Winning: Business Continuity Planning Essay

Submitted By openbook2
Words: 966
Pages: 4
Open Document
FACTS
Summary of iPremier
• Founded in 1996 by students at Swathmore college
• One of a few web-commerce success stories • Sells luxury, rare, and vintage goods online
INTERNET RELIABILITY IS CRITICAL!!
• Fiscal Year 2006
• Profits were $2.1 million
• Sales of $32 million

QData
• Steady provider of:
• basic floor space
• power
• connectivity
• environmental control
• physical security and
• high-level “management services”
• Hosted most of iPremier’s computer equipment
• “Colo”
• QData’s hosting facility close to office
• Network Operations Center (NOC)
• Secured Monitoring Location
• Qdata had not been quick to invest in advanced technology and had been experienced difficulty in retaining staff
PEOPLE
BOB Turley- CIO
Joanne Ripley – technical operations team lead
Wanda Spangler – VP business developments
Leon Ledbetter – Ops
Jack Samuelson – CEO
Tim Mandel – CTO
Peter Stwart – legal counsel
• 4:31 AM: Leon Ledbetter reports the website is locked up, customer support is receiving calls and support has been getting
“ha” emails.
•  5:27 AM: Joanne Ripley realized shortly after she reached a Qdata console that iPremier was the recipient of a SYN flood from multiple sites that was directed at the router that runs the firewall.
• “Ha” emails received every second iPremier’s Choices
• At the time of the attack, pull the plug?
• Could lose logging data
• Only way to assure credit card data is not being stolen
• After the attack: rebuild the system? • Would shut down business for, at a minimum, 24-36 hours
• “The only way to be sure”
Ending The Attack
 Every time Joanne tried to shut off the attacking IP address it would automatically trigger attack from two other “zombie” sites  The emails stopped at 5:46 AM

Aftermath actions iPremier instituted several security measures after the DoS attack:
• Restarted all production equipment
• File-by-file examination
• Plan to move to more modern hosting facility • Created an incident-response team
Backup and redundancy planning and testing / disaster recovery
• Encrypt critical customer data
Updated Virus signature files and security patches
• Actively monitor for future attacks
Develop a business continuity plan (test it end to end including suppliers and keep it updated)
Hire an independent audit team who report into the board/ security audit
A risk management program should identify, analyze, evaluate, treat, monitor and communicate the impact of risk on IT processes.
The IT risk framework also has three major domains- risk governance, risk evaluation and risk response.
Develop an IT governance framework
• Unclear of who is in charge of decision making
• Bad relationship with colocation facility
• Poor firewall to prevent intrusion
• No formal internal emergency plan
• Limited information as to what transpired

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users.

CONCERNS FOR THE COMPANY
Busy growing and protecting its profits and delivering new features to benefit customers
The cost of more modern facilities was considerably higher, two to three times as expensive on a per square foot basis
Move might risk service interruption
Felt personal commitment to Qdata

PROBLEM IS POOR PLANNING ON THE COMPANIES BEHALF

BUSINESS CONTINUITY PLAN
Business continuity planning (BCP) "identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, while maintaining competitive advantage and value system integrity

Risk management
Creating a business continuity plan
A BCP typically includes five sections:
1. BCP Governance
2. Business Impact Analysis (BIA)
3. Plans, measures, and arrangements for business continuity
4. Readiness
Show More

Related Documents: Winning: Business Continuity Planning Essay

unit 5 assaignment Essay

myself. Precise: Many of the techniques of e-business strategy have become a very important aspect of their long-term success in the market and competitive organization. According to CioIndex (2008), based on an e-strategy to create shareholder value. Other word, the "new" world competition "new" business model helps to identify now with Internet-based ecosystem. This report emphasizes the importance of today's changing business e-strategy, browse companies to adapt to modern e-commerce…

