Presentation is loading. Please wait.

Presentation is loading. Please wait.

Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens."— Presentation transcript:

1 Disaster Prevention and Recovery

2 Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens

3 Agenda  Introduction  Prevention and Recovery Plan  IT Security Functions  Computer Crime  Viruses  COBIT  Wrap-up

4 August 29 th, 2005 Katrina

5   brought in pharmacy staff members from other markets and housed them in 50 RVs sent to stores in hard-hit areas.   hired new employees throughout the Gulf Coast who have lost their jobs because of the hurricane.   activated a new, proprietary pharmacy computer system that allows some of the steps in the prescription filling process to be done by Walgreens pharmacies in other areas. Prior to the hurricane, this system was only being tested in Florida. www.walgreens.com/about/press/othernews/091505.jsp

6 Disaster Recovery Plan Defined: Disaster recovery plans ensure continuous service and recovery from any disaster. Disaster recovery plans ensure continuous service and recovery from any disaster. Jones & Rama, “Accounting Information Systems.”

7 Steps to Prevention  Assessing Risk  Geographical area  Mapping critical functions  Downtime  IT Policy  Controls  Employees  Other aspects www.businesseye.org.uk/respirce/3080.61523.file.enq.pdf

8 Testing  ISACA  Hypothetical; Component; Module; Full Testing  Alarm Testing  Natural Disaster Testing www.isava.org

9 Salvaging  Techniques  Saving wet documents; salvaging wet furniture; repairing structural damage; remove mold.  Disaster Services Inc.  FEMA HTTP//PALIMPSEST.STANFORD.EDU

10 IT Security Functions  Information Classification  ‘open’, ‘confidential’, ‘secret’, ‘top secret’  Documentation Rules  Security handbook  User Identification and Authorization  User names,passwords, access cards, biometrics  Logging  Who, when, where, what? www.interpol.int/public/technologycrime/crimeprev/itsecurity.asp#5

11 IT Security Functions  Back-ups  Interpol recommends a 5-step process.  (shown on next slide)  Firewalls  Packet filtering system  Application-level gateway  Intrusion Detection Systems (IDS)  Statistical detection  Pattern matching detection  Incident Handling (IH)  Preparation, Identification, Containment, Eradication, Recovery, Follow-up

12 Backing up your data  1. Make sure that regular back-up copies are made of both data and system files.  2. Back-up cycles should be of sufficient length to be of some use in the future.  3. Take a full back-up (of both the system and the data) out of the cycle on a regular basis and archive it off site for an extended period.  4. Back-up tapes/diskettes should be kept in a safe place under lock and key and away from the computer. Should be secured from fire, flood, or any other disaster, and preferably off site.  5. Periodically test the back-up to ensure that the information can actually be restored in an emergency. Interpol recommends the following 5-step process when making back-ups:

13 Computer Crime  Computers becoming primary communication  Email, instant messaging, etc.  Two types of computer crime  1 - using a computer to commit a crime  2 - criminal activity that targets a computer  Internal threats vs. External threats  Prevention

14 Viruses What are computer viruses? Computer viruses are basically a type software program, which has been deliberately created to interfere with computer operation and can cause the following effects.   Slow your computer down   Record unwanted data   Corrupt data   Delete data

15 COBIT  COBIT was a publication created by the IT Governance Institute (ITGI).  Provides educational information on control objectives, management guidelines, and managing changes.  Includes a maturity model to offer businesses a tool for measuring their current level of IT sophistication and seeing how they align with their current business strategy.  Suggests that a business should control its IT process through impact assessment, authorization and implementation of any changes to its IT system  Accomplished by defining and communicating procedures, and by assessing, authorizing and reporting changes. IT Governance institute- cobit

16 Wrap-up 50-70% of companies go out of business after a disaster 40% have plans to recover data Lose time, money, resources Any Questions? WWW.DATACLINIC.CO.UK/DATA-BACKUP.HTMWWW.DATACLINIC.CO.UK/DATA-BACKUP.HTM, WWW.LANSPEED.COM

Download ppt "Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens."

Similar presentations

Disaster Planning: The Basics TEAJF Statewide Grantee Meeting Houston July 20, 2006.

Disaster Planning: The Basics TEAJF Statewide Grantee Meeting Houston July 20, 2006.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.

Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.
Auditing Computer Systems

Auditing Computer Systems
Security Controls – What Works

Security Controls – What Works
Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 15-1 Introduction to Information Technology.

Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc Introduction to Information Technology.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Saving Your Business from a Data Loss Randy Clark.

Saving Your Business from a Data Loss Randy Clark.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Network security policy: best practices

Network security policy: best practices
1 Business Continuity. 2 Continuity strategy Business impact Incident response Disaster recovery Business continuity.

1 Business Continuity. 2 Continuity strategy Business impact Incident response Disaster recovery Business continuity.
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth.

Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.

Prepared by:Nahed AlSalah Data Security 2 Unit 19.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
Data Security GCSE ICT.

Data Security GCSE ICT.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Similar presentations

Ads by Google