Tuesday, February 10, 2009

ERM-BC-COOP: More than meets the eye

I received the following from the BSI on Tuesday, 10 February.

 

Technology 'could save companies from snow disruption'

04 February 2009


Adopting the right technology could have prevented companies from experiencing disruption during the recent cold and snowy weather, an expert has claimed.

According to BeCrypt, using communications technology would have prepared many firms better for poor weather conditions by enabling staff to work "safely and productively" from home.

BeCrypt chief executive Bernard Parsons said that the recent snowfalls had highlighted the business continuity issues faced by small firms in Britain, which could be solved through the use of secure mobile working technology.

The data security and encryption company boss stated that firms could avoid loss of productivity by preparing better for poor weather and implementing innovative technology that protects company resources from data loss of malicious software.

Mr Parsons suggested that issuing workers with a simple low-cost USB device can provide them with secure access to corporate networks from unmanaged PCs, allowing them to use applications, email, files and documents safely.

The Federation of Small Businesses estimated this week that up to one in five workers in Britain opted to stay at home on Monday after several inches of snow fell, costing the country an estimated £1.2 billion.


Industry news brought to you by BSI British Standards, the national standards body that developed the first sustainable development standard, BS 8900.

 

I am not going to suggest that had the Brits had a mobile mentality and regularly worked off site, THEN many units of loal currency could have been saved.

BUT - and it's a BIG "but" - given the mentality AND the probabability of a "snow day" or several, would it be worth it for the average organization (or organisation) to invest in the tools necessary to allow secure off-site computing?

As it happens, I regularly work from a site other than the office. My house. Outside the local coffee shop with wi-fi, the local flying field, and other spots "to be defined."

Both my personal computer and the company computer are new enough to have come equipped with wireless Internet capabilities.

The company computer includes special secure communications software.

I have a network ID.

I have a frequently changed network password.

I also have a hardware device that provides me with a code that changes every minute or so.

I can log on to SOME system resources using my own computer, the network ID and password, and the hardware device.

But I can't log on to ALL the system resources available to me at the office unless I am using the company machine (with the network ID, password, and hardware device).

My point: in order to have access from (almost) anywhere, the company has to spend some bucks.

Bucks for the software.

Bucks for hardware device rental.

Part of any business continuity equation is to RATE THE RISK.

This is a very complicated process.

What is the PROBABILITY of the risk occuring. (That's a statement, not - now - a question.) Scale of Low-Medium-High, 1-to-5, 1-to-10; you pick the granularity.

Snow storm in London shutting down the financial district: Probability = Low (so I'm told).

What is the IMPACT of the risk occuring. Use the same scale as used above.

We've seen that the impact is pretty high.

Now comes The Management Decision.

Is it worth the cost of mitigating the threat of lost time by spending the money to outfit all/some/a few people with remote computing capabilities?

That decision is going to vary by organization and Service Level Agreements for critical processes (and the threat of legal action).

If staff regularly worked at alternate sites spending the money for the software and hardware to permit secure connections might be a given. But if not . . .

As for the £1.2 billion* loss, I'd like to know what it included.

If I got the right amount of zeros - I'm lucky to have change for the toll booths - then the Brit's £1.2 billion equates to US$1,751,203,996.33 or €1,350,484,118.94, or NIS7,083,781,267.24

While that's a hard hit on the COUNTRY's economy, the cost is much less to the individual business. Also consider the expenses the business may have been spared. Finally, did the organizations have business interruption (or any) insurance?

Business continuity is NOT rocket science, but it does take some thought and understanding of its purpose. Buying the necessary hardware and software to mitigate a rare risk may have put some of those impacted businesses out of business. And that's not business "continuity."

John Glenn, MBCI, SRP
Enterprise Risk Management/Business Continuity
http://johnglennmbci.com/
Planner @ JohnGlennMBCI.com

Sunday, February 1, 2009

ERM-BC-COOP: Not "sexy," but dangerous

Sometimes I think we are looking for "sexy" problems - H5N1 Avian Influenza, a/k/a Bird Flu - instead of looking at, and learning from, the "run of the mill" threats.

