Disaster Recovery Planning (DRP)

Disaster Recovery Disaster Recovery Planning (DRP)Planning (DRP)

W.lilakiatsakunW.lilakiatsakun

Disaster Recovery Planning Disaster Recovery Planning (DRP)(DRP)

• DRP is the process of regaining access to DRP is the process of regaining access to the data, hardware and software necessary the data, hardware and software necessary to resume critical business operations after to resume critical business operations after a a naturalnatural or or -human induced-human induced disasterdisaster . .

• DRP is part of a larger process known as DRP is part of a larger process known asbusinessbusiness continuitycontinuity planningplanning (BCP). (BCP).

• Disaster recovery is the process by which yo Disaster recovery is the process by which yo u resume business after a disruptive event. u resume business after a disruptive event.

http://en.wikipedia.org/wiki/Natural_disaster

http://en.wikipedia.org/wiki/Man-made_hazards

http://en.wikipedia.org/wiki/Disaster

http://en.wikipedia.org/wiki/Business_continuity_planning





What is the difference DRP What is the difference DRP and BCPand BCP (1/2)(1/2)

• The event might be The event might be– -something huge like -something huge like an earthquake or the t an earthquake or the t

errorist attacks on the World Trade Center errorist attacks on the World Trade Center– something small something small , like malfunctioning softwa , like malfunctioning softwa

re caused by a computer virus. re caused by a computer virus.

• MM any business executives are prone to i any business executives are prone to i gnoring "disaster recovery" because dis gnoring "disaster recovery" because dis

aster seems an aster seems an unlikely event unlikely event . .

What is the difference DRP What is the difference DRP and BCPand BCP (2/2)(2/2)

• "Business continuity planning" suggests a mor "Business continuity planning" suggests a mor e comprehensive approach to making sure you e comprehensive approach to making sure you

can keep making money. can keep making money.

• Often, the two terms are married under the acr Often, the two terms are married under the acr onym BC onym BC// DR. DR.

• DR and DR and// or BC determines how a company will k or BC determines how a company will k eep functioning after a disruptive event until it eep functioning after a disruptive event until it

s normal facilities are restored. s normal facilities are restored.

What do these plans include What do these plans include (1/2)(1/2)

• All BC/DR plans need to encompass All BC/DR plans need to encompass– HH ow employees will communicate ow employees will communicate– WW here they will go here they will go– HH ow they will keep doing their jobs. ow they will keep doing their jobs.

• The details can vary greatly, depending o The details can vary greatly, depending o n the size and scope of a company and th n the size and scope of a company and th e way it does business. e way it does business.

What do these plans include What do these plans include (2/2)(2/2)

• For example For example ::The The plan at one global man plan at one global man ufacturing company ufacturing company

– restore critical mainframes restore critical mainframes with vital data at with vital data at a backup site within four to six days of a disru a backup site within four to six days of a disru

ptive event, ptive event,– obtain a mobile PBX unit obtain a mobile PBX unit with with 30003000 telephon telephon

es within two days es within two days– recover the company's recover the company's 10001000- plus LANs- plus LANs in ord in ord

er of business need er of business need– set up a temporary call center for set up a temporary call center for 100100 agent agent

ss at a nearby training facility. at a nearby training facility.

Events that necessitate disa Events that necessitate disa ster recovery ster recovery

• Natural disasters Natural disasters• Fire Fire• Power failure Power failure• Terrorist attacks Terrorist attacks• Organized or deliberate disruptions Organized or deliberate disruptions• Theft Theft• System and/or equipment failures System and/or equipment failures• Human error Human error• Computer viruses Computer viruses• Testing Testing

Prevention against data loss Prevention against data loss (1/2)(1/2)

• - Backups sent off site in regular intervals - Backups sent off site in regular intervals– Includes software as well as all data informatio Includes software as well as all data informatio

n, to facilitate recovery n, to facilitate recovery

• Create an insurance copy on Microfilm or s Create an insurance copy on Microfilm or s - imilar and store the records off site. - imilar and store the records off site.

– Use a Remote backup facility if possible to min Use a Remote backup facility if possible to min imize data loss imize data loss

• Storage Area Networks (SANs) over multipl Storage Area Networks (SANs) over multipl e sites make data immediately available w e sites make data immediately available w

ithout the need to recover or synchronize i ithout the need to recover or synchronize i t t

Prevention against data loss Prevention against data loss (2/2)(2/2)

• Surge Protectors — to minimize the effect Surge Protectors — to minimize the effect of power surges on delicate electronic eq of power surges on delicate electronic eq

uipment uipment

• Uninterruptible Power Supply (UPS) and/o Uninterruptible Power Supply (UPS) and/o r Backup Generator r Backup Generator

• Fire Preventions — more alarms, accessib Fire Preventions — more alarms, accessib le extinguishers le extinguishers

• - Anti virus software and other security me- Anti virus software and other security me asures asures

