? Some of us think of guards and alarm systems,
while others think of computers and firewalls.
"Utility Security Faces Remote Site, People
Issues", B. Zalud. (SEC, Vol 35, 10, p. 22) Confronting forces
ranging from deregulation to terrorists, utiltity companies face more
mundane daily risks such as computer break-ins and unauthorized access.
"Virtual Private Networks", (SC,
Vol 9, 6, p. 36) Communicating data between physically remote sites is
becoming an essential part of modern business practice. We take a look
at eight VPN products to ensure that your private data is not at risk
from being hijacked, tampered with or simply being viewed by persons not
authorized to do so.
"Virtual Tape Storage Management and Automation",
W. Gray. (EMI, Vol 18, 5, p. 29) Virtual tape storage management is considered
by many to be the next significant innovation for tape and automated tape
library solutions. But what is virtual tape storage management? What operational
problem does virtual tape storage address and how does it fit into an
automated environment?
"Vulnerability of the Corporate Backbone
Needs Attention", (SEC, Vol 35, 7, p. 67) The corporate backbone
is the wire or conductor for a facility around which communication flows.
The corporate backbone of a facility's communications system is a pipeline
says John J. Strauchs, CEO, Systech Group, Reston, Va. "The backbone
needs the ability to be fast enough and large enough (bandwidth) to handle
the data it must handle," he says.
"Web Security in Focus", (SC,
Vol 9, 7, p. 16) The Internet is fast changing how companies do business.
What measures are being taken to ensure the security of the new web sites?
"What You Need to Know about Electronic Vaulting",
K. Koski. (DRJ, Vol 11, 1, p. 56) Using a question and answer format,
the author outlines technological advances in electronic vaulting.
"Who's on the Company Network?",
R. Herold, S. Warigon. (SM, Jun. 98) Companies must find ways to give
nonemployees electronic access to data without compromising security.
FACILITY
ISSUES
"Acccess, CCTV Growth
to Handle Diverse Threats", B. Zalud. (SEC, Vol 35, 4, p.
28) From city hall to the Pentagon, officials are hardening their security
to restrict access, monitor activity and flatten the incidents of theft,
violence and terrorism.
"Assessing Trends in Access Control",
M. Gips. (SM, Sept. 98) Interviews with industry experts reveal notable
trends in access control.
"Automation Galvanizes Security",
B. Quinnelly. (SM, Oct. 98) Alabama Power's security team reveals how
it met the challenge of reducing staff while maintaining safety standards.
"Deciphering Deregulation", B.
Vouglas. (CPM, Vol 3, 5, p. 10) The deregulation of electrical power generation
has sparked questions from businesses concerned with power quality and
reliability. Asking some important questions and investigating options
will ensure that your business' experience with deregulation won't be
a power struggle.
"Developing the Right Sensitivity to Weapons",
S. Dennison. (SM, Aug. 98) Find out what you need to know to select the
right x-ray machines and metal detectors for your site.
"Disruption Defense: Plan Before Packing
It Up", (CPM, Vol 3, 8, p. 28) Relocation may be an effort
to increase or decrease workspace, allow a new start after a natural disaster,
or be financially prudent. Regardless of the circumstances, a business
must prepare for a move in order to achieve a smooth transition.
"Employee Theft Bigger, More Diverse Problem",
B. Zalud. (SEC, Vol 35, 7, p. 18) More security execs see internal theft
and employee theft as a "higher" concern than shoplifting and
smarter criminals. For instance, less than one in four retail security
executives believe shoplifting has increased this year.
"First Things First! Prevent and Mitigate
then Plan for Recovery", T. Campbell, P. Moore. (DR Guide,
1998, p. 57) In today's highly competitive environment, companies are
struggling to stay on top by finding ways to both limit expenses and increase
profits. No company can afford the loss of property and productivity from
destruction caused by fire or natural hazards.
"Helping Schools Become Better Security Buyers",
(SEC, Vol 35, 5, p. 29) In the wake of yet another school shooting, this
time in Jonesboro, Ark., the subject of school security looms larger than
ever. Schools and communities across the country are examining their own
vulnerability and, in many cases, taking steps to increase security.
"High-Tech Security Helps Low-Income Housing",
(SEC, Vol 35, 1, p. 25) Since 1992, the Marshall Field Garden Aparment
Homes (MFGAH) in Chicago has used a system that combines hand geometry
biometrics from Recognition Systems, Campbell, Calif., portal technology,
anti-tailgating mats and specially developed software. The InterGuard
Passage Control System is being developed and marketed by Integrated Access
Systems, Inc., Chicago.
