Dell Technologies Company’s Disaster Recovery Plan

Dell Technologies Overview: Goals, Objectives, Size, Layout, and Structure

Dell Technologies has been known as one of the leading companies producing computers and computer technologies (Dell Technologies, 2018b). Furthermore, the goals of the firm were changed to more sustainable ones. In a recent update, Dell published its “2020 legacy of good plan” (Dell Technologies, 2018b). The plan includes changing the organization’s strategy toward a more environmentally friendly one, thus, reducing the organization’s footprint (Dell Technologies, 2018c). Therefore, at present, the goals of Dell Technologies include not only succeeding in its target market and attracting new customers but also demonstrating that its technology can be safer and offer extensive options for addressing contemporary environmental issues.

The decision to alter the direction in which the corporate development was geared aligned with Dell’s decision to expand. Over the past few years, the size of the firm has increased significantly. At present, Dell Technologies employs more than 140,000 people (“Dell Technologies: Key Facts,” 2017). Furthermore, Dell’s profits have grown to the stunning $21.9 billion in the fourth quarter, while its cash flow for 2017 amounted to $6.8 billion (“Dell Technologies reports the fiscal year 2018,” 2018). Therefore, the strategy adopted by the organization seems to have been delivering rather impressive results.

The company layout and structure have also contributed extensively to the increase in its profit margins and the rise in its popularity among target demographics. At present, the organization’s layout and structure can be described as privately-controlled ownership (Henderson, 2015). By merging with EMC, Dell built the foundation for its unceasing growth and exploration of new opportunities, including the focus on innovation as its key corporate philosophy (Henderson, 2015). However, when it comes to evaluating the organization’s disaster management strategies, in general, and its Disaster Recovery Plan (DRP), in particular, one has to admit that Dell Technologies could use a better approach toward handling possible damages inflicted by natural or artificial cataclysms.

DRP Policy for Dell Technologies

Disaster Declaration

To address a disaster in a timely and efficient manner, DELL will have to submit a disaster declaration. The latter, in turn, will require a succinct description of the problem and the list of losses that have been taken by the firm. The following sample includes key elements of a disaster declaration for an organization such as DELL.

Company: DELL Technologies (Dell Technologies, 2018a)

Personal data of disaster victims

• Name:
• Address:
• Date of request:

Disaster information

• Possible causes:
• Description:
• Damage made:
• Locations officially defined as the disaster area:
• Date of occurrence:

Costs associated with the disaster

1. Building repair;
2. Equipment and inventory;
3. Transportation;
4. Medical;
5. Funeral;
6. Other (please, specify the type of expenses).

Employee affirmation

• Signature:
• Date:

Authorization

• Disaster Relief Payment ($):
• Date:
• Signature:

The form provided above is bound to help locate the scale of the damage that a particular disaster will have made to an organization. Furthermore, it will serve as the means of safeguarding employees’ interests and protecting their rights by offering them financial support. Finally, the declaration will point to the dents in the current disaster management system and inform further improvements.

Assessment of Security

Vulnerabilities

An overview of the existing dents in Dell’s security will reveal that the lack of technological savvy among staff members should be viewed as the primary reason for concern. Moreover, the absence of interdisciplinary collaboration among employees can be regarded as a potential source of security issues. A combination of the identified factors creates an additional leeway for cybercriminals to use key attack vectors such as e-mail attachments, pop-up windows, etc.

Confidentiality

The confidentiality of data processing, in its turn, can be considered one of the key advantages of Dell’s security system. Because of a well-protected system of data management, the organization retains the levels of information confidentiality high. Dell has a rigid non-disclosure policy, which prevents information leakage through the members of the organization, as well.

Controls

The fact that the control over the data management is rather loose in the organization shows that Dell Technologies could benefit from an enhanced strategy for information management. Although the current levels of loyalty among the staff members, which are maintained high because of a well-developed leadership framework, can be interpreted as the sign of rather high-security levels, it would be appropriate to introduce more rigid controls to the organization’s design.

Security Technologies

The technologies deployed at Dell are up-to-date and meet the latest requirements for information safety. The elaborate authentication and user verification system prevents intruders from stealing corporate data. Therefore, the identified aspect of Dell’s security management can be defined as good.

Protection Strategy

The adoption of integrated data protection tools can be viewed as one of the aspects of the company’s security system that makes it stand out from the rest. Even though the organization may have overlooked the human factor, its approach toward handling the process of security modernization is admittedly impressive. The use of EMC technologies helps reinforce the efficacy of the strategy (Dell Technologies, 2018c).

Potential Disaster Scenarios and Methods of Dealing with the Disaster

Given the recent resurgence of cyberattacks, there is a high probability of the specified threat being the primary cause of a disaster experienced by Dell Technologies. Therefore, a cyberattack as a possible cause of data loss and the subsequent damage that the organization will suffer in the identified scenario should be recognized as the greatest threat faced by Dell Technologies at present.

