Writing A Business Continuity Plan

by admin on October 3, 2007

When I took over the system administration duties at Printcraft, the previous sys admin did not leave on best of terms, which happens sometimes.

He also left no site documentation, which happens a lot. For some strange reason, many sys admins don't believe in site documentation. So when they leave, chaos often ensures. It's probably no coincidence that there is sometimes a tense relationship between the plant manager and the chief system administrator. Actually, a lot of times they hate each other. But let's not get into that right now.

It took me a number of months to write up the Business Continuity Plan for Printcraft, but that was one of the promises I made to the owner when I took on this job. If you don't have a BCP done up at your plant, feel free to use mine as a template. Note, if you want the original MS word document, give an e-mail.

1. Purpose of this Document

1.1 Introduction Your Company, a printing company based in Your Town, somewhere, has a significant investment in digital pre-press workflow including a number of pieces of hardware and software. There is a significant need to document the layout and system configuration of the IT infrastructure for two main reasons:

1. New hires or turnover in the IT department

2. Emergency or catastrophe ranging from infection of a computer by a virus to theft of equipment to loss of facilities in a fire or flood.

1.2 Background Information Your Company is a small to medium size offset printing business based in Burnaby BC. It has X-X number of staff, X presses and relatively new Lotem Quantum CTP device.

It can be divided into three main sections: the front office, the digital pre-press (CTP) room, and the press area. The majority of computer server and other critical pieces of hardware are based in the CTP room.

Your Company has undergone significantly expansion and turnover in the last year, with a number of new systems put in place, hence the need for this document.1.3 Sponsor and other Stakeholders John Doe, as owner of Your Company, is the sponsor of this document and any projects that are authorized because of the contents of this document.

Other stakeholders are listed here:

1. Jane Doe, as partner to John in Your Company Solutions. In David’s absence or incapacitation, it is assumed that she act on his behalf as owner.

2. Billy Doe, as pressroom manager, manages the day-to-day operations of the Your Company pressroom, CTP room, and bindery. It is probable that he would assume more operating duties in John Doe’s absence.

3. Fred as system administrator for Your Company.


1.4 Scope of Work To Be Provided
In the section “Environment,” for every section of Your Company (office, CTP room, pressroom), there shall be a description of the hardware and software as it pertains to the day-to-day operation of the business. The description shall include:

1. Network name of the computer

2. Hardware Specifications including operating system.

3. Software loaded on the system.

4. Any important password and licenses.

5. Role of the computer/hardware in the day-to-day operation of the business.

In the section “Recovery Plan,” there will be a description of various levels of disasters that can occur, as well as an explanation of what should be done in each section of Your Company in each particular case.

1.5 Scope of Work to be Excluded Comments or advice on how to deal with expansion of the business

Business strategy; advice on cost savings or attractive investments.

Recommendations on training or body of knowledge transfer to any stakeholders besides John Doe.


2.
Environment (Description of the IT Infrastructure)
2.1 Office Section There are X PCs and Y printers located in this section. Description follows:

1. OfficeComputer1

This is a HP PC with Windows XP service pack 2. It has a 3.0 GHz CPU and 512 megs of RAM. The OS serial number is xxxxÉ..

Software loaded on this computer is as follows:

Filemaker 8.5 Pro serial number # xxxxÉ

Acrobat 5.0

Microsoft Office Suite serial # xxxxÉ

Quickbooks 2007 serial number # xxxÉ

2. OfficeComputer2

This is a HP PC with Windows XP service pack 2. It has a 3.0 GHz CPU and 512 megs of RAM. The OS serial number is xxxx.

