Disaster Recovery Plan



Similar documents
Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

DISASTER RECOVERY PLAN

DETAIL AUDIT PROGRAM Information Systems General Controls Review

Disaster Recovery Remote off-site Storage for single server environment

Backup Strategies for Small Business

SECTION 15 INFORMATION TECHNOLOGY

Disaster Recovery Planning for Homesteaders 2004 Paul Edwards & Associates

AUDIT GUIDELINES FOR SCHOOL DISASTER RECOVERY PLANNING

What You Should Know About Cloud- Based Data Backup

Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network

FINAL May Guideline on Security Systems for Safeguarding Customer Information

How To Backup A Database In Navision

Chapter 12 Network Administration and Support

The 10 Disaster Planning Essentials For A Small Business Network

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity

CONTINGENCY PLANNING -- THE AUDIT PROCESS Leslie A. Virgilio OFF-SITE, Inc. 32 Ellicott Street Batavia, New York 14020

Network Security Policy

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide

A guide from Chiltern Business Computing Ltd

Disaster Recovery Plan and Backup Strategy for a website

Business Continuity Planning and Disaster Recovery Planning

ecotton System Configuration White Paper

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

Computer Security Policy (Interim)

REMOTE BACKUP-WHY SO VITAL?

PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA

Web-Based Data Backup Solutions

Decision on adequate information system management. (Official Gazette 37/2010)

USFSP Network Security Guidelines

Document Management Plan Preparation Guidelines

Talk With Someone Live Now: (760) One Stop Data & Networking Solutions PREVENT DATA LOSS WITH REMOTE ONLINE BACKUP SERVICE

Systems Design. Systems Design. Systems Design, Implementation, Maintenance, and Review Security, Privacy, and Ethics.

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

Computers and Society: Security and Privacy

BACKUP Package JM1-16: Hardware Only Page 1 of NETGEAR ReadyNAS Duo 2-bay Network Attached Storage device

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

Which Backup Option is Best?

IT - General Controls Questionnaire

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

MAP ENGINE MAINTENANCE

How To Backup Your Hard Drive With Pros 4 Technology Online Backup

Virtual Infrastructure Security

Columbus Police Division Directive. I. Definitions. May 15, REVISED. Division Computer Systems

Contract # Accepted on: March 29, Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501

IT Decisions for Small Business

Data Security 2. Implement Network Controls

PERFORMANCE EVALUATION AUDIT CHECKLIST EXAMPLE. EIIP Volume VI

The Practice of Internal Controls. Cornell Municipal Clerks School July 16, 2014

Audit Report on the New York City Police Department Data Center 7A06-093

Chapter 15: Computer Security and Privacy

Introduction. Ease-of-Use

Backing up your Data. October 2014 Gus Falkenberg/Kris Schwartz

Countering and reducing ICT security risks 1. Physical and environmental risks

16 Common Backup Problems & Mistakes

SAS 70 Exams Of EBT Controls And Processors

PART 10 COMPUTER SYSTEMS

Frequently Asked Questions About WebDrv Online (Remote) Backup

Computer Backup Strategies

IT Support & Maintenance Contract

Information Security Awareness Training Gramm-Leach-Bliley Act (GLB Act)

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Identity Theft. Protecting Your Credit Identity G1

Datasäkerhet och integritet

Auditing in an Automated Environment: Appendix C: Computer Operations

MCR Checklist for Automated Information Systems (Major Applications and General Support Systems)

BackupAssist Common Usage Scenarios

Rajan Arora (Deloitte) SAP Business Objects Backup and Recovery Scenarios and Best Practices Session # 3233

SVA Backup Plus Features

Rotherham CCG Network Security Policy V2.0

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN

BACKUP SECURITY GUIDELINE

MapGuide Open Source Repository Management Back up, restore, and recover your resource repository.

Information Systems and Technology

Data Storage And Backup

Data Backup. Plan it out "Information is eternal, computers are ephemeral, backup is the savior." William R. Stanek

Supplier Security Assessment Questionnaire

Operating Instructions - Recovery, Backup and Troubleshooting Guide

Does it state the management commitment and set out the organizational approach to managing information security?

Introduction to Microsoft Small Business Server

Acronis Backup & Recovery Online Stand-alone. User Guide

This policy is not designed to use systems backup for the following purposes:

Supplier IT Security Guide

Attachment E. RFP Requirements: Mandatory Requirements: Vendor must respond with Yes or No. A No response will render the vendor nonresponsive.

Mike Casey Director of IT

BUSINESS CONTINUITY PLAN

Backup and Disaster Recovery in Schools

Backup. Contents. 1 Storage, the base of a backup system. 2 Selection, extraction and manipulation of data. 3 Managing the backup process.

Backup & Disaster Recovery Options

NOTE Please note that Disaster Recovery Services are chargeable services.

