Tips to Make Sure Your Disaster Recovery Plan is Effective

Having access to a quality information technology infrastructure is extremely important for all businesses. If a business suddenly does not have access to its data or systems, it can be very damaging. Because of this, having an effective disaster recovery plan in place is extremely important. There are several tips to follow to ensure your IT disaster recovery plan will be effective and available when you need it most.

Create a Comprehensive Plan

One of the most important parts of disaster recovery is coming up with a disaster recovery plan. This plan should carefully consider the needs of all people in your organization. Because of this, it is important that you include as many people as possible in the process. This will help to ensure that everything that needs to be accounted for is included. You also need to make sure you have a plan for what everyone’s responsibilities are in the event of a disaster.

Be Redundant

When you are completing a disaster recovery plan, you should focus on being redundant with the more significant issues. The last thing that you would want in the event of a disaster is to not have access to your plan because something is not working. Because of this, it would be wise to backup all laptops, backup servers and other data in multiple spots and create a system for checks and balances.

Check the Plan

The most important thing that you need to do is to make sure that you are able to check your disaster recovery plan on a regular basis. Ideally, you should test your disaster recovery strategy at least once per calendar quarter. This will help to ensure that all the systems are in place and functioning properly and that the necessary people properly understand their roles in the disaster recovery process.

Project Management in IT

Software upgrade rollouts. Database and server migrations. Security protocol change implementation. Hardware replacements and upgrades.

At any given time, your IT team is facing a list of projects that need to be completed. (Even more so at smaller companies where the “IT team” is one or two people trying to play catch-up when they’re not wearing one of their other hats.) At times, projects even seem to get added to your to-do list faster than you can cross them off.

Such is the nature of virtually any modern business. Staying current on security, delivering your customers the type of experience they demand, and equipping your employees with the tools they need to succeed requires you to be every bit as proactive about technological upgrades and process improvements as you are about system maintenance and monitoring.

The days when a calendar on your wall and sticky notes on your desk were adequate tools for managing the types of projects your company demands are in the past. Today, if you are going to have any chance of staying ahead of the curve on IT projects (and hopefully, maintain your sanity), you will need to be much more deliberate about your approach, understand how to work on multiple projects simultaneously, understand the proper sequencing for projects, and ensure that you are able to complete these projects in ways that minimize interruptions to your company’s work and your customers’ experience.

There are a myriad of tools designed to help you manage technical projects. There are, of course, classic tools like Microsoft Project, which remains the solution of choice for many companies and is a reasonable standard against which to measure any other potential solution. Other companies have signed large contracts with rapidly-expanding firms offering cloud-based project management platforms to simplify collaborative management and leverage shared data. Other companies embrace open source project management systems and platforms (whether installed locally or in the cloud) to access robust functionality without making a commitment to a single vendor.

No matter what route your company decides to go, it is imperative that you approach technical projects with the degree of intentionality that these solutions are designed to support. Successful project management is dependent on defining a clear scope of work, assigning the necessary resources, carefully and accurately documenting the work that needs to be done and the work that has been done, and following through.

Integrating PowerVC in an IBM i Shop

By Dana Boehler

The speed of business has never been faster. Product release cycles have shrunk to timelines inconceivable in the past. Some fashion retailers are now releasing new product every two weeks, a cycle that historically only happened 4-8 times a year, and certain retailers even have product available immediately after it is displayed on the runway.

The demand for immediate insight into the state of sales numbers, ad campaigns, and other business functions has made the continuous aggregation of data commonplace. And if those factors weren’t pressure enough, the threat of ever-evolving security hazards is generating mountains of updates, code changes, and configuration adjustments — all of which need to be properly vetted before entering a production environment.

All of this activity needs to run on infrastructure that administrators like ourselves must manage, often with fewer coworkers to assist. Thankfully, for those of us running IBM i on IBM Power Systems, IBM has provided a robust cloud management tool that allows us to quickly spin up and spin down systems: PowerVC.

PowerVC allows users to manage existing IBM Power System partitions, create images from those partitions, and deploy new partitions based on those images. More recent versions of PowerVC support IBM i management and deployment (earlier versions did not).

Over the past year, I have been using PowerVC to greatly reduce the amount of time it takes to bring a system into the environment. Typically, creating a new system would take several hours of hands-on keyboard work over the course of a few days of hurry-up-and-wait time. The first time I deployed a partition from PowerVC, however, I was able to reduce that to about an hour, and after more refinements in my deployment, images, and process, I am now down to under 25 minutes. That’s 25 minutes to have a fully deployed, PTF’d system up and running.

