Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity

Size: px
Start display at page:

Download "Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity"

Transcription

1 Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 13 Business Continuity

2 Objectives Define environmental controls Describe the components of redundancy planning List disaster recovery procedures Describe incident response procedures Security+ Guide to Network Security Fundamentals, Fourth Edition 2

3 What Is Business Continuity? Organization s ability to maintain operations after a disruptive event Examples of disruptive events Power outage Hurricane Tsunami Business continuity planning and testing steps Identify exposure to threats Create preventative and recovery procedures Test procedures to determine if they are sufficient Security+ Guide to Network Security Fundamentals, Fourth Edition 3

4 What Is Business Continuity? (cont d.) Succession planning Determining in advance who is authorized to take over if key employees die or are incapacitated Business impact analysis (BIA) Analyzes most important business functions and quantifies impact of their loss Identifies threats through risk assessment Determines impact if threats are realized Security+ Guide to Network Security Fundamentals, Fourth Edition 4

5 What Is Business Continuity? (cont d.) Questionnaires used to prompt thinking about impact of a disaster In-person interviews held Discuss different disaster scenarios BIA interview form helps organize information obtained from the interview Security+ Guide to Network Security Fundamentals, Fourth Edition 5

6 Table 13-1 BIA interview form Security+ Guide to Network Security Fundamentals, Fourth Edition 6

7 Disaster Recovery Subset of business continuity planning and testing Also known as contingency planning Focuses on protecting and restoring information technology functions Mean time to restore (MMTR) Measures average time needed to reestablish services Disaster recovery activities Create, implement, and test disaster recovery plans Security+ Guide to Network Security Fundamentals, Fourth Edition 7

8 Disaster Recovery Plan Written document detailing process for restoring IT resources: Following a disruptive event Comprehensive in scope Updated regularly Example of disaster planning approach Define different risk levels for organization s operations based on disaster severity Security+ Guide to Network Security Fundamentals, Fourth Edition 8

9 Table 13-2 Sample educational DRP approach Security+ Guide to Network Security Fundamentals, Fourth Edition 9

10 Disaster Recovery Plan (cont d.) Common features of most disaster recovery plans Definition of plan purpose and scope Definition of recovery team and their responsibilities List of risks and procedures and safeguards that reduce risk Outline of emergency procedures Detailed restoration procedures DRP should contain sufficient level of detail Security+ Guide to Network Security Fundamentals, Fourth Edition 10

11 Figure 13-1 Sample excerpt from a DRP Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 11

12 Disaster Recovery Plan (cont d.) DRP must be adaptable Backout/contingency option Component of a DRP If plan response is not working properly, technology is rolled back to starting point Different approach taken Disaster exercises Designed to test DRP s effectiveness Security+ Guide to Network Security Fundamentals, Fourth Edition 12

13 Disaster Recovery Plan (cont d.) Disaster exercise objectives Test efficiency of interdepartmental planning and coordination in managing a disaster Test current DRP procedures Determine response strengths and weaknesses Security+ Guide to Network Security Fundamentals, Fourth Edition 13

14 Redundancy and Fault Tolerance Single point of failure Component or entity which will disable the entire system if it no longer functions Remove single point of failure Primary mechanism to ensure business continuity Results in high availability Expressed as a percentage uptime in a year Security+ Guide to Network Security Fundamentals, Fourth Edition 14

15 Table 13-3 Percentages and downtimes Security+ Guide to Network Security Fundamentals, Fourth Edition 15

16 Redundancy and Fault Tolerance (cont d.) Redundancy and fault tolerance Way to address single point of failure Building excess capacity to protect against failures Redundancy planning Applies to servers, storage, networks, power, sites Servers Play a key role in network infrastructure Failure can have significant business impact Security+ Guide to Network Security Fundamentals, Fourth Edition 16

17 Redundancy and Fault Tolerance (cont d.) Some organizations stockpile spare parts for servers Or have redundant servers Server cluster Multiple servers that appear as a single server Connected through public and private cluster connections Types of server clusters Asymmetric Symmetric Security+ Guide to Network Security Fundamentals, Fourth Edition 17

18 Redundancy and Fault Tolerance (cont d.) Asymmetric servers perform no function except to be ready if needed Used for databases, messaging systems, file and print services All servers do useful work in a symmetric server cluster If one server fails, remaining servers take on failed server s work More cost effective than asymmetric clusters Used for Web, media, and VPN servers Security+ Guide to Network Security Fundamentals, Fourth Edition 18

19 Figure 13-2 Server cluster Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 19

20 Redundancy and Fault Tolerance Hard drives (cont d.) Often first components to fail Some organizations keep spare hard drives on hand Mean time between failures (MTBF) Measures average time until a component fails and must be replaced Can be used to determine number of spare hard drives an organization should keep Security+ Guide to Network Security Fundamentals, Fourth Edition 20

21 Redundancy and Fault Tolerance (cont d.) Redundant Array of Independent Devices (RAID) Uses multiple hard disk drives to increase reliability and performance Can be implemented through software or hardware Several levels of RAID exist RAID Level 0 (striped disk array without fault tolerance) Striping partitions hard drive into smaller sections Data written to the stripes is alternated across the drives If one drive fails, all data on that drive is lost Security+ Guide to Network Security Fundamentals, Fourth Edition 21

