1.21k likes | 1.24k Views
Lesson 19-Disaster Recovery, Business Continuity, and Organizational Policies. Background. Many things disrupt the organizational operations. For example, the Web site can be unavailable because of a storm or an intruder. Chapter Nineteen. Background.
E N D
Lesson 19-Disaster Recovery, Business Continuity, and Organizational Policies
Background • Many things disrupt the organizational operations. • For example, the Web site can be unavailable because of a storm or an intruder. Chapter Nineteen
Background • This book focuses on avoiding the loss of confidentiality or integrity due to a security breach. • Availability is discussed in terms of specific events, such as Denial-of-Service and distributed Denial-of-Service attacks.
Background • Many things can disrupt the operations of an organization. • Neither your clients nor your employees care if your Web site is unavailable because of a storm or an intruder. • The site is unavailable.
Objectives • Upon completion of this lesson, the learner will be able to: • Describe the various ways backups are conducted and stored. • Explain strategies for alternative site processing. • Describe the components of a business continuity plan. • Explain how policies and procedures play a daily role in addressing the security needs of an organization.
Disaster Recovery Disaster Recovery • Plans/Process Backups • Utilities • Secure Recovery • High Availability and Fault Tolerance • Computer Incident Response Teams • Test, Exercise, and Rehearse
Disaster Recovery • Natural and human disasters can halt organizational operations for some length of time. • Just like other threats to systems and networks, the events are not specifically aimed at an organization.
Disaster Recovery • How to prepare for a disaster and how plans to mitigate the disaster dictate how long operations are disrupted. • These events do not happen often. • It is more likely that business operations will be interrupted due to employee error.
Disaster Recovery • A good disaster recovery plan prepares an organization for any type of disruption.
Plans/Process • A disaster recovery plan (DRP) defines the data and resources necessary and the steps to take in order to restore critical processes. • Physical resources • Computer hardware and software. • Personnel • Organizations need somebody who knows how to run the systems that process critical data.
Plans/Process • To create the BIA (Business Impact Assessment), answer the following questions for all critical functions: • Who is responsible for the operation of this function? • What do these individuals need to perform the function? • Where will this function be performed? • When should this function be accomplished? • How is this function performed (what is the process)? • Why is this function so important or critical to an organization?
Plans/Process • The other component is the Disaster Recovery Plan (DRP). • The DRP needs to be approved by management. • It is essential that they buy into the plan.
Plans/Process • A good DRP includes the processes and procedures needed to restore an organization and ensure continued operation. • The specific steps required to restore operations should be documented. • They should be reviewed and exercised on a periodic basis.
Plans/Process • Exercising disaster recovery plans and processes before a disaster helps discover flaws or weaknesses in plans.
Categories of Business Functions • Categorize the various functions an organization performs to develop a BIA and a DRP. • This categorization is based on how critical or important the function is to a business operation. • Those functions that are the most critical should restored first. • The DRP should reflect this.
Categories of Business Functions • A categorization scheme divides functions into these categories: • Critical • The function is essential for operations and without the function, the basic mission of the organization cannot be accomplished. • Necessary for normal processing • The function is for normal processing, but the organization can do without it for a short period of time (such as for less than 30 days). • Desirable • The function is not needed for normal processing. It, however, enhances the ability to conduct its mission efficiently. • Optional • The function is nice to have. It does not affect operations.
Categories of Business Functions • Understanding how long an organization can survive without the specific function. • If the function is needed immediately, it is critical. • If the organization can do without it for 30 days, it is necessary for normal processing. • If the organization can do without the function for more than 30 days, but it is a function that should be accomplished when normal operations are restored, it is desirable. • If the function is not needed and no subsequent processing will be required to restore this function, it is optional.
Categories of Business Functions • If the function does not fall into any of the categories because it does not really affect operations, it falls into a category not mentioned yet. • Get rid of it • Consider eliminating this function
Business Continuity Plans • The plan to continue organizational operations is business continuity plan (BCP). • It focuses on the continued operation of the business or organization. • The focus of a disaster recovery plan (DRP) is on continued operation after a disaster.
Business Continuity Plans • A BCP emphasizes the critical systems needed to operate. • The BCP describes the functions that are most critical. • This is determined by the BIA. • The BCP often describe the order in which functions should be returned to operation.
Backups • Backups are key to BCP or DRP • Hardware and storage media failure leading to corruption of critical data is a source of disaster. • The strategy should consider • How frequently should backups be conducted? • How extensive do the backups need to be? • What is the process for conducting backups? • Who is responsible for ensuring that backups are created? • Where will the backups be stored? • How long will backups be kept? • How many copies will be maintained?
Backups • Backup provides valid, uncorrupted data in the event of corruption or loss of the original file or media. • Depending on the type of organization, there may be legal requirements for conducting backups that will affect the factors mentioned previously.
What Needs to Be Backed Up • Backups are thought of in terms of the data that an organization relies on to conduct its daily operations. • A good backup plan will consider more than just the data. It will include: • Application programs needed to process the data. • The operating system and utilities that the hardware platform requires to run the applications.
What Needs to Be Backed Up • The DRP should also address other items related to backups such as: • Personnel • Equipment • Electrical power
What Needs to Be Backed Up • Somebody should have an understanding of the operation of the critical hardware and software used by the organization.
Strategies for Backups • The size of the backup and the time required to conduct the backup must be considered since both will affect plans such as how frequently the backup will occur and the type of storage media used.
Strategies for Backups • Other considerations for backup strategies include: • Who will be responsible for conducting the backup? • What software and hardware are needed? • Where the backups will be stored? • When will the backups be performed? • How long will the backups be maintained?