Software loaded on this computer is as follows:

Filemaker 8.5 Pro serial # xxxxx

Microsoft Office Suite serial # xxxxxxx

3. EceteraÉ.. 4. Xante Copier

This colour copier has an IP address of 192.xxx.xxx.xxx5. Not Important Computer Fred uses this Windows XP workstation for mail and monitoring of Filemaker Pro database. This is a 3.4 Ghz with 512 megs of ram. There are no programs on this system that cannot be quickly reinstalled (Filemaker Pro 8.5, Microsoft Outlook)

2.2 Press Section There are two computers in this section but only one is configurable and available on the network. The press-dedicated PC workstation is out-of-scope for the purpose of this document Description of the PC

1. InkprofileWorkstation – A Windows 2000 workstation with SP1. 64 megs of RAM.

The administrator account is guarded with the password XXXXXX This is a workstation provided by XXXX that runs proprietary software that processes and sends ink profile information to the press. An independent vendor who is the subject matter expert on this station would be

John Smith 555-555-5555

Note that he is based out of Toronto.

Note that the PC that runs the special software has some hardware customization, especially with regard to the input/output ports. In the case of hardware, we can expect significant downtime. This should not result in downtime of the press, however the pressmen will have to create inkprofiles manually.

2.3 CTP (Pre-Press) Section 1. PrinergyServer

Accounts with administrator privileges: Administrator password xxxx and monkey password xxxxx

This is a Dell server with 4 CPUs rated at 2.33 GHz and 3.2 gigs of RAM. It is loaded with Windows 2000 sp4 license # xxxxxx. The RAID has a capacity of 408 gigs and the system drive (40 gigs) is mirrored.

Loaded on this system is Prinergy 4.0.2, protected by a hardware dongle. The site # is xxxx and Your Company is under a maintenance contact (for parts only) with the Kodak response centre.

The server also runs the Print Controller application that operates the Lotem Quantum. Note that in the case of an emergency, this software can be loaded onto an another PC (however the PC must have a SCSI card installed if the you wish to drive the Lotem with 1-bit TIFFs)

Other software loaded on this server is Adobe Acrobat 8.0.

Downtime of this server would result in loss of CTP platemaking ability thereby causing a full stop in production.

2. PresstekServer The administrator account has the password xxxxx.

This is a Dell workstation that drives the Presstek CTP. The only application that runs on this system is the Print Controller software. Loss of this workstation would lead to loss of small platemaking capability. However, the Lotem Quantum is capable of imaging small plates so the loss of this workstation should not lead to halt in operations.

3. Virtualserver1 The administrator account uses password xxxxx (or XXXXX).

This is a virtual server running on one of the Ubuntu servers (called “server”) . The operating system loaded on the server is Ubuntu 6.06. VMware is the virtualization software that allows other operating systems to run on top of the Ubuntu OS.

This server runs the application that processes CIPS 3 files from Prinergy and transforms them into data files that can be read by the inkprofile workstation. The application is called PCC and runs automatically, processing and moving the files by way of hot folders.

The executable to re-install the software is backed up. The license key is xxxxx.

To run automatically, the PCC software needs a configuration file with an extension of *.bse. The current .bse file is stored in the platefolder of the PCC application folder and is called May29th_inkprofile.bse.

4. Virtualserver2 The administrator account uses password xxxxx (or XXXXX). The Filemaker pro database file has password xxxxx by user John Doe.

This is a virtual server running on one of the Ubuntu servers (called “server”) . The operating system loaded on the server is Ubuntu 6.06. VMware is the virtualization software that allows other operating systems to run on top of the Ubuntu OS.

This server runs the Filemaker Pro database application that allows for the scheduling and billing of jobs in the shop. Loss of this server and database would have a very negative effect on productivity of the shop. However, note that recovery of the database would lead to partial recovery as one of the client workstations could act as a temporary server.

5. Ubuntuserver The master account that is used to log on is “server” with password xxxxx.

This is the second of the blade servers. The operating system is Ubuntu 6.06 and it runs two applications. The first is the ftp server, accessible by the address ftp://Your Company.dnsdojo.com and the account used for access is user password xxxx.

Note at present that to access the ftp site, your browser or ftp client must be in “active” mode not “passive” (the default value for most browsers/clients).

