Continuity Management Database Project
advertisement
Continuity Management Database Project Prepared for Celsus Management Inc & Jason Fisher Prepared by Andrew Campbell Dilpreet Brar Steven Sherley DAS Business Continuity April 13, 2012 Continuity Management Database DAS Business Continuity Contents Prepared for Celsus Management Inc. Page Executive Summary 3 Introduction 4 Hardware Selections 5 Software Selections 5 Research of Similar products 6 Challenges 6 Conclusion 7 References 8 APPENDIX A: BUDGET 9 APPENDIX B: GLOSSARY 10 APPENDIX C: COMPANY RESEARCH 11 APPENDIX D: PROJECT SCHEMA 20 2 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Executive Summary The Continuity Management Database Project will provide a better way for businesses to access and modify their Business Continuity Plans (BCP’s). We, DAS Business Continuity will create a relational database that will present business users with a unique opportunity to see their BCP’s quickly and easily. Through use of this database business users will be able to observe an up-todate risk matrix based on their current BCP’s. Continuity Management Database will give business users a competitive edge in the market. Standard practice for businesses that have BCP’s is to keep all of their plans in a hardcopy form. This means that they could have thousands of hardcopies. Making changes to plans being stored this way is time consuming and has the potential to lead to human errors. An effective BCP is critical to a business. Our Continuity Management Database allows businesses to get back on their feet quicker than the rest. Another reason that this project will give business users a competitive edge is due to the fact that Continuity Management Database is a relational database; the change management factor is taking care of its self. With the way current business practice is with BCP’s one would have to spend hours finding and updating plans. Continuity Management Database will turn a time consuming process into a task that will take mere minutes, letting business user’s focus on other things. Working with our sponsor, Continuity Management Database will be targeted towards a sample company with realistic business needs. It is the desire of our sponsor to use this database as a stepping stone, where the work done with Continuity Management Database will be a solid foundation for future work that will be done by the sponsors company (Celsus Management Inc.). To accomplish this project DAS Business Continuity will utilize the resources at hand: Facilities include; SAIT Campus library, CS Project room Textbooks Virtual Machines Server (Provided by Jason Fisher) DAS Business Continuity consists of three members (Dilpreet Brar, Andrew Campbell, Steven Sherley) 3 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Introduction Business continuity planning (BCP) is a process that identifies an organizations exposure to internal and external threats. It outlines the organizations assets to provide effective prevention and recovery. A BCP plan is a roadmap for continuing operations under adverse operations. The business problem being addressed is that currently there is not an efficient method for updating, organizing and accessing current BCP plans. The current method for keeping BCP plans is not efficient because they are being stored as hard copies in multiple binders, which require a great deal of time to access and make changes too. Through this project we have developed a relational database that allows clients to access an organized database containing current BCP plans and make changes that automatically update the database. Our final deliverables are: - Instructional Manual on usage and functionality of database - A Relational database schema that implements the BCP model based on a sample organization - Database will produce a report that explains the risk of an IT interruption in terms that business users understand. - Web front end to allow business to modify potential impacts of interruption 4 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Hardware Selections We have selected a Dell Intell(R) Core(TM)2 Quad CPU, as the host for our virtual machine. The host we selected is perfectly suited for the task required of it. The majority of the project work is done on a virtual machine. Version 6.1.7601 Service Pack 1 Build 7601 System Manufacturer Dell Inc. System Model Vostro 220 Series System Type X64-based PC Processor Intel(R) Core(TM)2 Quad CPU @ 2.50GHz Installed Physical Memory (RAM) 4.00 GB Software Selections The software we used for this project consisted of a few different items. The first being our base, the Windows Operating system. We chose Windows 2008 R2 because we thought it would be more than enough to host our website, and support our web server and database. The next item was in determining an appropriate web server, we chose to install Apache, it is a stable server and it is the server we had the most experience with. Next, we needed to install the PHP plug-in so we could communicate with our database, and our html website. Lastly, we needed a database, we chose to install “MySQL community server”, again we chose to use SQL because we had the most experience with it. We needed to install SQLyog as well, an application that gives us a user interface to use with MySQL