The full implications of this may not be readily apparent. Obviously, net new systems can be deployed much more quickly. But more importantly, new modes of development can be more easily be supported. PowerVC supports self-service system provisioning, which enables teams to create their own systems for development, test, and QA purposes, and then tear them down when no longer needed. Since the systems are focused on the task at hand, they do not need the resources a fully utilized environment would need.

There’s more: Templates can be created in PowerVC to give the self-service users different CPU and memory configurations, and additional disk volumes can be requested as well. Post-provisioning scripts are supported for making configuration changes after a deployed system is created. In our environment, we are taking this a step further by integrating PowerVC with Red Hat’s Ansible automation software, which has given us greater flexibility in pre- and post-provisioning task automation.

In practice, using PowerVC removes many of the barriers to efficient development inherent in traditional system deployment models and permits continuous deployment strategies. Using PowerVC, a developer tasked with fixing a piece of code can spin up a clean test partition with the application and datasets already installed, create the new code fix, spin up a QA environment that has all the scripted tests available for testing the code, and then promote the code to production and delete the partitions that were used for development and testing.

You do have to make some changes to the environment in order to support this model. Code needs to be stored in a repository, so it can be kept in sync between all systems involved. The use of VIOS is also required. Additionally, note that when using this type of environment, the administrator’s role becomes more centered around image/snapshot maintenance (used for deployment templates) and automation scripting rather than the provisioning and maintenance of systems.

For full information on the product and its installation, I recommend visiting IBM’s knowledge center.

Guest Blogger

Dana Boehler is a Systems Engineer and Security Analyst at Rocket Software, specializing in IBM i.

Why Should Your Office’s Internet of Things Be Limited?

The Internet of Things (IoT) is taking over everything from home security to personal fitness. It’s even stretching into commercial office spaces. IoT devices offer a lot of remote control and automation, which can help reduce expenses. But they also have their downsides. Here’s why you should limit IoT adoption in your office or make strict policies regarding the devices.

IoT Devices Don’t Have Standard Operating Systems

Programmable tools aren’t traditional computers in the way laptops or even smartphones are. Instead, they have very specific coding that performs a series of functions and transmits the data to your default devices. For example, security cameras can send video footage to a dedicated server, and water or carbon monoxide detectors send the data to the office manager’s phone. But you can only satisfactorily secure the data from one end: the one receiving the information.

Major brands offer consistency, and they are also the brands most likely to integrate seamlessly with your network and main OS in the office. That relative safety is even stronger for must-have office additions like security cameras and access control.

Opening Up Your Network to More Casual Devices Is a Risk

If your company has a BYOD (Bring Your Own Device) policy, then it’s hard to manage full network security under the best of circumstances. But if your coworkers personal IoT devices are trying to hook onto the network (even if they do so unsuccessfully), they could be carrying unknown programs and vulnerabilities. If an outside reader can get a detailed history of what tries to connect to your network, they can learn a lot about your protocols. It’s even worse if a coworker’s personal/business laptop is integrated with their fitness band, home security system, or more. Once a computer accepts a device as ‘trusted’, which is required for syncing for most personal IoT devices, that device has access to everything on the computer. Users just have to hope they don’t have the functionality to do anything with it.

3 Payment Processing Changes Your Company Needs to Make ASAP

Payment processing isn’t a glamorous part of the retail industry, or any industry. But it’s one of the fundamental parts of your business. If you can’t get paid, or if your store can only handle a few different methods of payment, you’re going to lose business. Data security is also a very real concern. If you have even tangential access to credit card information, your company is a tempting target for an online attack (especially if you don’t think you are). While updating your payment processing technology doesn’t guarantee either safety or profits, it can certainly help. Here are three changes you should make.

If Your Store Doesn’t Take Credit Cards, You Are Going to Lose Impulse Shoppers

Impulse shopping is one of the last big advantages that physical stores have that online vendors haven’t quite captured yet. You want people walking into your store on a whim and regular customers buying more than what’s on their shopping list. But if you restrict your payment methods to cash, check, and debit, they might not be able to make purchases. This can devastate return business in two ways. 1. If you posted a sign near the front of your store, new visitors will turn and walk out. 2. If customers don’t find out until they bring their items to the check-out area, they’ll be offended and uncomfortable when they have to walk away. They certainly won’t be back.