To start, stop, or restart the application, you need to open up a terminal window in Ubuntu and enter this command:

Sudo /etc/init.d/vsftpd stop OR

Sudo /etc/init.d/vsftpd start OR

Sudo /etc/init.d/vsftpd restart

You may be asked for a password which is “xxxxx”

The second application is the central backup application called backuppc. It is accessible by any web browser in the shop http://xxx.xxx.xxx.xxx/backuppc. The password is xxxxxx.

To add a new server to the backuppc application for backup, you have to open up a terminal window on the Ubuntuserver and edit the hosts file for backuppc.

Sudo /etc/backuppc gedit hosts

Password: xxxxx

To restore files on a computer, note that you have to enable the backup operator account to have write access to the PC volumes. That to say, backuppc uses a backup operator account to read files from each of the PCs. But to restore files to a PC, you have to give the backup account temporary write access.

This server also hosts the Your Company web site www.Your Company-solutions.com, in the www folder of the Apache directory.

6. Kodak_epsoncontroller

This Dell Optiplex acts as proof controller for the Epson 9800. As well as being driven automatically by Prinergy, in case of emergency it can rip and print PDF files directly.

Loss of this server would negatively affect the productivity of the shop, as we could not print colour contract proofs.

Special note about this server. There is no monitor attached to the server. The print controller application is manipulated by Mac client software loaded on the G5s. To manage the queues, no account/password access is needed. To administer the controller, you need access by entering password “xxxxx”

8. Toolserver

The administrator account on this PC has the password xxxxx.

A Windows 2000 server with 2.0 Ghz processor and 512 megs of RAM, it runs one application called “Di-Write.” This program, by means of hot folders, takes in 1-bit Tiffs from Prinergy and converts them into format that can be read by the Presstek workstation.

There are no install disks for the application Di-Write if the PC fails. However, the system is regularly backed up by backuppc.

9. AppleServer The administrator password is xxxxx. You may have to log in as “admin.”

This is a Mac blade server that has a 1 Ghz G4 processor with 256 megs of RAM. It is running OS 10.4 Tiger. It has two volumes, the Appleserver hard drive and the Mirror volume, a 120 gig hard drive that contain customer data. The directory “PCS jobs” is backed up to a Firewire drive on a weekly basis. Prinergy jobs are also zipped and archived to the Firewire drive.

Loss of this server will lead to loss of access of customer files. In this case, the Firewire drive should be connected to one of the other mac workstations in order to access customer files.

10. Mac The account used to access this computer is Your Company and the password is xxxxx.

This is a G5 Macintosh with a 1.8 GHz CPU and 1.25 GB memory, serial number YM441EPRQYT. The OS X version is 10.3 (Panther). Serial number of software packages are stored in the appendix.

Software loaded on this computer is as follows:

Abode Creative Suite 2 (Illustrator, Photoshop, Indesign and GoLive)

Acrobat 7 with Pitstop 7 loaded

Microsoft Office Suite

Preps 5.2 (Prinergy floating license activation)

Proofer Client for Epson

QuarkXpress 6.5 upgraded from 6.1

Prinergy Workshop

Extensis Suitcase Fusion.

Cyberduck (ftp client)

The purpose of this computer is a pre-press production workstation. It is one of two Macs that are configured to process customer files that are not PDFs.

11. Mac2

The administrator password is xxxxx. The administrator account name is John Doe.

This is a G5 Macintosh with a 1.8 GHz CPU and 2 GB memory, serial number. The OS X version is 10.4 (Tiger). Serial numbers for the following software packages are recorded in the appendix.

Software loaded on this computer is as follows:

Abode Creative Suite 2 (Illustrator, Photoshop, Indesign and GoLive)

Acrobat 7 with Pitstop 7 loaded

Microsoft Office Suite

Preps 5.2 (Prinergy floating license activation)

Proofer Client for Epson

QuarkXpress 6.5 upgraded from 6.1

Prinergy Workshop

Extensis Suitcase Fusion

The purpose of this computer is a pre-press production workstation. It is one of two Macs that are configured to process customer files that are not PDFs. Users of this workstation are: John and Fred.