22 Figure 13-3 RAID Level 0 Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 22

23 Redundancy and Fault Tolerance RAID Level 1 (mirroring) (cont d.) Disk mirroring used to connect multiple drives to the same disk controller card Action on primary drive is duplicated on other drive Primary drive can fail and data will not be lost Disk duplexing Variation of RAID Level 1 Separate cards used for each disk Protects against controller card failures Security+ Guide to Network Security Fundamentals, Fourth Edition 23

24 Figure 13-4 RAID Level 1 Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 24

25 Redundancy and Fault Tolerance (cont d.) RAID Level 5 (independent disks with distributed parity) Distributes parity (error checking) across all drives Data stored on one drive and its parity information stored on another drive RAID 0+1 (high data transfer) Nested-level RAID Mirrored array whose segments are RAID 0 arrays Can achieve high data transfer rates Security+ Guide to Network Security Fundamentals, Fourth Edition 25

26 Figure 13-5 RAID Level 5 Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 26

27 Figure 13-6 RAID Level 0+1 Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 27

28 Table 13-4 Common RAID levels (continues) Security+ Guide to Network Security Fundamentals, Fourth Edition 28

29 Table 13-4 Common RAID levels (cont d.) Security+ Guide to Network Security Fundamentals, Fourth Edition 29

30 Redundancy and Fault Tolerance Redundant networks (cont d.) May be necessary due to critical nature of connectivity today Wait in the background during normal operations Use a replication scheme to keep live network information current Launches automatically in the event of a disaster Hardware components are duplicated Some organizations contract with a second Internet service provider as a backup Security+ Guide to Network Security Fundamentals, Fourth Edition 30

31 Redundancy and Fault Tolerance (cont d.) Uninterruptible power supply (UPS) Maintains power to equipment in the event of an interruption in primary electrical power source Offline UPS Least expensive, simplest solution Charged by main power supply Begins supplying power quickly when primary power is interrupted Switches back to standby mode when primary power is restored Security+ Guide to Network Security Fundamentals, Fourth Edition 31

32 Redundancy and Fault Tolerance Online UPS (cont d.) Always running off its battery while main power runs battery charger Not affected by dips or sags in voltage Can serve as a surge protector Can communicate with the network operating system to ensure orderly shutdown occurs Can only supply power for a limited time Backup generator Powered by diesel, natural gas, or propane Security+ Guide to Network Security Fundamentals, Fourth Edition 32

33 Sites Redundancy and Fault Tolerance (cont d.) Backup sites may be necessary if flood, hurricane, or other major disaster damages buildings Three types of redundant sites: hot, cold, and warm Hot site Run by a commercial disaster recovery service Duplicate of the production site Has all needed equipment Data backups can be moved quickly to the hot site Security+ Guide to Network Security Fundamentals, Fourth Edition 33

34 Redundancy and Fault Tolerance Cold site Provides office space (cont d.) Customer must provide and install all equipment needed to continue operations No backups immediately available Less expensive than a hot site Takes longer to resume full operation Warm site All equipment is installed No active Internet or telecommunications facilities Security+ Guide to Network Security Fundamentals, Fourth Edition 34

35 Redundancy and Fault Tolerance Warm site (cont d.) (cont d.) No current data backups Less expensive than a hot site Time to turn on connections and install backups can be half a day or more Security+ Guide to Network Security Fundamentals, Fourth Edition 35

36 Data Backups Essential element in any DRP Copying information to a different medium and storing offsite to be used in event of disaster Questions to ask when creating a data backup What information should be backed up? How often should it be backed up? What media should be used? Where should the backup be stored? What hardware or software should be used? Security+ Guide to Network Security Fundamentals, Fourth Edition 36

37 Data Backups (cont d.) Backup software Can internally designate which files have already been backed up Archive bit set to 0 in file properties If file contents change, archive bit is changed to 1 Types of backups Full backup Differential backup Incremental backup Security+ Guide to Network Security Fundamentals, Fourth Edition 37

38 Figure 13-7 Archive bit Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 38

39 Table 13-5 Types of data backups Security+ Guide to Network Security Fundamentals, Fourth Edition 39

40 Data Backups (cont d.) Recovery point objective (RPO) Maximum length of time organization can tolerate between backups Recovery time objective (RTO) Length of time it will take to recover backed up data Magnetic tape backups have been standard for over 40 years Can store up to 800GB of data Relatively inexpensive Security+ Guide to Network Security Fundamentals, Fourth Edition 40

41 Data Backups (cont d.) Disadvantages of magnetic tape backups Slow backup speed High failure rates Data not encrypted on tape Disk to disk Large hard drive or RAID configuration Better RPO and RTO than magnetic tape May be subject to failure or data corruption Security+ Guide to Network Security Fundamentals, Fourth Edition 41

42 Data Backups (cont d.) Disk to disk to tape Uses magnetic disk as a temporary storage area Server does not need to be offline for an extended time period Data later transferred to magnetic tape Continuous data protection Performs data backups that can be restored immediately Maintains historical record of all changes made to data Security+ Guide to Network Security Fundamentals, Fourth Edition 42