server. Windows operating system Windows 2008 R2, to host the website, and database Apache web server Apache 2.2 web server to host the website PHP plug-in Scripting language to talk between client and server MySQL community Server and Allows us to create and manipulate the database SQLyog 5 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Research of Similar Products To get a better understanding of the product we were creating, we researched various companies that had similar products. Our research covers a variety of products and our main focus were companies that were offering database services over the internet. We found a few companies that had similar products and a lot that were in the scope of BCP, however they were not utilizing a database. Our project is unique in that clients can access their BCP’s immediately and also view a risk matrix based on their current business assets. See APPENDIX C: COMPANY RESEARCH. Challenges 1. Communicating ideas between client and team: Our main concern during the project was the satisfaction our client. There was a point during the project development that we were spending too much time on the login feature of the website. Through a discussion with the client we learned that the focus of our project should be in displaying the risk matrix on the website. 2. Displaying Graph: Easily the most important feature of our project is the displaying of the risk matrix via a graph. The graph is supposed to show the intersection between increasing impact over time with depreciation of assets over time. We looked into different ways to show the graph, and the best way was to utilize Google graphs. Our project utilizes a library of code that is hosted by Google. 3. Time usage of desktop: As a team we had to share a single desktop that was hosting our project. We overcame this challenge by making exact images of the virtual machine we were using and continued working on our laptops. Using this strategy we were able to continue working from home. 6 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Conclusion The circumstances leading up to the need of a database method of storing BCP documents is that currently it is a common trend for businesses to store their BCP documents as hard copies in an inefficient storage method. Our project is providing an opportunity for users to access their current BCP. By accessing their BCP they will be provided with a report that outlines the risk of an IT interruption, along with a cost rationalization that balances business risk against IT recovery options. Our project is a streamlined product that allows users to access their BCP’s along with seeing an up-to-date risk matrix based on their company’s business assets. “Continuity Management Database” is unique in today’s market because nobody else offers a secure website where users can access their BCP’s and see their company’s business risk matrix. 7 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. References [1] windows.php.net/download/ [2] httpd.apache.org [3] www.mysql.com [4] http://www.softpedia.com/progDownload/SQLyog-Community-Edition-Download82252.html [5] http://www.21stcenturysoftware.com/ [6] http://www2.agilityrecovery.com/ [7] http://www.dspnetwork.com/ [8] http://www.cosentry.com/ [9] http://www.bigbyte.cc/ [10] http://www.brproactive.com/ [11] http://www.virtual-corp.net/ [12] http://www.rentsysrecovery.com/ [13] http://www.contingencynow.com/ [14] http://www.drsbytamp.com/index.aspx [15] http://www.strategicbcp.com/resilienceone [16] http://www.getapp.com/compare/business-continuity [17] http://www.getapp.com/compare/business [18] http://www.storagepipe.com/services/rapid 8 Continuity Management Database DAS Business Continuity APPENDIX A: BUDGET Expense Total Personal Expenses Salaries and Wages (271 hours @ $60 $16,260.00 Non-Personal Expenses Office Space $0 Travel $0 Hardware(server) $3000.00 Software(Virtual Machines license) $1208.00 Software(mySQL license) $789.00 Demonstration Costs (Capstone viewing) $150.00 Advertisement (for a period of 1 year after project $8900.00 completion) Total $30,247 9 Prepared for Celsus Management Inc. Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. APPENDIX B: GLOSSARY Database: A structured set of data held in a computer, esp. one that is accessible in various ways. Relational Database: A database structured to recognize relations between stored items of information Business Continuity: Is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. Business Continuity Plan: identifies [an] organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, whilst maintaining competitive advantage and value system integrity. Risk Matrix: A Risk Matrix is used in the Risk Assessment process; it allows the severity of the risk of an event occurring to be determined. 