Donald Hester March 9, 2010 For audio call Toll Free 1 - 888-886-3951 and use PIN/code 695202 IT Best Practices for Community Colleges Part 2: Business.

Slides:



Advertisements
Similar presentations
IT Service Continuity Management
Advertisements

Alex Kissal and Matt Lord February 22, 2010 For audio call Toll Free and use PIN/code Blackboard Managed Hosting Overview.
Osman Parada Senior Technology Support Specialist San Bernardino Community College District November 4, 2009 For audio call Toll Free
Micah Orloff March 17, 2010 For audio call Toll Free and use PIN/code What's New with Blackboard 9: Increase Student Success by.
Marti Atkinson October 29, 2009 For audio call Toll Free and use PIN/code Free and Easy Collaboration Tools.
Photoshop Tips and Tricks, Part 1: Cropping, Selecting, and Improving Quality Donna Eyestone February 27, 2008 For audio call Toll Free
Sean Keegan August 5, 2008 For audio call Toll Free and use PIN/code The ABCs of PDFs Part 3: Creating Accessible PDF Documents.
Donald Hester May 4, 2010 For audio call Toll Free and use PIN/code Windows 7 for IT Professionals Part 1: Security and Control.
Ryan Eash September 30, 2009 For audio call Toll Free and use PIN/code Camtasia for the Mac: Enhancing Online Learning for Mac.
Donald Hester October 21, 2009 For audio call Toll Free and use PIN/code Getting the Most from Word 2007, Part 2: References and.
The Art of PowerPoint, Part 2: Animations and Audio Zachary Schroeder April 9, 2008 For audio call Toll Free and use PIN/code
Bill Doherty and Pat James 2/25/2010 For audio call Toll Free and use PIN/code Professional Development on a Shoe String Budget.
The Art of PowerPoint, Part 3: Accessibility and the Web Sean Keegan April 21, 2008 For audio call Toll Free and use PIN/code
The Art of PowerPoint, Part 1: Tools, Views and Master Slides Zachary Schroeder April 2, 2008 For audio call Toll Free and use PIN/code.
Micah Orloff September 21, 2010 For audio call Toll Free and use PIN/code
Donna Eyestone February 23, 2011 For audio call Toll Free and use PIN/code
Gregory Beyrer July 22, 2010 For audio call Toll Free and use PIN/code From Blackboard to Desire2Learn.
Michelle Macfarlane March 5, 2009 For audio call Toll Free and use PIN/code Engaging Millennial Students with Fun Tech: Animoto.
Donna Eyestone 2/24/2010 For audio call Toll Free and use PIN/code Free Podcast Hosting with 3CRSS.
Tony McKinley August 11, 2009 For audio call Toll Free and use PIN/code Save $$ with Nuance's New PDF Converter.
Micah Orloff March 10, 2010 For audio call Toll Free and use PIN/code What's New with Blackboard 9: Increase Student Retention.
Online Tutoring made Easy Kakwasi Somadhi April 29, 2008 For audio call Toll Free and use PIN/code
Donald Hester March 30, 2010 For audio call Toll Free and use PIN/code IT Best Practices for Community Colleges Part 3: Configuration.
Donald Hester February 9, 2010 For audio call Toll Free and use PIN/code IT Best Practices for Community Colleges Part 1: IT Risk.
Richard Mundell November 11, 2009 For audio call Toll Free and use PIN/code Free and Easy Course Authoring with myUDUTU.
Eric Wilson, MS Ed March 16, 2010 For audio call Toll Free and use PIN/code Online Collaborative Groups.
Micah Orloff March 3, 2010 For audio call Toll Free and use PIN/code What's New with Blackboard 9: Getting Acquainted.
Donna Eyestone 4/21/2010 For audio call Toll Free and use PIN/code The Power of iLife.
Eric Wilson August 5, 2010 For audio call Toll Free and use PIN/code