43 Table 13-6 Continuous data protection types Security+ Guide to Network Security Fundamentals, Fourth Edition 43

44 Table 13-7 Data backup technologies Security+ Guide to Network Security Fundamentals, Fourth Edition 44

45 Environmental Controls Methods to prevent disruption through environmental controls Fire suppression Proper shielding Configuring HVAC systems Security+ Guide to Network Security Fundamentals, Fourth Edition 45

46 Fire Suppression Requirements for a fire to occur Fuel or combustible material Oxygen to sustain combustion Heat to raise material to its ignition temperature Chemical reaction: fire itself Security+ Guide to Network Security Fundamentals, Fourth Edition 46

47 Figure 13-8 Fire triangle Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 47

48 Table 13-8 Using incorrect fire suppression systems Security+ Guide to Network Security Fundamentals, Fourth Edition 48

49 Table 13-9 Fire types Security+ Guide to Network Security Fundamentals, Fourth Edition 49

50 Table Stationary fire suppression systems (continues) Security+ Guide to Network Security Fundamentals, Fourth Edition 50

51 Table Stationary fire suppression systems (cont d.) Security+ Guide to Network Security Fundamentals, Fourth Edition 51

52 Electromagnetic Interference (EMI) Shielding Attackers could pick up electromagnetic fields and read data Faraday cage Metal enclosure that prevents entry or escape of electromagnetic fields Often used for testing in electronic labs Security+ Guide to Network Security Fundamentals, Fourth Edition 52

53 HVAC Data centers have special cooling requirements More cooling necessary due to large number of systems generating heat in confined area Precise cooling needed Heating, ventilating, and air conditioning (HVAC) systems Maintain temperature and relative humidity at required levels Controlling environmental factors can reduce electrostatic discharge Security+ Guide to Network Security Fundamentals, Fourth Edition 53

54 HVAC (cont d.) Hot aisle/cold aisle layout Used to reduce heat by managing air flow Servers lined up in alternating rows with cold air intakes facing one direction and hot air exhausts facing other direction Location of computer data center an important consideration Placing a wireless access point in a plenum can be a hazard Security+ Guide to Network Security Fundamentals, Fourth Edition 54

55 Incident Response Procedures When unauthorized incident occurs: Response is required Incident response procedures Can include using basic forensics procedures Security+ Guide to Network Security Fundamentals, Fourth Edition 55

56 What Is Forensics? Applying science to legal questions Analyzing evidence Computer forensics Uses technology to search for computer evidence of a crime Reasons for importance of computer forensics Amount of digital evidence Increased scrutiny by the legal profession Higher level of computer skill by criminals Security+ Guide to Network Security Fundamentals, Fourth Edition 56

57 Basic Forensics Procedures Four basic steps are followed Secure the crime scene Collect the evidence Establish a chain of custody Examine for evidence Secure the crime scene Goal: preserve the evidence Damage control steps taken to minimize loss of evidence Security+ Guide to Network Security Fundamentals, Fourth Edition 57

58 Basic Forensics Procedures (cont d.) Secure the crime scene (cont d.) First responders contacted Physical surroundings documented Photographs taken before anything is touched Computer cables labeled Team takes custody of entire computer Team interviews witnesses Security+ Guide to Network Security Fundamentals, Fourth Edition 58

59 Basic Forensics Procedures (cont d.) Preserve the evidence Digital evidence is very fragile Can be easily altered or destroyed Computer forensics team captures volatile data Examples: contents of RAM, current network connections Order of volatility must be followed to preserve most fragile data first Capture entire system image Mirror image backup of the hard drive Meets evidence standards Security+ Guide to Network Security Fundamentals, Fourth Edition 59

60 Table Order of volatility Security+ Guide to Network Security Fundamentals, Fourth Edition 60

61 Basic Forensics Procedures (cont d.) Establish the chain of custody Evidence maintained under strict control at all times No unauthorized person given opportunity to corrupt the evidence Examine for evidence Computer forensics expert searches documents Windows page files can provide valuable investigative leads Slack and metadata are additional sources of hidden data Security+ Guide to Network Security Fundamentals, Fourth Edition 61

62 Figure RAM slack Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 62

63 Figure Drive file slack Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 63

64 Summary Business continuity is an organization s ability to maintain its operations after a disruptive event Disaster recovery A subset of business continuity planning Focuses on restoring information technology functions Disaster recovery plan details restoration process A server cluster combines two or more servers that are interconnected to appear as one RAID uses multiple hard disk drives for redundancy Security+ Guide to Network Security Fundamentals, Fourth Edition 64

65 Summary (cont d.) Network components can be duplicated to provide a redundant network Data backup Copying information to a different medium and storing (preferably offsite) for use in event of a disaster Recovery point objective and recovery time objective help an organization determine backup frequency Fire suppression systems include water, dry chemical, and clean agent systems Security+ Guide to Network Security Fundamentals, Fourth Edition 65

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 ISC 2 Key Areas of Knowledge Understand business continuity requirements 1. Develop and document project scope and plan

More information

Network+ Guide to Networks 5 th Edition. Chapter 14 Ensuring Integrity and Availability

Network+ Guide to Networks 5 th Edition. Chapter 14 Ensuring Integrity and Availability Network+ Guide to Networks 5 th Edition Chapter 14 Ensuring Integrity and Availability Objectives Identify the characteristics of a network that keep data safe from loss or damage Protect an enterprise-wide

More information

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP).

