V O L U M E 1 3 , I S S U E 2QUARTERLY ISSUE

DATA AND voice AT RiSK!Keep Your Business Running 24/7

2 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

IncessanData Center Development

Continuing without interruption

That’s what it means to be incessant. When your company’s success

relies on continuity, do you want a third-party provider in control?

Let us show you the benefits of internalizing your disaster recovery center

using A.S.E.T.S., our Advanced Synergistic Engineering Technical Services.

Put yourself back in complete control.

With over 100 years of combined experience globally,

Incessant Data CenterDevelopment, Inc., is committed to help

you achieve a comprehensive internalized business continuity

and disaster recovery plan.

888.432.3290 / incessantdata.com

ConstructIntegrateDesign

3

in this economy, budgets are get-

ting cut everywhere. Whether it’s

payroll, operating expenses, capital

expenditures, consulting contracts…

everything seems to be expendable.

But when it comes to data and voice continuity, a

small outage or interruption could quickly become

a major company disaster. Should your strategy be

“Hope it all works!”?

For 14 years, the Disaster Resource guiDE has pulled

together information and resources to help your orga-

nization stay operational, no matter what. We have

some terrific articles in this issue to help you get the

most bang for your buck protecting voice and data. in

addition, we have five “Solutions Showcase” features –

each is a case study addressing a specific risk.

in the coming weeks, watch for “Data & Voice at Risk”

Part ii in our Wednesday Continuity e-guiDE. We have

more provocative articles about data and voice exposu-

res. To sign up for the free newsletter, go to:

http://www.disaster-resource.com/cgi-bin/freeguide.cgi.

There are ways to protect and recover, even in a reces-

sion! Don’t just hope it all works.

Tommy Rainey

Publisher

Disaster Resource guiDE

714.558.8940

publisher@disaster-resource.com

www.disaster-resource.com

3

“leT’S JuST hoPe iT All woRKS.”

ANNuAllY

QuARTeRlY

weeKlY

24 /7

mini-Guide

each of the 3 quarterly issues delves deeper into a single content category (i.e. Facility issues, telecom/Satellite, education, it & communications, etc.)

The Disaster Resource GUiDe

Since 1996, the annual GuiDe has brought together the best of the best in one single volume. to subscribe, visit www.disaster-resource.com/freeguide

The Continuity e-GUiDe

every wednesday the e-GuiDe provides a concise seven-day snapshot of the business continuity and emergency management industry from around the world. Visit www.disaster-resource.com/freeguide.

The online GUiDe

connecting via searchable products, services, and news archives, including recent news and press releases, the website provides a concise, accessible, updated resource.www.disaster-resource.com

13TH ANNUAL

GUIDEDISASTER RESOURCE

2008 2009TwenTy DOLLARS

PlAnnInG&mAnAGemenT•HumAnConCeRns• InFoRmATIonAVAIlABIlITY&seCuRITY

TeleCom&sATCom• FACIlITY Issues• CRIsIs CommunICATIons&ResPonse

Planning, Preparedness & Management human concerns information availability & Security telecom & Satcom Facility issues crisis communications, Response & Recovery

FALL 2006FIVE DOLLARS

GUIDEDISASTER RESOURCE

FOR FACILITIES

PREVENTION & MITIGATION

PREPAREDNESS & RESPONSE

RESTORATION & RECOVERY

V O L U M E 1 3 , I S S U E 1RESPONSE & RECOVERY ISSUE

whAT DiD we leARN fRom huRRicANe iKe?

4 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Madico’s SafetyShield® Window Films eff ectively minimize the risk of

personal injury and property damage caused by a disaster, whether natu-

ral or man-made. In the case of a hurricane or an explosion, shards of fl y-

ing glass are extremely dangerous and destructive. SafetyShield Window

Films help to hold shattered glass in place, protecting your property and,

more importantly, the people in your building from these hazards.

SafetyShield Window Films can also help mitigate against forced entry

and smash and grab thefts, while our anti-graffi ti products act as a sac-

rifi cial layer protecting glass from acid, etching and paint. When vandals

strike, simply replace the fi lm — not the glass.

Not only do SafetyShield Window Films help facility owners increase

building safety and occupant comfort, they’re the most tested fi lms in

the industry.

Visit us at www.madico.com or call us at 1-800-225-1926 to learn more

about the many ways we can help improve your glass.

Protect people and property from fl ying glass.

Guard against blasts, forced entry and impacts.

5

3 From the Publisher

6 DR Planning in the C-4 EraBY JoN Toigo

11 SolutionS ShowcaSe Utilize a DR Vendor Who Can Account for

All of Your Company’s Recovery Time ObjectivesBY RoDNeY TYleR

12 The Protection ArchitectureBY RANDY chAlfANT

17 SolutionS ShowcaSe Booz Allen’s Emergency Communications

and Disaster IT SolutionsBY ShAwN wARD

18 Information Security in a Down EconomyBY eRNie hAYDeN

22 Cloud Computing: Weathering the Incident Management StormBY JeRemY Zollo & eThAN BRiNKmAN-hANSeN

24 SolutionS ShowcaSe Cooling Contingency Planning for Data Centers:

Be Prepared for Catastrophic FailureBY cARl SheDivY

26 Building the Data Protection Dream TeamBY eRic lomAScolo

29 SolutionS ShowcaSe A SMART™ Solution for Interoperability

30 Technology Marketplace

32 Advertiser Index & Web Directory

6

22

26

18

Volume13• Issue2

GUIDEDISASTER RESOURCE QUARTERLY

On the Web Visit the online GuiDe for more on this subject. www.disaster-resource.com

Crisis & Emergency Management • Disaster Recoverey • Business Continuity • Homeland Security

DiSASTeR ReSouRce guiDe • PuBliSheD BY emeRgeNcY lifeliNe CORP., PoBox15243,santaAna,CA92735•Tel:(714)558-8940•Fax:(714)558-8901•info@disaster-resource.com•www.disaster-resource.com•executive Publisher:W.T.Rainey•Publisher:KathyGannonRainey•editor:VanessaChris•Directory coordinator: CarlosRincon•Production coordinator:DanielHerrera•advertising Sales: Troyeverett,ClaytonBauland•circulation:CarmenPlascencia•office Support: elizabeth andWilliamRainey• PRoDuCTIonCReDITs:creel Printing • luis alvarado Design: luis alvarado, trina werkema • onTHeWeB:Visit the online GuiDe. lots of good information! exclusive online articles, what’s new, industry Briefs, Meet the Pros, Purchasing Priorities and much more! • www.disaster-resource.com

•DISASTER RESOURCE GUIDe(usPs024-902)–Volume 13 issue 2, november 2008 – is published quarterly (March, May, august and november) by emergency lifeline corporation, 1510 east edinger Ste D, Santa ana ca 92705 and mailed/distributed to qualified individuals who have requested a copy and who have oversight or responsibility for business continuity, enterprise risk, crisis management, emergency response, and/or homeland security. individual copies are available for $20.00. Periodicals postage paid at Santa ana, ca, and at additional mailing offices. • Views expressed by contributors are not necessarily those held by the publishers. the publishers do not accept responsibility for the veracity of statements made by the editorial or advertising contributors. the information is printed in good faith.

POSTMASTER:Send address changes to Disaster Resource GuiDe, Po Box 15243, Santa ana, ca 92735

6 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Regardless of the taxonomy, the C-4

issues are the key drivers that will

shape IT for the next few years, raising

challenges and opportunities for how

business continuity and disaster recov-

ery planning efforts will be pursued.

As one of the four C’s, continuity plan-

ning remains high on management’s list

of things to do, often a consequence of

regulatory mandates for data preserva-

tion and protection that will likely

increase in number over the next year.

Still, having a regulatory requirement

to develop an effective disaster recovery

plan is not, in and of itself, enough to

ensure effective planning, or even the

DR PlANNiNg iN The c-4 eRA B y J o n T o i g o

visit any company today and you are likely to find busi-

ness and iT managers confronting the same challenges.

call them the “c-4” issues: cost-containment, compli-

ance, continuity and carbon footprint reduction (reduced

iT energy consumption, also called green iT). Sometimes,

the latter two are subsumed in the former two categories,

with green iT construed as a matter of cost-containment,

and continuity subsumed under the compliance umbrella.

7

funding of programs over time. In fact,

there are many companies that are tak-

ing full advantage of “deferrals” – the

ability to satisfy auditors temporarily

(for a year or two) with the promise of a

plan, rather than the actual implemen-

tation of planned strategies. While not

a permanent hedge, such deferrals can

move the budgeting of resources from

this year to next while sparing manage-

ment the regulatory stick.

Truth be told, even in good times,

senior management doesn’t much like

to spend money on continuity plans

because they offer no tangible or imme-

diate return on investment. This view is

reinforced in the present economy which

sees most firms are carefully husbanding

their purses.

That fact has two implications for DR

planners: first, it means that “business-

savvy” must be added to the list of

prerequisites for anyone doing plan-

ning today. Business-savvy planners

must learn to see things the way that

the Front Office does, and regardless of

their passionate desire to build a world

class continuity capability and to get it

funded and implemented immediately,

be patient.

Secondly, it means that planners may

need to consider expanding the scope of

what constitutes traditional DR plan-

ning. Traditional DR planning focuses

narrowly on reducing risk to organiza-

tions by preventing avoidable outages

and by ameliorating the consequences

of natural and man-made interruption

events that cannot be avoided or pre-

vented.