Techniques and technologyTechniques and technology

• MirroringMirroring– Disk mirroring : Redundant arrays of inexpensive Disk mirroring : Redundant arrays of inexpensive

disks 1 (RAID1)disks 1 (RAID1)– Server mirroring: web / ftp /emailServer mirroring: web / ftp /email

• RAID : RAID0 – 6 and combinationRAID : RAID0 – 6 and combination

• On-site data storageOn-site data storage– Back up - Tape / optical disk Back up - Tape / optical disk

• Off-site data storage (backup-site)Off-site data storage (backup-site)– Cold sitesCold sites– Warm sitesWarm sites– Hot siteHot site

Mirroring Mirroring

• Mirroring can occur locally or remotely. Mirroring can occur locally or remotely.– Locally means that a server has a second hard drive Locally means that a server has a second hard drive

that stores data. that stores data.– A remote mirror means that a remote server contain A remote mirror means that a remote server contain

s an exact duplicate of the data. s an exact duplicate of the data. The second drive is The second drive is called a called a mirrored drive mirrored drive . .

• Data is written to the original drive when a writ Data is written to the original drive when a writ e request is issued e request is issued andand then copied to the mirro then copied to the mirro

red drive, providing a mirror image of the prima red drive, providing a mirror image of the prima ry drive. ry drive.

• If one of the hard drives fails, all data is protect If one of the hard drives fails, all data is protect ed from loss. ed from loss.

Disk mirroring (RAID1)Disk mirroring (RAID1)

• TT he replication of logical he replication of logical disk volumes onto separ disk volumes onto separ

ate physical hard disks in ate physical hard disks in real time to ensure conti real time to ensure conti

nuous availability, curren nuous availability, curren cy and accuracy. cy and accuracy.

• A A mirrored volume mirrored volume is a is a complete logical represe complete logical represe

ntation of separate volu ntation of separate volu me copies me copies

Server mirroringServer mirroring

• Mirror sites are most commonly usedMirror sites are most commonly used to provide to provide multiple sources of the same information, and are of multiple sources of the same information, and are of particular value as a way of providing reliable access particular value as a way of providing reliable access to large downloads. to large downloads.

• Web serverWeb server– To preserve a website or page, especially when it is closed or To preserve a website or page, especially when it is closed or

is about to be closedis about to be closed– Load balancingLoad balancing

• Email serverEmail server– To protect loss of email informationTo protect loss of email information

• ftp serverftp server– To allow faster downloads for users at a specific geographical To allow faster downloads for users at a specific geographical

locationlocation– Load balancingLoad balancing

Redundant arrays of Redundant arrays of inexpensive disks (RAID)inexpensive disks (RAID)

• The organization distributes the data across m The organization distributes the data across m ultiple ultiple

smaller disks, offering protection from a crash t smaller disks, offering protection from a crash t hat could wipe out all data on a single, shared hat could wipe out all data on a single, shared

disk.disk.

• BB enefits of RAID include the following enefits of RAID include the following– Increased storage capacity per logical disk volume Increased storage capacity per logical disk volume– High data transfer or I/O rates that improve informa High data transfer or I/O rates that improve informa

tion throughput tion throughput– Lower cost per megabyte of storage Lower cost per megabyte of storage

RAID0 (RAID0 (stripe setstripe set or or striped striped volumevolume) )

• RAID Level RAID Level 0 splits data evenly 0 splits data evenly across two or more disks across two or more disks (striped) with no parity (striped) with no parity information for redundancy. information for redundancy.

• It is important to note that It is important to note that RAID 0 provides zero data RAID 0 provides zero data redundancyredundancy. .

• RAID 0 is normally used RAID 0 is normally used to to increase performanceincrease performance

• A RAID A RAID 0 0 can be created with dis can be created with dis ks of differing sizes, but the stor ks of differing sizes, but the stor

age space added to the array by age space added to the array by each disk is limited to the size o each disk is limited to the size o

f the smallest disk f the smallest disk

RAID1 RAID1 ((mirrormirrorringring))

• A A RAID RAID 1 1 creates an exact c creates an exact c opy of a set of data on two o opy of a set of data on two o

r more disks. r more disks.• This is useful when read per This is useful when read per

formance or reliability are formance or reliability are more important than data st more important than data st orage capacity. orage capacity.

• Such an array can only be a Such an array can only be a s big as the smallest memb s big as the smallest memb er disk. er disk.

• A classic RAID A classic RAID11 mirrored pa mirrored pa ir contains two disks which i ir contains two disks which i

ncreases reliability ncreases reliability

RAID3 RAID3 (( Parallel access with a d Parallel access with a d edicated parity disk edicated parity disk))

• RAID Level RAID Level33 uses uses - byte level- byte level striping with a dedicated pa striping with a dedicated pa

rity disk. rity disk.

• This comes about because a This comes about because a ny single block of data will ny single block of data will bb

e spread across all member e spread across all member s of the set and will reside in s of the set and will reside in

the same location. the same location.