If Your Credit Card Readers Don’t Accept Chips, You’re on the Hook

Major credit card companies have been embedding chips on the cards for the past few years. They’re more secure than magnetic strips, and they remove a lot of the burden credit card companies face regarding fraudulent purchases and stolen data. But stores were slow to adapt to the technology and buy new readers. So now the generally accepted norm is that the side who didn’t upgrade their security — either the credit card company not adding a chip or a store not adding a chip reader — is the one who has to deal with the damage.

Your Online Store Should Never Touch Credit Card Information

Unless you’re a major corporation with a team of lawyers and a data compliance team, you don’t need the liability that comes with customers’ credit card information. So reroute your online checkouts through third-party services that focus wholly on safely storing and processing credit card orders. They can keep up with changes in regulations and hacking technology. Also, as more and more small companies make third-party shopping carts the norm, you don’t have to worry about customers’ impressions.

COMMON Memories

Recently Anne Lucas, former President of the COMMON Board of Directors, shared some photos from 1992-1994 with us. Now, we want to share them with you.

If you have any memories of this time period, feel free to share them in the Comments section found at the bottom of this post.

San Antonio

COMMON's Anne Lucas and IBM executive Buell Duncan pose with a four-legged friend in San Antonio.
IBM CEO Lou Gerstner and COMMON's Anne Lucas mingle with the crowd at Opening Session.

COMMON International Meeting

The pictured individuals include Bib Anderson, IBM Liaison, Amiram Shore, COMMON Israel, and Anne Lucas, COMMON.

5 Tips for Working Under Management Unfamiliar with IBM i

By Dana Boehler

Unless you’re working in a very large shop as an administrator on IBM i, you are likely reporting to management that did not come from an IBM i background. This dynamic can be challenging, but there are ways to approach the situation that can lead to a more rewarding experience. Here are a few tips for making this situation work better for you, taken from my own experience. I can’t say I’ve always followed these recommendations, but I can say that things tend to go better when I do.

1. Be Patient

As an IBM i administrator, you’ve spent countless hours learning how these systems work – their strengths, their quirks, and idiosyncrasies. You likely take many of these traits for granted, but it’s important to acknowledge that those who do not have your experience will not. Nor will they necessarily make logical conclusions that you may see as obvious. An example that comes to mind is the many times I’ve been asked by an auditor for the list of database users for our “AS/400”. It may be tempting to tell the requestor, “We haven’t had an AS/400 for over 15 years, and our IBM i doesn’t have a separate database logon for the users!” But that will only make you seem like a curmudgeon. Additionally, if that attitude surfaces frequently enough, management will actively try to avoid you and exclude you from important project discussions that may affect your systems.

2. Be a Teacher

Very little of the opposition you will experience to IBM i is the result of a maniacal plot against the platform. Much of the push back is derived from a lack of understanding of how the systems work and what their benefits are. Taking the time to explain how things work, or better yet, hosting a lunch-and-learn session on an aspect of the system, can go a long way to removing your manager’s and coworkers’ lack of familiarity with the system.

3. Where Possible, Reduce Your Reliance on Jargon

There are many terms that may be misunderstood by a non-IBM i person. iASPs, TCP/IP servers, PTFs, and logical files are all things that someone familiar with the platform would understand, but other administrators may not. Wherever possible use language appropriate to the audience. Your manager may not know what a logical file is, but if they have used SQL they will understand what a view is, for instance.

4. Recommend the Right Tool for the Job

The IBM i platform can perform a multitude of functions, including being an application server, a web server, or even an email server. But what you do with it in your organization should answer to what is right for your business. By recommending solutions involving IBM i only where they make sense, you will foster a reputation as someone who does what is right for your company.

5. Allow Yourself to Learn from the Administrators of Other Platforms

Some of the most interesting things I have done with my IBM i systems were derived by learning from Windows, Linux, and Unix administrators. For example, we migrate non-production partitions at the SAN level using scripts to capture and recreate the HMC profiles, which saves a lot of time. This is a direct result of what I have learned from our non-IBM i staff.

Guest Blogger

Dana Boehler is a Senior Systems Engineer at Rocket Software.

How Can IT’s Analytics Help with Business Forecasting?

