1 / 75

Texas MultiValue User Group – June 2009

Mark Pick – Vice President Reality Mark Fuller – Reality Development Gail Lawrence – Customer Development. Texas MultiValue User Group – June 2009. AGENDA. Welcome – Mark Pick Is your data safe and secure? Mark Fuller Web Services – Mark Fuller. Who is Northgate?.

palmer
Télécharger la présentation

Texas MultiValue User Group – June 2009

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mark Pick – Vice President Reality Mark Fuller – Reality Development Gail Lawrence – Customer Development Texas MultiValue User Group – June 2009

  2. AGENDA • Welcome – Mark Pick • Is your data safe and secure? Mark Fuller • Web Services – Mark Fuller

  3. Who is Northgate? You might remember….. Microdata McDonnell Douglas Dick Pick – circa 1973 ……..All part of Northgate’s history! Slide 3

  4. Reality Yes. It’s the REALITY you remember. But much more. Slide 4

  5. Continuous Enhancements REALITY V1.0 First commercial PICK release 1974 REALITY V7.2 Last proprietary O/S release 1990 Reality X V2.0 First UNIX release 1992 Reality X V5.0 Last UNIX (only) release 1996 Reality X V8.0 First Windows NT release 1998 Reality V9.0 Windows 2000 Support 2001 Reality V9.1 AIX, Linux, Sockets 2002 Reality V10.0 GUI Admin, Rapid Recovery 2003 File System, 2TB database, SQL View, Foreign Database Reality V11.0 Auto File Sizing, GUI Spooler, Databasic from English 2004 Reality V12.0 Web Services, XML Parser Fast Backup and Restore 2006 Reality V14.0 Data Encryption at Rest, DR 2007 Reality V14.1 Case insensitivity D3 flavor 2009 Slide 5

  6. About Northgate Reality the first commercial Multivalue release (1974) 38 years + experience (company established in 1969) 07/08 revenue of $1.1 billion Company worth $2 billion Approximately 8,000 staff 46 locations worldwide Head Office: Hemel Hempstead, UK Slide 6

  7. Northgate has three major divisions Northgate HRis the specialist HRS division of Northgate Information Solutions. We are the UK and Ireland’s leading supplier of HR, Payroll and Pensions software solutions and services to all market sectors. Moorepay is Northgate’s small HR & Payroll specialist division. Northgate Public Servicesis the number one provider of community justice technology solutions. Our task is to enhance public sector value through the intelligent use of information technology and to share in the economic and social benefits that this brings. Northgate Managed Services provides infrastructure solutions to organisations across the public, private and not-for-profit sectors, and specialist ICT managed service solutions in education, local government and utilities. Reality Slide 7

  8. Reality Core Characteristics Proven, Industrial Strength, Standards-Based Database Exceptional Resilience and Recovery No loss of data Rich, Web-Enabled Application Development Tools Exceptional Interoperability Excellent MultiValue Compatibility Slide 8

  9. Heritage with a Future Back to Reality Where are we going? The sky’s the limit! Future Continual development and commitment to the Reality product and to MultiValue. Third Party Vendors DesignBais MITS Sierra Bravo

  10. Why Choose Reality ?

  11. Questions?

  12. Is Your Business Safe and Secure? Mark Fuller – Reality Development Team

  13. Introduction • Investigate what is meant by the terms Disaster Recovery & Business Continuity Plan • What is a disaster? • What is their effect? • What techniques can reduce the risk? • How can Northgate’s Reality Help?

  14. What is disaster recovery? (DR) is a coordinated activity to enable the recovery of IT/business systems due to a disruption. • DR can be achieved by • Restoring IT/business operations at an alternate location, • Recovering IT/business operations using alternate equipment, • Performing some or all of the affected business processes using manual methods.

  15. What is Business Continuity Planning? BCP - All encompassing term covering both disaster recovery planning and business resumption planning. • Set of procedures for sustaining essential business operations while recovering from a significant disruption. • This umbrella term also refers to other aspects of disaster recovery • Emergency management, • Human resources, • Media or press relations, • Building Control

  16. Disaster Recovery & Business Continuity • Business Continuity/Organisational Resilience has gained in importance over the last five years. • Interest & Focus is at International Level • UK - Civil Contingencies Act 2004 & National Risk Register 2008 • NFPA1600 (North America), HB221 & HB292 (Australasia), • 2008 saw the launch of a new BSI Standard (BSI 25999) • Insurance Companies now take ‘preparedness’ into account • Weather in particular has shown events happen • Pandemic – hot topic • Organisations have become more complex, more reliant.