DR Planning or Data Management?

So, what does expanding the scope mean?

For one thing, it may mean calling

the disaster recovery planning or busi-

ness continuity planning something else

entirely. Remember that effective plan-

ning requires, first and foremost, the

development of an intimate understand-

ing of the business processes you are

seeking to protect and restore. As a

practical matter, you need to under-

stand business processes and what they

mean to the company in order to create

and prioritize recovery objectives. You

also need to understand the support

infrastructure associated with business

processes – applications, networks, host-

ing platforms, and storage – so you

know what to protect and recover.

Most importantly, you need to under-

stand your data. Data, like personnel,

are irreplaceable assets. Without data,

no business process recovery is possible.

The problem is that most folks in the

back office (where the responsibility

for DR is typically vested) have no idea

what data needs to be protected because

there is no clear map between data

and applications. The situation worsens

as technologies like server virtualiza-

tion and Fibre Channel fabric storage

obfuscate even further the connection

between the two.

That said, a key job of the planner,

and one that must be accomplished

before designing any sort of recovery

strategy, is to understand what data

supports which business process. Only

then can appropriate protective services

be applied to that data -- based on an

intelligent assessment of the data’s asso-

ciation with critical business processes.

Data Genome analysis

Data inherits its importance like so

much DNA from the business process

it supports, so it stands to reason that

you must start your plan with a sort of

“data genome analysis.” The good news

is that this analysis has many potential

payoffs for the organization, beyond

continuity planning. It is critical, in

fact, to addressing strategically all four

of the C-4 issues.

To contain costs in IT, for example, we

need to forestall the acquisition of more

gear to host burgeoning data. Through

the data genome analysis effort, we

can identify data assets that belong in

archives or that could be purged alto-

gether, returning up to 70 percent of

expensive disk capacity to productive

use and deferring the need to buy more

spinning rust.

From a compliance strategy perspec-

tive, the data genome analysis must be

undertaken to identify data assets that

require special handling per legal and

regulatory requirements. For example,

most companies don’t know what data

needs to be encrypted to comply with

regulations, so they encrypt it all. This

is a costly endeavor and one that is

problematic from the standpoint of tape

restoral timeframes where decryption

can add up to a 40 percent hit on the

time required to restore data from tape.

Conversely, absent an understand-

ing of the compliance requirements of

data, companies may be using tech-

nologies such as de-duplication or data

compression with all of their electronic

information assets to squeeze more files

onto the same spindles. This sets the stage

for courtroom drama at some later date

given SEC and rule of evidence require-

ments to preserve certain electronic data

in a “full and unaltered” state.

From the standpoint of green IT,

reducing data center power consump-

tion ultimately comes down to storing

data assets on green media, such as tape

or optical. With storage outstripping

servers as the number one power pig in

the data center, the only strategic way to

constrain energy demand is to slow the

rate of disk array deployment by manag-

ing data off of existing spindles and on

to tape or optical as part of an effective

archive and data hygiene strategy. Both

require an intimate understanding of

the data asset itself.

I’ve saved continuity for last. In addi-

tion to enabling the provisioning of

appropriate protection services to data

based on the criticality of the busi-

ness process that the data serves, a

broader program of data management

(archiving and hygiene) can also make

recovery services themselves more effi-

cient. The idiotic “tape is dead” debate

could be quickly kicked to the curb

if we segregated the data that really

needs to be backed up from the mass

of archival, orphaned and contraband

files that occupy an inordinate amount

of space in our storage infrastructure

today and slow tape backup and restore

to a crawl. Segregating the data that

needs to be backed up from all the rest

would breathe new life into tape and

help preserve its role as the number one

protection method used by companies to

prevent catastrophic data loss.

continued on page 9

expo

www.ndrexpo.com

June 17-18, 2009Ernest N. Morial Convention Center | New Orleans, LA

NDR EXPO Produced by: Imago Trade Shows

Markets that Matter

Uniting the Numerous Vertical Markets

from the Disaster Preparation and

Response Cycle...

Together for a

Single Amazing Event!

preparation

Contact Imago Trade Shows for Information!

T - 770-645-0046 F - 770-645-0047

WEBSITE: www.ndrexpo.com

EMAIL: sales@ndrexpo.com

response

recovery

rebuilding

Hundreds of Exhibitors Across Numerous Industry • Segments Presenting the Most Diverse, Advanced, and

Effective Products and Services Available to Disaster

Industry Professionals

Single largest, Most Diverse Buying Audience of any • Single Event Serving the Industries of the Disaster

Cycle

Most Relative, Applicable, and Comprehensive • Conference Program of any Single Event Serving the

Industries of the Disaster Cycle

Broadest Industry Association / Organization Participation • of any Single Event Serving Industry Professionals from

the Disaster Cycle

Most Effective, Dynamic and Productive Networking • Opportunities Available to Professionals From all Levels

of the Disaster Cycle

What To Expect...

9

Truth be told, analyzing data, map-

ping it back to business processes, and

ultimately sorting out the junk drawer

that is storage infrastructure today goes

beyond the traditional boundaries of

disaster recovery planning. But, such

a project offers a huge payoff to the

company in terms of cost-containment,

compliance, carbon footprint reduction

and continuity.

Perhaps contemporary disaster recov-

ery needs to recast itself as a data

genome analysis project designed to

serve a broader set of business needs and

to satisfy all three categories of business

value: cost-savings, risk reduction, and

improved productivity. DR planning,

by itself, serves only risk reduction, but

framing the DR project as a data man-

agement project gives the effort a full

business value case that is more likely to

merit funding.

Reducing internal Plan costs

DR planners also need to demonstrate

their business-savvy in the course of

developing recovery plans. This can be

done in four ways.

First, build plans for cost-effective

testing. Testing is a key part of plan

maintenance and transforms a paper

strategy into an actual continuity

capability for the company. Yet, most

planners don’t consider the costs and

complexities of testing until after they

have designed recovery strategies.

Truth be told, testing could be dra-

matically simplified by leveraging

technology that enables you to monitor

and to test – via simulation or non-

disruptive failover – your infrastructure

recovery strategies. Numerous products

are in the market today to facilitate the

daily testing of technical elements of

the recovery plan, enabling these tasks

to be taken off of the formal quarterly

test schedule and freeing up time and

resources to focus on people and process

rather than tech.

Second, prefer the Tahoe to the H2

Hummer. Both of these four wheel

drive vehicles use the same drive train

and chassis, but you pay $40K more for

the privilege of sporting the Hummer

logo. Metaphorically speaking, there is

no reason to go with the most expensive

data-replication-on-name-brand-hard-

ware solution when you could get the

same value from a hardware-agnostic

software solution costing a fraction of

the price. Management will appreciate

your sensitivity to cost.

Third, leverage minimum equipment

configuration (MEC) when designing

recovery infrastructure. You shouldn’t

need to replace gear on a 1-for-1 basis at

the recovery site given that it will usually

only need to host a subset of your appli-

cations and a fraction of your normal

production workload during emergency

operations. Follow the lead of University

of Texas at Brownsville, which fails over

a 40,000 mailbox Microsoft Exchange

Mail environment running on clustered

servers connected to a back end Fibre

Channel fabric to a VMware virtual

machine running on a rack mount server

with internal storage at an Internet Ser-

vice Provider in Austin, TX every time

a hurricane rolls into the mouth of the

Gulf of Mexico. Users hardly notice the

difference in their email service for the

time that the recovery system is shoul-

dering the load.

Finally, emphasize dual use for must

have ingredients of the recovery strate-

gy. If you need an alternate work facility

for end users in an emergency, find ways

to leverage the resource for productive

work during non-emergency periods.

Use it as a training center or a place

to meet and greet customers. Dual use

value appeals to management for obvi-

ous reasons and your attention to dual

use potential communicates to the Front

Office that you have their budgetary

sensitivities at heart.

Bottom line

The C-4 Era is here and only those

projects that communicate a full busi-

ness value case are being funded. DR

planning needs to adapt and planners

need to manifest real business-savvy if

planning work is to be given the nod by

the Front Office. As the old saying goes,

“No bucks, no Buck Rogers.”

ABouT THE AuTHoR

Jon Toigo is CEo of Toigo Partners interna-tional and a consultant who has aided over 100 companies in the development of their continuity programs. Feel free to contact him at jtoigo@toigopartners.com.

continued from page 7

10 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

11

companies have stringent

requirements to uphold

regarding disaster recovery

and business continuity.

upholding these standards

does not guarantee a

company will come through

a significant business

interruption.

This makes DR and BC planning criti-

cal during a tough economy, as there is

less room for error. In today’s current

economic situation, a company simply

cannot afford to lose money due to

unscheduled downtime. Although not

an industry standard, we categorize

Recovery Time Objectives (RTOs) into

three categories:

•TierOne:RTOof0to4hours,•TierTwo:RTOof24hours,•TierThree:RTOof48hours.

A company’s disaster recovery plan

should address specific RTOs for indi-

vidual departments, and provides a plan

of action to accomplish each objective.

Unfortunately, some recovery vendors

do not address this tiered approach.

Many co-location vendors address Tier

One needs of 0 to 4 hours but do not

provide Tier Two and Tier Three RTO

requirements. Some hot-site facilities

address Tier One and Tier Two needs

but may not make room for the Tier 3

RTO needs.

