Security+
All-In-One Edition
Chapter 16 – Disaster Recovery
and Business Continuity
Brian E. Brzezicki
Business continuity
One major security concern is availability.
Often overlooked is the damage that can
be caused by disaster which would stop
you from performing some business
function
Some Types of Disasters (475)
Natural
•
Fire
•
Hurricane
•
Earthquake
•
Tornado
Man Made
•
Hacking
•
Political riot
•
Gas leak
•
Key staff resigning
Disaster Recovery Plan (476)
Disaster Recovery Planning deals with
trying to prepare for a disaster in order to
minimize the effects and as such the
loss.
•
Spells out the required actions and resources
necessary to restore mission critical processes.
•
Ideally make the recovery process as transparent to
users as possible
•
One of the most important steps in DRP Planning is
the BIA (in a few slides)
BIA* (477)
A BIA helps identify mission critical functions
(examples?) and the effect a disaster would have on
those functions.
–
Determine for each function the MTD/category of each
•
Critical – 1-4 hours
•
Urgent – 24 hours
•
Important – 72 hours
•
Normal – 7 days
•
Non-essential – 30 days
•
Once BIA has been done, contingency planning can
be done
Contingency plan
•
Who is responsible for each business function
•
What individuals are needed
•
What is the priority
•
Responsibility checklist
•
Emergency contacts
•
Warning system
•
Procedures
(more)
Contingency Plan (n/b)
•
Documentation
–
System configuration
–
Diagrams
–
Vendor and supplier lists – why?
–
Backup plan
•
Alternative sites (next slide)
Alternate sites (484)
Types of sites are provided by a “service bureau”
•
Hot site –
–
fully configured ready for operation in a few hours
–
Expensive
–
Can be used for DRP testing
•
Warm site
–
Only partially configured
–
Cannot really be used for DRP testing
–
Less
•
Cold site
–
Just basic environment (space, AC, power etc)
–
No equipment
–
Cheap
–
Cannot be used for DRP testing
Alternate sites (n/b)
Rather than having a “subscription service”
the company may own it’s own redundant
sites
•
Mirror sites
•
Multiple data processing sites
Backups
Backups (481)
Backups are a critical component in not only
DRP but also “normal operation”.
Backup types (481))
First thing we need to talk about is the “archive
bit” – what is it?
Type of backups (next slides)
•
Full
•
Incremental
•
Differential
Full (481)
•
All data
everyday!
•
Clear
archive bit
after
backups
Incremental (481)
•
Only files
that changed
since last full
or last incr
•
Reset the
archive bit
Differential (481)
•
Only files
changed
since last full
or diff
•
DO NOT
reset the
archive bit
Backup Types
Order the backup types by time needed to
backup.
Explain the Restore process for each type
Order the backup types by ease needed to
restore.
Backup storage
•
Should be at Secure off-site location
–
Bank vault
–
Other organization location
–
Secure storage company
•
Additional set On site for quick access
–
Why?
Backups concerns
•
Ensure all necessary data is backed up
•
Ensure documentation exists on backup and
restore process
•
Verify backups
•
Do test restores
•
Ensure all necessary team members are trained
and up to date on this. (rotate responsibilities to
keep everyone fresh)
•
Backups are the IT persons biggest “risk” It used
to keep me up at night.
Questions (n/b)
•
If I do a full backup every day, and I lose my
data on Wednesday morning. What tapes would
I need to restore, what is the restoration order?
•
If I do a full backup on Sunday and incremental
mon-sat, and my system is lost on Wednesday
morning, what tapes do I need to restore, what is
the restoration order? (problems with this?)
•
If I do a full backup on Sunday and diffs on mon-
sat, system lost on Wednesday morning, what
tapes do I need to restore, what is the
restoration order.
•
Can I mix incremental and differential backups?
Why or why not?
One other type of backup (481)
There is a new type of backup, called a “delta”
or “continuous backup or transactional
backup” This is a very exciting idea.
How it works.
•
For each file make sure you get a full copy
when the file is created
•
Anytime a file changes, copy ONLY the
changes that occurred. Do this in real time if
possible
Continuous Backups (481)
Advantages:
•
Much less backup time/cost
•
Point in time recovery!!!
•
Real Time!
•
No scheduled backups
Disadvantages
•
Usually require online server to handle
changes