Words 3382 - Pages 14

Str 581 Strategic Plan

Strategic Plan Update Amy Chin STR/581 October 25, 2010 Charlotte F Strategic Plan Update—Final Version Executive summary Kudler fine foods is a premium food retailer whose business is primarily based on sales of bakery, meat, seafood, produce, dairy, and wine. It has ambitious plans but the tightening economy threatens its quality proposition and further expansion. A strategic focus on Kudler fine foods is to improve the level of convenience offered to customers. This strategy would…

Words 3035 - Pages 13

Essay about British American Tobacco (Malaysia) Sdn Bhd - Strategies Planning & Management

Mission 7 4.7.4 Long Term Objectives/ Grand Strategies 7-8 4.7.5 Business Objectives/ Strategies – Value Chain…

Words 6381 - Pages 26

Essay about 1 Camera, Set, Action: Process Innovation for Film and TV Production1

Innovation for Film and TV Production1 Chun Ouyang Kenneth Wang Arthur ter Hofstede Marcello La Rosa Michael Rosemann Business Process Management Group Queensland University of Technology Brisbane, Australia Katherine Shortland David Court Australian Film, Television and Radio School Sydney, Australia Abstract: Film and TV productions, a key area in production screen business, comprise of processes with high demand for creativity and flexibility. However, despite the era of fast developing…

Words 5279 - Pages 22

Essay on Managing People & Performance

HENLEY BUSINESS SCHOOL UNIVERSITY OF READING MANAGING PEOPLE AND PERFORMANCE ASSIGNMENT • Identify, with justification, a critical issue relating to people that impacts effective performance within the organisation. • Based on your analysis, develop your recommendations and an outline plan to address the issue to improve organisational performance with clear justification for your proposed approach. • Identify the benefits and risks…

Words 5644 - Pages 23

Examples Of Communication Tactics

Espresso, located in the CBD of Parramatta, offers high quality Campos coffee to those in the local area. With thorough research previously conducted, XS Espresso specifically attracts publics who are coffee drinkers in the local area, commuters, business people and young adults aged 18-24. XS Espresso has been having difficulties attracting a large amount of consumers and promoting brand awareness due to the fact that it has only been recently established. However, by addressing their opportunity…

Words 2927 - Pages 12

Public Affairs Request For Proposal

(VCA). We stand ready to assist VCA create a unified message about the importance of the agency to key stakeholders like government officials, various chambers of commerce, key stakeholders, and of course, the general public. Imprenta is an award-winning marketing, public relations and communications firm with specific experience in the travel and tourism industry. Imprenta has worked with Visit California and served as industry relations liaisons for Los Angeles and Southern California districts…

Words 9097 - Pages 37

J Sainsbury - Financial Performance of Last 5 Years Essay

1. EXECUTIVE SUMMARY J Sainsbury plc is a UK based company, into grocery, related retailing an financial services business. The study is primarily to do financial assessment of this company and its performance relative to its peers and industry. Seeing the last 5 years report, it is evident that company was in a bad share 3 years ago, and now its in the stage of recovery. Starting 2004, there has been a major change in the board, as well as management. Since then company has taken several large…

Words 2945 - Pages 12

Business Functions in Context Notes Essay

B203 Business Functions in Context – Revision Notes Introduction * Communities of Practice (Wenger, 2007) - are groups of people the come together to share knowledge and experiences and learn from one another whilst providing a social context for that work. Three characteristics are crucial: 1. The Domain - It has an identity defined by a shared domain of interest. Membership implies a commitment to this and therefore a shared competence that distinguishes members from other people…

Words 10965 - Pages 44

Marketing Strategy and the Contemporary Challenges in Marketing Effectivness: a Case Study Essay

2009 Addis Ababa Chapter One Introduction 1. Back ground In present competitive world and business environment things would not move in a steady way and as planned. As a result for the past few years every organization and company follows the pattern of strategic planning process. In most of business organization, besides creating strategic or business plan, it will be…

Words 15889 - Pages 64