Data Center Assistance Group, Inc.
78-17 164th Street
Flushing, NY 11366
Phone:  (718) 591-5553    Fax:  (718) 380-7322

Disaster Recovery and EDP Security Experience:

Manufacturers Hanover Trust - Computer Risk Management Group, Technical Risk Manager
    As Computer Risk Officer I was responsible for identifying potential losses associated with disaster exposures.  When we realized that we needed to have an alternate site to process critical workloads in the event of a disaster, we formulated the NY Downtown Contingency Group with other organizations in the NYC area (i.e., Merrill Lynch, Chemical Bank, Citibank, etc.).  The requirement to join this group was a 360 model 65 computer.  Merrill Lynch donated floor space and the group configured the first mainframe dedicated to processing disaster recovery job streams.  Unfortunately, this group was doomed from the beginning, because growth within each organization made it almost impossible to keep configurations and required equipment available for all concerned.  As a result of this knowledge, all of the companies decided to create separate recovery facilities for themselves.
    Performed  Physical and Data Security studies and developed Disaster Recovery requirements for our data processing facilities.  Defined the computer and peripheral device requirements needed to support critical workload at remote Disaster Recovery Site.  Identified all data files needed to safeguard workloads.  Established Tape Vaulting procedures to protect data files.
    Once all this information was accumulated, we realized that our hardware leasing firm, Comdisco, had all of the equipment we needed sitting idle at their Carlstadt, NJ location (a site we shared with Comdisco).  We then negotiated with Comdisco to use their equipment at the Carlstadt site in the event of a disaster.  This actually was the reason behind Comdisco's getting into the Disaster Recovery business.

Chemical Bank - Technical Contribution to D/R Planning
    Performed Capacity and Performance Management services and was responsible for Disaster Recovery configuration at recovery site.  Planned data file layouts, calculated data file sizing, and calculated resources needed to support Disaster Recovery facilities.  Was involved with negotiating disaster recovery contract.

Computer  Science  Corporation  audit  of  Midland  Bank  in  England
    Tom  Bronack was recruited to join this team which was chartered to perform an audit of the Midland Bank environment throughout England.  Mr. Bronack's responsibilities included:  MVS Operating System, Communications, EDP Security and Disaster Recovery, Applications Testing, and Quality Assurance.  The project lasted 5 months and resulted in the implementation of Arthur Anderson's Project One Project Management System, improved EDP Security and Disaster Recovery, a state-of-the-art Disaster Recovery Facility with redundant fencing and man-trap truck entrance facilities, along with better job documentation and turnover procedures.  During this project, we reported to the Board of Directors and had to provide monthly status presentations to them.

IBM Business Recovery - Sales and implementation consulting
    Performed Sales for IBM Business Recovery services and brought Chase Bank, Citibank Retail Banking, and Salomon Brothers to IBM as potential clients.  Unfortunately, IBM was not flexible enough to close contracts, but as a result of their loss, IBM asked DCAG to provide an analysis of why they lost deals.  This analysis resulted in IBM developing better sales literature for Business Recovery, an increase in commission for IBM Sales personnel who bring Disaster Recovery contracts to the table, and a better procedure for responding to client Disaster Recovery requests.  Unfortunately, it was too late for me to make a commission on loss deals and I moved on to other assignments.

NY Stock Exchange and SIAC - Systems Programming, EDP Security and Disaster Recovery Planning
    Provided Systems Programming Services to SIAC and NYSE users.  Responsible for Disaster Recovery and EDP Security as well as normal Systems Programming functions.  Implemented first EDP Security program to protect resources. Resolved many outstanding problems and performance flaws while in this position.

RMJ Securities - Risk Analysis and Disaster Recovery Planning
    This project was initially concerned with performing a Risk Assessment of the RMJ Securities trading environment and data processing support structure, but it evolved into an "Electronic Trading" and "Disaster Recovery" planning project.  Manually trading was the norm for RMJ Securities and they were concerned about optimizing performance, safeguarding information, and recovering from encountered problems that may lead to a disaster.  We performed the initial Risk Assessment and located problem areas, that were addressed in the Disaster Recovery Plans that were generated.  Electronic Trading recommendations were developed and presented to RMJ Securities management for later implementation.