• So, any I/O operation requir So, any I/O operation requir es activity on every disk. es activity on every disk.

RAID5 RAID5 (( Independent access wit Independent access wit h distributed parit h distributed parity)y)

• A A RAID RAID55 uses uses - block level- block level strstr iping with parity data distribu iping with parity data distribu

ted across all member disks. ted across all member disks.• A minimum of A minimum of33 disks is gene disks is gene

rally required for a complete rally required for a complete RAID RAID55 configuration. configuration.

• In the example, a read reque In the example, a read reque st for block "A st for block "A11 " would be ser " would be ser

viced by disk viced by disk00..• A simultaneous read request A simultaneous read request

for block B for block B11 would have to w would have to w ait, but a read request for B ait, but a read request for B22

could be serviced concurrent could be serviced concurrent ly by disk ly by disk 11

Nested RAIDNested RAID

Storage ModelStorage Model

Storage Area NetworkStorage Area Network

• The Storage Network Industry Association The Storage Network Industry Association (SNI(SNIA)A) defines the SAN as a defines the SAN as a network whose primary network whose primary

purpose is the transfer of data between compu purpose is the transfer of data between compu ter systems and storage elements ter systems and storage elements . .

• A SAN consists of a communication infrastructu A SAN consists of a communication infrastructu re, which provides physical connections; and a re, which provides physical connections; and a

management layer, which organizes the conne management layer, which organizes the conne ctions, storage elements, and computer syste ctions, storage elements, and computer syste

ms so that data transfer is secure and robust. ms so that data transfer is secure and robust.

SAN ‘s definitionSAN ‘s definition

• AA - SAN is a specialized, high speed network - SAN is a specialized, high speed network attaching servers and storage devices attaching servers and storage devices

• It is sometimes referred to as It is sometimes referred to as “the network “the network behind the servers.” behind the servers.”

• AA SAN introduces the flexibility of networki SAN introduces the flexibility of networki ng to enable one server or many heteroge ng to enable one server or many heteroge

neous servers to share a common storage neous servers to share a common storage utility, which may comprise many storage utility, which may comprise many storage

devices, including disk, tape, and optical st devices, including disk, tape, and optical storage.orage.

SAN ComponentSAN Component

• SAN Connectivity SAN Connectivity – the connectivity of storage and server the connectivity of storage and server

components typically using components typically using Fibre Channel Fibre Channel (FC).(FC).

• SAN StorageSAN Storage– TAPE /RAID /ESS (Enterprise Storage TAPE /RAID /ESS (Enterprise Storage

System) /JBOD (Just Bunch of Disk) /SSA System) /JBOD (Just Bunch of Disk) /SSA (Serial Storage Architecture)(Serial Storage Architecture)

• SAN ServerSAN Server– Windows /Unix /Linux and etcWindows /Unix /Linux and etc

Switched FabricSwitched Fabric

• AA n infrastructure specially designed to ha n infrastructure specially designed to ha ndle storage communications called a fabr ndle storage communications called a fabr

ic. ic.• A typical Fibre Channel SAN fabric is made A typical Fibre Channel SAN fabric is made

up of a number of Fibre Channel switches. up of a number of Fibre Channel switches.• Today, all major SAN equipment vendors a Today, all major SAN equipment vendors a

lso offer some form of Fibre Channel routi lso offer some form of Fibre Channel routi ng solution, and these bring substantial sc ng solution, and these bring substantial sc

alability benefits to the SAN architecture b alability benefits to the SAN architecture b y allowing data to cross between different y allowing data to cross between different

fabrics without merging them. fabrics without merging them.

Fiber Channel protocolFiber Channel protocol• Fibre Channel is a layered protocol. It consists of 5 Fibre Channel is a layered protocol. It consists of 5

layers, namely:layers, namely:• FCFC00 The physical layer The physical layer , which includes cables, fiber op , which includes cables, fiber op

tics, connectors, pinouts etc. tics, connectors, pinouts etc.• FC1FC1 The data link layer The data link layer , which implements the , which implements the 8b/10b 8b/10b e e

ncoding and decoding of signals. ncoding and decoding of signals.• FCFC22 The network layer The network layer , defined by the , defined by the - - 2FC PI- - 2FC PI standarstandar

d, consists of the core of Fibre Channel, and defines the d, consists of the core of Fibre Channel, and defines the main protocols. main protocols.

• FCFC33 The common services layer The common services layer , a thin layer that could , a thin layer that could eventually implement functions like encryption or RAID. eventually implement functions like encryption or RAID.

• FCFC44 The Protocol Mapping layer The Protocol Mapping layer . Layer in which other p . Layer in which other p rotocols, such as SCSI, are encapsulated into an informa rotocols, such as SCSI, are encapsulated into an informa

tion unit for delivery to tion unit for delivery to 2FC . 2FC .