These are tough choices in any eco-

nomic situation. Companies who choose

to use these third-party vendors have

three options – find another vendor to

provide Tier Two and Tier Three ser-

vices, utilize a Tier One product for all

of their disaster recovery needs or invest

in the expensive and risky plan to take

the solution in-house.

Rentsys Recovery Services, Inc. recom-

mends companies utilize a vendor who

addresses all their specific RTO needs for

each department. A single source-pro-

vider capable of meeting specific RTOs

of the company’s multiple departments

provides cost saving benefits. We are

one of a handful of vendors capable of

addressing all of the RTO needs of our

clients with customizable solutions and

a price-base for each.

Rentsys Recovery provides services

centering on our client’s RTO needs.

Our Tier One solution consists of our

Business Recovery Centers (BRCs) pro-

viding clients with a place to co-locate

equipment for disaster recovery or pro-

duction needs. These facilities are built

for recovery purposes and offer data

center space, workspace, monitoring

services and other amenities.

These facilities can also accommodate

Tier Two needs. Rentsys Recovery BRCs

provide hot-site equipment and racks

along with testing suites and on-site sup-

port. Our clients can choose to back up

their data directly to one of our facilities

or have their tapes shipped to a facility.

The primary advantage and point of dis-

tinction from Tier One to Tier Two is the

cost difference to our clients.

Tier Three needs are addressed with

our Mobile Recovery Center (MRC)

fleet. We have the nation’s largest fleet

of rapid-deployment MRC units. These

units travel as 18-wheeler trailers andare pulled by our own fleet of tractors

and drivers. Once on site they deploy in

as little as two hours. The MRC units

can be deployed as workspace, call cen-

ters, data centers and mobile banks.

Rentsys Recovery brings people and

data together by providing secure and

rapid communications recovery. We

have a nationwide satellite network

providing our clients the flexibility

of recovery anywhere and providing

voice capabilities for the most robust

enterprise-level call centers.

Our clients determine what a “disas-

ter” event is and declare according to

their disaster recovery plan. Whether

the event is a regional natural disaster

or a man-made business interruption

affecting a city block, Rentsys Recovery

provides our clients with the ability to

determine how they manage the inter-

ruption according to priority and cost

based on our tiered RTO platform of

solutions.

ABouT THE AuTHoR:

Rodney Tyler, Services Development Manager for Rentsys Recovery Services, inc., has been in the Disaster Recovery industry for more than 10 years and has helped multiple For-tune 500 companies develop business recovery strategies. For more information, go to www.rentsysrecovery.com or call at 866.489.9585.

uTiliZe A DR veNDoR who cAN AccouNT foR All of YouR comPANY’S RecoveRY Time oBJecTiveS B y R o D n E y T y l E R

soluT Ions sHoWCAse

A single source provider

capable of meeting

specific RTos of the

company’s multiple

departments provides

cost saving benefits.

12 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Among the priorities for

efficient storage manage-

ment is an appropriate

protection architecture.

We all know how important it is to pro-

tect the crown jewels of any business,

the data. The question is, do we protect

it in ways that make sense. Because the

typical guardians of storage administra-

tion are typically too few and certainly

overstretched with things to do day

to day, an appropriate data protection

architecture is not given the time or

consideration it needs and deserves. I

know, that probably brings up howls

of injustice from those that implement

protection schemes, but there is more

to the story of an appropriate protection

architecture than just throwing capacity

at it in the form of backup copies.

Key to understanding an appropriate

protection architecture is understand

the value of what you are trying to pro-

tect. Agreed by analysts and great minds

from clinical offices far from data centers

– not everything deserves the highest

level of protection money can buy. That

seems reasonable and most of us would

agree. So why is it then, that in count-

less data centers I have seen the inverse?

Nearly everything in them is the best

money can buy. Once again, it seems

that people just don’t have the time to

think these things through, so many

adopt a one size fits all. There are also

unscrupulous vendors that are happy to

oversell capacity.

if you wanted to get it right, where would you start?

Absolutely without a doubt, you have to

have a scheme to characterize the value

of what you are trying to protect, against

the cost required to protect it. There are

two major categories to consider. You

must first understand the economic value

that a contributing application offers to

a business when it is running, and then

you must understand the impact to a

business if that application stops. They

aren’t the same. The economic impact

is typically much larger over time when

unavailable. When you know these num-

bers, it provides an objective basis to

rationalize the cost to sustain the value

of an application when running, as well

as the cost to protect it when it is not.

Different applications will have different

values, but trends will begin to emerge,

and that is the time to assign applica-

tions a class of service that justifies the

protection cost, and back that with a

reference architecture that contains cost

to a known technological approach.

Figure 1 provides a basic classifica-

tion scheme that can be used to judge

the priority assigned to data protection

and recovery.

This should be the first step of build-

ing a protection Architecture. Once you

have all of your applications classified,

it is an appropriate time to begin to

think about how you are going to apply

technology based solutions to meet the

needs of protection.

Figure 2 provides a map used to see

the big picture of protection. There

are many things shown on this map, so

let’s explore it. The orientation of the

horizontal or X axis of the chart can be

looked at as the performance require-

ment for recovery. It starts in the one

week range, and extends out to less than

a minute of time required to restart a

failed mission critical application. The

vertical or Y axis represents the quan-

tity of data typically found in a data

center. There are cones that rise from

the recovery time objectives to describe

some of the more common protection

solutions used. As an example, a level

one-protection scheme would represent

the smallest amount of data in a data

The PRoTecTioN ARchiTecTuRe B y R A n D y C H A l FA n T

13

center that cost justifies a solution using

either a duplicated site, or a RAID 1 or

mirrored copy for recovery. Whereas

a level four-protection scheme could

use anything from corruption copies

on disk to backup copies on tape, or

virtual tape. What is important about

this view is the idea that you must first

map the value of data, which gives you

a recover point and time objective. That

can be mapped into a solution capabil-

ity, that can then be used to choose the

right technology to provide an effective

protection architecture, and an effective

business rationalization plan.

What is a far more common approach

is quite ad hoc by design. Here’s how

the protection scenario more common-

ly goes.

Somebody decides they want to create

a new application. The application is

coded and tested. With that complete,

it is realized that a protection strategy

must be put in place. Perhaps the ini-

tial view for how much storage required

for the application is 1TB. This is the

point that the call usually goes out to

the disk vendor.

Consider the typical disk only ven-

dor’s sales approach to this. The vendor

approaches with a story of how they are

going to save you money. That’s always

interesting, right? Everybody seems to

have the same goal, increase the infra-

structure to keep up with the demands

of the business, with less budget and

fewer people. No wonder a customer

will react favorably to the idea of saving

money. The vendor tells you they have

the ability to consolidate the many pri-

mary storage systems that you currently

have down to a few. They explain the

super performance and scalability capa-

bilities they have. Because of that, they

can take the various data bases and appli-

cations that are spread among multiple

subsystems and reduce that to one. You

get improvements in performance, fewer

components to manage etc. You say, OK

that sounds interesting, but why would I

put all of my eggs into one basket? They

tell you about all the redundant parts etc,

and then they say that even with that, if

there is a failure, they have a RAID 1

mirrored physical copy to protect you

from any failure of the hardware. So far

a very exciting prospect, save money by

consolidating, protected with a RAID 1.

Figure 3 illustrates three tiers of protec-

tion. Tier one is Raid 1 mirroring, and is

used for fast restarts for protection level

1 listed in Figure 1.

continued on page 14

protection availability protection Classifications Level objectives Rpo RTo

• Mission critical Data 1 99.999% 1 Minute 1.5 Minutes • Most valuable to an enterprise, high access • high performance, high availability, near zero downtime, highest cost

• Business critical Data 2 99.999% 10 Minutes 15 Minutes • important to the enterprise, average cost • Reasonable performance good availability, less than eight-hour recovery

• accessible online Data 3 99.99% 2 hours 2 hours • cost sensitive, low access, large volumes • online performance, high availability, less than eight hours of recovery

• nearline Data 4 99.9% 1 Day 1 Day • cost sensitive, low access, large volumes • less than one-hour access time, automated retrieval

• offline Data 5 offline 1 week 1 week • archived data, backup or compliance related • Very cost sensitive, limited access, ~72-hour seek time

Figure 1: claSSiFication DRiVeS inFRaStRuctuRe

Figure 2

14 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

OK, but what about data corruption?

For that, vendors will sell you what can

generically be described as point in time

copies. Using this strategy, they would

have you buy another seven volumes, one

that gets broken off every three hours.

The value for you is that there are 24

hours of point in time copies to protect

you from corruption or file deletions.

Every three hours, you would rotate the

current copy out, and re-establish the

oldest copy from 24 hours ago.

Hence, if you have a data corruption

problem, you simply figure out how

long ago the corruption started and

recover to a period of time just before

that. Right. The problem with corrup-

tion is that nearly nobody ever discovers

they have a problem within the first 24

hours. One very large web based auc-

tioneer learned that the hard way, and

guess what, their corruption exceeded

the length of time they had mirrored

copies of data waiting on redundant

disk. They were grateful for their fore-

sight in having copies on tape that did

not get corrupted. An important gov-

ernment agency confirmed this problem

in a situation they experienced as well.

Even so, if you have class 5, or 5 – 9’s

of availability application, you will no

doubt want to have point in time copies.

