1 / 12

Backup and Disaster Recovery

Backup and Disaster Recovery. David N. Wozei Systems Administrator, IT Auditor. ISACA Area 5 Protection of Information Assets. Provide assurance that the security architecture (policies, standards, procedures and

ulric
Télécharger la présentation

Backup and Disaster Recovery

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Backup and Disaster Recovery David N. Wozei Systems Administrator, IT Auditor

  2. ISACA Area 5 Protection of Information Assets • Provide assurance that the security architecture (policies, standards, procedures and • controls) ensures the confidentiality, integrity and availability of information assets. • Tasks • _ Evaluate the design, implementation and monitoring of logical access controls to • ensure the confidentiality, integrity, availability and authorized use of information • assets. • _ Evaluate network infrastructure security to ensure confidentiality, integrity, • availability and authorized use of the network and the information transmitted. • _ Evaluate the design, implementation and monitoring of environmental controls to • prevent or minimize loss. • _ Evaluate the design, implementation and monitoring of physical access controls to • ensure that information assets are adequately safeguarded. • _ Evaluate the processes and procedures used to store, retrieve, transport and • dispose of confidential information assets.

  3. ISACA Area 6 Business Continuity and Disaster Recovery • Provide assurance that, in the event of a disruption, the business continuity and • disaster recovery processes will ensure the timely resumption of IT services, while • minimizing the business impact. • Tasks • _ Evaluate the adequacy of backup and restore provisions to ensure the availability • of information required to resume processing. • _ Evaluate the organization’s disaster recovery plan to ensure that it enables the • recovery of IT processing capabilities in the event of a disaster. • _ Evaluate the organization’s business continuity plan to ensure its ability to • continue essential business operations during the period of an IT disruption.

  4. What is Backup and Disaster Recovery all about? • To backup is to have a secondary source of information (to stand in for the primary source). • Business continuity is to ensure business critical and non-critical processes keep running. • Disaster Recovery is a self-definition; recovering from a disaster. To rebuild a destroyed resource. • There is an inherent risk to IT systems. • BIA (risk based approach), BCP • Identify the IT Systems as business critical and as business assets. (In relation to protection of Information assets) • Look out for the risky areas.

  5. Types of backup • Full backup Creates an entire copy of each file on the system. • This is the most effective backup method and requires a significant amount of time. It’s common for a full backup • to be run at least once per week, but the frequency of your backup should depend on the • value of your data. To restore data, the computer operator loads the latest full backup, usually • from tapes. Next, the most current data is loaded by using files from a subsequent • incremental or differential backup tape. • Incremental method Copies only the files that have changed since the last backup. • Theincremental method is commonly used for backups on weekdays. This method requires less • time than a full backup. Unfortunately, the file restoration process takes longer because it • is necessary to restore the full backup and each version of incremental backup. An incremental • backup resets the archive bit (backup flag) to indicate that a file needs to be backed • up. If any of the tapes or disks in incremental restoration fails, the RPO will also fail. Incremental • recovery requires using more tapes.

  6. Types of Backup (continued…) • Differential method Copies every file that has changed between full backup runs. • Differentialis the preferred method for business continuity. This method ensures that multiple • copies of daily files should exist on multiple tapes. A differential backup is very • fast on the first day after a full backup, and then takes longer each day as more files are • copied. A differential backup works because the backup software does not change the • archive bit (backup flag).

  7. What are we auditing anyway? • What are the assets and their configurations, locations etc? (This includes disaster recovery sites, primary sites, command sites...) • What are their vulnerabilities or risks? • Is there a Business Continuity Plan? • Is there a Backup policy or Data Retention policy? • Is there a Disaster Recovery Plan? • Is there a team and individual business continuity manager responsible for these plans and policies or is implementation ad hoc? • Has the risk been transferred? • Are third-partied involved. • Are users aware of the Plan? • Is the plan comprehensive and does the team know when it is to be activated? • Is the plan reviewed and tested periodically? • Has a Business Impact Assessment ever been done?

  8. What are we auditing anyway? (continued) • Has the organisation decided not to adopt a plan at all? Is procurement aware of the plan? • Are the financial implications of the plan known and are the finances available or feasible? • Is security aware of the plan? (a security firm providing security to premises) • Are utilities aware of the plan? (Electricity, Tel Cos, Water etc) • How do we handle important documents in paper format? (For example, contracts, legal documents, land titles) • How do we handle human lives, once there is a risk to them? • Is there a specific period acceptable for recovery or downtime? • Has the organisation decided not to have a plan?

  9. What are the risks? • Business collapse • Financial loss • Loss of life • Loss of business property and assets • Loss of information • Damage to reputation • Legal action • Failure to resume business

  10. Who should be involved in the effort to prevent a disaster? • A BCP manager or 'owner'. • Users • Identify first responders • Third-parties and out-sourced resources • Those to whom risk has been transferred (Insurance Companies) • Procurement • Suppliers • Top management • IT department • Security staff • Any more, you can think of? Please list some…

  11. Review of Documents, Policies, Plans • Review of some documents with information on Backup and DR as well as Business Continuity.

  12. THE END

More Related