Disaster Sec1

7/31/2019 Disaster Sec1

1/24

Presented By: Sean Snodgrass and Theodore Smith


2/24

Define Disaster Prevention and Recovery andBusiness Continuity Planning

Identify their uses Learn the importance of DRP, important

considerations, and statistics

Recognize different levels and solutions

Advantages and disadvantages

Activity


3/24

Disaster Prevention (DP):The process of minimizing the risk of a

disaster occurring. Pre-disaster stepstaken.

Disaster Recovery (DR):

The process of minimizing businessoperation downtime in the event of adisaster. Post-disaster steps taken.


4/24

Business Continuity Planning:

A practiced logical plan for how acompany will recover and restore data ina specified period of time after a disaster.


5/24

Serious information security incidents

Equipment or system failure

Loss of utilities and services

Organized and/or deliberate disruption

Environmental disasters


6/24

Personal (Mozy Online Backup)

Business (offsite data centers)

Law Firms (Sarbanes-Oxley Act)

Government

Universities (here at OSU)


7/24

Integral to business longevity

Useful tool

Mandated by law

Employee training


8/24

Veritas Software, a subsidiary ofSymantec, conducted a survey of more

than 1,200 global managers in 2004 What would be the most devastating

effects of a disaster for a company?

Source:htt ://www. rocessor.com/articles//P2641/04 41/04 41 ra hic. df? uid=BF210C8BB27D4313982642EC80117A4


9/24

Only 38% of companies had DR or BC

Nearly 20% said company would be at

stake 51% of respondents with DR had used

their recovery plan within the past year.

Computer failure, hackers, virusesaccounted for 63% of used plans


10/24

More than 40% would have no idea howto resume business if primary data center

lost. On average, 72 hours to recover basic

business functions after a fire.

$78,000 lost per hour on average(Disaster Recovery Journal estimate)

Source:htt ://www. rocessor.com/articles//P2641/04 41/04 41 ra hic. df? uid=BF210C8BB27D4313982642EC80117A4


11/24Picture Source: Witty, Roberta J. Disaster Recovery Journal, Fall 2005. Volume 19, Issue 4


12/24

How often do you think most companiestest their recovery systems?

Annually

Semi-annually

Quarterly Never


13/24Picture Source: Witty, Roberta J. Disaster Recovery Journal, Fall 2005. Volume 19, Issue 4


14/24

Costs

Threats and BIA

Mission critical business functions

Recovery Time Objective (RTO)

Recovery Point Objective (RPO)

Systems

People

Source: http://www.stanford.edu/dept/EHS/prod/general/erprep/BCP_guide.doc


15/24

Data storage/duplication methods

Tape backup

Electronic vaulting Periodic data backup

Mirroring

Picture Source: www.netgainit.com/Page.aspx?pageID=21
http://www.netgainit.com/Page.aspx?pageID=21http://www.netgainit.com/Page.aspx?pageID=21


16/24

Software

Facilitates data and systems recovery

Automated or user commandedsynchronization.

Also used in BCP


17/24

Cold site

Offsite storage facility with basic

infrastructure No data recovery

Long recovery time

Low cost

Source: Processor Editorial Article Hot, Warm, or Cold, September 2004. Vol. 17 Issue 35:http://www.processor.com/editorial/article.asp?article=articles%2Fp2735%2F23p35%2F23p35.asp

Picture Source:pulickal.files.wordpress.com/.../emptyrm-b.jpg


18/24

Hot site

Offsite facility, fully mirrored data center

Minimal data loss Nearly instantaneous recovery

High cost



19/24

Picture source: http://www.another9.com/uploads/hotsite.gif


20/24

Warm site

In between hot and cold sites

Partially functional data center Periodic data replication

Lower cost relative to hot sites



21/24

Mobile On-site

Mobile data center

Flexible Limited space

Suitable for smaller recoveries

Keeps employees close to home

Picture source: http://www.rentsysrecovery.com/?PID=4


22/24

Quick-ship

Solution implied in name

Third-party vendor Temporarily leased equipment


23/24

Disadvantages:

Very costly (hospitals pay between 100-500 grand peryear)

Needs constant maintenance Will not be successful if everyone is not involved

Like insurance

Advantages: Saves huge amounts of money if a disaster occurs

Can be used to help other business functions


24/24

DR is highly tailored to individualcompanys needs

DR implementation is on the rise,trending towards warm sites

When fully utilized can save companies

money Useful for anyone in the business world

to be aware of

Documents

Disaster Sec1