In many companies, most departments don’t have a lot of opportunities to communicate to each other. Unless there’s a problem that involves multiple parties, only the department heads are presenting information about changes or trends. But the next time any department needs to work on forecasting, see if your IT experts can help. They have insight into a lot of valuable areas, including:

How Much Your Website Traffic Is Increasing

You need to know how many people are going to your business’s website. While Marketing may have the numbers behind visits generated through ad campaigns, they may not know the metrics behind all of the traffic. Ask your IT department for detailed information about surges in activity. This can tell you a lot about seasonality, how high traffic patterns correspond to or differ from high sales periods, and more.

If Your Technology Is No Longer Up to the Task

Even better, the IT department can tell you when high traffic surges and internal activity leads to network outages. It’s almost impossible to measure the expense of even an hour of downtime, but it can range from the tens of thousands of dollars to millions depending on the size of your company. Factor network expansions, server costs, and hardware updates into your annual budget. You should also account for the increased likelihood of hacks and malware.

How to Make Sense of the Data

Every department uses spreadsheets and data. But most departments don’t have people trained in reading that data outside of the narrow focus of their job. IT professionals, whether they focus on cybersecurity or desktop support, often have to have Excel and MySQL qualifications to get the jobs in the first place. If the raw data doesn’t make sense, turn to IT. They may also have the keys and license codes to the legacy software designed to read it.

IT departments don’t just provide anti-virus software and support. They have access to a wealth of logistical information that your business needs. Make sure they’re included in your major meetings and decisions.

2 Technologies That Will Help Secure Your En Route Inventory

Getting stock on time and in good condition is important. The competition between online vendors and brick-and-mortar stores is getting stronger, and your physical store needs to hold on to every advantage it has. This includes the shopping experience, in which customers can try or interact with items before purchase and the actual purchasing process. Even with one-day shipping, sometimes shoppers need an item immediately. If you’re changing suppliers or transportation companies, look for these two technologies:

1. Sensors That Maintain Internal Quality Control for Pallets

If you sell perishables or fragile products, then you need quality control along every step of the way from manufacturer to storefront. While you may be able to oversee temperature, storage specifications, and careful handling in your own premises, it’s hard to know what happens in the semi-truck trailer. So look for companies that have adopted RFID and sensors that give you or their central headquarters live information about the products’ environments. Even if you can’t see the data directly, any company that takes this extra step is invested in quality.

2. The Precursors of Blockchain Recordkeeping

No one person or entity is handling all of the transportation of your store’s products. Even if you sell locally-made or produced goods, they change multiple hands. Blockchain, a form of shared but unfalsifiable recordkeeping that was popularized with Bitcoin, promises transparency. For example, Product A goes from the manufacturer to a warehouse to a trucking service to your store. There are three stops, with four parties involved. Once the warehouse gets the load, they make a note saying they have received it and the manufacturer confirms. When they hand it to the truck driver, they make another note.  This chain keeps building, and no one can overwrite or change a past entry. Because all prior parties’ computers confirm future entries, you don’t have to worry about lost loads or false records in an audit.

Rapid advances in IT aren’t just changing how your store interacts with customers. It’s also giving you greater control when you interact with suppliers.

Introducing the POWER9 Server Family

POWER9 is here. As many in our community will be looking to upgrade, we want to provide information on what these new servers offer you and your business.

According to IBM, POWER9-based servers are built for data intensive workloads, are enabled for cloud, and offer industry leading performance.

As you have experienced, Power Systems have the reputation of being reliable, and the POWER9-based servers are no exception. POWER9 gives you the reliability you’ve come to trust from IBM Power Systems, the security you need in today’s high-risk environment, and the innovation to propel your business into the future. They truly provide an infrastructure you can bet your business on. From a Total Cost of Ownership (TCO) standpoint, a savings of 50% can be realized in 3 to 5 years when moving to POWER9 per IBM calculations.

When compared to other systems, POWER9 outperforms the competition. IBM reports:

  • 2x performance per core on POWER9 vs. X86
  • Up to 4.6x better performance per core on POWER9 vs. previous generations

Learn more about POWER9 by visiting the new landing page. For more detailed data regarding POWER9 performance, be sure to click on the Meet the POWER9 Family link.

Attending the COMMON Fall Conference & Expo? Be sure to attend the POWER Panel session on POWER9. This will be your opportunity to learn more about the servers from experts.