Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway."— Presentation transcript:

1 Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway

2 What are the Threats? n Natural disasters n Power failures n Hardware failures n Theft of assets and data n Hacking n Virus infections n Departure of key personnel or disgruntled employees

3 What is Ensuring Continuing Operations? n Preventative measures to ensure that a system is not disrupted by potential threats. u Uninterruptible power sources u Storage measures u Measures to protect from departure of key personnel u Measures to protect from disgruntled former employees u Physical security measures u Virus protection u Firewalls u Encryption

4 What is a Virus? n A piece of self-replicating code

5 Kinds of Viruses n Boot Sector Viruses n Macro Viruses

6 Identifying the Threat n Floppy disk brought in n PC’s taken home or on business (laptops) n Increased use of e-mail n Increased use of the Internet

7 Minimizing the Virus Threat n Regular backups of data n Check all incoming software n Write-protect floppy disks whenever possible

8 Anti-Virus Tools n Floppies u “Sheep-dip” n PC’s u On-access scanners u On-demand scanners u Behavior blockers u Heuristic analysis

9 Functions of a Firewall n Controller n Filter n Monitor n Security guard n Screener

10 How Firewalls Work n Firewalls are like gatehouses in a medieval castle that provide perimeter defenses to determine who or what will be allowed to enter Castle Gatehouses Commons/Market Area Inner Mote and Wall Illustration taken from Disaster Recovery Journal Winter 1999 Outer wall

11 Types of Firewalls n Dual-Home Gateway n Screened-Host Gateway n Screened Subnet n Dual-Homed Routers

12 Dual-Home Gateway Internet Private Network Bastion Host

13 Screened-Host Gateway Internet Private Network Bastion Host Router

14 Screened Subnet Internet Private Network Router Sub-network

15 Dual-Homed Routers Internet Private Network Outside Router Inside Router

16 Other Thoughts on Firewalls n Internal firewalls are as important as external firewalls n Not the answer to total protection n Firewalls come in degrees of protection and complexity. n Companies should measure risk with costs of implementation and maintenance

17 Encryption n Alters information into an unintelligible format to prevent unauthorized access n Can only be decrypted with specified digital key n Prevents against data theft as it is passed from one person to another

18 What is Disaster Recovery? n Measures taken before a disaster that can lead to a successful reimplementation of systems u Backup regimen u Redundant hardware u Recovery facilities u Backup phone lines

19 Process for Determining Backup Needs n Step 1: Location identification n Step 2: Establish criticality of data n Step 3: Select backup medium u Factors F Quantity of data F Speed of backing up F Ease of recovery

20 Possible Mediums n Removable disks n Second hard drive / PC n Magnetic tape cartridges n Optical disks n Online services n Storage area network (SAN)

21 Implementation Procedures n Scheduling intervals and time of day n Verification n Media stocks and rotation u Two sets u Extra media n Source documentation n Storage u Away from destructive force u Off-site location

22 All Measures Should be Tested n Backup restoration n Firewall penetration testing n Intermittent checks of backup power

Download ppt "Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway."

Similar presentations

Chapter 7: Physical & Environmental Security

Chapter 7: Physical & Environmental Security
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
9 - 1 Computer-Based Information Systems Control.

9 - 1 Computer-Based Information Systems Control.
4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.

4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Disaster Prevention and Recovery Kristen Emch Christine Jennings-Garant.

Disaster Prevention and Recovery Kristen Emch Christine Jennings-Garant.
Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.

Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies

Similar presentations

Ads by Google