This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
wiki:policies:disaster [2021/12/05 22:58] kholub |
wiki:policies:disaster [2023/10/03 15:30] kevinkallmes |
||
---|---|---|---|
Line 9: | Line 9: | ||
===== II. Scope ===== | ===== II. Scope ===== | ||
- | Disruptions | + | Disruptions |
===== III. Business Continuity Plan ===== | ===== III. Business Continuity Plan ===== | ||
Line 30: | Line 30: | ||
==== Application Profile ==== | ==== Application Profile ==== | ||
- | ^Name^Manufactuer^Critical? | + | ^Name^Manufacturer^Critical |
- | |AutoLit/ | + | |AWS|Amazon|Yes|Yes|Essential for running AutoLit/ |
- | |AWS|Amazon|Yes|Essential for running AutoLit/ | + | |NPM|Microsoft|Yes|Yes|Essential for building production deployments. In the event of repository outage, dependencies may be transferred from backups via FTP.| |
- | |NPM|Microsoft|Yes|Essential for building production deployments. In the event of repository outage, dependencies may be transferred from backups via FTP.| | + | |PyPi| |
- | |PyPi| |Yes|Essential for building production deployments. In the event of repository outage, dependencies may be transferred from backups via FTP.| | + | |Auth0| |
- | |Auth0| |Yes|Essential for providing authorization & username/ | + | |Stripe| |No|No|Stripe enables pay-on-the-site. Both paying and non-paying users may continue accessing the site in the event of an outage, and payments & subscriptions may be manually managed by the NK team in the event of a long-term outage.| |
- | |Google Suite|Google|Yes|In the event of an email disruption, we will shift to Outlook-based or other email platforms. In the event of a disruption to Google Meets, we will utilize Zoom for video calls. In the event of a document storage disruption, we will utilize Box for storing company documents.| | + | |Google Suite|Google|Yes|No|In the event of an email disruption, we will shift to Outlook-based or other email platforms. In the event of a disruption to Google Meets, we will utilize Zoom for video calls. In the event of a document storage disruption, we will utilize Box for storing company documents.| |
- | |Click Up|Click Up|No|Used for employee and contractor time tracking. If a disruption occurs, we will require manual time tracking| | + | |Toggl|Toggl|No|No|Used for employee and contractor time tracking. If a disruption occurs, we will require manual time tracking| |
- | |Gusto| |Yes|Essential for payroll and benefits.| | + | |Gusto| |Yes|No|Essential for payroll and benefits.| |
- | |QuickBooks| |Yes|Essential for storing financial information.| | + | |QuickBooks| |Yes|No|Essential for storing financial information.| |
- | |Slack| |Yes|Utilized for business communication. If a significant disruption occurs, we will switch instant messaging to the chat application Signal.| | + | |Slack| |No|No|Utilized for business communication. If a significant disruption occurs, we will switch instant messaging to the chat application Signal.| |
- | |GitLab| |Yes|If a temporary disruption occurs, we will employ FTP & patch files.| | + | |GitLab| |
- | |Captable.io| |No| | | + | |Carta| |No|No| | |
- | |Pubmed Entrez API| |Yes|When a disruption occurs, manual and recurrng searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.| | + | |Pubmed Entrez API| |No|No| \\ When a disruption occurs, manual and recurrng searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.| |
- | |Unpaywall| |No|When a disruption occurs, the full text import feature is shown as "Not Available" | + | |Unpaywall| |
- | |HubSpot| |No| | | + | |HubSpot| |
- | |Adobe Creative Cloud| |Yes|(Photoshop, | + | |Adobe Creative Cloud| |Yes|No|(Photoshop, |
- | |Adobe Reader| |No|In the event of a disruption to Adobe Reader, we will switch to Docusign/| | + | |Adobe Reader| |
- | |OBS| |No| | | + | |OBS Studio| |No|No| | |
- | |R Studio| |No| | | + | |Metabase| |No|No|Include sensitive and confidential data.| |
- | | | | | | | + | |Scite| |Yes|Yes|When a disruption occurs, the scite badge no longer displays. | |
+ | |[[http:// | ||
+ | |EuropePMC| |Yes|Yes|When a disruption occurs, manual and recurring searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.| | ||
+ | |DOAJ| |Yes|Yes|When a disruption occurs, manual and recurring searches fail. Upon recovery, our system automatically begins rerunnning scheduled failed searches.| | ||
==== Roles and Contacts ==== | ==== Roles and Contacts ==== | ||
|Name|Title|Role/ | |Name|Title|Role/ | ||
- | |Kevin Kallmes|CEO|Executive decisions; personnel management| \\ [[kevinkallmes@supedit.com|]] \\ | + | |Kevin Kallmes|CEO|Executive decisions; personnel management| \\ [[kevinkallmes@supedit.com|kevinkallmes@supedit.com]] \\ |
