Presentation is loading. Please wait.

Presentation is loading. Please wait.

2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery. 2015 Risky Business Week.

Published byGordon Phillips Modified over 9 years ago

Similar presentations

Presentation on theme: "2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery. 2015 Risky Business Week."— Presentation transcript:

1 2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery. 2015 Risky Business Week

2 Agenda Types of Disasters 3 What is Disaster Recovery? 4
Corporate Disaster Recovery 5 Disaster Recovery Trends 6 Personal Disaster Recovery 7 Digital Risks 8 Action Plan 9 2015 Risky Business Week 2015 Risky Business Week

3 NATURAL DISASTERS Types of Disasters
Disaster Recovery is a critical necessity to have due to the increasing number of disasters organizations face To put this in perspective, for every $1 spent on hazard mitigation saves society $4 in response and recovery costs Of the Companies that had a major loss of business data, 43% never reopened and 29% close their doors within two years following the disaster There are two types of disasters: natural and manmade Natural disasters include hurricanes, volcanoes, tornados, tsunamis Man made disasters include terrorist attacks, oil spills, chemical plant explosions, etc. 2015 Risky Business Week 2015 Risky Business Week

4 What is Disaster Recovery?
A set of policies and procedures to enable the recovery or continuation of technology infrastructure and systems following a natural or human disaster. Disaster recovery (DR) focuses on the technology systems supporting critical business functions. Disaster recovery is a set of policies and procedures to enable the recovery or continuation of technology infrastructure and systems following a natural or human disaster. Disaster recovery (DR) focuses on the technology systems supporting critical business functions. For example in the insurance industry critical business functions may include creating a quote on a policy system or creating a claim. The technology systems would be those that support these functions. 2015 Risky Business Week 2015 Risky Business Week

5 Corporate Disaster Recovery
Assess Plan Exercise Remediate Many organizations have a disaster recovery team and plans in place to help minimize risks after a disaster occurs. Disaster recovery can be compared to buying insurance – people may not feel the need to have it or may think that nothing will ever happen but when a disaster or accident happens they truly realize the importance of having it. The four steps of the disaster recovery process are assess, plan, exercise, and remediate. The first step in disaster recovery is to assess the critical business functions of the organization. This is a collaborative effort with the Business Continuity team by documenting a business impact analysis. The critical business functions need to be prioritized based on what needs to be available first following a disaster. Once the critical business functions have been determined, the applications that support those functions are documented. For example if a critical business function is taking a payment, the systems supporting that functionality would be documented. Plans are written for those systems including how soon they need the system to up following a disaster (recovery time objective), contact information for the people supporting that system, hardware and device information, what the dependencies for that system are and the steps to recover the system. This information is documented and stored electronically for the company to be able to access in a worst case scenario. Once plans are documented the next step is to perform an exercise. There are two types of exercise: tabletop and functional exercises. Tabletop exercises are a walkthrough of the steps for recovering the systems without touching any technology based on a scenario. A functional exercise involvess coordination between many teams to recover the technology in a simulated test. This process will find any gaps in the plans that were documented prior to the test. After an exercise, there are many lessons learned that are documented. Teams work on fixing those issues in case of an actual disaster. For example, a system was not backup up properly and there was missing information found during the exercise; the Backup & storage team would review their processes to see how they can fix this to ensure it will not happen again in the future. This is a continuous maintenance process as technology at every organization changes rapidly. 2015 Risky Business Week 2015 Risky Business Week

6 Disaster Recovery Trends
Cloud based disaster recovery Security & Data Recovery concerns Data breaches will continue Increase in costs, fines, and lawsuits There have been a few trends on Disaster Recovery that have been gaining a lot of attention. The first trend is companies are turning to cloud based disaster recovery. This is where companies are storing their data with a provider in the cloud which essentially means off their premises. If a disaster happens they would need to work with this provider to recover the data. This trend has a lot of hype around it because it has a cost savings. However, there are some major concerns including security and data recovery. For example, is the data securely transferred and stored in the cloud? How are users authenticated to log onto the systems to view the data? Are passwords the only option to log on or is there some type of two-factor authentication to make it more secure? And finally does the cloud provider meet the regulatory requirements? With data recovery, companies need to be asking if there is enough bandwidth and network capacity to redirect all users to the cloud and if there is a disaster and they need to restore from the cloud to on-site how long will that take? The role of disaster recovery is evolving to include recovery from data breaches. Business that fail and have a disastrous data breach are getting a lot of publicity. In the last few years some of the biggest data breaches we’ve heard include Target, Michael’s craft stores, Home Depot and PF Changs. It is realistic to accept that it’s a matter of when your organization will experience an information security breach, no if, and it won’t be cheap. As of 2014, a study conducted by IBM stated that the average cost of a data breach for a company was $3.5 million which included costs, fine, and the lawsuits brought against companies. Companies need to minimize the risk by identifying risks and reassessing annually, review the organization’s data to understand how it is used and protected to create a breach risk profile. They also need to perform test runs on how they need to respond if a breach were to occur. The disaster recovery trends are truly demonstrating how technology is evolving and needs to consider security risks. 2015 Risky Business Week 2015 Risky Business Week

