Escolar Documentos
Profissional Documentos
Cultura Documentos
info@cotconsultants.com www.cotconsultants.com
Learning Objectives
Recognize the need for contingency planning Describe the major components of contingency planning Create a simple set of contingency plans, using business impact analysis Prepare and execute a test of contingency plans Explain the unified contingency plan approach Discuss the reasons for sound backup and recovery practices and know the elements that comprise backup and recovery techniques
Firewalls & Network Security, 2nd ed. - Chapter 12 Slide 2
Objectives CONT
Using a Business Impact Analysis (BIA) to determine business operations needs Discussing key concepts such as: Recovery Time Objective (RTO) and Recovery Point Objective (RPO) and their roles in determining an appropriate disaster recovery strategy
Contingency planning (CP): overall process of preparing for unexpected events Main goal: restore normal modes of operation with minimal cost and disruption to normal business activities after unexpected event Ideally, should ensure continuous information systems availability despite unexpected events
Slide 4
Business impact analysis (BIA) Incident response plan (IR plan) Disaster recovery plan (DR plan) Business continuity plan (BC plan) As one unified plan or Separately in conjunction with set of interlocking procedures that assure continuity
Slide 5
Terminology
Business Continuity Plan (BCP) The larger umbrella plan that covers multiple plans; the overall goal is to ensure the business can continue to operate in the aftermath of any problem or disastrous event
A business continuity plan includes all departments
Note: Government agencies often use the term Continuity of Operations Plan (COOP) or Contingency Plan instead of business continuity plan
Terminology
Disaster Recovery Plan (DRP) Applies to major, usually catastrophic, events that deny access to the normal facility for an extended period (tend to
focus on technology in a Data Center)
Contingency Plan Focuses on sustaining a business function during a temporary disruption Data Backup Plan Outlines how backups of systems are performed, frequency of backups, rotation of backups, and storage of backups (onsite and off-site backups)
otto tawanda chisiri tchisiri@yahoo.co.uk
Terminology
Business Impact Analysis (BIA) An exercise that determines the impact of losing the support of any resource to an organization and establishes the escalation of that loss over time, and identifies the minimum resources needed to recover, the Recovery Time Objective (RTO), and prioritizes the recovery of processes and supporting systems
Terminology
Recovery Time Objective (RTO) The time within which business functions or application systems must be restored to acceptable levels of operational capacity
Recovery Point Objective (RPO) The maximum tolerable loss of information due to the frequency of the backups
24 hours which is maximum loss of data (unless there are periodic snapshots of memory, transactional logs, or journaling)
9
Terminology
Disaster A calamitous event that creates an inability on an organizations part to provide the critical business functions for some predetermined period of time and which results in great damage or loss
Note: The time factor which determines whether a
Recovery Time
Activation of the Disaster Recovery Plan
The Recovery Time Objective (RTO) is determined by the Business Impact Analysis
otto tawanda chisiri tchisiri@yahoo.co.uk 11
Terminology
Data Owner (a.k.a. Information Owner) The directors or senior managers who are responsible for the functional areas or business units that depend on information systems to run their operations Interdependencies Relying upon input, assistance, support, or interaction between business units in order for each to complete their mission and objectives
otto tawanda chisiri tchisiri@yahoo.co.uk 12
Terminology
Instead of
Redundancy Backup Data Center
Try using
High availability, Resiliency, or Failover systems Recovery Site or Alternate Data Center
Return on Investment
Unimportant
Loss avoidance
Less critical
Protect human life Maintain services to Banks Lessen the overall impacts by defining strategies and predetermined responses Create a systematic approach to recover and restore systems Comply with applicable laws and regulations
otto tawanda chisiri tchisiri@yahoo.co.uk 14
#1 People
#3 Information Systems
#2 Data
15
Key the scopein BCP and DRP Steps of the project Define
Conduct a risk analysis Conduct a Business Impact Analysis (BIA) Research and recommend strategies Write the plan Educate staff on the plan Exercise and test the plan Revise and maintain the plan
otto tawanda chisiri tchisiri@yahoo.co.uk 16
Without a Business Impact Analysis (BIA), the organization runs the risk of either overcommitting or underestimating the resources required to respond to a disaster or business disruption The BIA is the foundation for Business Continuity and Disaster Recovery Planning
17
BIA Objectives
1.
2.
Identify the critical resources required to minimally maintain business operations in the wake of a disastrous event Estimate the operational and financial impacts due to the loss of an information resource as it relates to the functioning of the organization
18
BIA Objectives
3.
4.
5.
Determine business recovery objectives and assumptions Establish an order or priority for restoring business functions and the information resources that support those functions Facilitate planning strategies
19
How much downtime, loss of revenue, and loss of data can each department or business unit sustain? What are the IT systems that support those mission-critical operations?
