Chapter 10 Disaster Recovery and Data Integrity 1.

Slides:



Advertisements
Similar presentations
Presented by: Guy Prescott Common Sense Safety, Inc. (530)
Advertisements

Information Technology Disaster Recovery Awareness Program.
How to Ensure Your Business Survives, Even if Your Server Crashes Backup Fast, Recover Faster Fast and Reliable Disaster Recovery, Data Protection, System.
Disasters: What We Plan For…. John F Bradfield, DVM, PhD, DACLAM Senior Director, AAALAC International.
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
Section 34.2 Handling Business Risks
Survive and Thrive! Illinois Small Business Development Center at Harper College The ILSBDC at Harper College is funded in part through a cooperative agreement.
Everything your business needs to know but probably doesn’t.
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
Understand Database Backups and Restore Database Administration Fundamentals LESSON 5.2.
Introduction Security is a major networking concern. 90% of the respondents to the 2004 Computer Security Institute/FBI Computer Crime and Security Survey.
Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Auditing Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.
Saving Your Business from a Data Loss Randy Clark.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Continuity Planning & Disaster Recovery ( BRPASW Workshop)
Security+ All-In-One Edition Chapter 16 – Disaster Recovery and Business Continuity Brian E. Brzezicki.
DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying.
1.1 System Performance Security Module 1 Version 5.
Module 7. Data Backups  Definitions: Protection vs. Backups vs. Archiving  Why plan for and execute data backups?  Considerations  Issues/Concerns.
David N. Wozei Systems Administrator, IT Auditor.
 FFC backs up all of its data each day. It stores its most recent daily backup once a week at a company owned offsite location. FFC also stores the most.
Managing Your Data: Backing Up Your Data Robert Cook Oak Ridge National Laboratory Version 1.0 Review Date.
Preventing Common Causes of loss. Common Causes of Loss of Data Accidental Erasure – close a file and don’t save it, – write over the original file when.
Information Systems Security Operational Control for Information Security.
Business Continuity Management For Project Managers.
Read to Learn Discuss risk and risk management. Describe different types of risk.
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
XP Practical PC, 3e Chapter 6 1 Protecting Your Files.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
CIT 470: Advanced Network and System AdministrationSlide #1 CIT 470: Advanced Network and System Administration Disaster Recovery.
Management Plan Goran Smajlagic S English 2100.
Disaster Recovery and Business Continuity Planning IBK3IBV01 College 7 Paul J. Cornelisse.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
 How well is your organisation prepared for internal or external emergency situations? ◦ Do you consult with relevant emergency agencies? ◦ Do you.
A2 LEVEL ICT 13.6 LEGAL ASPECTS DISASTER RECOVERY.
Business Continuity Disaster Planning
Topic: Reliability and Integrity. Reliability refers to the operation of hardware, the design of software, the accuracy of data or the correspondence.
Election Assistance Commission 1 TGDC Meeting High Level VVSG Requirements: What do they look like? February, 09, United States.
Welcome to the ICT Department Unit 3_5 Security Policies.
WHAT ARE BACKUPS? Backups are the last line of defense against hardware failure, floods or fires the damage caused by a security breach or just accidental.
Auto Insurance
Networking Objectives Understand what the following policies will contain – Disaster recovery – Backup – Archiving – Acceptable use – failover.
8 – Protecting Data and Security
THINK DIFFERENT. THINK SUCCESS.
Technology and Business Continuity
Making the Connection ISO Master Class An Overview.
CompTIA Security+ Study Guide (SY0-401)
Risk Assessments.
DBA 5/20/2018 Like a policeman or teacher
Chapter 6: Database Project Management
A Thread Relevant to all Levels of the EA Cube
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
What is QuickBooks File Doctor The demands of the industry have taken a great leap with advancement in the technology. This advancement has caused various.
Audit Planning Presentation - Disaster Recovery Plan
Backup and restoration of data, redundancy
1 2 Please stand by! The webinar will begin shortly.
Business Risk.
The Advantages of using Business CCTV Security Systems.
Protect Your Ecommerce Site From Hacking and Fraud
Chapter 34 Risk Management
COMPANY NAME Business Continuity Plan Date Presented by.
Presentation transcript:

