1 / 61

Disaster Recovery Planning Business Continuity Planning

Disaster Recovery Planning Business Continuity Planning. Business Continuity. Designed to - Minimize the effect of a disaster Ensure the continuation of critical business functions You define and identify the critical business functions. DRP and BCP. DRP –

niesha
Télécharger la présentation

Disaster Recovery Planning Business Continuity Planning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Disaster Recovery Planning Business Continuity Planning CISSP All-in-one. Shon Harris

  2. Business Continuity • Designed to - • Minimize the effect of a disaster • Ensure the continuation of critical business functions • You define and identify the critical business functions CISSP All-in-one. Shon Harris

  3. DRP and BCP • DRP – • “Oh my goodness, the sky is falling,” • BCP • “Okay, the sky fell. Now, how do we stay in business until someone can put the sky back where it belongs?” CISSP All-in-one. Shon Harris

  4. Natural Disasters • Businesses must plan to meet any of the events that could effect day-to­day operations . • Hurricanes • Floods • Fire • Power outages CISSP All-in-one. Shon Harris

  5. Business Continuity and CIA • CIA very important in BCP • But Availability moves to the forefront • Loss of data is the most devastating interruption • 65% of businesses would go out of business if they had to close for one week due to a disaster or disruption CISSP All-in-one. Shon Harris

  6. BCP Phases • Initiate project • Perform BIA • Create Strategy • Create Plan • Implement plan • Test Plan • Maintain Plan CISSP All-in-one. Shon Harris

  7. BCP – Project Initiation • Identify core business functions and why. • Obtain management support • Identify a business continuity coordinator • leader for the BCP team • oversee the development, implementation, and testing of the continuity and disaster recovery plans. • Representatives from each department must be involved with not only the planning stages but also the testing and implementation stages. CISSP All-in-one. Shon Harris

  8. Recovery Planning • What is Recover Planning • Developing a plan • Proactive approach for preparing for disaster before it takes place to • Minimize loss • Ensure availability of critical systems and equipment CISSP All-in-one. Shon Harris

  9. Key Business Functions • Accounting • Data processing • Customer support • Communications • IT support • Purchasing CISSP All-in-one. Shon Harris

  10. BCP – Project Initiation • BCP team work with the management staff to develop • the ultimate goals of the plan, • identify the critical parts of the business that must be dealt with first during a disaster, • ascertain the priorities of departments and tasks. • continuity planning policy statement developed • lays out the scope of the BCP project • the team member roles • goals of the project. CISSP All-in-one. Shon Harris

  11. BCP - Team • The BCP team’s responsibilities are as follows: • Identifying regulatory and legal requirements that must be met • Identifying all possible vulnerabilities and threats • Estimating the possibilities of these threats and the loss potential • Performing a BIA • Outlining which departments, systems, and processes must be up and running before any others • Developing procedures and steps in resuming business after a disaster CISSP All-in-one. Shon Harris

  12. BCP Team • Senior executives on the BCP team oversee budgets. • BCP chair gives directions to employees immediately after the disaster CISSP All-in-one. Shon Harris

  13. BIA • A business impact analysis (BIA) is considered a functional analysis, in which a team • collects data through interviews and documentary sources • documents business functions, • activities, and transactions • develops a hierarchy of business functions • applies a classification scheme to indicate each individual function’s criticality level. CISSP All-in-one. Shon Harris

  14. Business Impact Analysis (BIA) • The best place an organization can start • You will need a BCP policy before BIA • Evaluates what processes are critical to the organization's survival • Not all processes will be needed immediately. Only key services required. • Estimates potential loss and damage • Enables organizations to develop viable alternatives CISSP All-in-one. Shon Harris

  15. BIA - Risk Assessment • Define the threat • Natural? • Man-made? • Technical? • Assign a dollar amount or value to the threat – risk analysis • Evaluate the risk to business operations CISSP All-in-one. Shon Harris

  16. BIA • Loss criteria: • Loss in reputation and public confidence • Loss of competitive advantages • Increase in operational expenses • Violations of contract agreements • Violations of legal and regulatory requirements • Delayed income costs • Loss in revenue • Loss in productivity CISSP All-in-one. Shon Harris