Funny enough, some of the "normal" threats mimic that the experts predict for H5N1:

"Experts, however, say preparedness for meningitis epidemics is difficult because vaccines cannot be administered until it is known which of the many different forms of the bacterium is spreading. As a result, 5-10 percent of patients die, typically within 24 to 48 hours, while some survivors suffer brain damage, hearing loss or learning disabilities."

From http://www.bigmedicine.ca/


Zimbabwe: Cholera kills more than 3,000 [Jan 29 Johannesburg]--The cholera death toll in Zimbabwe climbed to 3,028, the World Health Organization said on 28 January.

The outbreak that began in August 2008 has become the worst cholera pandemic in Africa since more than 12,000 people perished from the waterborne disease in Goma's refugee camps in the aftermath of the Rwandan Genocide in 1994.

The outbreak is showing few signs of abating; the number of cases recorded rose by 1,579 from the previous day, bringing the total known number of cases since the outbreak began to 57,702.

In neighboring South Africa, five people died from cholera in Limpopo Province, which borders Zimbabwe, according to a health department official quoted in the local media.

Since South Africa's outbreak began in November 2008, more than 40 people have died from the disease, and more than 3,000 cases have been recorded.

Uganda: Scores dead as meningitis epidemic strikes [Jan 29 Kampala]--At least 35 people have died in a meningitis epidemic that has hit several districts in western and north-western Uganda over the past two weeks, a health ministry official said.

"Cumulatively we have recorded 47 cases of meningitis with 13 dead in Hoima District," Paul Kaggwa, a spokesman for the ministry, said. "Another 150 cases have been reported in Arua, with 18 dead, and 14 in Masindi, with four deaths."

In its Africa weekly emergency situation update issued on 19 January, the World Health Organization (WHO) said one sub-county in Hoima had crossed the meningitis epidemic threshold. There was also concern about Karamoja region where dry weather had set in.

Kaggwa said the latest reports indicated Arua had also crossed the threshold of five cases per 1,000 people. "The immediate intervention we are embarking on is to carry out vaccination in Arua and Hoima," he told IRIN on 22 January. "We are still determining whether the situation in Masindi justifies a vaccination [drive].

"We are engaged in active surveillance and case management [and] are sending teams to the areas to support community-awareness programs," he added. "We have deployed film vans to help in the campaign."

The Uganda Red Cross (URC) in a 14 January statement said most patients in Arua were from Dadama and Oluko sub-counties while those in Hoima were from Kigorobya sub-county.

Meningitis is an inflammation of the meninges, the lining surrounding the brain and the spinal cord. It is caused by bacteria and transmitted through contact with respiratory or throat secretions.

According to the URC, the outbreak in Hoima occurred in an area with no history of vaccination for meningitis and few health units. The affected homes were also congested.

Medical experts said dust, which is common during the dry season, leads to an increase in respiratory infections and helps spread meningitis because the bacteria attach themselves to dust particles.

Uganda lies within the African meningitis belt, stretching from Senegal in the west to Ethiopia in the east, according to WHO. The region, home to about 350 million people, experiences meningitis cycles whenever the dry season sets in.

Up to 30,000 people suffer from the disease each year in Uganda. Last year, the government introduced a vaccine, which it said significantly reduced mortality rates from the deadly disease.

Experts, however, say preparedness for meningitis epidemics is difficult because vaccines cannot be administered until it is known which of the many different forms of the bacterium is spreading. As a result, 5-10 percent of patients die, typically within 24 to 48 hours, while some survivors suffer brain damage, hearing loss or learning disabilities.

John Glenn, MBCI, SRP
Enterprise Risk Management/Business Continuity
http://johnglennmbci.com/
Planner @ JohnGlennMBCI.com