Disaster Prevention and Recovery Kristen Emch Christine Jennings-Garant.

Slides:

Advertisements

Similar presentations

Information Technology Disaster Recovery Awareness Program.

Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

How to Ensure Your Business Survives, Even if Your Server Crashes Backup Fast, Recover Faster Fast and Reliable Disaster Recovery, Data Protection, System.

Backing up and Archiving Data Chapter 1. Introduction This presentation covers the following: – What is backing up – What is archiving – Why are both.

Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.

Everything your business needs to know but probably doesn’t.

Barracuda Backup Service Data Backup and Disaster Recovery.

Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Transactions and Recovery

IBM TotalStorage ® IBM logo must not be moved, added to, or altered in any way. © 2007 IBM Corporation Break through with IBM TotalStorage Business Continuity.

SQL Server 2008 Implementation and Maintenance Chapter 7: Performing Backups and Restores.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

LAN / WAN Business Proposal. What is a LAN or WAN? A LAN is a Local Area Network it usually connects all computers in one building or several building.

ISA Topic 9: Operations Security ISA 562 Internet Security Theory & Practice.

Introduction to Computer Networks Introduction to Computer Networks.

Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

15 Maintaining a Web Site Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section.

Dr.Backup Online Backup Service (888) (toll free)

Ways to organize electronic files Witness fitness By: Simran and Navneet.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

1 Maintain System Integrity Maintain Equipment and Consumables ICAS2017B_ICAU2007B Using Computer Operating system ICAU2231B Caring for Technology Backup.

© 2001 by Prentice Hall11-1 Local Area Networks, 3rd Edition David A. Stamper Part 4: Installation and Management Chapter 11 LAN Administration: Backup.

Preventing Common Causes of loss. Common Causes of Loss of Data Accidental Erasure – close a file and don’t save it, – write over the original file when.

Mark A. Magumba Storage Management. What is storage An electronic place where computer may store data and instructions for retrieval The objective of.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

XP Practical PC, 3e Chapter 6 1 Protecting Your Files.

CIT 470: Advanced Network and System AdministrationSlide #1 CIT 470: Advanced Network and System Administration Disaster Recovery.

SECURITY OF DATA By: ADRIAN PERHAM. Issues of privacy; Threats to IT systems; Data integrity; Standard clerical procedures; Security measures taken to.

Security and Backup. Introduction A back-up strategy must cover all eventualities: Accidental damage Equipment failure Deliberate damage It must consider:

IT tools to communicate By Suleman Kalam. Podcast What is Podcasts? A podcasts is a downloadable media file which can be downloaded into many electronic.

Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,

Fault Tolerance and Disaster Recovery. Topics Using Antivirus software Fault tolerance –Power –Redundancy –Storage –Services Disaster Recovery –Backup/Restore.

20/12/20151 Data Structures Backing up and Archiving Data.

FIT03.05 Explain features of network maintenance.

By Liam Wright Manga comic group Japan SAFETY on your computer.

IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.

Introduction TO Network Administration

1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.

1 UNIT 19 Data Security 2 Lecturer: Ghadah Aldehim.

Backup Exec System Recovery. 2 Outline Introduction Challenges Solution Implementation Results Recommendations Q & A.

Hands-On Microsoft Windows Server 2008 Chapter 7 Configuring and Managing Data Storage.

INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.

Security Operations Chapter 11 Part 2 Pages 1262 to 1279.

Implementing a Security Policy JISC – ICT Security Threats & Promises, April 2002 Mick Ismail ICT Services Manager City of Wolverhampton College.

By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Network-Attached Storage. Network-attached storage devices Attached to a local area network, generally an Ethernet-based network environment.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Slide Template for Module 4 Data Storage, Backup, and Security

The importance of computer backups

Working at a Small-to-Medium Business or ISP – Chapter 8

Managing Multi-User Databases

Common Methods Used to Commit Computer Crimes

UNIT 19 Data Security 2.

Your Computer Wants To Ruin Your Life

Section 15.1 Section 15.2 Identify Webmastering tasks

Answer the questions to reveal the blocks and guess the picture.

Determined Human Adversaries: Mitigations

Backing Up 01/12/2018.

12 STEPS TO A GDPR AWARE NETWORK

Backup and restoration of data, redundancy

Unit 4 IT Security Kerris Davies.

