Re: DISASTER PLAN


On Sep 10, 2009, at 10:29 PM, Jill Bonino wrote:

I think all of this discussion is great and I would like to start collecting it into a proposal to be presented at the Nov Board Meeting...As an aside, when I worked for the Los Angeles Police Credit Union in the early 90's as their Internal Audit Manager, I wrote and supervised our CU's plan. It got tested in the 1994 Northridge quake just before I left work.

For all of the following key operating areas of AIS, will the Chair of each position send me briefly the following:

1. Current software using for data storage/operation (Word, Excel, Quickbooks, whatever). Do you have a backup for your software? If so, what is it?

Irisregister: Excel, Fetch (any FTP program would do ) FileMaker Pro

Website: Dreamweaver, Photoshop (any web-management and image- management software would do

aisboard.org: Excel, Fetch (any FTP program would do )

AISLookup: web browser




If your files and data are not computerized, how are they organized and do you keep duplicate paper copies somewhere?

2. Do you currently have another storage site/mechanism for your area's information and describe it. This could be as simple as keeping AIS records on a separate memory stick or CD that you keep at your house..

Irisregister: Local Aux hard drive for account records, online service provides commercial B/U of database

Website: Local Aux hard drive, online service provides commercial B/ U of database

aisboard.org: Local Aux hard drive for account records, online service provides commercial B/U of database

AISLookup: online service provides commercial B/U of database



3. Do you use John Jones' FTP system? If so, how often do you load new updated data?

No need


4. Do you have another person designated as a backup for you should something happen to you?...For Example, Cheryl Deaton is my backup as Treasurer and has the passwords and bank account information for access to AIS in the event of an emergency... If you do not currently have someone else as backup, please look for one between now and the Nov Board mtg.

No


5. How often do you update your master files of information..For example, does the MemSec update the membership database each month, bi-monthly, quarterly?

Daily


6. Please suggest what you think would be a good backup plan for your area that could be implemented no later than 6 months from now.

In Place


7.  Estimate any costs of implementing your area's backup plan.




Membership Secretary
Storefront
Registrations
Affiliations
Exhibitions
Awards
Recording Secretary
Iris Programs--Slides and CDs
Judges
Library


I realize that Electronic Services is in a world of its own...I hear about web sites "crashing"...John, what often causes a website to "crash" and do we have security in place to safeguard against this?

Websites fail for various reasons: Server failure, Denial of Service attacks, Hacking

Aside form technical failures which are managed and corrected by the hosting service(s), it is unlikely that we would have a failure from hacker attacks (we are inconsequential). Hosting services provide security

Is this being integrated into our new website design?

As above.

Also, Is the iris register database on FTP and how often do you update this?

The database itself is updated via FTP generally 2-3 times a year depending on how often I get an update from the Registrar.


The same question would go for register users and their passwords...

The account information for access to the database is updated as individuals subscribe or renew. For my own ease of service I maintain a record of all correspondence with subscribers and an Excel file of IDs payments, email addresses and expiration dates. Backed up as above

John, what other safequards should we be thinking about electronically?

The problem is multifaceted comprising the following issues:

Our officers, chair persons, administrators etc have varied capabilities with computers. Some will be able to use an FTP program with little help, others may find it difficult to use some of the automatic services (no slight intended to anyone)

May of the online automatic backup services charge on a per system basis (although many of our data backup requirements are minimal enough to qualify for the free service). I have signed up for the free GetDropBox service and am investigating how best to use it.

If people are using one of the online free services, then there should be some central repository of IDs and Passwords for someone else to recover the data should something unforeseen happen to the originator.

The policy is only as good as how effectively people adhere to it...

John


With this information and some follow up questions, I can draft a relatively short Plan to be sent around to everyone for feedback prior to the meeting in Tulsa.

Jill

-----Original Message-----
From: Robert Pries <robertpries@embarqmail.com>
Sent: Sep 10, 2009 12:56 PM
To: aisdiscuss@aisboard.org
Subject: Re: [AISdiscuss] DISASTER PLAN

Kitty you are of course correct. Procedures, policies and protocols are only as good as how well they are used. If they are never really formulated, written out, and accepted, there is little chance they will be communicated by anyone. Disaster planning is for a worst case scenario, but just the normal transfer of duties from one individual to another in this organization is often lacking any guidance. It is interesting that we all are highly competant individuals who in our professional environments deal with transitions and protocols in professional ways but when we take on responsibilties within our "beloved" hobby we seem to forget much of what we know.