Types of Backups • There are four basic types of backups that can be conducted, and the amount of space required for each, and the ease of restoration using each strategy, is outlined below.
Types of Backups • Full backup • All data files, application files and system files are copied onto the storage media. • Restoration is straightforward. • All the files are copied back onto the system. • While this is easy to understand, it may take a considerable amount of time.
Types of Backups • Differential backup • Only the files and software that have changed since the last full backup should be stored. • It implies that periodically a full backup will be done. • The frequency of the full backup versus the interim differential backups depends on the organization and is part of its defined strategy.
Types of Backups • Differential Backup Restoration • Restoration requires two steps: • The last full backup is loaded. • The differential backup can be applied to update the files that have been changed since the full backup was conducted. • The time to accomplish the periodic differential backup is less than a full backup. • If the period of time between differential backups is long, or if files change frequently, the differential backup is like a full backup.
Types of Backups • An incremental backup is a variation on a differential backup. • Instead of copying all files that have changed since the last full backup, an incremental backup copies only files changed since the last full or incremental backup was conducted. • Incremental backup relies on occasional full backups. • After that, only those files that have changed since the last backup need to be backed up.
Types of Backups • Incremental Backup Restoration • To restore a system using this type of backup method requires more work. • Go back to the last full backup and reload the system with this data. • Then update the system with every incremental backup. • The advantage of this type of backup is that it requires less storage and time to accomplish. • The restoration process is more involved.
Types of Backups • The delta backup saves as little information as possible each time you conduct a backup. • An occasional full backup must be conducted. • Later, when a delta backup is conducted at specific intervals, only the portions of the files that have been changed will be stored. • The advantage of this is that only the information within files that has changed will be backed up. • The disadvantage — restoration is a complex process since it requires more than just loading a file. • It requires that application software be run to update the records in the files that have been changed.
Types of Backups • The type you select, however, will greatly affect your overall backup strategy, plans, and processes.
Backup Frequency and Retention • The usefulness of a backup is related to the number of changes since the backup was created. • This is obviously affected by how often backups are created. • The longer it has been since the backup was created, the more changes are likely to have occurred.
Backup Frequency and Retention • How frequently should backups be performed? • You should consider how long an organization can survive without current data. • You can determine how long it will take to restore from backups using various methods and decide how frequently backups should occur.
Backup Frequency and Retention • Multiple backups should be maintained. • If the reason for restoring from the backup is the discovery of an intruder in the system – restore the system to its pre-intrusion state. • If multiple backups are maintained at intervals, it is easier to return to a point before the intrusion, security, or operational event occurred.
Backup Rule of Three • There are several strategies or approaches to backup retention and a common and easy to remember is the “rule of three.” • This entails simply keeping the three most recent backups.
Backup Rule of Three • When a new backup is created, the oldest copy is overwritten. • In certain environments, regulatory issues may prescribe a specific frequency and retention period. • It is important to know an organization and its requirements when determining how often a backup will be created and how long will it be kept.
Backup Rule of Three • If you are not in an environment where regulatory issues dictate the frequency and retention for backups, your goal will be to optimize the frequency.
Backup Rule of Three • To determine the optimal backup frequency, two costs need to be considered. • The cost of the backup strategy chosen. • The cost of recovery if the backup strategy is not implemented (meaning if there were no backups created).
Backup Rule of Three • Consider the probability that the backup will be needed on any given day. • The two figures to consider then are: • (probability the backup is needed)(cost of restoring with no backup) • This figure is the probable loss that can be expected by an organization if there is no backup conducted. • (probability the backup isn't needed) (cost of the backup strategy) • This figure is the price an organization is willing to pay (lose) to ensure that you can restore, should a problem occur.
Backup Rule of Three • To optimize backup strategy, the correct balance between these two figures needs to be determined. • When working with these two calculations, it should be kept in mind that this is a cost-avoidance exercise.
Backup Rule of Three • When calculating the cost of the backup strategy, consider: • The cost of the backup media required for a single backup • The storage costs for the backup media and the retention policy • The labor costs associated with performing a single backup • The frequency with which backups are created • All of these considerations can be used to arrive at an annual cost for implementing a chosen backup strategy, and this figure can then be used as previously described.
Storage of Backups • One factor of the cost of the backup strategy is the expense of storing the backups. • The best strategy is to keep copies of backups in separate locations. • The most recent copy could be stored locally, as it is the most likely to be needed. • Other copies can be kept at other locations.
Storage of Backups • A recent advance is online backup services. • A number of third-party companies offer high-speed connections for storing data on a frequent basis. • Using network connections reduces concerns with physical movement of more traditional storage media.
Alternate Sites • Where should restoration services be conducted? • If an organization has suffered physical damage to a facility, having offsite storage of data is only part of the solution. • Data needs to be processed somewhere. • Computing facilities similar to those used in normal operations must be found.
Alternate Sites • Hot site - A fully configured environment similar to the normal operating environment. • Warm - Partially configured, usually having the peripherals and software but perhaps not the more expensive main processing computer. • Cold site - Basic environmental controls needed to operate. Has few computing components needed. • Mobile backup- Trailers with the required computers and electrical power that can be driven to a location within hours of a disaster and set up to commence processing immediately.
Alternate Sites • A less expensive alternative is a mutual aid agreement. • Similar organizations agree to assume the processing for the other party if a disaster occurs. • The assumptions are: • both organizations will not be hit by the same disaster. • both have similar processing environments. • If these two assumptions are correct, then a mutual aid agreement should be considered. • Such an arrangement may not be legally enforceable, even if it is in writing.