  17. BIA • The BIA identifies • the company’s critical systems that are needed for survival • Resources critical systems rely on • estimates the outage time that can be tolerated by the company • Maximum Tolerable Downtime (MTD) • The outage time that can be endured by a company • MTD estimates • Nonessential 30 days • Normal 7 days • Important 72 hours • Urgent 24 hours • Critical Minutes to hours CISSP All-in-one. Shon Harris

  18. Interdependences • Define essential business functions • Identify interdependencies between functions and departments • Discover possible disruptions in one department affect others • Identify and document threats to interdepartmental communication • Provide alternative methods to restore functionality • Provide a rationale statement for each threat CISSP All-in-one. Shon Harris

  19. Policies • Must be implemented to back up the organization's choices • CISSP code of ethics – Always put employees first. • Number one goal should employee • Protection • Health • Well-being CISSP All-in-one. Shon Harris

  20. Facility Recovery • Three main categories of disruptions • Nondisaster - disruption in service because of device malfunction or failure. • solution could include hardware, software, or file restoration. • Disaster - event that causes the entire facility to be unusable for a day or longer • Facility destroyed partially. • Business impacted temporarily • Alternate processing facility until main facility is repaired and usable • Restoration of software and data from offsite copies. • Catastrophe eventthat destroys the facility altogether. • Short-term solution - offsite facility • Long-term solution - rebuild the original facility. CISSP All-in-one. Shon Harris

  21. MTBF and MTTR • BCP team needs to identify MTBF and MTTR for all hardware and devices • Manufactures and vendors have this data • MTBF - estimated lifetime of equipment. • approximately when a particular device will need to be replaced. • MTTR - estimate of how long it will take to fix a piece of equipment and get it back into production. CISSP All-in-one. Shon Harris

  22. Hardware Backup • Hot sites • Fully-configured • Ready to operate within FEW hours • Leased or rented • Warm sites • Partially configured – only peripheral devices • May take several days to make operational • Get computer, software and hardware to be functional • Cold sites • Have only the basic environmental infrastructure. Routers, cables etc. • May take several weeks to be operational CISSP All-in-one. Shon Harris

  23. Hardware Backup • Redundant site • Hot site • Owned and maintained by the company • Operational immediately • Mobile (rolling hot) sites. Equipment in a tractor trailer. E.g. Red Cross • multiple processing centers • Multiple facilities throughout the world • Data processing moves from one center to another if interruption is detected. CISSP All-in-one. Shon Harris

  24. Hardware Backup • Hot site – back-up tapes and equipment periodically tested. • Warm site – back up tapes and equipment brought to the original site to be tested • If company depends on the warm site • Original equipment and media taken to warm site to be tested. CISSP All-in-one. Shon Harris

  25. Offsite location • Back up facility at least 5 miles away • Low to medium environments – 15 miles • Critical operations – 50-200 miles CISSP All-in-one. Shon Harris

  26. Reciprocal Agreements • Agreements with another company. • How long will the facility be available? • How much assistance will their staff supply? • How quickly can we move into the facility? • Are there interoperability issues? • Do conflicts of interests apply? • How would change control and configuration management be handled? • How often can drills and testing take place? CISSP All-in-one. Shon Harris

  27. Software Backup • At least two copies of the company’s operating system software and critical applications. • One copy stored onsite • other copy stored at a offsite location. • Copies must be • tested periodically • re-created when new versions are rolled out. CISSP All-in-one. Shon Harris

  28. Software Escrow • Protection mechanism for the customer • Third party holds the source code, backups of the compiled code, manuals, and other supporting materials. • A contract between the software vendor, customer, and third party outlines who can do what and when with the source code. • Customer can have access to the source code only if • vendor goes out of business • is unable to carry out stated responsibilities • is in breach of the original contract. CISSP All-in-one. Shon Harris

  29. Choosing a Backup Facility • Are they open 24 x 7? • How secure is the facility? • Same controls at the back-up facility CISSP All-in-one. Shon Harris

  30. Data Backup • full backup • All data is backed up and saved • Full backup is combined with differential or incremental backup • differential backup • backs up the files that have been modified since the last full backup. • When the data needs to be restored, the full backup is laid down first and then the differential backup is put down on top of it. CISSP All-in-one. Shon Harris

  31. Data Backup • incremental backup • backs up all the files that have changed since the last full or incremental backup • When the data needs to be restored • First full backup • Then each incremental backup is laid down on top of it in the proper order. • Incremental backup is quicker than differential but takes longer to restore. CISSP All-in-one. Shon Harris

