ICT Continuity

E-mail outage a major concern for businesses

Companies have become so reliant on e-mail that 85% of firms admit that e-mail downtime would severely affect their business, according to research from analyst firm Quocirca.

As a result, companies expect a high level of support from their IT departments, and 70% of organisations said they would expect IT to respond to e-mail outage within 10 minutes. “The majority of respondents see e-mail as an integral part of key business processes such as sales and customer service. A rock-solid infrastructure is the key to a successful business continuity strategy and this must extend to mobile and home-workers," said Clive Longbottom, service director, business process facilitation, at Quocirca. 

The survey also found that 50% of the businesses surveyed believed they would not be able to maintain e-mail service levels if they migrated from one e-mail system to another, and that this was one of the main barriers to migration. “The importance of maintaining service levels is confirmed by the reluctance of organisations to accept any interruption in service during the upgrade process itself" said Longbottom.

Greater use of laptops and PDAs has made e-mail business critical, making respondents more aware of e-mail downtime.

END

If you would like to know more about how your organisation can get involved and benefit from working with the Continuity Forum, please email us HERE! or call on + 44 (0) 208 993 1599. 

 


Major systems crash at Department of Work and Pensions

A configuration issue between Windows 2000 and XP caused the machines to crash on Monday 22 November and it was not until Friday of that week that all systems were fully functioning. November's crash happened in part because of the power of remote upgrade tools which allow technicians to modify tens of thousands of machines using simple routines at a single terminal.

It is believed that an EDS operator allowed Windows XP to be installed on 40,000 computers instead of the 30 in the trial. Procedures have been strengthened to ensure that a single operator cannot perform a remote upgrade accidentally, EDS said.

Citigroup loses data on 3.9 million customers

The banking firm has written to customers whose information was stored on computer tapes that were lost last month by courier UPS in transit to a credit office.

Kevin Kessinger, Citigroup's president of consumer finance in North America, said: "We deeply regret this incident, which occurred in spite of the enhanced security procedures we require of our couriers.

"There is little risk of the accounts being compromised because customers have already received their loans, and no additional credit may be obtained from CitiFinancial without prior approval of our customers, either by initiating a new application or by providing positive proof of identification. Beginning in July, this data will be sent electronically in encrypted form."

The tapes contained US customer data from CitiFinancial branch network operations and CitiFinancial Retail Services. The company said the tapes did not contain information from CitiFinancial Auto, CitiFinancial Mortgage or any other Citigroup business.

The company also believes the data has not been compromised and that none of the tapes contained details of CitiFinancial network customers in Canada or Puerto Rico.

"We are making every effort to ensure that our customers are aware of what we are doing and what we suggest they do to protect their identity. We are committed to ensuring that our customers have the support they need to monitor their credit and know how to respond should they identify any problems," added Kessinger.

Last week, the Japanese arm of investment firm UBS apologised for losing a hard disk that contained confidential data of 15,500 customers.

Continuity Forum Comment

There can’t be many people who haven’t had something ‘lost in transit’, but the experience of Citigroup shows that while mistakes can and will happen. The nature of today’s world means and the desire of media to report new stories means that within a few hours even a relatively minor problem will be seen by potentially tens of millions of people and you can be sure it will affect the way many view the organisation.

In most respects this simple process failure is a day to day occurrence, something lost or stolen, but carrying sensitive information, becomes a story reported widely and needing a measured response form the organisation affected. The clear statement and explanation from Citigroup shows to Customers that there is little on-going Risk to them and that the already strict procedures in place further reduces the Risk to clients.

Another detail that it is important to learn from is the issues was not created directly by Citigroup, rather it was a supplier of core services that was responsible for the loss despite the ‘added measures’ Citigroup had in place. This shows the importance of working with key partners in the Supply Chain to ensure on-going compliance withyour special procedures and to avoid supplier complacency creeping in. Failure to ensure that your policies and procedures are being adhered to can quickly undermine even the best plans and procedures and result in incidents like this or indeed far far worse problems.

Forum Statistic

  •  Fewer than 20% of Global 2000 companies work with their Key Supply Chain Partners to embed BCM and even fewer (7%) regularly include partners in Exercises and Rehearsals despite the knowledge of the risks.

    Ends
    _________________________________

    If you have any comments on this article or would like to find out more about the work of the Continuity Forum please contact Sara McKenna or Russell at the Continuity Forum directly on 020 8993 1599 or info@continuityforum.org

 

Trojan holds PC files for ransom

A unique new kind of malicious threat which locks up files on a PC then demands money in return for unlocking them has been identified. The program, Trojan.Pgpcoder, installs itself on a vulnerable computer after users visit certain websites and then turns files into gobbledegook, holding them to "ransom"

Singapore Standard introduced for Service Providers

Business continuity and disaster recovery fundamentals are strong in Singapore because of its: Strategic geographical location - Free from natural disasters such as earthquakes and typhoons, Singapore is well known as a major financial, transportation and infocomm hub, and is home to more than 7,000 multinational corporations. Many use it as a launch pad to expand into the region.