IP Storage NetworkingIP Storage Networking

• FCIP (Fiber Channel over IP) FCIP (Fiber Channel over IP) – It is a method for allowing the transmission of It is a method for allowing the transmission of

Fibre Channel information to be tunneled Fibre Channel information to be tunneled through the IP network.through the IP network.

• iFCP (Internet Fiber Channel Protocol)iFCP (Internet Fiber Channel Protocol)– It is It is a mechanism for transmitting data to and a mechanism for transmitting data to and

from Fibre Channel storage devices in a SAN, from Fibre Channel storage devices in a SAN, or on the Internet using TCP/IP or on the Internet using TCP/IP

• Internet SCSI (iSCSI) Internet SCSI (iSCSI) – It is a transport protocol that carries SCSI It is a transport protocol that carries SCSI

commands from an initiator to a target. commands from an initiator to a target.

FCIP (Fiber Channel over IP) FCIP (Fiber Channel over IP)

• FCIP encapsulates FC frames within FCIP encapsulates FC frames within TCP/IP,TCP/IP, allow allow ing islands of FC SANs to be interconnected over ing islands of FC SANs to be interconnected over

- an IP based network - an IP based network

• TCP/IP is used as the underlying transport to pro TCP/IP is used as the underlying transport to pro vide congestion vide congestion - control and in order delivery FC - control and in order delivery FC

FramesFrames

• All classes of FC frames are treated the same as All classes of FC frames are treated the same asdatagramsdatagrams

• - End station addressing, address resolution, mes- End station addressing, address resolution, mes sage routing, and other elements of the FC netw sage routing, and other elements of the FC netw

ork architecture remain unchanged ork architecture remain unchanged

iFCPiFCP

• - - iFCP is a gateway to gateway protocol - - iFCP is a gateway to gateway protocol for imple for imple menting a fibre channel fabric over a TCP/IP menting a fibre channel fabric over a TCP/IP

• Traffic between fibre channel devices is routed Traffic between fibre channel devices is routed and switched by and switched by TCP/IP network TCP/IP network

• The iFCP layer maps Fibre Channel frames to a The iFCP layer maps Fibre Channel frames to a predetermined TCP connection for transport predetermined TCP connection for transport

• FC messaging and routing services are termina FC messaging and routing services are termina ted at the gateways so the fabrics are not merg ted at the gateways so the fabrics are not merg

ed to one another ed to one another

iSCSIiSCSI

• iSCSI is a SCSI transport protocol for mapping iSCSI is a SCSI transport protocol for mapping - of block oriented storage data over TCP/IP net - of block oriented storage data over TCP/IP net

worksworks

• The iSCSI protocol enables universal access t The iSCSI protocol enables universal access t o storage devices and Storage Area Networks o storage devices and Storage Area Networks

(SANs) over standard TCP/IP networks (SANs) over standard TCP/IP networks

Back up site Back up site

• A A backup site backup site is a location where a business can is a location where a business can easily relocate following a disaster, such as easily relocate following a disaster, such as firefire , ,

floodflood , or , or terroristterrorist threat. This is an integral part of threat. This is an integral part of

the the disasterdisaster recoveryrecovery planplan of a of a businessbusiness..

• A backup site can be another location operated b A backup site can be another location operated b y the business, or contracted via a company that y the business, or contracted via a company that

specializes in disaster recovery services. specializes in disaster recovery services.

• In some cases, a business will have an agreemen In some cases, a business will have an agreemen t with a second business to operate a joint disast t with a second business to operate a joint disast

er recovery facility. er recovery facility.

http://en.wikipedia.org/wiki/Fire

http://en.wikipedia.org/wiki/Flood

http://en.wikipedia.org/wiki/Terrorist

http://en.wikipedia.org/wiki/Disaster_recovery_plan





http://en.wikipedia.org/wiki/Business

Cold Sites Cold Sites

• A cold site is the most inexpensive type of back A cold site is the most inexpensive type of back up site for a business to operate. up site for a business to operate.

• It provides office spaces to operateIt provides office spaces to operate• It does not include backed up copies of data an It does not include backed up copies of data an

d information from the original location of the b d information from the original location of the b usiness, nor does it include hardware already s usiness, nor does it include hardware already s

et up. et up.• The lack of hardware contributes to the minima The lack of hardware contributes to the minima

l startup costs of the cold site, but requires addi l startup costs of the cold site, but requires addi tional time following the disaster to have the op tional time following the disaster to have the op

eration running at a capacity close to that prior eration running at a capacity close to that prior to the disaster. to the disaster.

Warm Sites Warm Sites

• A warm site is a location where the busin A warm site is a location where the busin ess can relocate to after the disaster tha ess can relocate to after the disaster tha

t is already stocked with computer hard t is already stocked with computer hard ware similar to that of the original site, b ware similar to that of the original site, b

ut does not contain backed up copies of ut does not contain backed up copies of data and information. data and information.