12. D-Link Router

The router is accessible by any web browser in the shop, using address http://192.xxx.xxx.xxx. A log-in window will come up and the username is xxxx and the password is xxx. Note that the router servers as the DHCP server, meaning it assigns IP addresses to all the PC and IP-enabled devices in the shop. The router assigns addresses from 192.168.xxx.xxx to 192.168.xxx.xxx. Note that the Prinergy server and the ftp server have been assigned static IP addresses of 192.168.xxx.xxx and xxx respectively.

13. Epson Wide-Format Proofer

This inkjet printer is connected to Kodak_epson PC by way of USB cable. It is usually assigned a IP address of 192.168.xxx.xxx but it also has a host name of EPSON.

Configuration and operation of the printer is done through a client application that is installed on the two mac workstations. To enter administrator mode on the client application, the password is XXXX.

14. Ricoh Printer

The black-and-white copier has an IP address of 192.168.XXX.XXX and the print queue for it is set up on the Prinergy server.

15. Bizhub Colour Copier

The colour copier has an IP address of 192.168.XXX.XXX and the print queue for it is set up on the Prinergy server.


3.
Recovery Strategies
3.1 Introduction There are broadly three different types or levels of disasters that can occur to IT infrastructure of Your Company, with each level indicating increased severity. The first level can be classified as accidents happening to individual server or workstations with the organization, the second level denoting accidents or occurrences affecting a large number of PCs, and the third level indicates a disruption involving shutdown of the plant. Note that even in a level-one emergency, production can be seriously disrupted if the server in question provides a critical function.

3.2 Level One An individual workstation can be affected by an operating system crash, infection by worm or virus. Downtime can be estimated to be anywhere between 1 hour and one day. Stakeholders to be informed at the Level one stage include the system administrator and possible the owner(s) if the PC affected is on the critical path.3.2.1 Office Section 1. OfficeComputer1

In the case of an OS crash, the workstation will have its OS reinstalled from a Windows XP OS CD, with the license key copied from the case of the computer. Filemaker Pro will be re-installed from the CDs stored in the filing cabinet.

In the case of a hardware failure, the workstation will be sent back to servicing from the vendor where it was bought.

2. OfficeComputer2

In the case of an OS crash, the computer will have its OS reinstalled from Windows XP OS CD, with the license key copied from the case of the computer. Then backup will be restored from backuppc, accessible by http://xxx.xxx.xxx.xxx backuppc. User account is backuppc and password is xxxxx. If the Simply Accounting software has to be reinstalled, then the CD is located on the bookshelf in the southwest corner of the room

In the case of hardware failure, the workstation will be sent back to servicing from the vendor where it was bought.

3.2.2 Press Section 1. L640

In the case of an OS crash, the computer will have its OS reinstalled from Windows NT CD and then backup will be restored from accessible by http: xxx.xxx.xxx.xxx./backuppc. User account is backuppc and password is xxxxx.

In the case of hardware failure, the following vendor will be contacted and asked for advice:

John Smith 555-555-5555

Note that he is based out of Toronto and he is an independent consultant.

Note that in the case of hard driver or power supply failure, it may be possible to disconnect the computer and have it serviced by an independent computer dealer.

3.2.3 Pre-Press Section 1. PrinergyServer

This system should not be affected by a virus attack as it is protected by Norton Anti-Virus software. In the case of a hardware failure, the Creo response center should be notified and they can assist in software recovery. Note that the data files are on a RAID and the system drives are mirrored, so all files should be recoverable in the case of a hard-down situation. If not, then it has been agreed beforehand that we will NOT attempt to restore the Oracle database, but simply recreate jobs from archives.

The Creo response centre is available 24 hours a day at 1-800-472-2727 and our site # is xxxxx.