United Nations - Embassy Library Management System and Business Recovery
    This consulting project was responsible for two objectives.  The first was to create an online system that would allow the 160 remote locations throughout the world that could access information contained within the United Nations Library and its various online systems and databases.  Once created, these remote sites were connected to the United Nations mainframe environment, thereby allowing them to access UN information directly instead of having to request information and wait for its delivery via ground mail.  After completing this project, we were asked to develop and implement Disaster Recovery Plans for the sites (including such locations as the Atomic Energy Commission, and many UN Office locations both locally and throughout the world).  Plan formats were created and distributed to business locations, where they were completed and coordinated with central site operations.

Docu/Text and Automated Disaster Recovery - Sales and Consulting
    Provided a wide-range of sales and consulting services to the general NYC area.  Services included job analysis, verification, documentation, and turnover.  Integration of job documentation with online viewing services to facilitate ease of use.  Creation of Disaster Recovery Plans and documentation, and the integration of all materials within company support structures.  I made numerous presentations to many companies on Disaster Recovery and Automated Job Documentation, which led to consulting and sales contracts.

European American Bank - Communications Management Controller (CMC) and Disaster Recovery Planning
    Developed a Communications Management Controller (CMC) to perform application load balancing and automated recovery.  When a mainframe was lost, its applications were automatically switched to a secondary mainframe for continued processing.  Since no data was lost (because back-end data bases and files were connected to all mainframes and unaffected) the user connection could be re-bound (Physical Unit was customer's Terminal and Logical Unit was Application) and the outage appeared transparent to the end-user.  Single point of failure problems related to the communications system were eliminated via Netview (an IBM product).  We were able to developed "canned" Netview Recovery Routines that were activated when specific failures occurred.  These routines were activated to vary failing components off-line, vary secondary units online, re-bind the communications session, and generate trouble reports to dispatch technicians to correct problems.  Through these procedures and products, it was possible to catch problems as they occurred, take corrective circumventions, and log failures automatically, all without severe interruptions to business operations and mostly transparent to end-users.

American International Group (AIG) - Audit Department Disaster Recovery Plan
    Developed and implemented Disaster Recovery Plan for the EDP Audit Department of AIG.  Performed this service for three years in a row by updating plan as needed.  Trained Audit Department personnel on the recovery plan operation, support, and maintenance procedures.

ADP Disaster Recovery Plan (Brokerage in Roseland and Proxy in Deer Park, LI)
    Provided Disaster Recovery Plan development for major ADP locations as part of the consulting assignment that DCAG performed to merge the ADP Proxy Services organization with Independent Elections Corporation of America.

Chase Manhattan Bank (2000 Marcus Avenue) Disaster Recovery Plan (multiple sites)
    Developed procedures for validating and documenting job streams in relationship with migrating data centers from 2000 Marcus avenue to 1985 Marcus Avenue.  In the process of implementing this procedure, Disaster Recovery and EDP Security procedures were developed and implemented as well.

Citibank (Retail Banking Division) Disaster Recovery Plan
    Implemented Automated Job Turnover via Docu/Text and Endevor and documented and trained staff on products.  Also provided Electronic Vaulting and Periodic Vaulting services by working with the Systems Programming group to implement bulk data transfer and online system Log file transfer procedures.

Lehman Brothers in NJ - Audit, Standards & Procedures Manual, Disaster Recovery Plan
    As part of a Standards and Procedures project, DCAG implemented Job Standards, Help Desk, Network Control Center, Operations Control Center, and Crisis Management procedures, along with Disaster Recovery and EDP Security standards.  Developed and implemented complete Standards and Procedures Manual for Lehman MIS Department.