To manage the identified issue, one will have to reinforce corporate standards for maintaining security levels high. Particularly, all staff members will have to be instructed about avoiding downloading malware accidentally, clicking on fishing sites, etc. As a result, the instances of data leak will be avoided successfully.

Apart from the threats associated with cyberattacks, one will also have to consider the possibility of a natural disaster. To ensure the safety of the members of Dell, the company will have to instruct employees about the course of actions to be taken in case of a natural disaster. For instance, the staff must be aware of the locations of emergency exits, the means of reducing the levels of panic, and the strategies for keeping themselves safe in the instances of fire, earthquake, etc.

Disaster Recovery Procedures

To address a disaster, Dell Technologies will have to reinforce collaboration between the team of plan development experts, the members of a response technology team, and network administrators. Afterward, the state of the network infrastructure will have to be assessed based on the most recent reports. IT and DR plans will have to be considered closely to determine the degree of damage and the further course of action.

The assessment of key vulnerabilities of the system must follow the step mentioned above. Based on the information provided in the reports, the teams will have to determine the course of actions that must be taken to ensure the safety of all stakeholders and the restoration of the company’s assets (“Dell Technologies unveils new IoT Vision,” 2017). The procedures for responding to critical outages will have to be deployed to reduce the level of risks to the stakeholders involved.

As soon as the capabilities of the emergency response are determined and the critical IT systems are assessed, Dell will have to focus on the maintenance processes needed to restore the destroyed elements of its infrastructure. Finally, the maintenance process will have to commence. Upon finishing the restoration process, Dell will need to assess the outcomes.

Incident Response Team (IRT) Charter

Executive Summary

At present, Dell’s disaster management framework could use improvement. Because of the lack of awareness, the company may fail to provide an adequate response toward a cataclysm. An Incident Response Team (IRT) will help provide a timely and reasonable response, thus, securing the lives of Dell’s employees and helping it take less damage.

Mission Statement

The mission of IRT is to ensure the safety of Dell’s stakeholders. By evaluating existing risks, IRT will guard the company members and create an environment in which their well-being can be maintained. Thus, IRT will protect Dell’s employees and prevent any accidents that can occur on its premises during a disaster.

Incident Declaration

Incidents must be declared within the next two hours after their occurrence. This measure will help reduce the impact of a catastrophe and localize it successfully. Afterward, the IRT will have to establish a channel for incident communication.

Organizational Structure

The organizational structure of the team will have to be fairly simple to reduce the response time and ensure the efficacy of IRT members’ actions. The IRT in question will have to consist of an Incident Response Manager (RM), Security Analysts (SAs), and Threat Researchers (TRs). The identified team components will serve as the building blocks for enhancing Dell’s security.

Roles and Responsibilities

In the context of the structure suggested above, the actions of each team member will have a direct effect on the choices that will be made by the rest of IRT. RMS will set goals and assign responsibilities to IRT members, SAs will define the levels of a threat, and TRs will determine the presence of specific threats. Although the suggested framework might seem very simple, it will help reduce the chance of miscommunication and contribute to interdisciplinary collaboration (Kapucu & Hu, 2016).

Information Flow and Methods of Communication

The latest communication tools will have to be used to promote safety within Dell technologies. A corporate network must be created to encourage dissemination of the information about maintaining safety, as well as the actions that must be taken in case of a disaster. Also, staff members must be provided with devices that will help them keep in touch with the members of Dell’s management team.

Methods and Services Provided by the IRT

The IRT to be designed in Dell’s environment will offer data security and the safety of employees. Also, the needs of other stakeholders, including Dell’s clients and suppliers, will be taken into account. Furthermore, a reporting system will be designed.

Authority and Reporting Procedures

To reduce the possibility of a disaster affecting Dell drastically, be it a cyberattack or a natural cataclysm, an efficient reporting process must be created. Reports will be submitted daily and will provide detailed information about the functioning of the company’s systems. Furthermore, an assessment of external threats will have to be provided. Thus, key threats will be avoided.

References

Dell Technologies. (2018a). Business continuity and disaster recovery consulting. Web.

Dell Technologies. (2018b). Dell 2020 legacy of good plan. Web.

Dell Technologies. (2018c). Dell EMC for data protection: Key ingredient in modernization & transformation. Web.

Dell Technologies: Key facts. (2017). Web.

Dell Technologies reports fiscal year 2018. (2018).

Dell Technologies unveils new IoT Vision. (2017). Web.

Henderson, J. (2015). EMC CEO dismisses product disruption as multi-billion Dell merger looms. ARN.

Kapucu, N., & Hu, Q. (2016). Understanding multiplexity of collaborative emergency management networks. The American Review of Public Administration, 46(4), 399-417. Web.