Security+ All-In-One Edition Chapter 16 – Disaster Recovery and Business Continuity Brian E. Brzezicki Business continuity One major security concern is availability. Often overlooked is the damage that can be caused by disaster which would stop you from performing some business function Some Types of Disasters (475) Natural • Fire • Hurricane • Earthquake • Tornado Man Made • Hacking • Political riot • Gas leak • Key staff resigning Disaster Recovery Plan (476) Disaster Recovery Planning deals with trying to prepare for a disaster in order to minimize the effects and as such the loss. • Spells out the required actions and resources necessary to restore mission critical processes. • Ideally make the recovery process as transparent to users as possible • One of the most important steps in DRP Planning is the BIA (in a few slides) BIA* (477) A BIA helps identify mission critical functions (examples?) and the effect a disaster would have on those functions. – Determine for each function the MTD/category of each • Critical – 1-4 hours • Urgent – 24 hours • Important – 72 hours • Normal – 7 days • Non-essential – 30 days • Once BIA has been done, contingency planning can be done Contingency plan • Who is responsible for each business function • What individuals are needed • What is the priority • Responsibility checklist • Emergency contacts • Warning system • Procedures (more) Contingency Plan (n/b) • Documentation – System configuration – Diagrams – Vendor and supplier lists – why? – Backup plan • Alternative sites (next slide) Alternate sites (484) Types of sites are provided by a “service bureau” • Hot site – – fully configured ready for operation in a few hours – Expensive – Can be used for DRP testing • Warm site – Only partially configured – Cannot really be used for DRP testing – Less • Cold site – Just basic environment (space, AC, power etc) – No equipment – Cheap – Cannot be used for DRP testing Alternate sites (n/b) Rather than having a “subscription service” the company may own it’s own redundant sites • Mirror sites • Multiple data processing sites Backups [...]... operation when major components fail RAID RAID Kills Bugs… dead! RAID 0 - 485 Raid 0 – striping (see visual) • Fast access • No redundancy • Actually increases probability of failure RAID 1 - 485 Raid 1 – mirroring (see visual) – Identical copies of data – Expensive – Faster than a single disk for reading – Can lose a disk – What is disk duplexing Normal RAID 1 - 845 RAID 1 - Disk Duplexing (n/b) Parity... time recovery! !! • Real Time! • No scheduled backups Disadvantages • Usually require online server to handle changes Redundancy and Fault Tolerance, Single Points of Failure Single Points of Failure (n/b) When planning for a disaster its IMPERATIVE you determine what places are single points of failure for your business process Implement the solutions to make these high availability, using redundancy and. .. storage • Should be at Secure off-site location – Bank vault – Other organization location – Secure storage company • Additional set On site for quick access – Why? Backups concerns • Ensure all necessary data is backed up • Ensure documentation exists on backup and restore process • Verify backups • Do test restores • Ensure all necessary team members are trained and up to date on this (rotate responsibilities... • If I do a full backup every day, and I lose my data on Wednesday morning What tapes would I need to restore, what is the restoration order? • If I do a full backup on Sunday and incremental mon-sat, and my system is lost on Wednesday morning, what tapes do I need to restore, what is the restoration order? (problems with this?) • If I do a full backup on Sunday and diffs on monsat, system lost on...Backups (481) Backups are a critical component in not only DRP but also “normal operation” Backup types (481)) First thing we need to talk about is the “archive bit” – what is it? Type of backups (next slides) • Full • Incremental • Differential Full (481) • All data everyday! • Clear archive bit after backups Incremental (481) • Only files that changed since last... IMPERATIVE you determine what places are single points of failure for your business process Implement the solutions to make these high availability, using redundancy and fault tolerant technology Redundancy and Fault Tolerance Both of these terms are essential to DRP Redundancy (Webster's) - serving as a duplicate for preventing failure of an entire system (as a spacecraft) upon failure of a single component... order? (problems with this?) • If I do a full backup on Sunday and diffs on monsat, system lost on Wednesday morning, what tapes do I need to restore, what is the restoration order • Can I mix incremental and differential backups? Why or why not? One other type of backup (481) There is a new type of backup, called a “delta” or “continuous backup or transactional backup” This is a very exciting idea How . Security+ All-In-One Edition Chapter 16 – Disaster Recovery and Business Continuity Brian E. Brzezicki Business continuity One major security concern is availability (examples?) and the effect a disaster would have on those functions. – Determine for each function the MTD/category of each • Critical – 1-4 hours • Urgent – 24 hours • Important – 72 hours • Normal –. bureau” • Hot site – – fully configured ready for operation in a few hours – Expensive – Can be used for DRP testing • Warm site – Only partially configured – Cannot really be used for DRP testing – Less