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP). Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP). Ed Fortin President Fortin Consulting Paul Godden Consultant & Quotation Author Friday 24 th February 2012 Business Continuity Planning

More information

Disaster Recovery. Hendry Taylor Tayori Limited

Disaster Recovery. Hendry Taylor Tayori Limited Disaster Recovery Hendry Taylor Tayori Limited Agenda What is Business Continuity planning (BCP) What is Disaster Recovery (DR) and Disaster Recovery Planning (DRP) Overview Lifecycle Analysis Plan design

More information

RAID HARDWARE. On board SATA RAID controller. RAID drive caddy (hot swappable) SATA RAID controller card. Anne Watson 1

RAID HARDWARE. On board SATA RAID controller. RAID drive caddy (hot swappable) SATA RAID controller card. Anne Watson 1 RAID HARDWARE On board SATA RAID controller SATA RAID controller card RAID drive caddy (hot swappable) Anne Watson 1 RAID The word redundant means an unnecessary repetition. The word array means a lineup.

More information

Backup and Recovery 1

Backup and Recovery 1 Backup and Recovery What is a Backup? Backup is an additional copy of data that can be used for restore and recovery purposes. The Backup copy is used when the primary copy is lost or corrupted. This Backup

More information

Availability and Disaster Recovery: Basic Principles

Availability and Disaster Recovery: Basic Principles Availability and Disaster Recovery: Basic Principles by Chuck Petch, WVS Senior Technical Writer At first glance availability and recovery may seem like opposites. Availability involves designing computer

More information

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud Cloud Computing Chapter 10 Disaster Recovery and Business Continuity and the Cloud Learning Objectives Define and describe business continuity. Define and describe disaster recovery. Describe the benefits

More information

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business

More information

Chapter 12 Network Administration and Support

Chapter 12 Network Administration and Support Chapter 12 Network Administration and Support Objectives Manage networked accounts Monitor network performance Protect your servers from data loss Guide to Networking Essentials, Fifth Edition 2 Managing

More information

HA / DR Jargon Buster High Availability / Disaster Recovery

HA / DR Jargon Buster High Availability / Disaster Recovery HA / DR Jargon Buster High Availability / Disaster Recovery Welcome to Maxava s Jargon Buster. Your quick reference guide to Maxava HA and industry technical terms related to High Availability and Disaster

More information

DELL RAID PRIMER DELL PERC RAID CONTROLLERS. Joe H. Trickey III. Dell Storage RAID Product Marketing. John Seward. Dell Storage RAID Engineering

DELL RAID PRIMER DELL PERC RAID CONTROLLERS. Joe H. Trickey III. Dell Storage RAID Product Marketing. John Seward. Dell Storage RAID Engineering DELL RAID PRIMER DELL PERC RAID CONTROLLERS Joe H. Trickey III Dell Storage RAID Product Marketing John Seward Dell Storage RAID Engineering http://www.dell.com/content/topics/topic.aspx/global/products/pvaul/top

More information

Business Continuity and the Cloud. Aaron Shaver US Signal, Solution Architect

Business Continuity and the Cloud. Aaron Shaver US Signal, Solution Architect Business Continuity and the Cloud Aaron Shaver US Signal, Solution Architect Overview What is BC/DR? Why should businesses have a strategy? Why do many business choose not to? How does the cloud change

More information

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain 1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business

More information

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP) Preface Computer systems are the core tool of today s business and are vital to every business from the smallest to giant organizations. Money transactions, customer service are just simple examples. Despite

More information

Disaster Recovery Plan and Backup Strategy for a website

Disaster Recovery Plan and Backup Strategy for a website Disaster Recovery Plan and Backup Strategy for a website Sanjiv Agarwala CISSP,CISA,CISM,CGEIT,ITIL,MBCI,ISO27001,ISO9001 Director, Trainer and Principal Consultant Oxygen Consulting Services Pvt. Ltd.

More information

Overview of Computer Forensics

Overview of Computer Forensics Overview of Computer Forensics Don Mason, Associate Director National Center for Justice and the Rule of Law University of Mississippi School of Law [These materials are based on 4.3.1-4.3.3 in the National

More information

SNAP WEBHOST SECURITY POLICY

SNAP WEBHOST SECURITY POLICY SNAP WEBHOST SECURITY POLICY Should you require any technical support for the Snap survey software or any assistance with software licenses, training and Snap research services please contact us at one

More information

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists Preventing Data Loss INSIDE > Disaster Recovery Types and Categories > Disaster Recovery Site Types > Disaster Recovery Procedure Lists > Business Continuity Plan 1 Preventing Data Loss White Paper Overview

More information

Storage Backup and Disaster Recovery: Using New Technology to Develop Best Practices

Storage Backup and Disaster Recovery: Using New Technology to Develop Best Practices Storage Backup and Disaster Recovery: Using New Technology to Develop Best Practices September 2008 Recent advances in data storage and data protection technology are nothing short of phenomenal. Today,

More information

Getting Started With RAID

Getting Started With RAID Dell Systems Getting Started With RAID www.dell.com support.dell.com Notes, Notices, and Cautions NOTE: A NOTE indicates important information that helps you make better use of your computer. NOTICE: A

More information

A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen.

