Date post: | 20-Jan-2016 |
Category: |
Documents |
Upload: | baldwin-shaw |
View: | 213 times |
Download: | 0 times |
111© 2005 EMC Corporation. All rights reserved.
Achieving Business Resilience
2005 Business Continuity andCorporate Security Show & Conference
Stephen E. HigginsDirector, Business Continuity and Security, EMC Corporation
March 22, 2005
22© 2005 EMC Corporation. All rights reserved.
EMC/RoperASW poll of US and European executives shows:
Gap in perception of data vulnerability between IT (52%) and business (14%)
40% of respondents were unaware of business continuity / compliance regulations
Pressures AffectingBusiness Continuity and Corporate SecurityCost Containment, Operational Risk Management, Mergers,Government Regulations, Increased Customer Demands
Do more with less
More applications are deemed critical to business
Rapid technological changes
Prioritizing requirements from different parts of business
33© 2005 EMC Corporation. All rights reserved.
Building a Case
Another Data Broker Reports a Breach
March 10, 2005
E-mail Archivers KeepCompanies Legit
February 2005CIOs Say Consolidation
and Cybersecurity Top Priority List
February 15, 2005
Patients' Private Data Put OnlineMarch 11, 2005
How to Justify Information
Security Spending March 17, 2005
44© 2005 EMC Corporation. All rights reserved.
The Analyst Perspective
Business Continuity (Meta/Gartner)
– By 2007/08, 80% of Global 2000 organizations will use a continuum of data protection and recovery mechanisms that rely primarily on high-availability disk-based recovery products that enable rapid business resumption.
– By 2008, 45% of Global 2000 users will utilize two data centers to deliver continuous availability; of these, 25% will support real-time recovery.
Data Security (FBI)
– 50-80% of electronic attacks originate inside the firewall– 67% of companies reported internal breaches in last 12
months
Physical Security (Frost & Sullivan)
– Within the next 4 years most video surveillance images will no longer be analog and will be stored digitally
55© 2005 EMC Corporation. All rights reserved.
What are Organizations Thinking About?
BusinessBusinessContinuityContinuity
Data StorageData StorageSecuritySecurity
PhysicalPhysicalSecuritySecurity
Linking these disciplines to create an operationally resilient organization
66© 2005 EMC Corporation. All rights reserved.
How Do You Rate?
BusinessContinuity1. Infrastructure
Multiple sites2. Continuity of operations
Workload sharing3. Recovery time
Under four hours4. Application
dependenciesRestartability
5. Data loss toleranceApproaching zero
6. DistanceIn-region / out-region
7. External dependenciesTested / known
8. Test frequencyQuarterly or with major system changes
Data StorageSecurity1. Policy
Integrated2. Implementation
End-to-end3. Defense in Depth
Encryption4. Risk Propensity
Greater Awareness 5. Vulnerabilities
Assessed & Managed6. Network
Access Control Management
7. BCPIncluded and tested
PhysicalSecurity1. Video
Digital2. Positioning
IT supported3. Application Integration
Linked to legal / law enforcement
4. ConsolidationReduction in the # of locations storing images
5. BCPIncluded
77© 2005 EMC Corporation. All rights reserved.
Questions to Ask
When were your business continuity capabilities last audited?
Is your existing recovery environment meeting your defined service level objectives?
Have you classified the service level objectives for key applications?
Is Data Security included in your BC plans?
What vulnerabilities have been identified and mitigated?
Are you prepared to handle the impact of Physical Security?