Micah Orloff July 31, 2008 For audio call Toll Free and use PIN/code The Art of PowerPoint 2007 Part 1: Tools, Views and Master.
Micah Orloff May 5, 2010 For audio call Toll Free and use PIN/code
Donald Hester April 20, 2010 For audio call Toll Free and use PIN/code IT Best Practices for Community Colleges Part 4: Awareness.
Donald E. Hester July 18, 2008 For audio call Toll Free and use PIN/code Get up to Speed with 2007 Office Part 1: Word, Excel,
Michelle Macfarlane November 10, 2009 For audio call Toll Free and use PIN/code Building Community Online, Part 5: Social Networking.
Tahiya Marome October 8, 2009 For audio call Toll Free and use PIN/code Engaging Millennial Students with Fun Tech: Games.
Donald Hester October 7, 2009 For audio call Toll Free and use PIN/code Getting the Most from OneNote 2007.
Donald Hester March 22, 2011 For audio call Toll Free and use PIN/code
Michelle Macfarlane September 24, 2009 For audio call Toll Free and use PIN/code Engaging Millennial Students with Fun Tech: Jing.
Donald E. Hester July 23, 2008 For audio call Toll Free and use PIN/code Get up to Speed with 2007 Office Part 2: PowerPoint, Outlook,
Micah Orloff May 5, 2011 For audio call Toll Free and use PIN/code
Donald Hester October 14, 2009 For audio call Toll Free and use PIN/code Getting the Most from Word 2007, Part 1: Creating and.
Blaine Morrow 3/2/2010 For audio call Toll Free and use PIN/code New Video Collboration with Elluminate.
Anna Stirling and Micah Orloff May 22, 2012 For audio call Toll Free and use PIN/code Take Your Online Teaching to New Heights:
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
Donald E. Hester 19-Mar-2010 For audio call Toll Free and use PIN/code
Business Continuity Planning and Disaster Recovery Planning
Donald E. Hester October 30, 2009 For audio call Toll Free and use PIN/code Windows 7: The View Beyond Vista is Great.
Catherine Werst July 27, 2010 For audio call Toll Free and use PIN/code
Donna Eyestone May 25, 2010 For audio call Toll Free and use PIN/code iPad in Education.
Planning for Contingencies
Larry Green July 15, 2010 For audio call Toll Free and use PIN/code Online Math Games and Resources.
Joan Van Duzer April 13, 2011 For audio call Toll Free and use PIN/code
Micah Orloff and Donna Eyestone October 19, 2010 For audio call Toll Free and use PIN/code
Lynn Strand March 30, 2011 For audio call Toll Free and use PIN/code
Marsha Fralick and Keith Franco July 13, 2010 For audio call Toll Free and use PIN/code A College Success Course for New Millennial.
Discovery Planning steps (1)
James Glapa-Grossklag July 20, 2010 For audio call Toll Free and use PIN/code
Marsha Fralick and Keith Franco July 13, 2010 For audio call Toll Free and use PIN/code A College Success Course for New Millennial.
Donna Eyestone February For audio call Toll Free and use PIN/code
Rich Archer Partner, Risk Advisory Services KPMG LLP Auditing Business Continuity Plans.
Business Continuity & Disaster recovery
Eric Wilson July 30, 2010 For audio call Toll Free and use PIN/code
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
Business Continuity Disaster Planning
MANAGEMENT of INFORMATION SECURITY, Fifth Edition.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Berry College Disaster Recovery Soft Exit
IT Best Practices for Community Colleges Part 3: Configuration Management Donald Hester March 30, 2010 For audio call Toll Free and use.
Disaster Recovery at UNC
Presentation transcript:

Donald Hester March 9, 2010 For audio call Toll Free and use PIN/code IT Best Practices for Community Colleges Part 2: Business Continuity

Maximize your CCC Confer window. Phone audio will be in presenter-only mode. Ask questions and make comments using the chat window. Housekeeping

Adjusting Audio 1)If youre listening on your computer, adjust your volume using the speaker slider. 2)If youre listening over the phone, click on phone headset. Do not listen on both computer and phone.

Saving Files & Open/close Captions 1.Save chat window with floppy disc icon 2.Open/close captioning window with CC icon

Emoticons and Polling 1)Raise hand and Emoticons 2)Polling options

CISOA Conference

Donald Hester IT Best Practices for Community Colleges Part 2: Business Continuity

8 NIST SP OMB Circular A-130, Appendix III, requires the development and maintenance of continuity of support plans for general support systems and contingency plans for major applications.

Business continuity planning reestablishment of critical business operations so that operations can continue If a disaster has rendered the business unusable for continued operations, there must be a plan to allow the business to continue to function

Management must drive strategic planning to assure continuous information systems availability Plans are referred to in a number of ways Business Continuity Plans (BCPs) Disaster Recovery Plans (DRPs) Incident Response Plans (IRPs) Contingency Plans (CP) Continuity of Operations Plan (COOP) Business Recovery Plan (BRP) Some organizations may have many types of plans, some may have one simple plan Most organizations have inadequate planning

11 NIST SP

12 NIST SP

1 Develop the contingency planning policy statement 2 Conduct the business impact analysis 3 Identify preventive controls 4 Develop recovery strategies 5 Develop an IT contingency plan 6 Plan testing, training and exercise 7 Plan maintenance 13

A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan. Identify statutory requirements Identify organizational requirements Management support Create policy Publish policy (communicate policy) 14

Begin with Business Impact Analysis (BIA) if the attack succeeds, what do we do then? The CP team conducts the BIA in the following stages: 1. Threat attack identification 2. Business unit analysis 3. Attack success scenarios 4. Potential damage assessment 5. Subordinate plan classification The BIA helps to identify and prioritize critical IT systems and components.

16 Identify critical IT resources and dependencies Identify maximum allowable downtime Develop recovery strategies & priorities

3 types of threats Natural - e.g., earthquake, hurricane, tornado, flood, and fire Human - e.g., operator error, sabotage, implant of malicious code, and terrorist attacks Environmental - e.g., equipment failure, software error, telecommunications network outage, and electric power failure. 17

Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs. Redundancy Backups Environmental: A/C, Fire Suppression Offsite Storage UPS/Generator Earthquake racks 18

Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption. Onsite Recovery, recover from backup Hardware replacement, Vendor agreements (SLA) Alternate site, reciprocal agreements Cold site, warm site, hot site, mobile site, mirrored sites 19

Develop an IT Contingency Plan The contingency plan should contain detailed guidance and procedures for restoring a damaged system. Document roles and responsibilities Document recovery information Notification and Activation Damage Assessment Recovery Procedures Call Tree

Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness. Annual testing Classroom exercises Functional exercise Find weakness Train users so that when it happens you are ready and know what to do 21

The plan should be a living document that is updated regularly to remain current with system enhancements. The plan must be maintained in a ready state that accurately reflects system requirements, procedures, organizational structure, and policies. Keep a record of changes Updated as needed 22

23 State, local, and tribal governments, as well as private sector organizations, are encouraged to use the guidelines, as appropriate." NIST SP California Information Security Strategic Plan (OCT 2009) "...by adopting the National Institute of Standards and Technology (NIST) guidelines for certification and accreditation of information systems. Applying NIST guidelines to state government systems will demonstrate Californias leadership in building a resilient, secure, and trustworthy digital infrastructure." "Establish a California modified version of the NIST risk management standard as the risk management standard for all state agencies." "Establish a California-modified version of the NIST recommended security controls within all state agencies."

NIST SP Contingency Guide for Information Technology Systems Has sample documents ISO § 11 COBIT § DS4.0 Guide to Disaster Recovery by Michael Erbschloe ISBN DRI International Disaster-Resource.com

Donald E. Hester CISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+ Maze & / San Diego City College Q&A

Evaluation Survey Link Help us improve our seminars by filing out a short online evaluation survey at:

Thanks for attending For upcoming events and links to recently archived seminars, check Web site at: IT Best Practices for Community Colleges Part 2: Business Continuity