Alternate Site Supplier Study to eliminate "Single Point of Failure" conditions
    This study was initially performed for 111 Eight Avenue and was responsible for providing alternate communications suppliers to building tenants.  The goal of the project was to license a secondary communications provider to deliver communications lines to an alternate entry point to the building.  Client communications was split between the two suppliers (without changing phone numbers) to half their exposure to a communications outage.  As a result of this project, building tenants were provided with a higher degree of safety against communications failures related to the vendor or the physical entry point of communications to the building.  The clients did not have to pay increased rates for communications services in order to achieve this goal.  The building management firm was able to profit from this project by serving as billing agent for the phone company, receiving over $200,000 per year from the arrangement.   After performing this study for 111 Eight Avenue, we performed the same study for other clients (including General Motors building at Fifth Avenue in NYC).

Automated Disaster Recovery utilizing Docu/Text and Endevor
    By incorporating the Docu/Text and Endevor products, it was possible to automate the job turnover process on mainframe computers.  This process worked in multiple steps by first utilizing Job/Scan (a Docu/Text module) to verify that jobs adhered to standards.  If successful (condition code 0), then the Endevor job step was used to move components from test to production.  Docu/Text was used to define the components included within the Disaster Recovery job stream.  The use of these products resulted in productivity enhancements and a higher quality of recovery planning.

Security Pacific Risk Asset Management - division Creation for Security Pacific
    Developed a separate division within the Security Pacific organization to provide Disaster Recovery services to the general community.  This division was responsible for providing Disaster Recovery and EDP security functions to the NY City Security Pacific locations and outside clients within the general NYC area.

Zurich Depository Corporation (ZDC) - Disaster Recovery Planning consulting and Vaulting Services
    Sold Vaulting services to NYC area clients.  Also provides consulting services to Zurich clients.

Automated Vaulting - Electronic Vaulting (Mirroring / Shadowing) and Periodic Vaulting (online systems)
    DCAG was one of the first companies to utilize Electronic Vaulting via Network Data Mover (NDM) and Bulk Data Transfer (BDT) products for Electronic Vaulting.  Periodic Vaulting was integrated within online systems like CICS, through Triggers relating to the number of records sent to Log files or Timer Pops.  Whenever these thresholds were reached, the Log File was switched, de-allocated, and its records sent to the alternate site (where they were merged with the Old Master file).  These procedures provided a higher level of protection to Business Critical data and facilitated both real-time and rapid recovery procedures.

Integrating Disaster Recovery Plans with Help Desk to activate Recovery Plans as needed:
    Since Disasters are no more than problems that affect critical business components and upset business operations, it stands to reason that Disaster Recovery Plans be integrated within the Help Desk, so that when problems are reported and/or escalated, the corresponding Disaster Recovery Plan can be activated.  To accomplish this goal requires that Production Turnover and Change Management procedures be modified to include Disaster Recovery Planning for critical applications.  DCAG consulting accomplished this process for many of its clients.

DCAG Disaster Recovery Consulting Services including:
    Business Impact Analysis (BIA) or Risk Assessment (RA) studies to determine exposures and define recovery plan requirements;  Data Sensitivity Studies; Vital Records Management; Disaster Recovery Plan creation; Crisis Management and Help Desk procedures; Standards and Procedures creation and documentation; and Training.

Sandoz Pharmaceutical Corporation - Vital Records Management, Tape Library Audit, and Disaster Recovery Review.
    This consulting project was responsible for migrating multiple data centers into a single facility.  As part of the project, it was necessary to review the existing Disaster Recovery and Vital Records Management process, so that business and regulatory requirements could be adhered to going forward.  To accomplish these goals, a complete review of existing EDP Security and Vital Records Management guidelines was conducted - including an audit of the local, offsite, and remote tape vaults.  As a result of this study, EDP Security Guidelines were enhanced, Tape Library Management and Vaulting procedures improved, Disaster Recovery Planning optimized and connected to Help Desk operations so that when problems became disasters appropriate recoveries were initiated.

Send mail to bronackt@dcag.com with questions or comments about this web site.
Copyright © 2001 Data Center Assistance Group, Inc.
Last modified: 03/18/04