Hot Sites Hot Sites

• A hot site is a duplicate of the original site of the A hot site is a duplicate of the original site of the business, with full computer systems as well as n business, with full computer systems as well as n

- ear complete backups of user data.- ear complete backups of user data.

• Ideally, a hot site will be up and running within a Ideally, a hot site will be up and running within a matter of hours. This type of backup site is the m matter of hours. This type of backup site is the m

ost expensive to operate. ost expensive to operate.

• Hot sites are popular with Hot sites are popular with stockstock exchangesexchanges

and other financial institutions who may need to and other financial institutions who may need to evacuate due to potential bomb threats and mus evacuate due to potential bomb threats and mus

t resume normal operations as soon as possible. t resume normal operations as soon as possible.

http://en.wikipedia.org/wiki/Stock_exchange



How to chooseHow to choose

• Choosing the type is mainly decided by a c Choosing the type is mainly decided by a c ompany's cost vs. benefit strategy. ompany's cost vs. benefit strategy.

• Hot sites are traditionally more expensive t Hot sites are traditionally more expensive t han cold sites since much of the equipmen han cold sites since much of the equipmen

t the company needs has already been pur t the company needs has already been pur chased and thus the operational costs are chased and thus the operational costs are higher. higher.

• However if the same company loses a subs However if the same company loses a subs tantial amount of revenue for each day the tantial amount of revenue for each day the

y are inactive then it may be worth the cos y are inactive then it may be worth the cost.t.

• --The advantages of a cold site are simple c --The advantages of a cold site are simple c ost. It requires much fewer resources to op ost. It requires much fewer resources to op

erate a cold site because no equipment ha erate a cold site because no equipment ha s been bought prior to the disaster. s been bought prior to the disaster.

• The downside with a cold site is the potenti The downside with a cold site is the potenti al cost that must be incurred in order to m al cost that must be incurred in order to m

ake the cold site effective. ake the cold site effective.• The costs of purchasing equipment on very The costs of purchasing equipment on very

short notice may be higher and the disaste short notice may be higher and the disaste r may make the equipment difficult to obta r may make the equipment difficult to obta

in.in.

Discovery PlanningDiscovery Planning stepssteps (1)(1)

• I. Information Gathering I. Information Gathering

• - Step One Organize the Project - Step One Organize the Project– Appoint coordinator/project leader, if the le Appoint coordinator/project leader, if the le

ader is not the dean or chairperson. ader is not the dean or chairperson.– Determine most appropriate plan organizat Determine most appropriate plan organizat

ion for the unit (e.g., single plan at college l ion for the unit (e.g., single plan at college l evel or individual plans at unit level) evel or individual plans at unit level)

– Set project timetable Set project timetable– Draft project plan, including assignment of t Draft project plan, including assignment of t

ask responsibilities ask responsibilities

Discovery PlanningDiscovery Planning steps (2)steps (2)

• Step Two – Conduct Business Impact Analysis Step Two – Conduct Business Impact Analysis • In order to complete the business impact analy In order to complete the business impact analy

sis, most units will perform the following steps: sis, most units will perform the following steps:– Identify functions, processes and systems Identify functions, processes and systems– Interview information systems support personnel Interview information systems support personnel– Interview business unit personnel Interview business unit personnel– Analyze results to determine critical systems, applic Analyze results to determine critical systems, applic

ations and business processes ations and business processes– Prepare impact analysis of interruption on critical sys Prepare impact analysis of interruption on critical sys

tems tems


• Step Three – Conduct Risk Assessment Step Three – Conduct Risk Assessment • The risk assessment will assist in determining t The risk assessment will assist in determining t

he probability of a critical system becoming sev he probability of a critical system becoming sev erely disrupted and documenting the acceptabi erely disrupted and documenting the acceptabi

lity of these risks to a unit. lity of these risks to a unit.– Review physical security (e.g. secure office, building Review physical security (e.g. secure office, building

access off hours, etc.) access off hours, etc.)– Review backup systems Review backup systems– Review data security Review data security

Discovery PlanningDiscovery Planning steps steps (3/1)(3/1)

– Review policies on personnel termination and Review policies on personnel termination and transfer transfer

– Identify systems supporting mission critical f Identify systems supporting mission critical f unctions unctions

– Identify vulnerabilities (Identify vulnerabilities ( Such as flood, tornad Such as flood, tornad o, physical attacks, etc. o, physical attacks, etc.))

– Assess probability of system failure or disrupt Assess probability of system failure or disrupt ion ion

– Prepare risk and security analysis Prepare risk and security analysis


• - Step Four Develop Strategic Outline for - Step Four Develop Strategic Outline for Recovery Recovery

1 1 Assemble groups Assemble groups as appropriate for: as appropriate for:– Hardware and operating systems Hardware and operating systems– Communications Communications– Applications Applications– Facilities Facilities– Other critical functions and business processe Other critical functions and business processe

s as identified in the Business Impact Analysis s as identified in the Business Impact Analysis


• For each system/process above quantify For each system/process above quantify the following processing requirements: the following processing requirements:

– Light, normal and heavy processing days Light, normal and heavy processing days– Transaction volumes Transaction volumes

• Dollar volume (if any) Dollar volume (if any)

• Estimated processing time Estimated processing time

• Allowable delay (days, hours, minutes, etc.) Allowable delay (days, hours, minutes, etc.)