I agree that if you need instantaneous

restart, then a RAID 1 mirror is the

right choice. I agree that corruption

protection, file deletion, and journals

and logs should be kept on disk for

rapid restart for all applications that

demand 99.999% (Class 5) or better of

availability.

However I know that instead of put-

ting all of this protection on the most

expensive tier 1 disk that a tier 2

capacity disk works just as well at a sub-

stantially reduced price with the same

guarantees for recovery time and recov-

ery point objectives. I also know that

Tier 3 tape is and always was designed

for a recovery measured in hours or days

of time. Somehow, the disk only vendors

are trying to reposition in the minds of

the market that tape should not be used

for a recovery. Look, if you absolutely

positively have to have an application

back up in minutes, fine – use a high

capacity disk, job done. However, don’t

forget that in the world we live in a

plane can run into a building or a dirty

bomb can go off. All the redundant cop-

ies on disk in the world that are equally

destroyed in the same location have no

value. If things get really bad and you

have to rebuild, vs. restart, forget about

disk. You can’t afford it on the flat or

declining budget you have with an aver-

age growth of 30% you have to keep

up with. Especially when you consider

most customers are wasting up to 70%

of everything they buy.

The appropriate approach is to clas-

sify the recovery requirements of all

data by application value, and then use

the right technologies to provide the

right protection at the right cost. A

balanced mix of infrastructure will keep

the point in time copies on capacity disk

(not performance disk), and then move

continued from page 13

Figure 3

Figure 4

15

them to a disk masquerading as a tape

library, otherwise know as virtual tape,

for performance and reliability purposes.

By the way, the reliability of the tape is

not the issue so long as you are using

enterprise class tape, it is the reliability

of the environment and that is why you

want to use VTL. It helps to mask that.

After the captured backup data is safely

tucked away on a virtual tape library,

the next step is to migrate that to a real

tape library for best economy. Contrary

to the hype and sensation of the exuber-

ant marketing organizations of disk only

companies, tape is still the safest and

least costly form of retaining long-term

data – period, and it is portable.

the economics of a Balanced Protection architecture

Just to give you an idea of how much

you can cut out of the cost of a well-

balanced protection architecture, lets

look at some real numbers and how it

maps to a hypothetical example.

Figure 4 shows an environment where

we would start with 1TB of protection

level 1 data that has a 5 9’s of avail-

ability reliability objective. If we look

at the costs of protection using only tier

1 disk, the costs could be over $500K.

However, looking to the right in Figure

4, we implement a Tier 1 disk, a Tier 2

Capacity Disk, and Tier three tape. This

reduces the total costs to $162,940,

saving $340,060. A 68% reduction inCAPEX alone. This is huge. By the

way, using an AutoMaid technology

from Nexsan in your tier two disk can

save upwards of 70% of the power costs

further reducing OPEX. In an economy

where people are looking to save every

dime they can, while getting more out

of the infrastructure already in place,

you really need to do things differently

than they have been done in the past.

customer example

We met a major European retailer

with a sophisticated storage infrastruc-

ture. Despite this sophistication the

organization was again running out

of capacity and was close to deciding

to install many more terabytes of new

primary storage. I met them and we

advised them to wait, as I felt they had

too much storage already. Sure enough,

after completing an assessment audit a

few days later we had identified ways

to reallocate much of the existing stor-

age capacity in a much more efficient

manner, most of which was rebalancing

their protection architecture. The end

result was to add some virtualization

hardware and a realignment of the

existing resources to do a better, more

efficient job, with an overall savings

of about $3.2M over three years. The

incumbent storage vendor wanted to

grow them from 32TB to 57TB in three

years. We showed them how they could

keep up with the current growth rates

and shrink at the same time from 32TB

to 19TB in three years.

Protecting the value of data is crit-

ical, in the world and economy we

find ourselves struggling with today,

so is protecting your company’s ability

to meet financial goals. Keeping your

infrastructure protected and economi-

cally efficient is not only important for

the company; it could also mean the dif-

ference between having a job, and your

company having to let people go.

conclusions

If you look at this hard, the ability to

use a well-balanced protection architec-

ture is based on a strategy to gain value

in your business by more efficiently

using storage to sustain and to protect

your business applications. Yes you

must do things a little differently than

you have in the past. But in the words

of Albert Einstein, “The significant

problems we face cannot be solved at

the same level of thinking we were at

when we created them”.

So, may the narrowly focused efforts

of business as usual rest in peace, and

hopefully you will consider a methodical

approach that offers great efficiency as

it’s reward when protecting your com-

pany’s treasures.

ABouT THE AuTHoR

Randy Chalfant has 35 years of experience in engineering and marketing for storage, servers, operating systems, applications, and network-ing solutions globally. He can be reached at randy.chalfant@mac.com.

Notification and EmergencyManagement Solutions

Mass Notification & Targeted Alerts

Crisis Event Management

Stakeholder Roll Call

Online Crisis Document Access

Hotline

GIS Mapping

Personal Emergency Notification

Learn More: www.ermscorp.com • sales@ermscorp.com • 905-829-8216

16 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Ready for what’s next. www.boozallen.com

All-hazards events.

Rapid response in a dynamic environment.

Deployable, integrated, scalable solutions.

Ready for what’s next. To save lives and protect property, emergency operations require

adaptable and resilient technologies. Communications networks and disaster IT solutions must be available

quickly and transparently so users can meet the challenge of today’s emergency response environment. With

the perspective, experience, and know-how from disaster response to emergency communications, Booz Allen

Hamilton can help you achieve your goals. Whether you’re managing today’s issues or looking beyond the

horizon, count on us to help you be ready for what’s next.

HOMELAND SECURITY & LAW ENFORCEMENT SERVICES I INFORMATION TECHNOLOGY I ASSURANCE & RESILIENCE I INTELLIGENCE & OPERATIONS ANALYSIS

17

Are your emergency com-

munications and iT assets

ready for what’s next?

Critical communications and IT for

responders and emergency managers are

often not a priority until a major inci-

dent occurs and information ceases to

flow. Lessons learned clearly show that

communications systems and equip-

ment can quickly become unavailable

or damaged, leaving key personnel

unable to exchange information dur-

ing response and recovery operations.

Senior executives and emergency plan-

ners must prepare their organizations

now for communicating and managing

critical actions during emergencies.

Booz allen is ensuring FeMa’s Disaster emergency communica-tions (Dec) capabilities are ready for what’s next.

In the aftermath of Hurricanes Katrina

and Rita, significant emergency com-

munications and IT vulnerabilities were

identified across local, state, and fed-

eral agencies. Interoperable emergency

communications systems became inoper-

able after succumbing to strong winds,

flooding, loss of power, and limited sys-

tem capacity. Once systems were down,

there was an uncoordinated response

and limited integration of commercial

and government emergency communi-

cations capabilities, making restoration

of systems inefficient and problematic.

Following Katrina and Rita, FEMA set

forth an objective to build a top-notch

disaster emergency communications

(DEC) capability. Fulfilling the DEC

objective would require aggressive action

to overcome the integration shortfalls of

hurricane emergency communications

response.

FEMA turned to Booz Allen to ensure

their success in becoming the preeminent

provider of emergency communications

response and integration services.

Booz Allen conducted an internal

assessment of the “people, processes,

technology and organization” support-

ing existing emergency communications

capabilities in FEMA. We designed a

FEMA end-state technology and orga-

nizational architecture followed by a

gap analysis and detailed roadmap for

the future.

Over the past 2 years, FEMA and Booz

Allen have used this roadmap to build a

stand-alone division focused on imple-

menting DEC field response, deployable

capabilities, federal capability integration

at the operational and strategic levels, and

a unique regional execution strategy.

FEMA continues to receive accolades

internally and externally for its DEC

preparedness, response, and recovery

efforts. Booz Allen is proud to be part

of that success.

As one of the world’s premier strategy

and technology consulting firms, Booz

Allen Hamilton focuses on mission first

and leads the way in delivering emergency

communications and disaster IT con-

sulting. Our consulting services include

emergency communications and disas-

ter IT planning, NSSE communications

support, requirements documentation,

system design and testing, site surveys

and damage assessments, response team

support, modeling, simulation, training

and exercises, and program management.

We provide technical and operational

expertise across a broad array of IT

systems and communications equip-

ment, including:

• DeployableITandcommunicationspackages

• MissionOperationsoverIP• Cloudcomputingandincidentman-

agement software as a service (SaaS)

• Emergencyalertandnotificationsystems

• Businesscontinuitysolutionsfordata storage and backup to primary

systems

• HF,satellite,LMR,andmicrowavecommunications

• Securecommunicationsandcyber-security

• Backuppowersystems

A sampling of our emergency com-

munications and disaster IT federal

clients include the United States Secret

Service, Department of Justice, Depart-

ment of Homeland Security, Department

of Labor, Environmental Protection

Agency, U.S. Open (golf tournament),

National Institutes of Health, and the

National Communications System.

Whether you’re managing today’s

recovery or preparing for tomorrow’s

response, count on Booz Allen to help

you be ready for what’s next.

ABouT THE AuTHoR:

Shawn Ward, PMP, is a Senior Associate at Booz Allen Hamilton and a former police detective. He leads Booz Allen’s Emergency Communica-tions and Disaster iT Capability. Shawn serves as the Senior Program Manager overseeing FEMA’s Disaster Emergency Communications (DEC) Program and has managed several emergency communications and iT projects for federal, state, and local governments. For more information, please visit www.boozallen.com or contact Shawn Ward at 703/377-0363 or ward_shawn@bah.com.