HIPAA RISK ASSESSMENT

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

Introduction to Physical Security and Security of Services

IDERA WHITEPAPER. The paper will cover the following ten areas: Monitoring Management. WRITTEN BY Greg Robidoux

Data Integrity: Backups and RAID

A Guide to Information Technology Security in Trinity College Dublin

MySQL Enterprise Backup

How to Plan for Disaster Recovery

Continuity Planning for Computer Operations: An Overview

Disk-to-Disk-to-Offsite Backups for SMBs with Retrospect

Transcription:

Disaster Recovery Plan Disasters that can cause hardware, software and data loss such as fire are inevitable. One can minimize the losses by formulating a plan to recover from such disasters and to keep the business operational. A disaster recovery plan is a method of restoring computer processing operations and data files if operations are halted or files are damaged by major destruction. There are various approaches that a company can adapt in their disaster recovery plan. These are: reverting to manual services, buying time at a service bureau, mutual aid pact or forming consortiums. Reverting to manual services is not recommended for businesses operating in a large scale such as banks and financial institutions because of its slow processing ability. Companies can buy time at a service bureau which is a company that provide services for a fee. A mutual aid pack is an agreement between two or more companies to lend each other computing power if one of them has a problem. A consortium is a joint venture to support a complete computing facility. There are two kinds of facilities; hot site and a cold site. A hot site is a fully equipped computer center with hardware, environmental controls, security, and communications facilities while a cold site is an environmentally suitable empty shell in which a company can install its own computer system. All of these approaches have their own positive and negative traits which a company can use in their own discretion. Table of Various Approaches Pros and Cons Various Approaches Pros Cons Manual Services Immediate action Slow processing ability Service Bureau Convenient for Inconvenient for companies in rural

companies in urban areas or remote areas Mutual Aid Pact Inexpensive Not guaranteed when a regional disaster occur Consortium Hot site Fully equipped Fast processing ability Immediate action Most expensive to operate Cold Site Less expensive than hot site It takes longer to get the enterprise in full operation after the disaster Typical items stored in a backup site: a. Program and data files b. Program listings c. Program and operating system documentation d. Hardware inventory lists e. Output forms f. Copy of the disaster plan manual A disaster recovery plan should include the following: a. List of priorities identifying the programs that must be up and running first. b. Plans for notifying employees of changes in locations and conditions. c. List of needed equipment and where it can be obtained. d. Procedures for handling input and output data in a different environment. Software Security

Who owns custom-made software? Employee Owner Programmer = Programmer Organization of the Consultant Organization The diagram above shows when a programmer can claim custom-made software that he wrote as legally his. If the program is written for the organization of which he is employed then he can t use that same program in his other endeavours aside from telling others that he/she is the one who made it. Data Security Data is one of an organization s most important assets thus creating and doing security measures for this asset is greatly needed. The following steps can be taken to prevent theft or alteration of data: Secured Wastes Discarded printouts, printer ribbons and the like can be sources of information to unauthorized people. This can be avoided by using a paper shredder and locked trash barrels. An example of a paper shredder

Internal Controls These are controls that are planned as part of the computer system and an example of this is a transaction log which is a file of all accesses or attempted accesses to certain data. In this way, unauthorized people found to access private files can be traced and questioned. Auditor Checks Auditors go over the financial books of the company and during the course of their duties, they frequently review computer programs and data. Through this, they can check some errors or alterations on the data. They can also see who accessed these data when it is not usually used to look for suspicious actions. Applicant Screening Theft of data can be easily done by a person that can go within the business premises easily. That s why employers should do background checks in their employees to help weed out dishonest applicants reducing the risk of information leakage. Passwords A password is a secret word, number or a combination of the two that must be typed on the keyboard to gain access to a computer system. Employees should be taught to formulate passwords that are hard to break by a password breaking program. This can be done by combining letters, numbers and symbols creating a non-existent word in any language. Example of a good password: ^$54gf^7Nb

Built-in Software Protection Softwares can be built into operating systems in ways that restrict access to the computer system. These softwares are able to identify authorized persons and let them gain access to the computer system. Personal Computer Security Personal computers have high money equivalent in the market that s why it is likely to be stolen by thieves. One can avoid this by securing personal computers in place with locks and cables. Also, most personal computers have an individual cover lock that prevents access to internal components. One should also avoid eating, drinking, and smoking while using computers. Occasional cleaning is also recommended. Disk data can be protected by using surge protectors. It is a device that prevents electrical problems from affecting computer data files. An example of this is an uninterruptible power supply. UPS includes surge protection and battery backup, which enables you to continue operating your PC during power loss or

brownouts enough to allow you to save and close all files and shut down the system without loss of data. Prepare for the Worst: Back up Your Files Personal computer users are not as devoted as organizations in backing up data files. There are many things that can go wrong that will cause data loss. There is always the possibility that your important files such as reports, music and pictures will be damaged because of hard disk failure, natural disasters or even your own stupidity and carelessness. There are many ways to back up files. Some people make another copy of their hard disk files in diskette while others back up their files on tape. You can also use a mirror hard disk, which is a second copy of everything you put on the original disk, but can cost a lot of money. Back up softwares that can automatically back up files at a certain time of day or on command are also available. Generally, backup softwares provides three types of back ups. A full backup copies everything from the hard drive. A differential back up copies all files that have been changed since the last full backup. An incremental backup copies only those files that have been changed since either the last full backup or the last incremental backup. A comprehensive backup plan involves periodic backups, complemented by either incremental or differential backups. These backup plans also differ in their restoration process. Restoration Process:

Most recent Last differential Differential Full Backup backup Approach A.) Incremental Last Incremental Backup Full Backup Approach B.)

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information