10 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. APPENDIX C: COMPANY RESEARCH Continuity Management Database Basic -Database where clients can access their BCP’s and make changes Services immediately -Provides a way for client to easily Identify an organizations exposure to internal and external threats -Database produces report that explains the risk of an IT interruption in terms that business users understand Unique -Streamlining current BCP’s in a database format, which will make access to Services BCP’s more efficient Pro’s -Optimization of the change management process -The database will greatly reduce human error -Having a database provides a sleek product that is easily saleable Con’s How Capstone -A database that deals with change management. project is -Users that utilize our database will have quick access to plans, and will be different presented with a risk matrix regarding their choice 21st Century Software Inc. Basic Services -Objective to identify & manage risks to protect mission critical data on mainframe & legacy systems applications. -Key to business disruption avoidance is identifying and managing the risks and gaps you have. Software does the following: Monitor file use in real time to define file backup requirements Align your backup and recovery plan with file usage patterns Ensure storage resource volume and connectivity through simulated backup 11 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Demonstrate recoverability through simulated recovery Validate your Recovery Assurance capabilities through assessment and analysis reporting Unique -Real-time recovery assurance monitoring and analysis continuously and Services accurately monitors file usage across all applications and builds a database of applications that are most critical to business recovery. Pro’s -Provides consulting services: a) Audit and Review-Performs a complete audit and review of current backup and recovery strategy to determine strengths and weaknesses. b)Disaster recovery Planning-Help executive and IT staffs to fully understand what’s involved in an enterprise recovery program. Con’s -The software provided by this company tells users which applications and files are most used and therefore important to back up. This would not be a useful feature for our capstone because are not telling our clients which programs/processes are more critical. Our clients already know which of these are mission critical. How Capstone -Our capstone will be working with clients BCP’s that already exist. Our project is capstone also provides an environment where new BCP’s can be added. different -Capstone database will produce a reader friendly report that clearly lays our risks and mitigation strategies. General Notes -Registration required to receive a resource kit that will tell you if your company is ready for “integrated, real-time recovery management solution.” Agility Recovery Solutions Basic Services -Promises to (in case of disaster) to recover any, or all of the four key elements of business continuity. -These four elements are 1)Power 2)Technology 3)Space 4)Connectivity 12 Continuity Management Database Unique DAS Business Continuity Prepared for Celsus Management Inc. -Collaborates with the insurance industry. Services Pro’s Con’s -First thing you read on the homepage is a disclaimer that they can recover some or all of data. The areas that they promise to recover information from are four very vague areas. How Capstone -Company focuses on the actual recovery of data. Capstone is focusing on project is analyzing existing processes/programs different Disaster Survival Planning Network Basic Services -help audit and update your BCP by identifying gaps and recommending enhancements Unique -provides workshops, Services -public workshops -on-site workshops -custom exercises -pandemic workshops -small business workshops Pro’s Con’s -provides packages for clients to buy so that they can build their own BCP. -the model of giving your clients a pamphlet explaining how to build a BCP is faulty. Who knows if your client will do it correctly? -The nature of their DSPN business is they fix what the client has done wrong, however by giving a pamphlet explaining how to create a BCP, the client is almost guaranteed to do it wrong right from the beginning How Capstone -our capstone works with existing BCP. project is -our capstone will work with change management and will make the changing different of BCP’s more efficient. 13 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. CoSentry Basic Services Offers: -Cloud Computing -Data Center Services -Disaster Recovery -Managed Services -Technical Help Desk Unique -Cloud computing Services Pro’s -provide data centers for back up of critical data -many certifications Con’s -provides packages for clients to buy so that they can build their own BCP. -the model of giving your clients a pamphlet explaining how to build a BCP is faulty. Who knows if your client will do it correctly? -The nature of their DSPN business is they fix what the client has done wrong, however by giving a pamphlet explaining how to create a BCP, the client is almost guaranteed to do it wrong right from the beginning How Capstone -this company is p project is different Virtual Corporation Basic Services -Business continuity consulting and software company which assists organizations with all aspects of their business continuity programs. -Business impact analysis -Site vulnerability assessment -crisis management -incident command exercise and drills -enterprise business continuity program design and implementation Unique Uniquely leverages its expertise in Business Continuity consulting to ensure Services that the results of every project are sustainable, well documented and effective Pro’s -affordable solution that empowers business continuity managers to 14 