BooZ AlleN’S emeRgeNcY commuNicATioNS AND DiSASTeR iT SoluTioNS B y S H A W n W A R D

soluT Ions sHoWCAse

18 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

tips to Protect Your enterprise and not Spend a lot of Money

As one of my college professors said as

a cliché, “It is intuitively obvious to

the most casual observer…” that our

economy is a mess, and the challenges

posed by the Wall Street and banking

crises are affecting our businesses.

Customers are not as willing to spend

money, credit is not readily available,

and yet we still rely on technology to

protect our information, process orders

and keep us in business.

Budgets are tight and the boards and

managers are focused on every cost.

With this environment, it certainly is

hard to imagine that information secu-

rity and protection of computer assets

is a high priority on the minds of the

corporate leadership.

Unfortunately, regulations must con-

tinue to be met such as the Payment

Card Industry Data Security Standard

(PCIDSS) for credit card transactions;

Sarbanes Oxley audits and mandates

are always present for publicly traded

enterprises; and new compliance rules

affecting cyber security are in play such as

the North American Electric Reliability

Corporation (NERC) Critical Infrastruc-

ture Protection (CIP) standards that

must be met by most electric utilities in

North America by the end of 2009.

The bad economy is even stimulating

another business – organized crime and

organized cyber crime. These well-orga-

nized operations from all around the

world are trying to take advantage of

the economic situation by posing “get

rich quick” schemes on line; tempting

unemployed or underemployed work-

ers with ways to find new jobs for a

fee or even unwittingly launder money

thinking they landed a great “work at

home” job. And of course, the cyber-

criminals see tempting targets – those

employees working in companies who

can help the criminals make more

money through fraud and outright

theft of corporate information assets to

sell on the black market.

In a word, “Whew!” As security

professionals, how can we make solid

arguments to our management to ensure

we continue to support information

security and yet not spend money on the

successful achievement of this goal?

iNfoRmATioN SecuRiTY iN A DowN ecoNomY B y E R n i E H Ay D E n

continued on page 20

19

for complete product listings, contents lists of our kits, and much more, visit our website!! or call us today!!

(800) 826-2201

www.emergencylifeline.com

TakeActionToday!Wecanhelpyoustretchlimitedbudgetdollarstoprovidefor:

seARCH&ResCue

MEDICAL RESPONSE

EVACUATION

FooD&WATeR

SANITATION

lIGHT&WARmTH

COMMUNICATIONS

WHen911 CAN’T RESPOND...

WHATWIllYouDo?WIllYouReGReTnoTHAVInGsuPPlIes?

emeRGenCYlIFelIneCoRPoRATIon

hiSToRY

emergency lifeline was founded 23 years ago

after the devastating mexico city earthquake.

our mission then and now: to assist businesses,

government agencies, schools and individuals

prepare for any type of emergency or disaster.

our supplies and kits can now be found throughout

the united States and in many foreign countries!

we are one of the oldest and largest disaster

preparedness companies in the marketplace.

Be sure your supplier has the experience and

judgment only time can buy!

emPloYee DiScouNT PRogRAm

for our institutional customers, we offer terrific

discounts to their employees for personal

purchases. After a disaster, a business needs

their employees more than ever! But if they

aren’t prepared at home, they can’t come back

to work!

20 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

In my role as a security professional at

a major enterprise, I’m faced with the

same challenges every day and I am often

wondering how to be successful in this

very difficult climate. As I think about

how to proceed and talk to my peers in

the industry, I tend to go towards the

fundamentals. In other words what are

the problems we are tasked to solve,

what are the outcomes we need to

achieve and how do we get there? With

this in mind, here are some actionable

steps an enterprise security professional

can take without too much cost and still

improve the firm’s security.

1.train Your Staff

The first line of security defense for any

organization is comprised of all your

employees – from the receptionist to

the system administrator to the man-

ager to the Chairman of the Board. Start

a process of educating your employees

on what the threats are, how to avoid

them, and what to do if a threat is iden-

tified. In other words, make security

everyone’s job.

Approaches you can consider include

simple “brown bag” lunch presentations

on computer security. Usually an inter-

ested employee would be glad to help

do some evangelizing and get the word

out to the employees. Also, you could

ask your local FBI office if they’d give a

talk on cybercrime and fraud. You could

also approach the local chapters of Infra-

Gard, FBI Citizens Academy Alumni

Association, Information Systems Secu-

rity Association (ISSA) or Information

Systems Audit and Control Association

(ISACA), or your Attorney General’s

Office for volunteer speakers to help tell

stories and teach your staff that their

actions – or their lack of action on the

computer – could substantially protect

the company.

In addition to “formal” meetings, just

have some simple reminders sent out

via email or in posters – remember the

“Loose Lips Sink Ships?” posters – it is

the same idea.

A final key point is to ensure your

employees understand that simply

“surfing” to anywhere on the Internet

puts the entire company at risk. In

one case this author experienced, many

employees at a company were sent some

exciting emails on January 2, 2009

directing them to an Asian horoscope

site. The end result was numerous com-

puters were compromised with massive

“pop up” attacks – all caused by a non-

business related web site.

Overall, your employees, vendors and

customers can and should be encouraged

to be part of your security team. They

can provide excellent intelligence on

suspicious activities; they can help you

with information on questionable emails

circulating in the company; they can

definitely be part of the overall scheme

of “protecting the data.”

Also, by showing respect for the

employees, et al, they can also feel like

you are trying to include them in the

overall success of the company in these

difficult times rather than treating them

as disposable assets.

2. Keep Your computers and Servers Patched and antivirus up to Date

What does this mean? Essentially keep

your computers and servers protected

from attacks and subtle infiltrations by

the “bad guys” by keeping your com-

puters up to date with security updates

from the vendors.

Does this mean you need to spend

$100,000 for specialized systems and

monitoring machines? Not necessarily.

You can do this by taking advantage of

the automated update systems offered

by the vendors.

For instance, if you have Microsoft

operating systems, and you can’t afford

the overhead of specialized update appli-

cations and software suites, why not have

your servers and workstations turn on the

automatic update system already built

into these computer operating systems?

Yes, there is a risk that an update could

result in some spot problems on your

computers; however, it is best to ensure

your machines are up to date as quickly

as possible because the “geeky miscre-

ants” of the world are trying to take over

your machines as fast as they can when

they find out about a vulnerability.

Thirty percent of all

computers are still at

risk from conficker

because they have not

been patched.

continued from page 18

21

A recent story making a case for this

practice is the widespread Confickr/

Downadup Worm that is taking advan-

tage of those computers that were not

quickly patched when the Microsoft

patchwasissuedonOctober15,2008.To show how bad this problem is – a

problem that could have been solved by

automatically patching computers on

October15,2008,statisticshaveshownthat the world’s computers are at seri-

ous risk.

From Wikipedia: “The New York Times

reported that Conficker had infected 9

million computers by 22 January 2009,

while The Guardian estimated 3.5 mil-

lion infected PCs. By 16 January 2009,

antivirus software vendor F-Secure

reported that Conficker had infected

almost 9 million PCs. As of January

26 2009, Conficker had infected more

than 15 million computers, making it

one of the most widespread infections

in recent times.”1

Even the Guardian predicted in Janu-

ary that about 30 percent of all computers

are still at risk from Conficker because

they have not been patched.2

3. Monitor Your networks – especially in times of Downsizing

Sadly, these economic times are result-

ing in downsizing, layoffs or furloughs

of your employees. As a local pros-

ecutor in Seattle says, “Unfortunately,

there may be a temptation by trained

“techies” to either retaliate against the

employer or simply seek their livelihood

in technologically nefarious ways.”

What can you do here that is not

expensive but effective? First, you can

recognize that you need to turn off

employee computer access immediately

upon – if not prior to – termination of an

employee – especially someone such as a

system administrator. Don’t forget turn-

ing off email and remote access, too.

Secondly, after any downsizing or

during any furloughs, have your staff

spend some time looking for unusual

data transfers, downloads, large packet

emails being sent externally from the

company – these could all be evidence of

internally based ways to sell data.

4. understand Your Risks – Focus on the Paramount issues

Finally, in a down economy, now is the

time for the enterprise executives and

security professionals to best understand

the risks they face and then prioritize

those risks such that the limited funds

available are spent on “real” and neces-

sary risk mitigation activities.

Taking time for some thorough risk

assessment reviews may be time con-

suming, but it usually doesn’t cost as

much as the high-end technology to

fix one issue. Also, the risk assessments

can be fairly structured and even bring

together IT, risk management, compli-

ance, and operations into the same room

focused on protecting the enterprise.

Therefore, by identifying your risks,

recognizing the threats that are poten-

tial attackers of your company and

industry vertical, and then prioritizing

your actions to address the biggest, most

threatening risks, you can probably be

effective in an environment of minimal

fund availability.

Yes, it is a difficult time for all of

us. There is uncertainty about how the

Obama administration can help save the

country from this difficult economic

challenge which of course rolls down to

how our companies and employees focus

on survival. So, the conclusion of this

article is to maintain the “KISS” (Keep it

Simple Stupid) approach to information

security by getting your employees to be

part of the security team and by taking

advantage of the automated systems you

already have at your fingertips.