Chapter 10 Disaster Recovery and Data Integrity 1

A disaster-recovery plan looks at what disasters *could* hit and lays out a plan for responding to those disasters. It lists services, order in which to restore and how fast it needs to happen. The network disaster recovery plan is usually part of a larger, overall plan. It starts with understanding the basics: Determine what disasters could afflict your site The likelihood that those disasters will strike The cost of your company if they do strike And how quickly the various parts of your business need to be revived Disaster Recovery 2

Definition: Disaster—a catastrophic event that causes a massive outage affecting an entire building or site. It can be anything from a natural disaster, such as an earthquake, to the more common problem of a stray backhoe cutting your cable by accident. Disaster Recovery 3

Risk Analysis Good candidate for using external consultants. It is a specialized skill that is not used often. A large company may hire a consultant to perform a Risk Analysis and have an in-house person responsible for Risk Management. Risk analysis involves determining what disasters may happen, the chances of those disasters, and the likely cost if a disaster of each type occurred. The company can then use that information to decide how much money is reasonable to spend on trying to mitigate the effects of each type of disaster. (Probably cost of disaster – Probably cost after mitigation) X Risk of Disaster Flood ($10,000,000 - $x) X (1/1,000,000); x=$10 sets this equation to 0 Earthquake ($60,000,000 - $x) X (1/3,000); x=$20,000 sets this equation to 0 Disaster Recovery 4

Legal Obligations: There may be company contract obligations. This must be included in the Risk Analysis. Damage Limitations: Some can be done at little or no cost in some instances -Lifting racks in flood prone areas -Lightening rods and good grounding systems to protect against lightening -Racks bolted to the floor to help mitigate earthquake damage Some can come at significant cost and can only be afforded by very large companies -Building your data center underground to protect against tornados/bombs -Expensive mechanisms to allow racks to shake with an earthquake Fire prevention systems, UPS’s Disaster Recovery 5

Preparation Being prepared for a disaster means being able to restore the essential systems to working order in a timely manner, as defined by your legal obligations. Need to arrange a source of replacement hardware in advance from companies that provide this service. You also need to have another site to which this equipment can be sent if the primary site cannot be used because of safety reasons, lack of power, or lack of connectivity. Make sure these companies are aware of your needs and where to send it. Once you have your machines, you need to recreate your system. Typically, you first rebuild the systems, then you restore from backups—data stored off-site. 6

Data Integrity Data integrity means ensuring your data is not altered by external sources. It can be corrupted maliciously by viruses or individuals, or inadvertently by individuals, bugs in programs, and undetected hardware malfunctions. There are anecdotal methods to check for data corruption Large files checked against “read-only” checksums Seeing large changes in a database only expected to have small changes Industrial espionage and theft of intellectual property are not uncommon. A company may need to prove ownership of intellectual property and your ability to accurately restore data as it existed on a certain date may be required in a court of law. For both disaster recovery and use as evidence in a court of law, an administrator needs to know the data has not been tampered with. 7

Disaster Recover and Data Integrity The ultimate preparation is to have a fully redundant version of everything that can take over when the primary fails. Some companies do this and some companies have quit using the term “disaster recovery” and have started using the term “contingency planning” or “continuity planning.” The next level of disaster planning is to have an alternate site that duplicate *some* of the critical services across both data centers. Then the only problem is getting people access to those services. Security Disasters: a growing concern. Similar risk analysis can be performed on ways to protect data. Media Relations: Have a profession Public Relations firm on retainer, or have a media plan—who will talk to the media, what kinds of things will and will not be said, and what the chain of command is if the designated decision makers aren’t available. 8