20
then on average, what is the hourly revenue generated? How is data or information received and processed by those departments? What are the dependencies?
21
Possible Impacts
Financial losses and lost revenue An organization's credibility and reputation Penalties or fines for noncompliance Litigation
Executives and officers are potentially culpable for not allocating the necessary resources to ensure the continuity of business (Duty of Care)
22
Determine the Recovery Point Objective (RPO) for each department or business unit
Determine the Recovery Time Objective (RTO) for each department or business unit
Determine the order in which information systems are needed (restoration priority)
23
Determine existing technologies for supporting high availability and recovery Assess the gap between current recovery capabilities and needed capabilities to sustain the business
otto tawanda chisiri tchisiri@yahoo.co.uk 24
List departments and business units ordered by their recovery time objective (RTO) and/or impact to patient care Identify gaps between current recovery capability and needed recovery capability Validation of BIA with key stakeholders
25
Determine how gaps between current recovery capability and recovery needs (RTO and RPO) will be handled Research potential recovery strategies to meet the overall RTO Create cost-benefit analysis Make recommendations for business continuity and disaster recovery
otto tawanda chisiri tchisiri@yahoo.co.uk 26
Advantages
Shortest recovery time
Equipment is supplied Easy to test backups and recovery plans
Disadvantages
Most expensive
Short-term use of facility Facility may not always be available
Moderately priced
Warm
Cold
Basic infrastructure
Can usually rent the space for longer otto tawanda chisiri period of time
tchisiri@yahoo.co.uk
No way to test
28
Recovery Site affected by Too close It may beLocation the same regional disaster Too far away May have difficulty getting employees to leave their homes and families during a disaster to work at an alternate or recovery site
Ability to leave the disaster area Costs associated with travel and temporary living expenses
30
Virtualization
Virtual machine
One server per operating system and otto tawanda chisiri application
tchisiri@yahoo.co.uk
Within seconds, systems can be moved from one physical server to another Servers are treated as a uniform pool Any spare server could be the recovery target for a virtual machine
Making high availability more cost-effective Curbing the proliferation of servers Reduces hardware, power, cooling, and floor space requirements
Maintenance budget
34
Providing realistic cost estimates may be difficult given the many variables and vendors unwillingness to disclose prices
Present report of findings and recommendations at meeting with data owners and senior leadership Obtain an agreement on recovery strategies Conclude the BIA portion of the project
35
36
from Katrina
Communications outages made it difficult to locate missing personnel Access to and reliable transportation into restricted areas was not always available Lack of electrical power or fuel for generators rendered computer systems inoperable
otto tawanda chisiri tchisiri@yahoo.co.uk
37
from Katrina
May need large amounts of cash to pay for critical supplies and services Mail service was interrupted for months in some areas
otto tawanda chisiri tchisiri@yahoo.co.uk 38
39
A business impact analysis is the foundation for planning Select strategies that support recovery objectives which meet the needs of the organization (RPO & RTO)
40
41
42
Ready?
A simple concept
Knowing what to do in order to protect and recover your citys functions and assets
Without continuity planning you may have only a 50-50 chance of recovering from a disaster
otto tawanda chisiri
46
Step One Top Management Support Top management must support and be
involved in the development of the disaster recovery planning process
Adequate time and resources must be committed to the development of an effective plan
Responsible for coordinating the disaster recovery plan and ensuring its effectiveness within the organization
Planning is the foundation to a successful disaster otto tawanda chisiri or emergency incident recovery
Resources could include both financial considerations and the effort of all personnel involved
tchisiri@yahoo.co.uk
47
You cant plan for everything, but you must be prepared to respond to anything!
Maximizes planning resources Oversee the development and implementation of the plan and have representatives from all functional areas of the organization Committee should define scope of the plan
48
What is most likely to occur? Which threats will do the most damage to your city? Where are you most vunerable? What will hurt the most? What will hurt you most? What are the odds it will happen?
Focus on those that will hurt the most This work feeds into your EOP
50
Critical system needs of each department should be carefully evaluated in such areas as:
Functional operations; Key personnel Information; Processing Systems Services; Documentation Vital records; Facilities; Infrastructure Policies and procedures
Determine the maximum amount of time that the department and operation can otto tawanda chisiri operate without each 51 critical system tchisiri@yahoo.co.uk
52
53
54
A vital records program identifies and protects those records that specify how an agency will operate in an emergency or disaster, those records necessary to the continued operations of the agency, and those records needed to protect the legal and financial rights of the government and citizens.
Vital Records
Emergency Operations Records: Needed During an Emergency
Must be immediately accessible Should be on paper For immediate retrieval in the event computer systems do down Or immediately available electronically off-site.