  17. Which one is a potential disaster and may cause you to implement your DR/BCP plan or parts of it? • Security Breach • Dishonest Member of Staff • Stolen Data • Stolen/Loss of Computer System • Loss of Service • Fire/Flood/Tornado/Earthquake/Explosion etc. • Hardware Failure • Complete server failure • Disk Crash • Network failure • Power fail

  18. Security Breach - Impact • Incident Cost • Management time • Operational effort • Legal Compliance Issue • Breach of Data Protection Act • Breach of HIPPA • Breach of Contract • Reputation • Negative press attention … seen as a ‘blunder’ • Are we a ‘safe pair of hands’?

  19. Security Breach - Examples Cost $500,000! ID theft concerns over Eden Project stolen laptop IT Pro UK – Fri, 15 Jun 2007 12:45  ...identity theft. The laptop was looked after by an employee of XXXXXX , a company the Cornish tourist attraction uses to handle its payroll .  UK Chancellor admits HMRC lost 25 million people's data Alistair Darling says taxman lost disks containing the detailed child benefit information of 25 million individuals Cost potentially billions! (Compensation up to $600 per record, total 15 billion (UK)

  20. Security Breach - Examples 94% of large enterprises Had a security breach within the last 12 months 40 Million Credit card numbers stolen from TJX Hotel chain falls victim To 14,000 data-stealing incidents

  21. Database Security • Is your Database secure? • Can you control access? • By user, location, time or type of connection? • Can you detect inappropriate access? • Do you know who is accessing your database and when?

  22. Database Security – Reducing the Risk • MV Account Based Security • Many users share the same user name and password • Advantages • Simple to Administer • Disadvantages • Can’t identify individuals • Hard to Audit • Difficult to tell if the security has been compromised • Passwords are difficult to secure

  23. Database Security – Reducing the Risk • User Based Security • Each user has unique user name and password • Advantages • Simple to Administer • Can Identify the individuals • Auditable • Individuals can change their passwords • You should be able control how often, length and password history • Disadvantages • Identities can be conveyed to others or commandeered by others

  24. Database Security – Reducing the Risk • Location Based Security • Extends User based security • Limit individuals to pre-defined locations • Individuals can have multiple security profiles • Dependent on their location • Disadvantages • Have to define acceptable locations

  25. Database Security – Reducing the Risk • Time Based Security • Extends User based security • Logins are restricted to defined time periods • Advantages • Tighter control of User based security • Pre-defines allowable login times per user • Disadvantages • Have to define acceptable time windows

  26. Database Security – Reducing the Risk • Server Based Security (linked to user based security) • Allows same user different access rights to different services (Remote File, Web, SQL) • Advantages over User based security • Server processes can have different security profiles than associated users • Disadvantages • Have to define more access rights

  27. Database Security – Using Reality • Reality is used in security critical systems • Police, Government, Health, Military • Supports • Account Security • User Security • Location based security • Time Based • Server Based

  28. Data Security • Is your Data secure? • Can you prevent un-authorized access to the information on your media? • Disk & Tape • Can you control access to the data? • You may want to give file access but not the ability to understand the data

  29. Data Security– Reducing the Risk • Encrypt any data leaving site • Advantages • Protects backups held off-site • Disadvantages • Managing the encryption keys

  30. Data Security– Reducing the Risk • Data stored in an encrypted form • Data Encryption at Rest • Advantages • Protects data at source • Transparent to the application • Disadvantages • Possible performance implications • Need to manage the keys

  31. Data Security– Using Reality’s Data Encryption at Rest • What is it • Transparently encrypts the data written to your database and any other media • Access Management • Defines who is allowed access to encrypted data • Secure Management of encryption keys • Advantages • Selectively limits access to sensitive data

  32. Sometimes the worst does happen … Northgate HQ, Boundary Way, Hemel Hempstead, UK6 am 11 December 2005 Loss of Service

  33. Loss of Service- Entire Regions May Be Vulnerable Northeast Power Blackout August 2003

  34. Loss of Service- Nature is full of surprises Primary Data Center New Orleans DR Site Houston Katrina August 29th 2005 Rita September 24th 2005

  35. Loss of Service - Impact • Incident Cost • Management time • Operational effort • Contractual SLA’s • Breach of Contract? • Reputation • Negative press attention … • Are we a ‘safe pair of hands’? • Loss of business • Companies that aren’t able to resume operations within 10 days of a disaster are not likely to survive’ (source: Strategic Research Institute, Jan 2002.). • ‘Problems with IT cost small and medium enterprises (SME’s) £100 billion in lost turnover each year according to the London Business School. Computer crashes are estimated to cause losses of £31 million each year.’

