1 / 18

Disaster Recovery, Business Continuity, and Organizational Policies

Disaster Recovery, Business Continuity, and Organizational Policies. Chapter 19. Objectives. Describe the various ways backups are conducted and stored. Explain different strategies for alternative site processing. Describe the various components of a business continuity plan.

aleda
Download Presentation

Disaster Recovery, Business Continuity, and Organizational Policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Disaster Recovery, Business Continuity, and Organizational Policies Chapter 19

  2. Objectives • Describe the various ways backups are conducted and stored. • Explain different strategies for alternative site processing. • Describe the various components of a business continuity plan. • Explain how policies and procedures play a daily role in addressing the security needs of an organization.

  3. 2.5 Compare and contrast aspects of business continuity • Business impact analysis • Removing single points of failure • Business continuity planning and testing • Continuity of operations • Disaster recovery • IT contingency planning • Succession planning

  4. 2.7 Execute disaster recovery plans and procedures • Backup / backout contingency plans or policies • Backups, execution and frequency • Redundancy and fault tolerance • Hardware • RAID • Clustering • Load balancing • Servers • High availability • Cold site, hot site, warm site • Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives

  5. Disaster Recovery Organizations face a variety of disaster scenarios. Disasters can be caused by nature or manmade events. Disaster recovery plans consider all types of organizational disruption. Different disruptions will require different recovery strategies.

  6. Disaster Recovery Plans (DRP) / Process DRPs intended to minimize disaster impact. Defines the data, resources, and necessary steps to restore critical organizational processes. Planning process, initial phase: Consider needed resources to perform the company’s mission. Identify critical functions.

  7. Disaster Recovery Plans / Process (continued) Initial phase yields the business impact assessment (BIA). Continued planning includes: Outline of processes and procedures to restore an organizations critical operations Prioritized according to criticality for restoral

  8. Business Continuity Plan (BCP) Focuses on continued operation of a business in extenuating circumstances. Stronger emphasis placed on critical systems. Will describe the functions that are most critical, based on a previously conducted BIA. Will describe the order in which functions should be returned to operation. Describes what is needed for the business to continue to operate.

  9. Backups Critical part of BCP and BRP Provides valid, uncorrupted data for restoration Good backups include all needed files Applications, operations systems, and utilities

  10. What Needs to Be Backed Up? • Data • Application programs • Operating systems • Utilities for the hardware platform • Personnel, equipment, and electrical power must also be part of the plan. • Backup plan should back up the files that change more often than the files that do not chance much.

  11. Backup Strategy Backup considerations Size of the resulting backup Media used for the backup How long backups will be stored Four types of backups Full, differential, incremental, delta

  12. Backup Types Full backup All files copied onto the storage media Differential backup Files that have changed since last full backup Incremental backup Files since last full or incremental backup Delta backup Portions of files changed since last backup

  13. Alternative Sites Should be considered in BCP / DRP Three types of sites: Hot site: Fully configured environment that can be operational immediately Warm site: Partially configured, lacks more expensive computing components Cold site: Basic environmental controls but few computing components

  14. Utilities Power failures may disrupt operations UPSs provide enough power to allow systems to be shutdown gracefully. Backup generator may be necessary for sustained power needs.

  15. Cloud Computing Allows for the contracting of functions like e-mail and file storage to third parties Can be more cost effective but also comes with inherent risks Oct 21, 2012 Amazon Cloud outage June 29, 2012 Amazon Cloud outage

  16. High Availability and Fault Tolerance High availability is the ability to maintain availability during disruptive events. Fault tolerance is the mirrored system that takes over if a fault occurs. Single point of failure is the point in a critical operation that would cause the entire operation to fail if it failed.

  17. Incident Response Policies and Procedures Several phases should be covered in an incident response policy: Preparation Detection Containment and eradication Recovery Follow-up actions

  18. Chapter Summary • Describe the various ways backups are conducted and stored. • Explain different strategies for alternative site processing. • Describe the various components of a business continuity plan. • Explain how policies and procedures play a daily role in addressing the security needs of an organization.

More Related