Communications failure causes widespread disruption

The UK is not alone in facing in facing a new age in terrorist threat, the risks around the world are greater than ever before and it is our responsibility to directly address the real dangers posed Business and residential customers across a wide area of the North West of England suffered the complete loss of both voice and data capability, in most cases for over a week, and a cascade effect was seen with data hosting and call centres located within the affected area extending the effects across Britain and other countries.

Synstar to opens new Thames Valley business recovery centre

Hewlett-Packard, through Synstar, its UK-based business continuity company, is launching a new recovery centre on 25th May, 2005. This new business continuity centre is situated in Reading to serve the Thames Valley area.

The facility will offer in excess of 100 seats and boasts office, IT, telephone and communications facilities, as well as a data centre of over 10,000 sq ft.

India's offshore IT and call centre industry targeted by terror group

Wed, 2005-03-05

Indian police have uncovered plans by a Pakistan-based group to attack companies working in the offshore IT and call centre industry.

Members of the Lashkar-e-Taiba terror group engaged Police in New Delhi in an hour long shoot out resulting in the capture of two and the deaths of three members. Police later raided their base and found information revealing they had visited Bangalore in December to survey software companies as potential targets as well as AK56 rifles, ammunition and over 10kg of the explosive RDX.

UK firms get fresh hacker warning

Organised gangs are using distribution e-mail lists to cleverly engineer mails that look legitimate and relevant.

The Home Office said many of the attacks seemed to originate from Asia.

The warning is aimed at government departments and businesses that are part of the UK's Critical National Infrastructure (CNI).

The government's NISCC works with the CNI so that computer systems which run critical infrastructure, such as telecommunications, energy, and power station networks, are protected.

Biggest security headache just won't go away...

According to a recent poll, employees represent the biggest single threat to any company. And while temps have often come in for stick because of the threat more nomadic staff can pose, especially the sales team, with their eye on business critical data, that really needs to be watched - if only for their own sake. With a combined 33.3% Employee caused issues were the biggest threat feared and this was broken down into Employee error (17.2%)and Malicious Employee behaviour (13.1%) - meaning almost a third of respondents fear the activity, whether intentional or not, of their staff.

Spyware was next up, cited by 27.8 per cent of respondents, with viruses being cited by 20.5 per cent, followed by phishing (11.3 per cent) and hacking (10.5 per cent). Separate research from Unisys reveals that 51 per cent of security managers believe negligent or malicious employees are a significant threat to their business.

Mark Thomas, head of security at Logicalis, said: "One of the biggest problems is that everybody comes into a company on day one, signs the email and internet usage policy and that's the last they think about it."

Many companies have made a rod for their own backs by turning a blind eye to many behaviours which are technically in breach of the rules, he added. And he believes the problem is out of control, with a raft of consumer gadgets and portable storage devices travelling in and out of organisations each day and staff making free with email, IM and their internet access and storing illegal copyrighted files on the network. "If you walked out of your office four years ago with a 40Gb hard drive under your arm you would be arrested but that's exactly what people are doing every day." The problem, especially where companies losing track of their data is concerned, isn't helped by the form factor of increasingly scaled down storage devices. "The mediums are almost impossible to control and they will continue to grow in numbers. So companies have to secure their data."

The far and wide distribution of data outside the organisation also creates problems, said Gary Clark, VP EMEA at encryption specialist SafeNet. The more well-travelled data becomes, on phones, laptops, handhelds, over networks, site to site and on portable storage devices, the greater the chance it will be lost or stolen along the way. But before implementing any measures which will change and limit the way employees can interact with data within the organisation, companies need to make sure staff know why they are doing it, said Logicalis' Thomas. "They need to say, we're not doing this because we're being Big Brother. They need to convey the message as to why security is important and they need to get people to buy in to this."

Thomas added that companies could do worse than start with their sales team. Often the sales team will include the biggest gadget fans who act as their own administrator, he said. They are also frequently the ones with most direct access to business critical data which can be compromised either accidentally or maliciously. "It's the sales guys you need to watch, you need to know if they're emailing all your sales lists to their Hotmail accounts."

END


If you have any comments on this article or would like to find out more about the work of the Continuity Forum please contact Sara McKenna or Russell at the Continuity Forum directly on <b>020 8993 1599</b> or <a href="mailto:info@continuityforum.org">info@continuityforum.org</a>

 

 

MFI hit by IT Failure to the tune of £46m

In a new trading update MFI has now revealed the full scale of the problems estimating that an increased level of refunds has reduced customer orders by £30m since the introduction of the new supply chain systems in March. MFI has also taken a hit with a one-off cost of £16m on additional deliveries and call centre and technical costs resulting from the systems issues. An additional incremental investment of £8m per year will also now be pumped into additional supply chain resources, including staff.

Hosting company customers hit by test failure

In a statement, Redbus reported that they were testing the generators when a fault developed in related switchgear at their Harbour Exchange facility.

It appears as though an electrical component was dislodged during the testing which subsequently caused a short circuit and a switch over to the UPS power supply.

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...