KPN Security and continuity landscape KPN Security and continuity landscape
KPN Security and continuity landscape
"grasduinen" through the KPN approach for setting up BCM and plans using Business Continuity Software Sungard LDRPS
1
20 November 2012 Albert Brouwer
KPN Security and continuity landscape
Albert Brouwer
KPN Service Line IT Trusted Services
2
KPN Security and continuity landscape
Agenda
3
Security and Continuity Phraseology
“Grasduinen" through Security and Continuity
Business Continuity Management at KPN and the use of business continuity software
KPN Security and Continuity portfolio
KPN Security and continuity landscape
Agenda
4
Security and Continuity Phraseology
“Grasduinen" through Security and Continuity
Business Continuity Management at KPN and the use of business continuity software
KPN Security and Continuity portfolio
KPN Security and continuity landscape
Security Phraseology
5
Security management
Contingency management
Risc management
Compliance
Informatiebeveiliging
Information security governance
KPN Security and continuity landscape
Security : who is affected by virus or spam ?
6
KPN Security and continuity landscape
Phishing
7
KPN Security and continuity landscape
Need I say more?
8
KPN Security and continuity landscape
Business Continuity Phraseology
9
Crisis Management Plan
Contingency management
Active – Active -Passive
Technical Recovery Plan
Business Continuity Software
Emergency Operating Center
KPN Security and continuity landscape
Continuity: nothing happens today …..
10
Waalre
www.allestoringen.nl
• Waalre
Sandy
KPN Security and continuity landscape
Continuity: Law and regulations KPN is part of the Dutch Vital Infrastructure
11
Richtlijnen voor gemeenten
KPN Security and continuity landscape
The good news about BCM: BCM works !
12
Source: bcaw2012.com
KPN Security and continuity landscape
Business Continuity at KPN
• Because of increasing complexity it was expected that the organization of
Business Continuity plans were no longer manageable in the traditional way.
• KPN is using Sungard software LDRPS / Continuity Management Solution as standard throughout the whole organization
• Introduction of the KPN BCM Handbook and instruction to use LDRPS
13
KPN Security and continuity landscape
Objectives BCM System at KPN
• Able to proactively identify the impact of an operational disruption
• An effective response to the disturbances which impact on the organization is rapidly reduced
• Encouraging the "cross-team-work”
• KPN must deliver its reputation as a reliable supplier
• A competitive advantage (USP) has to demonstrate that KPN has Continuity in place and is ‘in control’
14
KPN Security and continuity landscape
Different Type of Plans
• Service Continuity Plan: description of the entire service chain, relationships and
dependencies between all processes. services and technology
• Building Continuity Plan: which functions are in this building and how it should be restored
• Department Business Continuity Plan: if a department cannot work under normal circumstances within a certain period
• Technical Recovery Plan: when a critical service stops functioning tasks are described in this plan
• Other plans: anti terrorism, BHV, Crisis Management (Be-Alert)
15
KPN Security and continuity landscape
Structure of Plans
16
KPN Security and continuity landscape 17
KPN Incident Response Structure
Be alert classification (and a lot of common sense!)
KPN Security and continuity landscape
Use of Business Continuity tooling: LDRPS
18
• Advantages:
• Uniform titles, names
• Up-to-date employee data and items from CMDB
• Uniform BCP’s, TRP’s, SCP’s, and all other plans
• Central Availability (SaaS)
• Expandable wit BIA and RA and intergrated with notification tool
• Graphics capabilities dependencies between services, processes, hardware and applications, Recovery Workflow, call trees
• ISO22301 compliant
KPN Security and continuity landscape
(Service organisation)
Assurance in the chain
19
Regulator
User Organisation Partners
Strategic / Technology Partners
(Sub-service org.)
Internal auditors
Business / Service Partners
(Sub-service org.)
External auditors
KPN Security and continuity landscape
Controlling and Maintaining the Complexity
20
employees @ Home
Suppliers @ Work
customers @ anywhere
Hosting @ provider
Application @ xSP
Employees @ Office
Employees @ ontheroad
KPN Security and continuity landscape
Our client is threatened by safety, reliability and business continuity
Our customer has requirements from its customers, regulatory and regulator
KPN Trusted Services
21
Our customers demands safety, reliability and business continuity
Trusted Services combats threats against and the possible consequences through:
Network protection
Identity & Access mgmt
Business Continuity mgmt and Business continuity tooling LDRPS / Continuity Mgmt Solution
Assurance
Ad
visory &
Pro
jectman
agem
ent
KPN Security and continuity landscape 22
KPN Trusted Services
KPN Security and continuity landscape
23
KPN Security and continuity landscape KPN Security and continuity landscape
Thank you for your attention
24