"Is Wiretapping Under Way? Listen to Your
Intuition", (SEC, Vol 35, 12, p. 50) Counter espionage should
come into play when you have an intuitive feeling you are being wiretapped.
TSCM (Technical Surveillance Counter Measures) are used to combat espionage.
"It's a Disaster", (SC, Vol 9,
4, p. 36) Disasters mean not being able to operate. It may range from
an explosion, a simple power failure or a problem which takes your fileserver
down. In this Buyers' Guide, we have looked at a number of products that
could help you to defend against such disasters.
"Lock In a Good Key Policy",
C. Cameron. (SM, Aug. 98) These tips on developing a good mechanical key
control policy can help improve physical security.
"Mail Center Security", C. Giusti,
S. O'Hara. (SM, Nov. 98) The corporate mail room can be safeguarded against
theft, fraud, and other crimes by following these basic guidelines.
"Make an Informed Decision On Halon Replacement",
(SEC, Vol 35, 3, p. 47) While the deadline for phasing out halon production
is long past, the issue of how and when to replace it is still current.
"Ozone Uses in Disaster Restoration in Business",
R. Fink. (DRJ, Vol 11, 2, p. 94) This article will answer many of the
questions and concerns about ozone and its use as a purifier, disinfectant,
deodorizer, and new business oportunity.
"Power Supplies: Often Forgotten, But Critical
System Element", B. Zalud. (SEC, Vol 35, 3, p. 51) Of all
the considerations surrounding an integrated security system, access control,
CCTV burglar the most overlooked--but the most critical.
"Proactive Planning", K. Hodgson.
(SEC, Vol 35, 6, p. 22) West Suburban Hospital Medical Center, Oak Park,
Ill., believes in budgeting for the future. Starting in 1981, this 330
bed facility implemented a five-to 10-year plan to bring in security technology.
What they quickly realized, however, was that this was more of an ongoing
process than a static plan.
"Profitability through Facility Protection",
C. Hertig. (SEC, Vol 35, 2, p. 54) Facility managers face a number of
asset protection challenges. But these managers may not view security
and asset protection as a key issue, that's until disaster strikes.
"Protecting What's Priceless",
B. Rojas. (CPM, Vol 3, 6, p. 10) Museum contingency planners face the
unique challenge of protecting priceless works of art. And you'll never
guess where most of it is stored. That's right, in the basement.
"Protection without Halon", Y.
Keafer. (DRJ, Vol 11, 3, p. 38) Halon 1301 has been the preferred means
of fire protection in computer and electronic data processing areas since
the 1960s. However, its long-term future is in question because of its
classification as a chlorofluorocarbon (CFC).
"Security Training: Task Analysis and Design",
M. Leary. (SEC, Vol 35, 6, p. 58) The analysis phase identifies and describes
all tasks associated with the security function. This phase drives the
development of training that will allow security departments to accomplish
their mission and personnel that can perform their tasks.
"Show Me the ID", D. Heinrich.
(SM, Dec. 98) This leading computer company used a simple contest and
marketing to make access control everybody's business.
"Smart Buildings: Big and Little Gains Seen",
B. Zalud. (SEC, Vol 35, 2, p. 53) Most security directors and managers
have accelerated integration of separate security systems--access, CCTV,
monitoring, photo ID, life safety and communications.
"Stronger, Custom Guard Booths Make Good
Impression", (SEC, Vol 35, 4, p. 31) These days, when you
go to buy a pre-fabricated guard booth for your facility, the options
can seem nearly endless.
"Suite Security", M. Beaudry,
H. Brandt. (SM, Jan. 98) By integrating a system of locks, card keys,
and CCTV cameras, security can help hotel guests and owners enjoy suite
success.
"Surviving Extended Power Outages",
D. Goodrich. (DRJ, Vol 11, 3, p. 22) Can your business survive if your
facility is without electrical power for several days? Can your business
survive if your facility is without electrical power for a few weeks?
"The Key to Campus Security",
E. Phelps. (SM, May, 98) Through an understanding of mechanical and electronic
locks, security managers can design better access controls.
"The Shipments Must Go On", A.
Longmore-Etheridge. (SM, Nov. 98) This company's security team discusses
how it protects merchandise and cargo shipments at its distribution facilities.
"What Now? Assessing Damage Due to Floods",
T. Smith. (DR Guide, 1998, p. 59) Floods in the Midwest, Canada and the
South…the current threats of El Nino…fire sprinklers in your
own facility--most of us could experience significant business disruption
from water damage to electrical equipment and switches.
|