3 3 Detail all the steps in your workflow for each cri Detail all the steps in your workflow for each cri tical business function (e.g., for student payr tical business function (e.g., for student payr

oll processing each step that must be complet oll processing each step that must be complet e and the order in which to complete them.) e and the order in which to complete them.)

4 4 Identify systems and applications Identify systems and applications– Component name and technical id (if any) Component name and technical id (if any)– Type (online, batch process, script) Type (online, batch process, script)– Frequency Frequency– Run time Run time

– Allowable delay (days, hours, minutes, etc.) Allowable delay (days, hours, minutes, etc.)


• Identify vital records (e.g., libraries, proc Identify vital records (e.g., libraries, proc essing schedules, procedures, research, essing schedules, procedures, research,

advising records, etc.) advising records, etc.)– Name and description Name and description – Type (e.g., backup, original, master, Type (e.g., backup, original, master,

history, etc.)history, etc.)– Where are they stored Where are they stored – Source of item or record Source of item or record – Can the record be easily replaced from Can the record be easily replaced from

another source (e.g., reference materials)another source (e.g., reference materials)


– Backup Backup •Backup generation frequency Backup generation frequency

•Number of backup generations available onsite Number of backup generations available onsite

•Number of backup generations available off-siteNumber of backup generations available off-site

•Location of backups Location of backups

•Media type Media type

•Retention periodRetention period

•Rotation cycle Rotation cycle

• Who is authorized to retrieve the backups? Who is authorized to retrieve the backups?


6 Identify if a severe disruption occurred what 6 Identify if a severe disruption occurred what would be the minimum would be the minimum requirements/replacement needs to perform requirements/replacement needs to perform the critical function during the disruption. the critical function during the disruption. – Type (e.g. server hardware, software, research Type (e.g. server hardware, software, research

materials, etc.)materials, etc.)– Item name and description Item name and description – Quantity required Quantity required – Location of inventory, alternative, or offsite Location of inventory, alternative, or offsite

storage storage – Vendor/supplier Vendor/supplier


7 Identify if alternate methods of processing 7 Identify if alternate methods of processing either exist or could be developed, quantifying either exist or could be developed, quantifying where possible, impact on processing. (Include where possible, impact on processing. (Include manual processes.) manual processes.)

8 Identify person(s) who supports the system or 8 Identify person(s) who supports the system or application application

9 Identify primary person to contact if system or 9 Identify primary person to contact if system or application cannot function as normal application cannot function as normal

10 Identify secondary person to contact if 10 Identify secondary person to contact if system or application cannot function as system or application cannot function as normal normal


11 Identify all vendors associated with the system or 11 Identify all vendors associated with the system or application application

12 Document unit strategy during recovery 12 Document unit strategy during recovery (conceptually how will the unit function?) (conceptually how will the unit function?)

13 Quantify resources required for recovery, by time 13 Quantify resources required for recovery, by time frame (e.g., 1 pc per day, 3 people per hour, etc.) frame (e.g., 1 pc per day, 3 people per hour, etc.)

14 Develop and document recovery strategy, 14 Develop and document recovery strategy, including: including: – Priorities for recovering system/function components Priorities for recovering system/function components – Recovery schedule Recovery schedule

Form – critical system processing requirement for recoveryForm – critical system processing requirement for recovery


• Step Five – Review Onsite and Offsite Backup Step Five – Review Onsite and Offsite Backup and Recovery Proceduresand Recovery Procedures

• The planning team as identified in Step 1 Task The planning team as identified in Step 1 Task 3 would normally perform this task. 3 would normally perform this task.

• Review current records (OS, Code, System Review current records (OS, Code, System Instructions, documented processes, etc.) Instructions, documented processes, etc.) requiring protection requiring protection

• Review current offsite storage facility or Review current offsite storage facility or arrange for one arrange for one

• Review backup and offsite storage policy or Review backup and offsite storage policy or create one create one

• Present to unit leader for approval Present to unit leader for approval


• Step Six – Select Alternate FacilityStep Six – Select Alternate Facility

• ALTERNATE SITE: A location, other than the ALTERNATE SITE: A location, other than the normal facility, used to process data and/or normal facility, used to process data and/or conduct critical business functions in the event of conduct critical business functions in the event of a disaster. a disaster. – Determine resource requirements Determine resource requirements – Assess platform uniqueness of unit systems (e.g., Assess platform uniqueness of unit systems (e.g.,

MacIntosh, IBM Compatible, Oracle database, Windows MacIntosh, IBM Compatible, Oracle database, Windows 3.1, etc.) 3.1, etc.)