ABouT THE AuTHoR

Ernie Hayden is an experienced information security professional in the Seattle area. He holds a Certified information Systems Secu-rity Professional (CiSSP) certification and is a Certified Ethical Hacker (CEH). He is also principal of 443 Security & Strategy Consulting (www.443consulting.com)

1 http://en.wikipedia.org/wiki/Conficker

2 http://www.theregister.co.uk/2009/01/19/conficker_worm_feed/

Contact Us For A FREE Demonstration

1-800-558-9568www.OpsPlanner.com

OPSPLANNER™ for An Unpredictable World

Protect your organization against costly and unnecessary losses due to an unexpected business disruption

OpsPlanner ™ Software An Easy-to-Use, Web-based, Fully Integrated Business

Continuity/COOP Planning, BIA, Incident Management,

and Automated Notification Tool

Business Continuity Consulting Certified Professionals with a Proven Methodology

Be Prepared...Even In An

Unpredictable World

22 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

The National incident

management System (NimS)

and the National Response

framework (NRf) promote

real-time collaboration and

information sharing across

all phases of incident

management – prepared-

ness, mitigation, response,

and recovery. These policies

endorse proven practices

such as the incident

command System/unified

command and multi-agency

coordination.

The value of these practices are real-

ized as the size and the impact of an

incident increases because emergency

responders from various agencies, orga-

nizations, and geographic locations must

coordinate their operations effectively,

disseminate information quickly, and

distribute resources and assets seam-

lessly to protect lives and property.

Underlying these operations are IT

services, networks, and software appli-

cations that enable the extension of

services to the incident area, to mission-

critical support teams, and to facilities

such as emergency operations centers,

joint field offices, and incident com-

mand posts. While basic connectivity

can be established during these multi-

agency events, it results in significant

“in-house” infrastructure costs. Addi-

tionally, “basic connectivity” may mean

responding agencies are left with limited

or no access to their enterprise applica-

tions (e.g., GIS, asset tracking systems,

personnel management, reporting tools,

purchasing systems, and financial data-

bases), which are essential to servicing

the needs of victims and supporting vari-

ous agency missions.

leveraging cloud computing in incident Management

Cloud computing represents the lat-

est trend in application hosting – data

and applications are hosted by “cloud

providers” on multiple servers in central-

ized data centers to deliver web-based

applications, application platforms, and

services extending IT capabilities. The

primary difference between cloud com-

puting and previous models is “scale.”

The premise is that as the scale of the

cloud infrastructure increases, the incre-

mental time and cost of application

delivery decreases.

Cloud computing incorporates con-

cepts such as software as a service (SaaS),

distributed computing, and strong net-

work backbones, allowing computers to

access and manipulate data anywhere an

internet connection is available. If there

is a need to scale up to accommodate

sudden demand, necessary resources can

be added using a web browser. The

cloud computing model allows dynamic

clouD comPuTiNg: weATheRiNg The iNciDeNT mANAgemeNT SToRm B y J E R E M y Z o l lo & E T H A n B R i n k M A n - H A n S E n

23

and remote control processing, memory,

data storage, and network bandwidth,

providing the ability to specify and

deploy computing capacity on demand.

Enhanced Interagency Coordination

During a Disaster: To enhance mission

integration among response agencies,

cloud technology can serve as a medium

to provide real-time, online collabora-

tion and coordination during an incident

or event. It provides the ability to stand

up your applications faster, cheaper and

enables you to bring the cloud down

once the incident has subsided. All

stakeholders in the incident can share

resources and operate in a multi-tenancy

environment that fosters information

sharing. And because the cloud solution

is a shared online resource, mission-

critical information, IT support, and

situational awareness outside of an inci-

dent area can be easily communicated,

regardless of location. Users with similar

needs can access the same type of ser-

vices and capabilities provided by their

own agency infrastructure in a disaster

area. These capabilities can be used on

demand, in real time based on either a

fixed fee subscription or pay-as-you-go

(i.e., paying for the service and data

space used).

Reduces Operations and Maintenance

(O&M) and IT Infrastructure Costs:

Agencies involved in disaster response

have heavily invested in enterprise IT

infrastructure equipment that is either

under-utilized or running at over

capacity. Maintaining this equipment

requires continual hardware and soft-

ware upgrades to keep up with today’s

technology and increased security

requirements. Cloud computing reduces

major hardware costs—service providers

maintain the infrastructure, and users

subscribe to the service as needed.

Software services can also be cen-

tralized within the cloud rather than

loading and maintaining software on

each individual end user’s equipment

(e.g., laptop, servers). By outsourcing

IT infrastructure processing power,

agencies can scale their enterprise IT

infrastructure when needed for emer-

gency response situations and access just

in time processing. This eliminates the

need to invest major capital in expensive

back-end infrastructure that is not used

on a daily basis. IT personnel costs can

also be reduced because the ability to

maintain and manage IT infrastructure

during an incident will be the primary

responsibility of the cloud provider.

Efficient and Flexible IT Backbone:

The dynamic nature of disaster response

requires tools that can be as flexible

as emergency responders in a disaster

area. Because cloud service providers

maintain IT infrastructure in their own

data centers, agencies have increased

mobility because they are not burdened

by delivering and establishing their own

traditional IT infrastructure during a

disaster. They benefit from user scalabil-

ity, high availability, and accessibility

to resources. With access to the cloud

anywhere there is internet connectiv-

ity, emergency responders can provide

support to on-site incident responders

without having to be physically located

within the incident area.

considerations for cloud computing implementation

While cloud computing is a powerful

tool for the incident response commu-

nity, there are still serious challenges

such as maintaining reliable connec-

tivity, developing standardization, and

addressing security concerns. These

issues require further study and piloting

to ensure the technology’s success in the

incident response environment.

The potential exists for cloud service

providers to encounter lapses in service

due to unplanned outages or disrupted

Internet connectivity. Also, the cloud is

only as reliable as the network it is rid-

ing on. If agency network bandwidth is

limited then the cloud experience will

be limited as well. Cloud service provid-

ers must establish failover solutions to

ensure reliability of the cloud and estab-

lish service level agreements (SLA) with

agencies that describe the technology

and service requirements under normal

operation and downtime situations.

Cloud computing is not a standardized

technology. Agencies using individual

clouds run the risk of incompatibility

if clouds from other service providers

are used by agencies during a disaster

response. Standardization of cloud com-

puting for incident response agencies

will enable them to use cloud services

from any provider that meets their

incident requirements. Development of

policies and governance for cloud com-

puting will be a critical factor for the

government to embrace the concept.

Maintaining data security using an

external IT service provider requires

extensive planning and development of

security protocols. Cloud service provid-

ers will need to receive certification and

accreditation (C&A) similar to other

secure communications systems to ensure

the integrity and security of data are

maintained. Government agencies may

also need to change C&A processes to

account for the cloud computing model.

Additionally, service providers will need

to ensure that personnel meet the neces-

sary security requirements. SLAs need

to be developed that not only address

performance, but also data security (e.g.,

encryption, data center locations, secure

personnel). Moreover, agencies using

cloud computing services will need to

work with cloud service providers to

determine who has access to the data

in the cloud, where the data is located,

and the types of encryption schemes and

security offerings that best suit their

needs. Possible security threats must be

carefully examined to ensure all aspects

of the cloud are properly encrypted to

protect all sensitive information flowing

into and out of the cloud.

ABouT THE AuTHoRS

Jeremy Zollo (zollo_jeremy@bah.com) is an Associate with Booz Allen Hamilton based in Mclean VA and has over 15 years experience in the analysis, design, implementation and management of emergency communications systems and iT projects for all levels of gov-ernment. He currently serves as the Program Manager overseeing FEMA’s Disaster Emer-gency Communications (DEC) Program.

Ethan Brinkman-Hansen (brinkman-hansen_ethan@bah.com) is a Senior Consultant with Booz Allen Hamilton based in Mclean VA and a firefighter. He specializes in emergency com-munications and response operations for all levels of government. He currently leads emer-gency communications planning efforts within FEMA’s DEC program.

VisiT THe onLine GUiDe aT

www.disaster-resource.com

24 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Being prepared for the

unexpected is good

management practice in

any industry, but in the case

of data centers, success

or failure can be critical to

the health of a business.

Reliability is crucial.

Companies rely on data centers to

maintain their data no matter what. So it

is incumbent upon them to provide data

continuity regardless of the catastrophe.

Not only must servers be kept cool,

data centers must ensure an appropriate

environment to protect equipment and

data integrity in the event of a power

outage, fire, flood or other disaster.

Streaming data to a back-up data

center at another distant location is the

solution, but both data centers’ building

systems must be reliable.

Advance planning in case of building

system failure is critical. Failure of

the heating, ventilation and air

conditioning system (HVAC) could be

catastrophic. But a well-crafted Cooling

Contingency Plan can reduce such

risks, improve component redundancy,

and prepare the facility for rapid

deployment of temporary equipment to

sustain critical operations.

The benefits of such a plan include

minimizing operational emergencies,

enhancing reliability, and reducing the

economic, legal, or other long-term

implications that could result from a

major HVAC system failure.

what is a cooling contingency Plan?

A cooling contingency plan defines your

response to a HVAC system emergency

before it happens, including preparing

facilities to enable operational continu-

ity and steps for recovery.