2. Kodak_epsonprintcontroller Loss of this workstation means we cannot operate the Epson proofer. In the case of a either an OS failure or hard-down situation, the Creo response centre should be notified and they can take steps to inform Dell that the hardware needs to be serviced and then they can take steps to re-ghost the workstation afterwards.

The Creo response centre is available 24 hours a day at 1-800-472-2727 and our site # is xxxxx.

3. 2000server1 This is a virtual server installation and should not be subject to an OS crash or virus attack. The server installation is located on one of the two blade servers located in the northeast corner of the pressroom. The Ubuntu network name is server. In the case of hardware failure, the Filemaker pro database can be restored from the backuppc software.

Backuppc is accessible by http://xxx.xxx.xxx.xxx/backuppc. User account is backuppc and password is xxxxx.

Any one of the client installations of Filemaker Pro on the office computers can serve as the temporary Filemaker Pro server until the blade server is either fixed or replaced.

4. 2000server2 This is a virtual server installation and should not be subject to an OS crash or virus attack. The server installation is located on one of the two blade servers located in the northeast corner of the pressroom. The Ubuntu network name is server. In the case of hardware failure, the PCC configuration file can be restored from backuppc, as well as the installer for PCC and finally the license key.

Backuppc is accessible by http://xxx.xxx.xxx.xxx/backuppc. User account is backuppc and password is xxxxx.

PCC generates the inkprofiles for the press and it is not critical that this functionality is restored right away.

5. VPN_Ubuntu The second of the blade server houses the backups for all the other mission-critical servers and the ftp-site. As it runs on Linux, it is not subject to an OS attack. If the hardware fails, then the backuppc application should be installed on the other blade server as well as the ftp software.

The ftp software is called ‘vsftpd’ and is available for free download from the internet. Backuppc is free as well.

The hardware can be sent out to be serviced at any PC store, as the servers were bought privately.

Note that due to ongoing security issues with the Ubuntu ftp server (ie it’s too secure), we have moved our ftp server to Toolserver.

6. Presstechserver This is the workstation that drives the Presstek CTP device. In the case of a software failure, then the OS should be reinstalled and backups recovered from backuppc.

Backuppc is accessible by http://xxx.xxx.xxx.xxx/backuppc. User account is backuppc and password is xxxxx.

Note that while we have a service contract with Presstek, they have shut down most of their local office and most support is located in Toronto. In the case of a serious hardware failure, we shall move our small platemaking to the Lotem Quantum.

8. AppleServer This is the Mac blade server that holds all the working files that have not been converted into Prinergy jobs. It runs no applications. The files located on the mirror hard drive are backed up onto a USB hard drive on a weekly basis. In the case of hardware failure, the USB hard drive should be attached to one of the other Mac workstations and made accessible.

10. Mac1 In the case of an OS crash, the clone image files are located on the AppleServer hard drive of the Apple server. The disk images can be recovered by using the application “Carbon Copy” a free utility.

In case of hardware failure, the workstation will be dropped off at the Apple Store and arrangements will be made for a rental workstation from same if downtime is more than 2 days.

11. Mac2 In the case of an OS crash, the clone image files are located on the AppleServer hard drive of the Apple server. The disk images can be recovered by using the application “Carbon Copy” a free utility.

In case of hardware failure, the workstation will be dropped off at the Apple Store and arrangements will be made for a rental workstation from same if downtime is more than 2 days.

12. Router (and Cable Modem). In the event of hardware failure, the router can be replaced with a consumer level version available at XXXXX as a temporary measure. For a permanent replacement, a decision should be made as to buy an expensive corporate level router or to repurpose one of the Mac workstations, use of the apple server licenses and install routing software.

Once you replace the router, you need to configure the DHCP settings to allow IP addresses to be assigned from a range of 192.168.xxx.xxx to 192.168.xxx.xxx. You must also allow the following ports to be UNBLOCKED in order for the ftp server to accept connections:

Port xxx. Xxx. Xxx.