  32. Data backup • If backup and restoration processes simplistic and straightforward • full backup • But requires a lot of hard drive space and time. • A differential backup takes more time in the backing up phase than an incremental backup • but it also takes less time to restore than an incremental backup, • Restoration of a differential backup two step process • Incremental backup – every incremental backup has to be restored in the correct sequence. CISSP All-in-one. Shon Harris

  33. Electronic Backup • disk-shadowing • two physical disks • data is written to both at the same time for redundancy. • If one disk fails, the other is readily available. • Expensive • Provides high degree of fault tolerance CISSP All-in-one. Shon Harris

  34. Electronic Backup • Electronic vaulting (backup files) • makes copies of files as they are modified and periodically transmits them to an offsite backup site. • Takes place in batches and moves the entire file that has been updated • Remote journaling (transaction logs) • only includes moving the journal or transaction logs to the offsite facility, not the actual files. • Takes place in real time and transmits only changes to files. • If and when data is corrupted and needs to be restored, only retrieve logs and rebuild the data • efficient for database recovery CISSP All-in-one. Shon Harris

  35. Electronic Backup • Hierarchical storage management (HSM) • Includes optical disks, magnetic disks and tapes • faster media holds frequently used files • Older files backed up on slower less expensive media • storage area network (SAN) • Several storage systems connected together to form a single backup network. • Switches are used to create a switching fabric • switching fabric enables several devices to communicate with back-end storage devices • provides redundancy and fault tolerance • Off-site or on-site? CISSP All-in-one. Shon Harris

  36. Restoration and Implementation CISSP All-in-one. Shon Harris

  37. Plan Development Categories • End-user environment • Backup alternatives • Recovery • Restoration CISSP All-in-one. Shon Harris

  38. End-User Environment • How will users be notified of the disaster? • Who will instruct them? • How will backups be retrieved? • Some employees may need to report to work during the disaster. CISSP All-in-one. Shon Harris

  39. Backup Alternatives • Hardware • Data • Personnel • Off-site facilities CISSP All-in-one. Shon Harris

  40. Documentation • Procedures • May need to include - • How to reinstall images • Configuration of OS and servers • installation of- • Other utilities • Proprietary software • Important for knowledge management CISSP All-in-one. Shon Harris

  41. Recovery and Restoration • Restoration team • When a disaster happens team must know how to - • Install OS • Configure workstations and servers • String wires and cabling • Configure networking services • Restore systems CISSP All-in-one. Shon Harris

  42. Tests CISSP All-in-one. Shon Harris

  43. DRP Test • Testing DRP • Most important in DR planning • Untested plan is worthless • Create test documents • Test criteria • Types CISSP All-in-one. Shon Harris

  44. Testing DRP • Testing must be - • Conducted in an orderly, standardized fashion • Executed on a regular basis • No demonstrated recovery ability exists until the DRP is tested CISSP All-in-one. Shon Harris

  45. Testing DRP • Testing • Verifies the accuracy of the recovery procedures • Prepares and trains personnel to execute during emergency • Verifies the processing capability of the alternate backup site CISSP All-in-one. Shon Harris

  46. Creating the Test Document • Test scenarios • Entire system? • Portion of the system? • Back-up system • Reasons for the test • Change in hardware, software, operational environment • Objectives of the test • Type of tests • Testing schedule CISSP All-in-one. Shon Harris

  47. Creating the Test Document • Duration of the test – hour, day, weekend, week • Specific test steps • Who will be the participants? • The task assignments of the test • Resources and services required CISSP All-in-one. Shon Harris

  48. Test Criteria • Must not disrupt normal business functions • Should not affect availability for the entire organization • Should start with easy areas to build skills and confidence • Purpose is to find weaknesses, update and retest CISSP All-in-one. Shon Harris

  49. DRP Types • Checklist of the plan to cover all critical items. • Structured walk through with business unit managers • Ensures accuracy of the plan • Simulation. • Parallel • Fail a system when back-up running • Full-interruption • Needs approval of the management CISSP All-in-one. Shon Harris

  50. Simulation • Practice session • To avoid the DRP causing the disaster • Enacts recovery procedures CISSP All-in-one. Shon Harris

More Related