Pandemic Disaster and Business Continuity Planning
Pandemic is an epidemic (a sudden outbreak) that becomes very widespread and affects a whole region, a continent, or the world. By contrast:
- An epidemic affects more than the expected number of cases of disease occurring in a community or region during a given period of time. A sudden severe outbreak within a region or a group as, for example, AIDS in Africa or AIDS in intravenous drug users.
- An endemic is present in a community at all times but in low frequency. An endemic is continuous as in the case of malaria in some areas of the world or as with illicit drugs in some neighborhoods.
In disaster planning when a pandemic occurs the data center exists but people will be in separate locations. The Disaster Planning and Business Continuity Planning processes need to make the user and business operating experience as similar as possible so that the work environment is the same in the remote site (often home) as in the office. A Key requirement is to increase remote access capabilities in addition before the pandemic occurs the following planning needs to take place:
- Define necessary staff levels for critical business processes
- Identify who can work remotely and who has to be in the office
- Validation of vaccinations for key staff members
- Identify the lights out processing issues for computer operations staff
- Identify the network and remote access capacity requirements - what percent of workers do you need to be on the system for the enterprise to continue to operate
- Train and test of users and IT staffs in how to operate from remote locations
- Require key employees to work from remote site at least once a month
- Validate broadband capacity to remote sites (home users)
- Have copies of disaster plan available in remote site
Put in place process for the synchronization of OS system patches and VPN updates - if the workstations are not used frequently disable the auto update features for security updates but maintain a process to see that they workstations are up-to-date.
Define specific requirements for security and PCI-DSS when the disaster plan is activated for a pandemic.
Define change management and version control processes to be used and how they will be controlled during the pandemic.
Once the disaster plan has been activated for a pandemic a central source for information on who is infected, immune, and unavailable needs to be developed and maintained accurately. In addition, staff members who are working in the office and data center environments should be isolated if at all possible so they do not become infected. This may require a quarantine of these employees based on the severity of the pandemic
Users Demand 24 x 7 Availability
Users demand 24 x 7 IT service availability via web sites, portals, email, and mission critical applications. When these systems and applications are not there or are operating in a degraded mode, it negatively impacts the reputation and revenue of an enterprise. Maintaining availability and preventing downtime begins with the successful deployment of network and system management solutions that are focused on IT Service Management in a Service-Oriented architecture.
When managing the help/service desk in an IT Service Management environment (ITSM) with Service-Oriented Architecture (SOA), there are four (4) things that you need to do. They are:
- Validate that you have implemented service tools versus having added unnecessary overhead and bureaucracy. Evaluate your policies, procedures, and processes from the user perspective. To be a service desk, you must serve your clients, rather than make them change what they do to meet your needs.
- Survey your users often and understand what they do not like Review the comments and listen to critics with an eye improving what you are doing. When a change is implemented go back to the critics and see if you have improved.
- Implement metrics and track performance over time Use metrics that apply to your users, see what the trends are overtime. In addition, use the same metrics to see how your competition is doing. Determine if you are providing world class service or just average service.
- Determine the cost of a service solution and its ROI before you implement it measure achievement. Be professional in implementing changes to your help/service desk. If you are constantly changing the process you will not know if your changes are having the right impact.
- Encourage input from your users Listen to your users, validate that the problem that you are solving is the one the user want solved. Listen to your clients. Tell them what you heard them tell you and what your action steps will be. After you implement the solution confirm with them what you did and how it worked.