A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen. Backup Strategy Backup strategy A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen. Two or even three backups can be made. Backups should be

More information

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: June 16, 2009

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: June 16, 2009 Business Continuity & Disaster Recovery Plan Last Updated: June 16, 2009 Business Continuity & Disaster Recovery Plan Page 2 of 6 Table of Contents Introduction... 3 Business Continuity... 3 Employee Structure...

More information

Business Continuity & Recovery Plan Summary

Business Continuity & Recovery Plan Summary Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity

More information

Backup & Disaster Recovery Options

Backup & Disaster Recovery Options Backup & Disaster Recovery Options Since businesses have become more dependent on their internal computing capability, they are increasingly concerned about recovering from equipment failure, human error,

More information

Beyond Disaster Recovery: Why Your Backup Plan Won t Work

Beyond Disaster Recovery: Why Your Backup Plan Won t Work Beyond Disaster Recovery: Why Your Backup Plan Won t Work Contents Introduction... 3 The Data Backup Model - Upgraded for 2015... 4 Why Disaster Recovery Isn t Enough... 5 Business Consequences with DR-Only

More information

VERY IMPORTANT NOTE! - RAID

VERY IMPORTANT NOTE! - RAID Disk drives are an integral part of any computing system. Disk drives are usually where the operating system and all of an enterprise or individual s data are stored. They are also one of the weakest links

More information

Creating A Highly Available Database Solution

Creating A Highly Available Database Solution WHITE PAPER Creating A Highly Available Database Solution Advantage Database Server and High Availability TABLE OF CONTENTS 1 Introduction 1 High Availability 2 High Availability Hardware Requirements

More information

IT Service Management

IT Service Management IT Service Management Service Continuity Methods (Disaster Recovery Planning) White Paper Prepared by: Rick Leopoldi May 25, 2002 Copyright 2001. All rights reserved. Duplication of this document or extraction

More information

Level I - Public. Technical Portfolio. Revised: July 2015

Level I - Public. Technical Portfolio. Revised: July 2015 Level I - Public Technical Portfolio Revised: July 2015 Table of Contents 1. INTRODUCTION 3 1.1 About Imaginatik 3 1.2 Taking Information Security Seriously 3 2. DATA CENTER SECURITY 3 2.1 Data Center

More information

Abhi Rathinavelu Foster School of Business

Abhi Rathinavelu Foster School of Business Abhi Rathinavelu Foster School of Business What is Disaster? A disaster is considered any incident or event that results in a major interruption of business operations Major: Earthquake >5.0, Volcanic

More information

Disaster Recovery for Small Businesses

Disaster Recovery for Small Businesses Technical White Paper Disaster Recovery for Small Businesses A disaster recovery plan helps you understand what data is critical to your business operations and how to best protect it from unexpected failures.

More information

Contents. Foreword. Acknowledgments

Contents. Foreword. Acknowledgments Foreword Preface Acknowledgments xv xvii xviii CHAPTER 1 Introduction 1 1.1 What Is Mission Critical? 1 1.2 Purpose of the Book 2 1.3 Network Continuity Versus Disaster Recovery 2 1.4 The Case for Mission-Critical

More information

Domain 3 Business Continuity and Disaster Recovery Planning

Domain 3 Business Continuity and Disaster Recovery Planning Domain 3 Business Continuity and Disaster Recovery Planning Steps (ISC) 2 steps [Har10] Project initiation Business Impact Analysis (BIA) Recovery strategy Plan design and development Implementation Testing

More information

EMC Backup and Recovery for Microsoft SQL Server 2008 Enabled by EMC Celerra Unified Storage

EMC Backup and Recovery for Microsoft SQL Server 2008 Enabled by EMC Celerra Unified Storage EMC Backup and Recovery for Microsoft SQL Server 2008 Enabled by EMC Celerra Unified Storage Applied Technology Abstract This white paper describes various backup and recovery solutions available for SQL

More information

Leveraging Virtualization for Disaster Recovery in Your Growing Business

Leveraging Virtualization for Disaster Recovery in Your Growing Business Leveraging Virtualization for Disaster Recovery in Your Growing Business Contents What is Disaster Recovery?..................................... 2 Leveraging Virtualization to Significantly Improve Disaster

More information

Blackboard Managed Hosting SM Disaster Recovery Planning Document

Blackboard Managed Hosting SM Disaster Recovery Planning Document BLACKBOARD MANAGED HOSTING Blackboard Managed Hosting SM Disaster Recovery Planning Document Prepared By: MH Services Modified Date: March 2009 Revision: 1.8 1. OBJECTIVES... 3 2. SCOPE... 3 3. ASSUMPTIONS...