13. Epson Wide-Format Proofer

In the case of mechanical breakdown, the coast paper representative should be contacted and arrangements should be made for a visit by a technician.

14. Ricoh Printer, Bizhub Colour Copier

Both these printers are leased from Smith’s Copier Service, phone number 555-555-5555

15. Xante

Bought from XXXX, parts and servicing are done by members of the Your Company group.

3.3 Level Two Accidents, break-ins, natural disasters such as flooding, may seriously damage the IT infrastructure but leave the press intact and therefore the plant may continue operations. Therefore it is useful to determine beforehand which PC servers and workstations must be recovered immediately, which services are highly desirable to restore and which workstations are optional.3.3.1 Critical PCs/equipmentThe following pieces of equipment must be restored before the plant can resume operation.

1. Prinergyserver

2. One of the two Mac workstations, either Mac1 or Mac2

3. The data files on the Appleserver drive, or the backup on the USB hard drive, or the weekly backups kept off-site. This also includes the font directories.

4. Any one of the colour printers: Xante, Epson, or Bizhub.

3.3.2 Mandatory PCs/equipment The following pieces of equipment must be restored within a period of 48 hours of the plant resuming operations. Failure to restore the following will result in a serious loss of productivity and/or financial penalties.

1. Filemaker Pro server (more importantly, the Filemaker Pro database)

2. Quickbooks workstation

3. One extra workstation dedicated solely for e-mail.

4. Epson Colour Proofer

5. Router

3.3.3 Optional Pieces The remainder shall be restored on an as-needed basis, at the discretion of the owner.

1. Remainder of the printers/copiers.

2. Inkprofile server.

3. Presstek workstation and Toolserver.

4. FTP and backup server

5. Remainder of the front office computers

3.4 Level Three A level-three disaster occurs when the presses are down for the foreseeable future. It is expected that only a major natural disaster such as fire or earthquake could trigger level three.

In the event that Your Company Solutions can lease or borrow printing facilities and continue operations, the following is a list of items that should be salvaged from the old facility (if possible).

1. USB drive attached to mirror server or even the Apple blade server. If both are destroyed, then the USB drive stored off-site will have to be used as the repository of the customer files.

2. Any of the Mac workstations. If both have been destroyed, then the CD collection in the filing cabinets in the pre-press room should be recovered if possible.

3. Recovery of the Filemaker Pro and Quickbos databases, currently being stored at Amazon’s storage services. The Access keys are available through John Doe’s Amazon Web Services account.

4. In the unlikely event that the pre-press is unaffected by a disaster, then it is recommended that none of the computers be moved and that Prinergy is set to generate one-bit tiff files that can be sent off-site to feed the loaner press

4. Project Issues This section covers all other information that is pertinent to site configuration and business continuity planning for Your Company Solutions.

4.1 Open Issues At this point in time, all off-site backups are done manually to a USB hard drive that is then taken off-site on a weekly basis. That is to say, there is no automated backup programme put into place. An exception to the above would be that the Filemaker Pro and Quickbook databases are stored on Amazon’s S3 service.

We have not yet backed up the Oracle database from Prinergy off site.

There is no working plan with regard to the inkprofile server if it suffers from hardware failure.

With regard to a level three disaster, no arrangements have been made to lease press time from another printer, therefore Your Company Solutions is not ready to recover from a level 3 disaster.

4.2 User Documentation & Training This document is the master document for Your Company with regard to IT infrastructure and disaster planning. Out of this document, it is proposed that a number of smaller document be created. The list follows:

1. Executive summary (basically a 2-3 page document that describes this document). Suggested title “What to do in an emergency” or something like that. DONE

2. Skills set or knowledge base for system administrator position at Your Company. DONE

3. Labels attached to each of the workstations and servers. DONE


9. Terms of Acceptance

This document has been delivered to Your Company Solution Ltd by Blue Butterfly Corp. No liability is assumed by Blue Butterfly Corp. with regard to contents of this document.


Comments on this entry are closed.