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. implement a sustainable process to build, update and maintain their own business continuity plans. -Free, open access comprehensive tool to evaluate the maturity of an organization’s BCP -Span across 10 countries -Have partners in Canada Con’s -Mainly aimed at small and disadvantaged companies How Capstone -SQL database implementation project is different Rentsys Recovery Services Basic Provide flexible recovery strategy solutions for critical IT hardware, voice and Services network recovery, mobile recovery center solutions, traditional center-based hot-site recovery, co-location and FELXDATA,(exclusive data backup service) Unique FLEXDATA-non-intrusive data backup service that allows for rapid restores Services within a portable, safe and flexible environment. Pro’s -ability to Quick ship critical IT hardware anywhere in the United States within 24 hours -Mobile Recovery -System backups Con’s -Lack of user-interface How Capstone -not dynamically updateable by user project is -Project is different because we will provide web-front interface different 15 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. TAMP Systems Basic Services -Web-based Business Continuity Management (BCM) -Software is called – Disaster Recovery System -DRS create plans, keep plans up-to-date and manage BCM data. -Consulting services include the development of Risk-threat assessment and Business Impact Analysis -Provides plans for Business Continuity, emergency plans, disaster recovery, crisis management, pandemics, workforce interruptions and other disaster incidents -Provides essential notification system, which is cost-effective solution to automated delivery of voice messages and failover from your voicemail system for disaster recovery Unique -One of the few companies worldwide with a CBCV (Certified Business Services Continuity Vendor) certification from Disaster Recovery Institute International(world-wide leader for education and certs in Business Continuity Management Pro’s -Planning Solutions for Business Continuity for over 25 years -Inducted into the Contingency Planning and Management Hall of Fame -High recognition -encrypted 24/7 worldwide access Con’s -Located in the states How Capstone -Tamp has been in business for over 25 years project is different 16 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. Contingency Now Basic Services -Professional risk management services and product company delivering risk management solutions that increase operational efficiency, mitigate and/or eliminate rick, and increase revenue. -Develop and implement your own solution with PROVentNow, or hire our consulting services -Focused on small to mid-sized companies -Provide services for Transportation, medical, insurance, financial markets Unique -ProVentNow: tool that allows you to identify and mitigate enterprise-wide Services risks and vulnerabilities while driving out ineffective and costly operational processes, procedures and functions Pro’s -In business for about 10 years -Have consultants with decades of experiences in both IT disaster recovery and business continuity Con’s Business located in the states, California: not good for company from Canada How Capstone -Contingency Now has software that is download able on their site, which project is helps you design and implement your own plans different Resilience One http://www.strategicbcp.com/resilienceone Basic Services Unique Services Pro’s -7 based business questions -no configuration -powerful algorithms -real-time incident tracking -no extra costs -unlimited users -redundant servers included in pricing Con’s -Only 7 business based questions -Not able to configure to specific needs -100% web hosted (where is your data being stored) 17 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. How Capstone project is different GrexIT http://www.getapp.com/compare/business-continuity Basic Services Unique Services Pro’s -Beta so may grow -Automatically fetch useful conversations -3 supported languages (English, French, Italian) Con’s -Only an email back up -Very limited capabilities How Capstone project is different NovaBACKUP http://www.getapp.com/compare/business Basic Services Unique Services Pro’s -Workstation, cloud, server and network backup -used on server 2k3 2k8 -Automatically backup w/ SQL 2k8 and Exchange 2010 -Supports virtual machines -full disk imaging -supports hyper-v Con’s -Cloud backup -only 2 languages supported -can only purchase by subscription How Capstone project is 18 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. different Fastback http://www.storagepipe.com/services/rapid Basic Services Unique Services Pro’s -Around the clock protection -Block level incremental back up -Background restoration -Uses snapshots -Recover specific objects -Bare metal recovery -Hardware, Software, offsite costs built in Con’s -Block level incremental backup -No data on website (pricing, specs,etc) -No web front end -Not sure if it is customisable How Capstone project is different 19 Continuity Management Database DAS Business Continuity Prepared for Celsus Management Inc. APPENDIX D: PROJECT SCHEMA View BCP User Login Add/Remove Asset DAS Home Page Logout Register Admin Login Admin Home, Allow/ Deny, Delete Users View logs Add/Remove Asset Page Logout 20 Refresh
