Wednesday, February 15, 2017

Records Retention

February 15, 2017 - When's the last time you reviewed your records retention policy (if you have one)? You should have a policy/process for records retention and should review it at least annually. This issue discusses why records retention is critical and can help you determine which records to keep and for how long, how to handle a retention schedule, and other issues of interest.

These three rules can help you stay on top of your record management responsibilities. (Item #1) Do you need to develop document retention standards and procedures for your Business Continuity Program?  (Item #2) Preservation of vital records is a pillar of any Business Continuity/Disaster Recovery plan. (Item #3)

Here are seven common mistakes of record retention—dare we call them deadly sins?—and strategies to avoid them. (Item #4) This article can help answer your questions about email retention. (Item #5) Here's some help to determine which documents to shred and which to keep and for how long. (Item #6)

For the full issue, click here.

Wednesday, February 8, 2017

Cyber Security

Feb 8, 2017 - We hope there isn't anyone walking around thinking they are immune to cyber attacks because it just isn't so. As we've said before, it's not if, it's when. But how do you protect your organization? This week's articles offer information and some suggestions on how to improve your cyber security... and recognize that insiders can cause more vulnerability than outsiders.

If you consider all these crazy trends, blips in the news about attacks, and the patterns -- from password re-use to the rise in usage of end of life systems -- predicting the future for cyber security is really not that outrageous. (Item #1)   The role that insiders play in the vulnerability of all sizes of corporations is massive and growing. (Item #2)   Finance leaders now have a leading role to play in data security. (Item #3)

Here's an overview of everything you need to know to protect yourself from cyber attacks. (Item #4)  To help you protect your business, here are 13 small-business-friendly cyber-security solutions to get you started. (Item #5)   This article's purpose is to share the defense department's approach to cyber attacks so that business leaders can apply it in their own organizations. (Item #6)

For the full issue, click here.

Wednesday, February 1, 2017

Data Privacy

Feb 1, 2017 - Are you doing the best job possible to manage your users' privacy? Yes, your data is likely secure but privacy is another matter. The dangers to data privacy often are more likely to come from your authorized users -- employees, vendors, etc. This issue looks at data privacy and discuss what we should be doing to maintain that privacy.

The difference between security and privacy is critical, and it's when we confuse them that we reveal more information than we intended. (Item #1)   The collection and manipulation of Big Data can result in real-world benefits, but it also can lead to big privacy problems. (Item #2)   Here are some key areas where planners need to be concerned with private and personally identifiable information when creating, updating, and testing disaster recovery plans. (Item #3)

In the digital economy, our personal information is the New Money to pay for services. (Item #4)   With organizations collecting increasing amounts of data, customers and the governments that represent them have evolving expectations about the transparency surrounding data collection, and the laws that govern the usage and reporting of it.  (Item #5)   Companies are increasing technology investments to protect against external data breaches, but employees pose a bigger threat than hackers. (Item #6)

For the full issue, click here.

Wednesday, January 25, 2017

Risk and Business Continuity

Jan 25, 2017 - Risk assessment and management are critical to the creation and success of business continuity plans. Through the years, there has been a lot of discussion about which should come first, which is more critical, whether they are integrated, etc. This issue focuses on risk and its role in the entire business continuity process.

When Risk Assessment and Business Impact Analysis are placed together, these two processes combined can easily tell how hard a potential disruption can impact a business, as well as how quickly and how damaging it can be. (Item #1) Here is an overview of four key criteria that are essential for effective risk management. (Item #2) The board should start by reviewing the process that is being used to identify risks... not just a legal/compliance risk assessment but one tied to other matters, such as business continuity planning, crisis response plans, and even basic fraud. (Item #3)

Risk assessment and business impact analysis are key stages in disaster recovery planning, but where do they fit into the DR planning process? (Item #4) Being ready for risk is the key to any successful BCM plan; while many disruptions are unplanned, you can still weigh the risks and probability of events. (Item #5) Involvement in risk assessment and BCM fits very much with the strategic role of HR. (Item #6)

For the full issue, click here.

Wednesday, January 18, 2017

Business Continuity and the Cloud

Jan 18, 2017 - Does your business continuity plan leverage the advantages of the Cloud? If not, perhaps you should consider if it should. While there are some security issues to consider when moving to the Cloud, there also are many benefits that may be derived. Take a look at this week’s articles to see if a move to the Cloud might help strengthen your business continuity and disaster recovery plans.

An emerging viable tool for disaster recovery is the cloud. (Item #1)   Business continuity may be taking on a new flavor as the cloud gains prominence. (Item #2)   New disaster recovery as-a-service (DRaaS) solutions designed for the public cloud have changed the business resiliency game. (Item #3)

No insurance policy will help employees continue working if they don’t have access to business-critical applications. (Item #4)   The next generation of firewalls can be used as effective business continuity tools (Item #5)   The jury is still out on whether using cloud-based services increases or decreases the likelihood of business interruptions. (Item #6)

If you are interested in more info about Cloud Computing and some things to consider about it, you can review the July 27th issue of the NewsBriefs at

For the full issue, click here.