More information

Data Management and Retention for Standards Consortia

Data Management and Retention for Standards Consortia Data Management and Retention for Standards Consortia An Overview 15 May, 2006 Prepared by: Jeremy Towsey-French jfrench@kavi.com Kavi Corporation 1 of 6 Copyright 2006 All rights reserved Data Management

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

Business Continuity & Recovery Plan Summary

Business Continuity & Recovery Plan Summary Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity

More information

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN Eman Al-Harbi 431920472@student.ksa.edu.sa Soha S. Zaghloul smekki@ksu.edu.sa Faculty of Computer and Information

More information

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning Course: Information Security Management in e-governance Day 2 Session 5: Disaster Recovery Planning Agenda Introduction to Disaster Recovery Planning (DRP) Need for disaster recovery planning Approach

More information

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery Disaster Recovery 1.1 Introduction Every day, there is the chance that some sort of business interruption, crisis, disaster, or emergency will occur. Anything that prevents access to key processes and

More information

Program: Management Information Systems. David Pfafman 01/11/2006

Program: Management Information Systems. David Pfafman 01/11/2006 Effective 04/20/2005 Page - 1 - POLICY: PURPOSE: It is the policy of to provide a plan to insure the accessibility of protected health information (PHI) in the event of data loss due to an emergency or

More information

Storage Options for Document Management

Storage Options for Document Management Storage Options for Document Management Document management and imaging systems store large volumes of data, which must be maintained for long periods of time. Choosing storage is not simply a matter of

More information

Whitepaper - Security e-messenger

Whitepaper - Security e-messenger Whitepaper 1 Security e-messenger Contents 1. Introduction Page 3 2. Data centre security and connection Page 3 a. Security Page 3 b. Power Page 3 c. Cooling Page 3 d. Fire suppression Page 3 3. Server

More information

Data Integrity: Backups and RAID

Data Integrity: Backups and RAID Data Integrity: Backups and RAID Introduction Keeping your data safe and reliable TM Backups Types of backups Strategy Tools RAID (Redundant Array of Independent Disks) Types of RAID What type to Use Disk

More information

Best Practices in Disaster Recovery Planning and Testing

Best Practices in Disaster Recovery Planning and Testing Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely

More information

Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications

Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications Suggested Reference : Senft, Sandra; Gallegos, Frederick., 2009.

More information

Backup. Contents. 1 Storage, the base of a backup system. 2 Selection, extraction and manipulation of data. 3 Managing the backup process.

Backup. Contents. 1 Storage, the base of a backup system. 2 Selection, extraction and manipulation of data. 3 Managing the backup process. Backup In information technology, a backup or the process of backing up refer to making copies of data so that these additional copies may be used to restore the original after a data loss event. These

More information

Virtual Infrastructure Security

Virtual Infrastructure Security Virtual Infrastructure Security 2 The virtual server is a perfect alternative to using multiple physical servers: several virtual servers are hosted on one physical server and each of them functions both

More information

Contingency planning. DAU Marts 2013

Contingency planning. DAU Marts 2013 ning DAU Marts 2013 Agenda Introduction Process definition Activation and notification Recovery Reconstruction Evaluation Examples Do and Don t Why bother? Information provided by information technology

More information

Service Organization Controls 3 Report. Report on Hyland Software, Inc. s OnBase Online Cloud Platform, relevant to Security and Availability

Service Organization Controls 3 Report. Report on Hyland Software, Inc. s OnBase Online Cloud Platform, relevant to Security and Availability Service Organization Controls 3 Report Report on Hyland Software, Inc. s OnBase Online Cloud Platform, relevant to Security and Availability for the period May 1, 2015 through October 31, 2015 Ernst &

More information

Slash Costs and Improve Operations with Server, Storage and Backup Virtualization. December 2008

Slash Costs and Improve Operations with Server, Storage and Backup Virtualization. December 2008 Slash Costs and Improve Operations with Server, Storage and Backup Virtualization December 2008 Virtualization consolidates resources to obliterate waste in IT, and the associated cost savings make this

More information

Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009!

Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009! Disaster Recovery Review FREE Promotional Offer Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009! This review is designed to help the small business better

More information

Pervasive PSQL Meets Critical Business Requirements

Pervasive PSQL Meets Critical Business Requirements Pervasive PSQL Meets Critical Business Requirements Pervasive PSQL White Paper May 2012 Table of Contents Introduction... 3 Data Backup... 3 Pervasive Backup Agent... 3 Pervasive PSQL VSS Writer... 5 Pervasive

More information

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an

More information

DISASTER RECOVERY PLANNING GUIDE

DISASTER RECOVERY PLANNING GUIDE DISASTER RECOVERY PLANNING GUIDE AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING FOR JD EDWARDS SOFTWARE CUSTOMERS www.wts.com WTS Disaster Recovery Planning Guide Page 1 Introduction This guide will provide

More information

technology brief RAID Levels March 1997 Introduction Characteristics of RAID Levels

technology brief RAID Levels March 1997 Introduction Characteristics of RAID Levels technology brief RAID Levels March 1997 Introduction RAID is an acronym for Redundant Array of Independent Disks (originally Redundant Array of Inexpensive Disks) coined in a 1987 University of California

More information

The Importance of Disaster Recovery for Data Protection

The Importance of Disaster Recovery for Data Protection The Importance of Disaster Recovery for Data Protection Eric R Schott Director, Product Management 2006 Summer Conference 2005 Annual June Conference 13th, 2006 October Sheraton 24-26 Nashua 2005, Hotel

More information

Disaster Recovery 101. Sudarshan Ranganath & Matthew Phillips Ellucian

Disaster Recovery 101. Sudarshan Ranganath & Matthew Phillips Ellucian Disaster Recovery 101 Sudarshan Ranganath & Matthew Phillips Ellucian SESSION OBJECTIVES Business continuity is critical to every institution and its IT organization. How do you set up your ERP and other