PLANNING A SECURE BASELINE INSTALLATION

Determined Human Adversaries: Mitigations

6. Application Software Security

Presentation transcript:

Disaster Prevention and Recovery Kristen Emch Christine Jennings-Garant

Introduction Prevention, protection, and recovery are a crucial function to EVERY system or company. Prevention, protection, and recovery are a crucial function to EVERY system or company. It is most important to operations within the system It is most important to operations within the system –Not so much management Operations must have: Operations must have: –Disaster prevention and recovery plans –Plans for back up

Prevention/Protection Prevention – the act of keeping something from happening Prevention – the act of keeping something from happening There are 4 main methods: There are 4 main methods: 1.Redundancy 2.Hardware 3.Firewalls 4.Virus Protection

1.Redundancy Redundancy – a system design that makes duplicates to provide alternatives in case of failure Redundancy – a system design that makes duplicates to provide alternatives in case of failure Devices, referred to as Secondary Storage, are used to create system duplicates: Devices, referred to as Secondary Storage, are used to create system duplicates: Secondary storage – storing large amounts of data and instructions more permanently Secondary storage – storing large amounts of data and instructions more permanently

Redundancy RAID (Redundant Array of Independent/Inexpensive Disks) RAID (Redundant Array of Independent/Inexpensive Disks) Allows system to make a “reconstruction map” to rebuild data Allows system to make a “reconstruction map” to rebuild data –Multiple hard drives copy data so that if one drive fails, there is no single point of failure Improves efficiency Improves efficiency

Redundancy Software may be used to monitor or check the back-up system Software may be used to monitor or check the back-up system Improves quality of the system Improves quality of the system Valuable to keep copy of entire system at an external location Valuable to keep copy of entire system at an external location Disadvantage Disadvantage –If the back-up system isn’t monitored, the company will lose its redundancy Ex. Kerr administration building, 2 mos. ago Ex. Kerr administration building, 2 mos. ago

2. Hardware Consider the use of more expensive hardware Consider the use of more expensive hardware –Higher mean time between failure (MBTF) –Better quality hardware lasts longer Disadvantage Disadvantage –May not be financially possible

3. Firewalls Used to protect from external threats Used to protect from external threats –Break-ins or unauthorized access to the system Servers vs. Workstations Servers vs. Workstations –Anyone can access a website (server) –Can set protocol levels of firewalls –Ex. No access to COB from outside Other preventative measures include the use of identification numbers and passwords Other preventative measures include the use of identification numbers and passwords

4. Virus Protection *Viruses are the #1 type of attack on information systems Used to prevent contamination of system Used to prevent contamination of system –Internal personnel pulling external threats into system Constantly monitors and protects Constantly monitors and protects –Should be frequently updated Ex. Symantec updates online Ex. Symantec updates online

Recovery Recovery – regaining or saving something lost Recovery – regaining or saving something lost Naval helicopter crash Naval helicopter crashhelicopter

Recovery Make sure data are never compromised Make sure data are never compromised –Overlaps with redundancy Ex: COB writes tapes and takes them offsite every night Ex: COB writes tapes and takes them offsite every night Companies can be hired to do this job Companies can be hired to do this job

Testing Removes the redundancy element Removes the redundancy element Anything can happen Anything can happen Element of quality control (QC) Element of quality control (QC) Stage problems Stage problems

COBIT COBIT is an IT governance framework and supporting toolset COBIT is an IT governance framework and supporting toolset Allows managers to bridge the gap between control requirements, technical issues, and business risks Allows managers to bridge the gap between control requirements, technical issues, and business risks COBIT enables clear policy development and good practice for IT control throughout organizations COBIT enables clear policy development and good practice for IT control throughout organizations

COBIT 2 for disaster prevention and recovery 2 for disaster prevention and recovery DS 10- manage problems DS 10- manage problems DS 4 – ensure continuous service DS 4 – ensure continuous service RACI chart RACI chart –Responsible –Accountable –Consulted –Informed

COBIT DS-10 RACI Chart RACI Chart

COBIT DS-4 RACI Chart RACI Chart

Let’s Review… There are 4 main types of prevention There are 4 main types of prevention –Redundancy * –Hardware –Firewalls –Virus Protection If the back up system is not kept track of, the system loses its redundancy If the back up system is not kept track of, the system loses its redundancy

Let’s Review… Recovery is getting out of the problem once it’s too late Recovery is getting out of the problem once it’s too late Make sure data are never compromised Make sure data are never compromised COBIT is a tool that helps bridge the gap between requirements and risk COBIT is a tool that helps bridge the gap between requirements and risk