----- Original Message -----
From: "K. Loberg" <iris.loberg@comcast.net>
To: aisdiscuss@aisboard.org
Sent: Thursday, September 10, 2009 12:35:26 PM GMT -05:00 US/ Canada Eastern
Subject: Re: [AISdiscuss] DISASTER PLAN

Thank you John for doing this, and reminding everyone of this off site
backup.
I don't see this issue being a huge issue of establishing policy... many
policies just get broken, lost, forgotten...
I see it as a bigger issue of Training. No policy in the world is going to
happen without instructions/training,
and leadership to encourage the implementation to happen.

John already has set up the off site location, and a simple FTP method to
upload the files.   I use an FTP
for my stuff all the time, it is simple. He probably has his instructions
from before, perhaps
they need some enhancements and a cover letter sent out to explain... but in
any event they
just need to be distributed to everyone again, mentioning the importance,
and encourage all to do so.
Thanks again John!

Kitty Loberg

----- Original Message -----
From: "John I Jones" <jijones@usjoneses.com>
To: <aisdiscuss@aisboard.org>
Sent: Wednesday, September 09, 2009 1:26 PM
Subject: Re: [AISdiscuss] DISASTER PLAN


Some years ago I set up (free)  FTP sites for the Treasurer,
Secretary, and Membership Secretary use as off site backup locations.
(actually I think I offered anyone that wanted it the capability)

I don't know if they are being used. Using an FTP process requires a
utility program to manage the uploading and many of them are
available for free. But the discipline has to be in place to maintain
the backup.

There are also services available (mostly for a fee) that will
automatically backup files.

The Lowes periodically send me a copy of the registration database to
use with irisregister, but as often as the registration changes, it
should be backed up on a daily basis.  Part of the problem with the
Registrar informationis that the Lowes have a slow internet
connection which makes sending large files problematic.

A policy would not be difficult to create.

How about "Every AIS Officer, Administrative Officer,  Director,
Committee Chair,  and paid position will maintain an off site backup
of all AIS information.
(I admit to, and apologize for, being a little flip here but you get
the idea)

Having a policy is one thing. Having people adhere to it is another.

John


On Sep 9, 2009, at 12:25 PM, Rita Gormley wrote:

Obviously, we need feedback from our Electronics Chair because the
"offsite
backup technology" has made great advances in recent years.  For
not a big
cost, there are storage sites that will take all kinds of files
( MemSec uses
FileMaker Pro as does Registrar I think, Treasurer uses Quickbooks
etc).

AIS does need to have a "written policy" for backup of important
information
that would cause a Disaster if lost.  Each of us probably has our
individual
"plans" doing consistent backup but if there was a central offsite
storage, it
would be much better.

Rita Gormley

--- On Wed, 9/9/09, Robert Pries <robertpries@embarqmail.com> wrote:


From: Robert Pries <robertpries@embarqmail.com>
Subject: [AISdiscuss] DISASTER PLAN
To: "AISdiscuss" <aisdiscuss@aisboard.org>
Date: Wednesday, September 9, 2009, 12:51 PM


Redundancy Memo: Disaster Plan



B

An organization the size of AIS should have a disaster plan.
Redundancy in
some positions is one way of coping. Another is back-ups of
critical data.
What if The Lowes were struck by a meteorite. do we have a back-up
of the
checklists off site. What if California had their great earthquake
is there a
copy at another site of our financial records. What if the memberships
chairbs house burned down do we have offsite a copy of membership
records.
What if the exhibitions chair went into a coma from a car wreck,
etc etc. B
It seems to me we are vulnerable as an organization if we donbt have
suitable back-up and redundancy policies that are outlined and
maintained. T
HIS SHOULD BE SOMETHING WE COULD WORK OUT BEFORE THE BOARD MEETING.

-------------------------------------------------------------------- -
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

-------------------------------------------------------------------- -
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

---------------------------------------------------------------------
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

---------------------------------------------------------------------
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

---------------------------------------------------------------------
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

---------------------------------------------------------------------
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/

---------------------------------------------------------------------
To sign-off this list, send email to the AIS Secretary
<aissecretary@irises.org>
The archives for AISDiscuss are at:
http://www.aisboard.org/lists/aisdiscuss/



Other Mailing lists | Author Index | Date Index | Subject Index | Thread Index