– Identify alternative facilities Identify alternative facilities – Review cost/benefit Review cost/benefit – Evaluate and make recommendation Evaluate and make recommendation


II. Plan Development and TestingII. Plan Development and Testing

• Step Seven – Develop Recovery PlanStep Seven – Develop Recovery Plan

• This step would ordinarily be completed This step would ordinarily be completed by the coordinator/Project Manager by the coordinator/Project Manager working with the planning team.working with the planning team.

• Sample Plan OutlineSample Plan Outline


1 Objective 1 Objective 2 Plan Assumptions 2 Plan Assumptions 3 Criteria for invoking the plan 3 Criteria for invoking the plan

– Document emergency response procedures to occur Document emergency response procedures to occur during and after an emergency during and after an emergency

– Document procedures for assessment and declaring a Document procedures for assessment and declaring a state of emergency state of emergency

– Document notification procedures for alerting unit and Document notification procedures for alerting unit and university officials university officials

– Document notification procedures for alerting vendors Document notification procedures for alerting vendors – Document notification procedures for alerting unit staff Document notification procedures for alerting unit staff

and notifying of alternate work procedures or locations. and notifying of alternate work procedures or locations.


4 Roles Responsibilities and Authority 4 Roles Responsibilities and Authority – Identify unit personnel Identify unit personnel – Recovery team description and charge Recovery team description and charge – Recovery team staffing Recovery team staffing – Transportation schedules for media and Transportation schedules for media and

teams teams


5 Procedures for operating in contingency 5 Procedures for operating in contingency modemode– Process descriptions Process descriptions – Minimum processing requirements Minimum processing requirements – Determine categories for vital records Determine categories for vital records – identify location of vital records identify location of vital records – Identify forms requirements Identify forms requirements – Document critical forms Document critical forms – Establish equipment descriptions Establish equipment descriptions – Document equipment - in the recovery site Document equipment - in the recovery site – Document equipment - in the unit Document equipment - in the unit

Discovery PlanningDiscovery Planning steps steps (7/4)(7/4)– Software descriptions Software descriptions – Software used in recovery Software used in recovery – Software used in production Software used in production – Produce logical drawings of communication and Produce logical drawings of communication and

data networks in the unit data networks in the unit – Produce logical drawings of communication and Produce logical drawings of communication and

data networks during recovery data networks during recovery – Vendor list Vendor list – Review vendor restrictions Review vendor restrictions – Miscellaneous inventory Miscellaneous inventory – Communication needs - production Communication needs - production – Communication needs - in the recovery siteCommunication needs - in the recovery site


6 Resource plan for operating in contingency mode 6 Resource plan for operating in contingency mode

7 Criteria for returning to normal operating mode 7 Criteria for returning to normal operating mode

8 Procedures for returning to normal operating 8 Procedures for returning to normal operating mode mode

9 Procedures for recovering lost or damaged data 9 Procedures for recovering lost or damaged data

10 Testing and Training 10 Testing and Training – Document Testing Dates Document Testing Dates – Complete disaster/disruption scenarios Complete disaster/disruption scenarios – Develop action plans for each scenario Develop action plans for each scenario

• Sample Testing Diagram Sample Testing Diagram


11 Plan Maintenance 11 Plan Maintenance – Document Maintenance Review Schedule Document Maintenance Review Schedule

(yearly, quarterly, etc.) (yearly, quarterly, etc.) – Maintenance Review action plans Maintenance Review action plans – Maintenance Review recovery teams Maintenance Review recovery teams – Maintenance Review team activities Maintenance Review team activities – Maintenance Review/revise tasks Maintenance Review/revise tasks – Maintenance Review/revise documentationMaintenance Review/revise documentation


12 12 Appendices for Inclusion Appendices for Inclusion – inventory and report forms inventory and report forms – maintenance forms maintenance forms – hardware lists and serial numbers hardware lists and serial numbers – software lists and license numbers software lists and license numbers – contact list for vendors contact list for vendors – contact list for staff with home and work contact list for staff with home and work

numbers numbers


– contact list for other interfacing contact list for other interfacing departments departments

– network schematic diagrams network schematic diagrams – equipment room floor grid diagrams equipment room floor grid diagrams – contract and maintenance agreements contract and maintenance agreements – special operating instructions for sensitive special operating instructions for sensitive

equipment equipment – cellular telephone inventory and cellular telephone inventory and

agreements agreements


Step Eight - Test the PlanStep Eight - Test the Plan 1 Develop test strategy 1 Develop test strategy 2 Develop test plans 2 Develop test plans 3 Conduct tests 3 Conduct tests 4 Modify the plan as necessary 4 Modify the plan as necessary • Samples Samples • Test Plan StrategyTest Plan Strategy• Test Plan ScenarioTest Plan Scenario• Test Results/Test EvaluationTest Results/Test Evaluation