More information

Distribution One Server Requirements

Distribution One Server Requirements Distribution One Server Requirements Introduction Welcome to the Hardware Configuration Guide. The goal of this guide is to provide a practical approach to sizing your Distribution One application and

More information

Deploying a File Server Lesson 2

Deploying a File Server Lesson 2 Deploying a File Server Lesson 2 Skills Matrix Technology Skill Objective Domain Objective # Adding a New Disk Configure storage 1.5 File Server The most basic and the most universal type of application

More information

Simplified HA/DR Using Storage Solutions. Tom Tyler, Perforce Software Agnes Jacob, NetApp

Simplified HA/DR Using Storage Solutions. Tom Tyler, Perforce Software Agnes Jacob, NetApp Simplified HA/DR Using Storage Solutions Tom Tyler, Perforce Software Agnes Jacob, NetApp 1 Introduction Major League Requirements Review: Perforce Server Storage Profile HA vs. DR Fault Tree Analysis,

More information

USER GUIDE. PageScope Enterprise Suite. Backup and Recovery

USER GUIDE. PageScope Enterprise Suite. Backup and Recovery PageScope Enterprise Suite Backup and Recovery USER GUIDE Date : 07/31/2008 Written by: Tony Gliatta, Vartkes Tashjian and Rob Posenato Location: CEC Lab, HQ Ramsey, NJ Table of Content Chapter 1 PageScope

More information

Why Email Fails MessageOne Survey of Email Outages

Why Email Fails MessageOne Survey of Email Outages Why Email Fails MessageOne Survey of Email Outages White Paper MessageOne, Inc. 11044 Research Blvd. Building C, Fifth Floor Austin, TX 78759 Toll-Free: 888.367.0777 Telephone: 512.652.4500 Fax: 512.652.4504

More information

BOWMAN SYSTEMS SECURING CLIENT DATA

BOWMAN SYSTEMS SECURING CLIENT DATA BOWMAN SYSTEMS SECURING CLIENT DATA 2012 Bowman Systems L.L.C. All Rights Reserved. This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered

More information

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0 DISASTER RECOVERY Omniture Disaster Plan June 2, 2008 Version 2.0 CHAPTER 1 1 Disaster Recovery Plan Overview In the event that one of our data collection environments are unavailable due to an event,

More information

Backup and Redundancy

Backup and Redundancy Backup and Redundancy White Paper NEC s UC for Business Backup and Redundancy allow businesses to operate with confidence, providing security for themselves and their customers. When a server goes down

More information

High Availability and Disaster Recovery Solutions for Perforce

High Availability and Disaster Recovery Solutions for Perforce High Availability and Disaster Recovery Solutions for Perforce This paper provides strategies for achieving high Perforce server availability and minimizing data loss in the event of a disaster. Perforce

More information

Finding a Cure for Downtime

Finding a Cure for Downtime Finding a Cure for Downtime 7 Tips for Reducing Downtime in Healthcare Information Systems EXECUTIVE SUMMARY THE COST OF DOWNTIME IN HEALTHCARE According to research by Healthcare Informatics: Every minute

More information

Cloud Computing Disaster Recovery (DR)

Cloud Computing Disaster Recovery (DR) Cloud Computing Disaster Recovery (DR) Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Need for Disaster Recovery (DR) What happens when you

More information

The Microsoft Large Mailbox Vision

The Microsoft Large Mailbox Vision WHITE PAPER The Microsoft Large Mailbox Vision Giving users large mailboxes without breaking your budget Introduction Giving your users the ability to store more e mail has many advantages. Large mailboxes

More information

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business. www.integrit-network.com

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business. www.integrit-network.com Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business www.integrit-network.com Business Continuity & Disaster Survival Strategies for the Small & Mid Size Business AGENDA:

More information

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee Windows Server Security Best Practices Initial Document Created By: 2009 Windows Server Security Best Practices Committee Document Creation Date: August 21, 2009 Revision Revised By: 2014 Windows Server

More information

VERITAS High Availability Solutions for DB2 Universal Database

VERITAS High Availability Solutions for DB2 Universal Database WHITE PAPER VERITAS High Availability Solutions for DB2 Universal Database VERSION INCLUDES TABLE OF CONTENTS STYLES 1 TABLE OF CONTENTS TABLE OF CONTENTS...2 Introduction...3 The Causes and Impact of

More information

REMOTE OFFICE BACKUP

REMOTE OFFICE BACKUP REMOTE OFFICE BACKUP Remote offices present IT managers with a number of technical challenges. Often businesses use remote offices to expand into either new markets, or into new geographical areas. Many

More information

System Infrastructure Non-Functional Requirements Related Item List

System Infrastructure Non-Functional Requirements Related Item List System Infrastructure Non-Functional Requirements Related Item List April 2013 Information-Technology Promotion Agency, Japan Software Engineering Center Copyright 2010 IPA [Usage conditions] 1. The copyright

More information

IT Disaster Recovery Plan Template

IT Disaster Recovery Plan Template HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned

More information

IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement

More information

Business Continuity Glossary

Business Continuity Glossary Developed In Conjuction with Business Continuity Glossary ACTIVATION: The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration;

More information

Protecting your Enterprise

Protecting your Enterprise Understanding Disaster Recovery in California Protecting your Enterprise Session Overview Why do we Prepare What is? How do I analyze (measure) it? What to do with it? How do I communicate it? What does

More information

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Executives, Business Managers Administrative & Operations Managers This appendix is a supplement to the Cyber Security:

More information

IT Infrastructure is Key to Growth. Infrastructure nventory.