It also includes reducing risk, adding

or improving component redundancy,

and preparing facilities for rapid deploy-

ment of temporary equipment suitable

to sustain critical operations.

Designing the cooling contingency Plan

Start by addressing the possible

consequences of a major HVAC

outage: How dependent are critical

and on-going operations, equipment

and advanced technology, facilities,

information systems, and other

resources on comfort cooling or process-

chilled water? What effect would there

be on such operations if the cooling

system failed or needed to be shut down

for unplanned service? What would

be the cost of not having cooling for

an hour, a day, or a week? Qualify and

quantify the impact and related costs.

Determine who understands the con-

sequences of failure and comprehends

the interplay and dependence between

the facility’s critical operations and the

system? Who has in-depth expertise in

and experience with the details of the

facility’s HVAC systems – and the avail-

able alternatives? The answers will create

cooliNg coNTiNgeNcY PlANNiNg foR DATA ceNTeRS: Be PRePAReD foR cATASTRoPhic fAiluRe B y C A R l S H E D i V y

25

Loss of temperature control and power

can lead to a disruptive work environment

and unhappy tenants.

Trane Rental Services can make sure that

your facility continues to provide the

comfortable environment your associates

and tenants expect. With equipment

depots located in many major cities

across the Americas, local service

providers, and 24/7 corporate support,

Trane Rental Services is your go to

resource for:

• Emergencies

• Seasonal capacity needs

• Planned service work

• Facility expansions & renovations

• Specialty events

• Disaster contingency planning

KEEPING YOU IN CONTROL WITH TRANE RENTAL SERVICES.

Call us at 1-800-755-5115 or visit

us at www.trane.com/rentalservices

We provide the following

rental equipment:

• Chillers

• AC units

• Cooling towers

• Air handlers

• Power generators

• Electrical cable

• Transformers

• Heaters

© 2009 Trane. All rights reserved.

the outline of the plan and identify the

players who need to be involved.

Key Plan components

Realizing the need for a plan is the first

critical step. The second is assembly of

a multi-disciplinary team. A success-

ful team includes members who bring

all of the knowledge and experience

needed – using both on-staff personnel

and outside experts.

The team must make sure all emer-

gency situations are considered, all

commercial issues are documented, and

the necessary equipment and resources

are ready to be activated as needed.

This can be as simple as having back-up

power generators on-site or as detailed

as having contracts for contingency ser-

vices and appropriately specified rental

equipment already signed.

Key components of the plan include

provisions to:

• DocumentcurrentHVAC equipment in use.

• Identifypotentialsourcesof failure, probability; and document

the cooling required to maintain

critical areas.

• Matchspecificequipmentandrequired connection components

needed. Determine required

response time frame and budget.

• Determinetheappropriate location for temporary equipment

and logistics required to run it,

including electrical and water

connection points.

• Assignrolesandresponsibilitiesforeach team member.

• Determinehowtoadapttheexistingsystem and prepare the facility to

use a temporary solution.

• File,review,trainandupdateresponse plan and system specifics

regularly.

• Conductperiodiccooling contingency drills.

For data centers, the successful imple-

mentation of a Cooling Contingency

Plan that can be put into action imme-

diately and seamlessly upon demand is

quite simply “mission critical.” A well

thought-out Cooling Contingency Plan

is a sound investment in your data center

and your customers.

ABouT THE AuTHoR

Carl Shedivy is the Existing Building Services leader for Trane. He received his Bachelor of Science degree in electrical engineering from the university of Wisconsin. Carl serves as a member of ASHRAE and is a registered Professional Engineer in the State of Wisconsin. He can be reached at cshedivy@trane.com.

soluT Ions sHoWCAse

26 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Such a dream is almost possible. The

players are out there and available;

there are a number of excellent storage

vendors that fulfill a particular aspect of

business continuity and disaster recov-

ery (BC/DR) better than anyone else.

But there remains an obstacle to the

formation and successful deployment of

this “dream team,” and that is the lack

of a common management strategy to

tie all of these devices from multiple

vendors together. Without this common

management strategy, multi-vendor

solutions have to be cobbled together

and managed from multiple screens,

and even then, they lack the integration

to realize their collective full potential.

BuilDiNg The DATA PRoTecTioN DReAm TeAmB y E R i C lo M A S C o lo

An NBA All-Star game helps us appreciate the excep-

tional performance that is possible when you get the

“best-of-the-best” all working together in a seamless and

coordinated fashion. wouldn’t it be great to do the same

with Data Protection? how great would it be if you could

somehow bring together the “Kobe Bryant” of dedupli-

cation, “Tim Duncan” of tape, “leBron James” of cloud

services and “Kevin garnett” of SRm and orchestrate their

collective capabilities into a bullet-proof, unbeatable data

protection solution?

27

The hassles and ineffectiveness of its

management would be similar to coach-

ing a team of all-star basketball players

who all speak different languages. If

the players can’t communicate with one

another, then how are they supposed

to play together as a cohesive unit and

win? What a shame it would be to have

all of their talents go to waste.

Finding a common language

SMI-S (Storage Management Initiative)

was the storage industry’s most notable

attempt at addressing multi-vendor

storage management. Introduced in

2002, SMI-S seemed to be just what

the dream team needed. But seven years

after its inception, SMI-S still struggles

to achieve a sufficient adoption rate to

make it a meaningful common protocol

among storage devices. There are likely

many reasons why SMI-S never reached

this critical mass, but perhaps the main

reason is that it is a storage-only or stor-

age-centric protocol, and that can limit

its ability to interact with other devices

and tools. As a result, SMI-S has limited

relevance in applications that are out-

side the storage management domain

because its model requires application

developers to understand the complex

storage ecosystem.

An emerging alternative to SMI-S

is Web services, a common program-

matic interface defined by the W3C

as “a software system designed to sup-

port interoperable machine-to-machine

interaction over a network.” Web ser-

vices, which utilizes XML and SOAP

standards, has become a method of

choice for applications to communicate

with each other and has been adopted

by operating systems such as VMware to

enhance interoperability. Web services is

showing up on more and more storage

company roadmaps because the benefits

extend well beyond the original SMI-S

promise of storage interoperability to

include interoperability, integration and

automation across all constituencies –

including servers, operating systems,

network components and most impor-

tantly the applications. Web services can

be everything that SMI-S promised to

be and so much more.

Benefits of web Services as a unified Management Protocol

As more storage solution providers

adopt Web services, and more applica-

tions can communicate directly with

their storage, the initial benefits will

be improved integration and manage-

ment across vendor solutions, resulting

in fewer management screens and less

need for the manual processes that are

now required with multi-vendor solu-

tions. Administrators will be free to set

policies for change and automate rou-

tine operations, so the time and effort

it once took for IT administrators to

manage their systems can be decreased

dramatically. This both allows them to

focus on other important organizational

priorities and eliminates the risk of

human error involved with manually

performing this work.

Additionally, storage-based Web ser-

vices abstracts the complexity of storage

systems and provides application devel-

opers, IT managers, consultants and

value-added resellers with a common set

of tools to rapidly deploy solutions with

much improved integration. This will

simplify the process of tailoring cus-

tomized data protection solutions to the

specific needs of organizations, eliminat-

ing many of the manual processes that

may otherwise be required and enabling

the creation of purpose-built environ-

ments. Also, new BC/DR automated

recovery tools can be added to the envi-

ronment which tackle specific problems

or challenges, manage all of the parts in

the environment together as one unit

and find ways to best utilize the tools

in the environment for maximum ROI

and recovery efficiency. With a Web ser-

vices-compatible management interface,

administrators can eventually manage

and make changes to their entire storage

and data protection infrastructure from

a single console.

The possibilities are incredible and

endless. So how do we get to a place

where Web services is the common

programmatic interface for unified man-

agement of data replication solutions?

It all starts with the establishment of

Web services as an industry standard for

storage systems and software interoper-

ability. Once an entire community of

Web services-compatible products is on

the market, the potential will exist to tie

them all together to create truly best-of-

breed storage and replication products

and solutions for organizations every-

where. An entire ecosystem can then be

formed around specific data protection

challenges, the data protection needs

of different sizes of businesses, existing

infrastructure and on and on.

All-star solutions begin with all-star

players which are the best at what they

do. Yet success depends on enabling

those individual contributors to work

well with one another, and the ability

to orchestrate and manage all of these

individual contributions as a collective,

coordinated whole. Because it now is the

method of choice for applications and

management interfaces to communicate

with one another, Web services will be

vital to the realization of this “dream

team” of BC/DR.

ABouT THE AuTHoR

Eric lomascolo is Director of Product Manage-ment at Xiotech Corporation, an innovator in data storage and protection solutions. He can be reached at (952) 983-3000.

The initial benefits

will be improved

integration and

management across

vendor solutions.

VisiT THe onLine GUiDe aT

www.disaster-resource.com

28 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY28 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

SkyTerra Communications10802 Parkridge Boulevard, Reston, VA 20191-4334

Tel: 1-800-216-6728

www.skyterra.com

Talkgroups

Push-to-Talk

Emergency Response

Formerly Mobile Satellite Ventures

29

In recent years, the U.S. has faced a

variety of costly natural and man-made

disasters – from hurricanes, wildfires,

floods and earthquakes to high-risk

standoffs and the Sept. 11 terrorist

attacks. These emergencies affect large

numbers of citizens, amplifying the

need for dependable communications

among public safety organizations and

emergency responders.