• III. Ongoing MaintenanceIII. Ongoing Maintenance• Step Nine - Maintain the PlanStep Nine - Maintain the Plan • Dean/Director/Unit Administrator will be Dean/Director/Unit Administrator will be

responsible for overseeing this. responsible for overseeing this. 1 Review changes in the environment, 1 Review changes in the environment, technology, and procedures technology, and procedures 2 Develop maintenance triggers and 2 Develop maintenance triggers and procedures procedures 3 Submit changes for systems development 3 Submit changes for systems development procedures procedures 4 Modify unit change management procedures 4 Modify unit change management procedures 5 Produce plan updates and distribute 5 Produce plan updates and distribute

Discovery PlanningDiscovery Planning steps steps (10)(10)

Step Ten – Perform Periodic AuditStep Ten – Perform Periodic Audit

1 Establish periodic review and update 1 Establish periodic review and update procedures procedures

Important factors (1/3)Important factors (1/3)

• Communication Communication– Personnel — notify all key personnel of the pr Personnel — notify all key personnel of the pr

oblem and assign them tasks focused toward oblem and assign them tasks focused toward the recovery plan. the recovery plan.

– Customers — notifying clients about the prob Customers — notifying clients about the prob lem minimizes panic. lem minimizes panic.

• Recall backups Recall backups– If backup tapes are taken offsite, these need If backup tapes are taken offsite, these need

to be recalled. If using remote backup service to be recalled. If using remote backup service s, a network connection to the remote backu s, a network connection to the remote backu p location (or the Internet) will be required. p location (or the Internet) will be required.

Important factors (2/3)Important factors (2/3)

• FacilitiesFacilities– having backup hot sites or cold sites for larger com having backup hot sites or cold sites for larger com

panies. panies.– Mobile recovery facilities are also available from m Mobile recovery facilities are also available from m

any suppliers. any suppliers.

• Prepare your employees Prepare your employees– during a disaster, employees are required to work l during a disaster, employees are required to work l

onger, more stressful hours, and a support system s onger, more stressful hours, and a support system s hould be in place to alleviate some of the stress. hould be in place to alleviate some of the stress.

– Prepare them ahead of time to ensure that work run Prepare them ahead of time to ensure that work run s smoothly. s smoothly.

Important factorsImportant factors (3/3)(3/3)

• Business information Business information– backups should be stored in a completely sep backups should be stored in a completely sep

arate location from the company arate location from the company

• Testing the plan Testing the plan– provisions, directions, frequency for testing t provisions, directions, frequency for testing t

he plan should be stipulated. he plan should be stipulated.

Things to do in DRP (1/4)Things to do in DRP (1/4)

• Here are Here are 1010 absolute basics your plan should co absolute basics your plan should cover:ver:

11 . Develop and practice a contingency plan tha . Develop and practice a contingency plan tha t includes a succession plan for your CEO. t includes a succession plan for your CEO.

2. 2. Train backup employees to perform emerge Train backup employees to perform emerge ncy tasks. ncy tasks.

– The employees you count on to lead in an The employees you count on to lead in an emergency will not always be available. emergency will not always be available.

3.3. Determine offsite crisis meeting places for t Determine offsite crisis meeting places for t

op executives. op executives.


44 - . Make sure that all employees as well as exe - . Make sure that all employees as well as executives are involved in the exercises so that the- cutives are involved in the exercises so that the

y get practice in responding to an emergency. y get practice in responding to an emergency.

55 . Make exercises realistic enough . Make exercises realistic enough– to tap into employees' emotions so that you can see to tap into employees' emotions so that you can see

how they'll react when the situation gets stressful. how they'll react when the situation gets stressful.

6.6. Practice crisis communication with employee Practice crisis communication with employee s, customers and the outside world. s, customers and the outside world.


7 7 Invest in an alternate means of communicatio Invest in an alternate means of communicatio n in case the phone networks go down. n in case the phone networks go down.

8.8. Form partnerships with local emergency resp Form partnerships with local emergency resp - onse groups firefighters, police to establish a - onse groups firefighters, police to establish a good working relationship. good working relationship.

– Let them become familiar with your company and s Let them become familiar with your company and site.ite.


9. 9. Evaluate your company's performance Evaluate your company's performance during each test, and work toward consta during each test, and work toward consta

nt improvement. nt improvement.– Continuity exercises should reveal weakness Continuity exercises should reveal weakness

es.es.

10.10. Test your plan regularly Test your plan regularly– To achieve plan effectivelyTo achieve plan effectively

TT op mistakes in disaster rec op mistakes in disaster rec overy overy

• InIn adequate planning adequate planning

• Failure to bring the business into the planning Failure to bring the business into the planning and and

testing.testing.

• - Failure to gain support from senior level mana - Failure to gain support from senior level mana gers. gers.

Documents

Disaster Recovery Planning (DRP)