IT Infrastructure is Key to Growth. Infrastructure nventory. Introduction. The overall objective of an Information Technology (IT) Assessment is to evaluate whether an enterprise s current IT strategy is tightly coupled to the enterprise plans and challenges. Current

More information

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis Application / Hardware - Business Impact Analysis Template The single most important thing we can do is help you understand the criticality of each application, supporting hardware/server/pc and the required

More information

IncidentMonitor Server Specification Datasheet

IncidentMonitor Server Specification Datasheet IncidentMonitor Server Specification Datasheet Prepared by Monitor 24-7 Inc October 1, 2015 Contact details: sales@monitor24-7.com North America: +1 416 410.2716 / +1 866 364.2757 Europe: +31 088 008.4600

More information

IT - General Controls Questionnaire

IT - General Controls Questionnaire IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow

More information

Online Backup Solution with Disaster Recovery

Online Backup Solution with Disaster Recovery Online Backup Solution with Disaster Recovery Backup Replacement - Online For Businesses looking for Consistent, Reliable and Offsite Backup, with Minimal Data loss, Generational Management and Disaster

More information

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan Revision History REVISION DATE NAME DESCRIPTION Draft 1.0 Eric Wimbish IT Backup Disaster Table of Contents Information

More information

CLOUD SERVICE SCHEDULE

CLOUD SERVICE SCHEDULE CLOUD SERVICE SCHEDULE 1 DEFINITIONS Defined terms in the Standard Terms and Conditions have the same meaning in this Service Schedule unless expressed to the contrary. In this Service Schedule, unless

More information

About Backing Up a Cisco Unity System

About Backing Up a Cisco Unity System CHAPTER 4 Introduction This chapter describes in general terms backing up a Cisco Unity system. When you back up a Cisco Unity server (and one or more Exchange servers) you need to consider the same issues

More information

Temple university. Auditing a business continuity management BCM. November, 2015

Temple university. Auditing a business continuity management BCM. November, 2015 Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program

More information

Disaster Recovery Disaster Recovery Planning for Business Continuity Session Name :

Disaster Recovery Disaster Recovery Planning for Business Continuity Session Name : Disaster Recovery Planning for Business Continuity Session Name : Title Introducing Jason Ouimette Product Manager, Noble Systems John Simpson CIO, Noble Systems Mike Mahfouz Director of Collection Operations,

More information

Contents. SnapComms Data Protection Recommendations

Contents. SnapComms Data Protection Recommendations Contents Abstract... 2 SnapComms Solution Environment... 2 Concepts... 3 What to Protect... 3 Database Failure Scenarios... 3 Physical Infrastructure Failures... 3 Logical Data Failures... 3 Service Recovery

More information

ACTUALLY TEST YOUR PLAN. Disaster Recovery using Shadow Protect. March Madness Lunch & Learn. www.martinandassoc.com 1 AGENDA

ACTUALLY TEST YOUR PLAN. Disaster Recovery using Shadow Protect. March Madness Lunch & Learn. www.martinandassoc.com 1 AGENDA AGENDA BEYOND BACKUP ENSURING RECOVER-ABILITY Identify and Quantify Exposure Risk Evolution of Recovery Technologies Build a Recover-Ability Solution Joe Gast Martin & Associates Maintenance Testing &

More information

Library Recovery Center

Library Recovery Center Library Recovery Center Ever since libraries began storing bibliographic information on magnetic disks back in the 70 s, the challenge of creating useful back-ups and preparing for a disaster recovery

More information

9/3/2009. Information Systems Disaster Recovery. Learning Objectives. Why have a plan? unexpected? APPA-Institute for Facilities Management

9/3/2009. Information Systems Disaster Recovery. Learning Objectives. Why have a plan? unexpected? APPA-Institute for Facilities Management Information Systems Disaster Recovery APPA-Institute for Facilities Management J. Craig Klimczak, D.V.M., M.S. Vice-Chancellor for Technology St. Louis Community College 300 South Broadway St. Louis, MO

More information

Oracle Database 10g: Backup and Recovery 1-2

Oracle Database 10g: Backup and Recovery 1-2 Oracle Database 10g: Backup and Recovery 1-2 Oracle Database 10g: Backup and Recovery 1-3 What Is Backup and Recovery? The phrase backup and recovery refers to the strategies and techniques that are employed

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

Leverage The Cloud, Bulletproof Your Data, Manage Your Documents, Spare Your Wallets. Presented By Ilene Rosoff, CEO The Launch Pad

Leverage The Cloud, Bulletproof Your Data, Manage Your Documents, Spare Your Wallets. Presented By Ilene Rosoff, CEO The Launch Pad RevITup TechEd Series Presents Hands-Free Business Continuity: Leverage The Cloud, Bulletproof Your Data, Manage Your Documents, Spare Your Wallets Presented By Ilene Rosoff, CEO The Launch Pad Leslie

More information