- | |Karl Holub|CTO|Technical Lead|[[karl.holub@nested-knowledge.com|]]| | + | |Karl Holub|CTO|Technical Lead|[[karl.holub@nested-knowledge.com|karl.holub@nested-knowledge.com]]| |
- | |Kathryn Cowie|COO|Administrative Support; operational support| \\ [[kathryn.cowie@nested-knowledge.com|]] \\ | + | |Kathryn Cowie|COO|Administrative Support; operational support| \\ [[kathryn.cowie@nested-knowledge.com|kathryn.cowie@nested-knowledge.com]] \\ |
==== Business Continuity Strategies ==== | ==== Business Continuity Strategies ==== | ||
Line 65: | Line 68: | ||
* In the case of the loss of functionality to AutoLit or Synthesis, the CTO will be notified and we will send out a Site Disruption message to all users. The CTO and development team will assess the extent of any lost capabilities and timeline to restoration, | * In the case of the loss of functionality to AutoLit or Synthesis, the CTO will be notified and we will send out a Site Disruption message to all users. The CTO and development team will assess the extent of any lost capabilities and timeline to restoration, | ||
* In the case of the loss of functionality to any other key/ | * In the case of the loss of functionality to any other key/ | ||
+ | * In case of outages, the CEO will email account representatives for customers with a proposed restoration timeline and details regarding the outage. | ||
+ | * Outages will also be communicated on Twitter @nestedknowledge | ||
=== Recession Planning === | === Recession Planning === | ||
- | * Our finances are based on private | + | * Our finances are based on private |
=== Loss of Key Personnel === | === Loss of Key Personnel === | ||
* In the event that Nested Knowledge loses our CTO, we will elevate our head engineer to replace the duties and hire an additional engineer as soon as feasible. | * In the event that Nested Knowledge loses our CTO, we will elevate our head engineer to replace the duties and hire an additional engineer as soon as feasible. | ||
- | * In the event that Nested Knowledge loses our Operations Manager, we will hire an already trained administrative assist to aid with record keeping and financial operations. | + | * In the event that Nested Knowledge loses our COO, we will hire an already trained administrative assist to aid with record keeping and financial operations. |
==== Compliance Statement ==== | ==== Compliance Statement ==== | ||
Line 164: | Line 169: | ||
* Notify employees and allocate responsibilities and activities as required | * Notify employees and allocate responsibilities and activities as required | ||
* Restore critical services within four business hours of the incident. | * Restore critical services within four business hours of the incident. | ||
- | * Recover to business as usual within 8 to 24 hours after theincident | + | * Recover to business as usual within 8 to 24 hours after the incident |
==== Communication and Notifications ==== | ==== Communication and Notifications ==== | ||
Line 174: | Line 179: | ||
=== Contact with Employees === | === Contact with Employees === | ||
- | Managers will serve as the focal points for their departments, | + | Managers will serve as the focal points for their departments, |
=== Personnel/ | === Personnel/ | ||
Line 183: | Line 188: | ||
If applicable, assigned staff will coordinate with the media, working according to guidelines that have been previously approved and issued for dealing with post-disaster communications. | If applicable, assigned staff will coordinate with the media, working according to guidelines that have been previously approved and issued for dealing with post-disaster communications. | ||
+ | |||
+ | |||
+ | ==== Insurance Requirements ==== | ||
+ | |||
+ | As a mitigation of financial risk, legal exposure, data privacy breach, and other key company functions, the company will maintain the following insurance policies: | ||
+ | |||
+ | * General Business / Professional Liability Insurance | ||
+ | * Network Security and Privacy Liability Insurance | ||
+ | * Cyber Crime Insurance | ||
+ | * System Damage and Business Interruption Insurance | ||
+ | |||
==== Finances and Legal Action ==== | ==== Finances and Legal Action ==== | ||
Line 218: | Line 234: | ||
^Author^Date of Revision/ | ^Author^Date of Revision/ | ||
|K. Cowie|11/ | |K. Cowie|11/ | ||
- | |K. Holub|11/ | ||
|K. Kallmes|11/ | |K. Kallmes|11/ | ||
+ | |K. Holub|06/ | ||
+ | |P. Olaniran|10/ | ||
+ | |K. Kallmes|1/ | ||
+ | |||
+ | [[: | ||