7 Personal Disaster Recovery
When people think about DR one of the areas they overlook is whether they need to have a personal disaster recovery plan. As the cat in the picture says we definitely need a personal disaster recovery plan, however our plan will not be to buy extra cat food. One of the types of plans we should look at having in place is a digital plan – planning for what happens if your digital device is unavailable. 2015 Risky Business Week 2015 Risky Business Week

8 Digital Risks Do you keep all your contacts on your smartphone? Do you store a lot of photos or s? Do you do online banking through your digital devices? What would happen if you lost that information through either loss or theft of the device, someone installed a Keylogger or malware, a house fire, or your hard drive crashed? Do you keep all your contacts on your smartphone? Do you store a lot of photos or s? Do you do online banking through your digital devices? A lot of people use their digital devices to perform their day to day functionality. However they don’t consider the risks if that digital device were unavailable. What would happen if you lost that information through either loss or theft of the device, someone installed a Keylogger or malware, a house fire, or your hard drive crashed? These are key risks we need to consider when using our digital devices 2015 Risky Business Week 2015 Risky Business Week

9 Action Plan Backups, backups, backups – you can’t have too many.
Document Critical Information – Account UserIds and passwords, software license information, support phone numbers, contract numbers and the make, model and warranty information for all your devices. Plan for Extended Downtime – if the data is something you may need to have before a new device is available, such as contact information, consider keeping a hardcopy of the information. Plan for Getting Back to Normal – restoring your data from your backup files. This may take assistance from an external support team. It’s important to have a personal digital disaster recovery plan for when the unexpected happens. For example, if that device were unavailable. A disaster recovery plan in the digital sense is essential to recover the data you deem most important whether that be s, photos, or contact information. With putting the plan together it doesn’t have to be complicated. There are 4 strategies we recommend for putting together a personal DR Plan. Backups, backups, backups – you can’t have too many. Make sure to save that critical information, such as what is your mother’s phone number if you have to reach her. Document Critical Information – Account UserIds and passwords, software license information, support phone numbers, contract numbers and the make, model and warranty information for all your devices. Plan for Extended Downtime – if the data is something you may need to have before a new device is available, such as contact information, consider keeping a hardcopy of the information. Plan for Getting Back to Normal – restoring your data from your backup files. This may take assistance from an external support team. 2015 Risky Business Week 2015 Risky Business Week

10 Prepare for Disaster: Recover Faster!
- Prepare for Disaster: Recover Faster! Disaster Recovery is a function within the Security Awareness effort. Thank you for listening to this presentation. 2015 Risky Business Week 2015 Risky Business Week

Download ppt "2015 Risky Business Week Welcome to the 2015 Risky Business Week presentation regarding disaster recovery. 2015 Risky Business Week."

Similar presentations

Information Management and Technology

Information Management and Technology
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
Thoughts on Technology Issues for Small Business Data Security for Mobile Access Devices.

Thoughts on Technology Issues for Small Business Data Security for Mobile Access Devices.
Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?

Business Continuity Disaster Recovery Risk Management How do these fit into a Framework?
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.

GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations Grant County Bar Association June 14, 2011 Kim J. Brand PresidentFounder.

Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations Grant County Bar Association June 14, 2011 Kim J. Brand PresidentFounder.
Data Lost. What’s the cost? How to get your data back: Disaster Planning and Recovery Prevent losing data in the first place : Data Protection Go Virtual.

Data Lost. What’s the cost? How to get your data back: Disaster Planning and Recovery Prevent losing data in the first place : Data Protection Go Virtual.
COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.

COMPUTER BACKUP A disaster will happen to you one day…an accidentally deleted file, a new program that caused problems or a virus that wreaked havoc, wiping.
Saving Your Business from a Data Loss Randy Clark.

Saving Your Business from a Data Loss Randy Clark.
Back Up and Recovery Sue Kayton February 2013.

Back Up and Recovery Sue Kayton February 2013.
Complete Data Protection from [INSERT SOFTWARE NAME] Insert logo.

Complete Data Protection from [INSERT SOFTWARE NAME] Insert logo.
| Establishing a Contingency Plan.

| Establishing a Contingency Plan.
Backing up data By Alicia stewart.

Backing up data By Alicia stewart.
Chapter 5: System Software: Operating Systems and Utility Programs.

Chapter 5: System Software: Operating Systems and Utility Programs.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.
Elite Networking & Consulting Presents: Everything You Wanted To Know About Data Insurance* * But Were Afraid To Ask Elite Networking & Consulting, LLC,

Elite Networking & Consulting Presents: Everything You Wanted To Know About Data Insurance* * But Were Afraid To Ask Elite Networking & Consulting, LLC,
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Similar presentations

Ads by Google