Emergency/ Continuity of Operations (COOP) Plan. Staff contact and assignment information. Regularly update changes in name, address, phone numbers, etc. Orders of succession and delegations of authority. Policy, procedural, and systems manuals. List of credit card holders to purchase needed supplies.
otto tawanda chisiri tchisiri@yahoo.co.uk 57
58
60
Vital Records
Your vital records will be no more than 7% of your total records (3% to 5% is likely)
Vital records can be either paper or electronic.
otto tawanda chisiri tchisiri@yahoo.co.uk 61
Vital Records Program must be incorporated into the overall Continuity of Operations Plan (COOP) Needs clear authority
Identify agency/business functions Determine impact of incident Estimate loss to agency/business Determine recovery timeframes Gather requirements for recovery
63
Slide 64
There are a number of data backup and management methods that aid in preparation for incident response Backup methods must be founded in an established policy that meets organizational needs In general, data files and critical system files should be backed up daily; nonessential files backed up weekly
Slide 65
Disk-to-Disk-to-Tape
With decrease in costs of storage media, more and more organizations are creating massive arrays of independent but large-capacity disk drives to store information Libraries of these devices can be built to support massive data backup and recovery Problem with this technology is lack of
Slide 66
Backup Strategies
Full: full and complete backup of entire system Differential: storage of all files that have changed or been added since last full backup Incremental: only archives data that have been modified that day
Slide 67
All on-site and off-site storage must be secured Common practice to use media-certified fireproof safes or filing cabinets to store backup media Off-site storage in particular must be in a safe location (bank, backup and recovery service, etc.) Use conditioned environment for media (airtight, humidity-controlled, static-free
Slide 68
Most common backup schedule is daily on-site, incremental, or differential backup, with weekly off-site full backup Most backups are conducted during twilight hours, when systems activity is lowest and probability of user interruption limited Classic methods for selecting files to back up:
Slide 69
Systems that use databases, regardless of type, require special backup and recovery procedures Database backup considerations include:
May not be able to back up database with utilities provided with server operating systems Can system backup procedures be used Firewalls & Network Security, 2nd ed. - Chapter 12 without interrupting use of the database Slide 71
Some strategies seek to improve robustness of servers or systems in addition to or instead of performing data backups Mirroring provides real-time protection and data backup via duplication of server data storage using multiple hard drive volumes (RAID 1) One method of server recovery and
Slide 72
Electronic Vaulting
Bulk transfer of data in batches to offsite facility Transfer usually conducted via dedicated network links or data communications services provided for a fee Can be more expensive than tape backup and slower than data mirroring, so should be used only for data that
Slide 73
Remote Journaling
Only transaction data is transferred, not archived data Transfer is performed online and much closer to real time
Slide 74
Database Shadowing
The propagation of transactions to a remote copy of the database Combines electronic vaulting with remote journaling, applying transactions to database simultaneously in two separate locations Shadowing techniques generally used by organizations needing immediate data recovery
Slide 75
NAS usually implemented via a device attached to a network; uses common communications methods to provide online storage NAS/SANs similar but implemented differently NAS uses TCP/IP-based protocols; SANs use fibre-channel or iSCSI connections between systems and storage devices
Slide 76
Service Agreements
Contractual documents guaranteeing certain minimum levels of service provided by vendors Effective service agreement should contain the following sections:
Definition of applicable parties Services to be provided by the vendor Fees and payments for these services Statements of indemnification
Slide 77
Lesson Summary
Contingency planning: process of positioning an organization to prepare for, detect, react to, and recover from events that threaten the security of information resources and assets Goal of CP is to restore normal operations after an unexpected event Business impact analysis (BIA), first phase in the CP process, provides CP
Slide 78
Actions an organization should take while incident is in progress should be defined in incident response plan (IR plan) Disaster recovery planning (DRP) entails preparations for and recovery from disaster, whether natural or humanmade Business continuity planning (BCP)
Slide 79
Incident classification: process of determining which events are possible incidents Three broad categories of incident indicators established: possible, probable, definite Routine collection and analysis of data required to properly detect and declare incidents
Slide 80
One of the most critical components of IR is stopping incident or containing its scope/impact Incident containment strategies vary depending on incident and amount of damage caused Once incident has been contained and system control has been regained, incident recovery can begin
Slide 81
Effective after-action reviews Planned review and maintenance Training staff involved in incident response Rehearsing process that maintains IR readiness
Number of data backup/management methods that aid in preparation for incident response Most commonly used varieties are disk
Slide 82
The end
Contact info@cotconsultants.com
OTTO TAWANDA CHISIRI
83
THANK YOU
84