  36. Loss of Service - Causes • Loss of: • Data • Hardware • Network infrastructure • Site • Business! • Forced to cease trading and wind company up! • Staff! • May lose key staff members

  37. Loss of Service – Reducing the Risk • Business Continuity & Disaster Recovery Planning • Put a BCP & DR plan in place & above all test it! • Some things to consider • Emergency Management Team • names, numbers, meeting venues, con. call numbers • Business Recovery Actions • an ordered list of the actions to be taken by the EMT • Site Details • site plan, departments, services delivered, key suppliers, tenants • IT Recovery • the site's IT facilities, switchboard lines, DR arrangements for these • Office Space Recovery • teams on site, contacts, numbers, alternate office locations • Site Management • site protection, salvage, security and safety • Support Services • from HR, int/ext communications, finance, property & security • Longer Term Recovery Actions • the task of returning to "business as usual"

  38. Loss of Service – Reducing the Risk • Resilient Hardware • Duplicate key hardware components • Disk Mirroring • Redundant power supplies, processors etc. • Redundant Networks • Hot Swappable Components • Advantages • Quick recovery • Little Admin • Disadvantages • Can still cause the system to fail and need to be restored • Only protects individual machines

  39. Loss of Service – Reducing the Risk • Regular backups (Offsite!) • Backup key data to removable media Tape, Disk • Advantages • You do have a copy of your data • Can be kept offsite • Disadvantages • Media deteriorates over time • Slow! • Costly! • Only protects individual machines

  40. Loss of Service – Reducing the Risk • Resilient File System • Journaling file system, allows the file system and database to recover to the last completed transaction when the machine unrepentantly stops • Advantages • Recovery can be to last completed transaction • Can be very quick to recover • Disadvantages • Additional load on system • Relies on storage devices being intact

  41. Loss of Service – Reducing the Risk • Hot standby systems • Second machine is maintained as a near real-time copy of the live running system • Advantages • No loss of service • Disadvantages • Normally ‘closely coupled’ – Requires real time data link • Can still lose both systems • Additional hardware costs

  42. Loss of Service – Reducing the Risk • Remote Hot Standby systems • A remotely hosted machine is maintained as a near real-time copy of the live running system • Advantages • Data copied off-site at the end of each transaction • Off-site machine can be ready to run • Disadvantages • Dependant on external communications link • Requires a communications link which can handle the throughput of the system • Can be costly – depending on options taken

  43. Shadow Database Heartbeat Transaction Logging Unprotected Database Failsafe Gateway Gateway Data Data Data Logs Logs Primary System Secondary System Heart Beat Automatic Switch Manual Switch Failsafe Manual Switch Shadow Hardware Replay Logs Transaction Logging Hardware Data Restore Replay Logs Unprotected Hardware Data Restore Re-key from last restore Service Restoration Time Loss of Service -Reality Resilience

  44. Reality Environment Remote standby system(s) Reality Environment Reality Environment Reality Failsafe Environment or Standalone System Loss of Service - Reality Automated DR • Maintains remote disaster recovery systems • Further extends resilience options to support: • Remote hot backup systems • Operation over slow or intermittent communication links • Sourced from one or more machines • Secured up to the last completed transaction

  45. Loss of Service - Fast Backup and Recovery • Backup & Restore your Database at near Media Speed • Backup while the system is still in use • In practice ‘near media speed’ is estimated to be up to 30 times faster than the current logical backup. • ‘Point in time’ backup • Examples • MOD • from 4 days to 9 hours • Wolseley • from 2 hours to six minutes (50GB)

  46. Loss of Service – Using Reality • Reality Supports • Fast backup & Restore • Backup & Restore your database at ‘media speed’ • Journaling • Rapid Recovery • If hardware survives crash, quickly recovers database • Offline backup databases • Shadow Database • Stored on same machine, separate offline disks • Hot backup standby systems • Failsafe & Heartbeat • No loss of service • Automatically switches to secondary system • Remote Disaster Recovery systems • RealityDR • Low Cost, Offsite system kept up to date in real time

  47. Conclusion • Plan in advance • Create Business Continuity & Disaster Recovery plans (NOW) • Be aware of the Risks • Security Breach • Loss of Service • Data, • Hardware, • Network infrastructure, • Site, Business, • Staff!

  48. Conclusion • Deploy techniques to mitigate those risks • Security Methods • Database Security • Data Security • Protect Your Service • Resilient Hardware • Regular backups • Resilient File System • Hot standby systems • Remote Hot Standby systems • Move to Reality • Northgate and Reality have the tools to protect your business

  49. Thank You Questions?

More Related