4. ATTENDEES WILL LEARN:
• What is ROI?
• What is Risk?
• Examples of Good and Bad Disaster Recovery
• Differences between Disaster Recovery and Business Continuity
• Preparing and Testing your DR and BC plans
HIPAA
GLBA
FISMA
PCI
SOX
FINRA
Notice of Security
Breach
State Laws
7. DISASTER RECOVERY
7
DISASTER RECOVERY IS A SUBSET, A SMALL PART OF OVERALL
BUSINESS CONTINUITY.
SAVING DATA WITH THE SOLE PURPOSE OF BEING ABLE TO
RECOVER IT IN THE EVENT OF A DISASTER
8. BUSINESS CONTINUITY
8
BUSINESS CONTINUITY TYPICALLY REFERS TO THE MANAGEMENT
OVERSIGHT AND PLANNING INVOLVED WITH ENSURING THE
CONTINUOUS OPERATION OF IT FUNCTIONS IN THE CASE OF SYSTEM
OR ENTERPRISE DISASTERS.
THE WHOLE POINT OF BUSINESS CONTINUITY IS TO CONTINUE TO DO
BUSINESS DURING A FAILURE OR DISASTER.
12. BUSINESS CONTINUITY- SIMPLIFIED
12
SOMETHING HAPPENED TO MY BUILDING
THE WHOLE POINT OF BUSINESS CONTINUITY IS TO CONTINUE TO DO
BUSINESS DURING A FAILURE OR DISASTER.
IN BASIC TERMS, IT MEANS THAT WHEN A FAILURE OR DISASTER
HAPPENS, THAT DATA IS STILL ACCESSIBLE WITH LITTLE TO NO
DOWNTIME.
13. COMMON CAUSES OF DATA LOSS
STAFF DELETION
MALICIOUS ACTIVITY
RANSOMWARE
HARDWARE FAILURE
SOFTWARE FAILURE
INCLEMENT WEATHER
13
14. DISASTER RECOVERY
14
1. IDENTIFY CRITICAL SYSTEMS
2. DETERMINE ACCEPTABLE DOWNTIME
3. SELECT APPROPRIATE SOLUTION(S)
4. TEST BEFORE DISASTER STRIKES
15. DISASTER RECOVERY - PITFALLS
15
NO OFFSITE COMPONENT
WRONG SOLUTION
BACKUPS VULNERABLE TO SAME THREATS
INCOMPLETE SELECTIONS
TIME OF RECOVERY
NOT TESTED UNTIL A DISASTER
17. BUSINESS CONTINUITY
17
1. IDENTIFY THE SCOPE
2. IDENTIFY KEY BUSINESS AREAS
3. IDENTIFY CRITICAL FUNCTIONS
4. IDENTIFY DEPENDENCIES BETWEEN VARIOUS
BUSINESS AREAS AND FUNCTIONS
5. DETERMINE ACCEPTABLE DOWNTIME FOR EACH
CRITICAL FUNCTION
6. CREATE A PLAN TO MAINTAIN OPERATIONS
18. BUSINESS CONTINUITY TESTING
18
Test at least once a year
DO NOT take down your network
Table Top Exercise
- Get the team in a room
- Walk through the plan
- Look for holes
- If an individual piece needs to be tested, test it
individually
- If pieces have a relationship, test the
relationship at each step