Many first responders rely on mobile

phones to stay connected. But our nation’s

terrestrial wireless infrastructure is both

vulnerable to the congestion, damage

or destruction that often occurs during

emergency situations and inaccessible

in many rural areas. Relying solely on

these networks can leave public safety

professionals and emergency responders

disconnected when communication is

needed the most.

Mobile communication challenges

make it increasingly difficult for emer-

gency responders to effectively coordinate

and collaborate on rescue plans.

“It is critical for us to be able to move

rescue workers, medical support, repair

teams and essential supplies in order to

save lives and quickly begin recovery and

rebuilding. And we can’t do that when

our communication systems are down,”

said Randy J. Johnson, assistant man-

ager of communications for Plaquemines

Parish in Louisiana, after experiencing

the limitations of our nation’s terrestrial

infrastructure during Hurricane Katrina.

To best serve and protect the pub-

lic during emergencies and expedite

decision making, government users of

wireless communications require priori-

ty service on satellite systems, expanded

coverage, redundancy and improved

interoperability.

the SMaRt™ Solution

To ensure reliable interoperable commu-

nications, federal, state, local and tribal

government and public safety agencies

have joined nationwide and regional

satellite-based mutual aid radio talk-

groups (SMART). SMART is a program

offered at no cost to SkyTerra’s public

safety users.

Pioneered by the Department of Justice

and the FBI, and operating on SkyTerra’s

satellite network, the SMART program

provides:

•Ubiquitousmulti-state,multi-agencyinteroperable communications;

•Aredundantcommunicationssystemthat allows public safety officials to

stay connected during an emergency

– even when terrestrial and cellular

networks are damaged or congested;

•Expandedcoverage,sothatresponderscan communicate in the most rural

and mountainous regions;

•Priorityserviceforemergencyresponse; and

•One-to-one“dispatchstyle”andone-to-many “broadcast style” push-

to-talk communications.

The SMART program currently includes

nine regional and nine nationwide talk-

groups. The overlapping talkgroups enable

critical and interoperable communications

among homeland security officials, law

enforcement, emergency responders and

public safety teams across the nation.

SMART is proving to be invaluable for

quickly and efficiently coordinating res-

cue efforts and providing the U.S. with a

much-needed interoperable communica-

tions system.

“The talkgroups provide a means of

immediate communication between

health and public safety professionals

in and out of the state during an emer-

gency,” noted Drew Chandler, IT and

communications manager for Kentucky

Department of Public Health’s Prepared-

ness Branch. The state of Kentucky made

extensive use of its statewide network

of satellite talkgroups during recovery

operations following the devastating ice

storms in the Winter of 2009.

A SmART™ SoluTioN foR iNTeRoPeRABiliTY

soluT Ions sHoWCAse

continued on page 30

30 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

ASPG, INC.

mainframeencryptionenterpriseencryption[z/os,Windows,unIX,linux]fordata-at-rest,FTPdata&tape/diskdata.seamlessinteroperabilitybetweenplatforms.openPGP&opensslcompatible.easy,comprehensivekeymanagement.Freeencryptionsoftwareforyourpartners.

Call:800.662.6090or239.649.1548 Freetrialdownloadsat:www.aspg.com

DISASTER GAME LLC

BCTraining&AwarenessTheDisasterGameisathinkingtoolusedtocreateuniqueandhighlydetaileddisastereventscenariosthatengageandchallengeexerciseparticipants.DisasterGamellCisaninnovativeprovideroftoolsandservicesthatelevateyourreadiness.

T:207.713.1053e-mailclient.services@disastergame.comorvisitwww.disastergame.com

HeXIsToRDATAPRoTeCTIonsRV.onlineBackupservice Hexistorautomatesbackupwithcontrolandsecurityoflocaldisk imagebackupforwire-speedrecoveryandbaremetalrestoreplustheprotectionofasecureoff-sitedisasterrecoveryservicewiththecostsavingsandbandwidthefficiencyofdataduplication.

Tocontactuscall312.593.6100X102orvisitourwebsite,http://www.hexistor.com

TechNologY mARKeTPlAce

next-Generation Public Safety initiatives

SkyTerra is in the advanced stages of

building its next-generation, integrated

satellite-terrestrial network, which will

allow users to seamlessly and trans-

parently toggle between cellular and

satellite networks while still using a

lightweight, handset device. For the

public safety professionals, this means

that the mobile device they rely on

everyday could become the same device

they reach for during an emergency. In

addition, the dual satellite-terrestrial

system will provide full redundancy and

allow users to communicate from virtu-

ally anywhere across North America.

The Technology Council of the Inter-

national Association of Fire Chiefs in

cooperation with SkyTerra Communica-

tions recently developed an information

paper that discusses the SMART program

as a solution for nationwide interoperable

communications. To download the infor-

mation paper, visit www.iafc.org or www.

skyterra.com.

continued from page 29

statement of ownership, management, and Circulation united States Post office1. Publication Title: Disaster Resource guide2. Publication Number: 024-9023. filing Date: December 17, 20084. issue frequency: Quarterly5. Number of issues Published Annually: Four6. Annual Subscription fee: Free to qualified7. complete mailing Address of Known office of Publication:

1510 E. Edinger Ave., #D, Santa Ana, CA 927058. complete mailing Address of headquarters or general Business office of Publisher:

Disaster Resource guide, 1510 E. Edinger Ave., #D, Santa Ana, CA 927059. full Names and complete mailing Addresses of Publisher, editor and managing

editor: Publisher, kathy Rainey, 1510 E. Edinger Ave., #D, Santa Ana, CA 92705; Editor, Tommy Rainey, 1510 E. Edinger Ave., #D, Santa Ana, CA 92705; Managing Editor, Daniel Herrera, 1510 E. Edinger Ave., #D, Santa Ana, CA 92705

10. owner: Emergency lifeline Corporation, 1510 E. Edinger Ave., #D, Santa Ana, CA 92705; Tommy and kathy Rainey, 1510 E. Edinger Ave., #D, Santa Ana, CA 92705

11. Known Bondholders, mortgagees and other Security holders owning or holding 1 Percent or more of Total Amount of Bonds, mortgages or other Securities: none

12. Tax Status: not Applicable13. Publication Title: Disaster Resource guide14. issue Date for circulation Data below: Volume 13, issue #1, August 2008

no. Copies of Average no. Copies Single issue 15. extent and Nature Each issue During Published nearest

of circulation Preceding 12 Months to Filing Datea. Total no. of Copies (net Press Run) 29,175 25,000 b. Paid and/or Requested Distributed: (1) outside County Paid/ Requested Mail 24,562 24,714 Subscriptions (2) in-County Paid/Requested Mail -0- -0- Subscriptions (3) Sales Through Dealers and -0- -0- Carriers, Street Vendors, Counter Sales (4) Requested Copies Distributed 61 28 by other Mail Classesc. Total Paid and/or Requested 24,623 24,742 Circulation (Sum 15b, 1, 2, 3, and 4)d. nonrequested Distribution (1) outside County nonrequested Copies -0- -0- (2) in-County nonrequested Copies -0- -0- (3) nonrequested Copies Distributed 84 5 through uSPS by other Classes of Mail (4) nonrequested Copies Distributed 885 253 outside the Maile. Total nonrequested Distribution 969 258 (Sum of 15d, 1, 2, and 3)f. Total Distribution (Sum 15c and 15e) 25,592 25,000g. Copies not Distributed 3,584 -0-h. Total (Sum 15f and g) 29,176 25,000i. Percent Paid and/or Requested Circulation (15c divided by f times 100) 84% 99%Tommy Rainey, Executive Publisher

31 D I S A S T E R R E S O U R C E G U I D E Q U A R T E R LY

Energy | Environment | National Security | Health | Critical Infrastructure

© 2008 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are

registered trademarks of Science Applications International Corporation in the United States and/or other countries.

For detailed information go to www.saic.com and type “ESS” in the search field,

or contact Patrick Cameron at 757.962.8139

Mission Ready 24/7.

Mission Critical?

ESS is the only shelter system available

with the innovative Quicklock secure

cargo system

SAIC introduces the Expandable Shelter System (ESS):

modular, expandable, deployable and multi-functional. ESS allows you to tailor the system

to meet your application. ESS is ideal for C4I, forensic labs, disaster response, MASH units,

berthing, field kitchens and more. Basically, it is limited only by the imagination.

1

Visit These Companies... in the GUiDe and on the Webwww.disaster-resource.com

aspG, inc.page 30www.aspg.com

Booz allen Hamiltonpage 16www.boozallen.com

Disaster Game LLCpage 30www.disastergame.com

Disaster Recovery &Business Continuity Forumwww.forumnetworkingevents.com/forums/business_continuity

emergency Lifeline Corp.page 19www.emergencylifeline.com

eRms Corporationpage 15www.ermscorp.com

HexisToR Data protection servicespage 30www.hexistor.com

incessant Data Center Developmentpage 2incessantdata.com

madico, inc.page 4www.madico.com

nDRexpo & Conferencepage 8www.ndrexpo.com

paradigm solutions internationalpage 21www.opsplanner.com

Rentsys Recovery servicespage 10www.rentsysrecovery.com

saiCpage 31www.saic.com, seach “ess”

skyTerra Communicationspage 28www.skyterra.com

Trane Rental servicespage 25www.trane.com/rentalservices