4.4 Business Continuity and Cloud Storage

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

7 hours 31 minutes
Video Transcription
Hello again. All you members of the United Federation of Cloudy Planets. Welcome back to Cloud Architecture Foundation. This is Module 4.4. Business continuity and cloud storage. In the last video, we talked about the different files systems and how each operating system and Cloud platform uses their own unique file systems and how they write to storage.
We reviewed the United States Computer Emergency Readiness Team US CERT
321 rule of storage and reviewed some of the pros and cons of using cloud storage, just one of the organizations backup storage targets. In this video, we will be reviewing one of my favorite enterprise networking topics. The network designed strategy of business continuity and how the network and recovered a partial loss of service is continued operations
and complete business disruption due to disasters like fire, floods and tornadoes,
and how the use of cloud storage could be an elegant way of strengthening your organization's be CDR and Coop capabilities.
So in the National Institute of Standards and Technology n'est Special Publication 800-34 Contingency Planning Guide for Information Technology Systems, the following key milestones heir to be accomplished by any organization when determining how to build network operations for contingency planning.
Contingency planning according to NEST or their measures to recover I T service is following an emergency or system disruption.
Understand the IittIe contingency planning process and it's placed within the overall continuity of Operations Plan and Business Continuity Plan Process
Developer. Re examine your contingency policy and planning process and apply the elements of the planning cycle, including preliminary planning, business impact analysis, alternate site selection and recovery strategies and developer re examine your IittIe contingency planning policies and plans with emphasis on maintenance, training
and exercising the contingency plan.
So when you put the business continuity plan in action, you first start with the concept of risk. The first phase of BCP development is what the industry calls a risk assessment. What are the risk to your business? And it's not just about technology and disasters. Sure, a tornado that wipes out your data center is a disaster, but there are a lot more risks to consider
what happens to your business if the CEO suddenly dies or what happens if a security breach occurs
and a threat agent has stolen your company's confidential data. So once a risk assessment is performed identifying the risk to the organization.
The next phase of BCP development is what we call a business impact assessment. What impact would a tornado bring if your primary data center would be wiped out in one of the financial ramifications? What is the impact of the business financially and culturally if you're CEO dies in a car accident? And what is the financial impact, your business in the negative impact, your business reputation?
If a security breach were you
where your customers confidential data was stolen, whereto actually occur. Once we understand the impact of the business and the criticality of these impacts, we can start building a recovery strategy and a gap assessment based on risk. If we have discovered that the tornado wiping out our data center is a risk we're not willing to accept,
we will begin to do develop a business continuity plan and a business recovery strategy.
If a disaster like a tornado were to occur, and then once we have our BCP documented and implemented, we will train our employees. Our vendors are partners and Oliver Cos. Key players responsibilities for incidents response during a risk event visually dusted the tabletop exercise.
So according to Ever Bridge Corporation, a crisis management consulting firm, there are 10 steps to building a successful tabletop exercise, a scenario based practice of a 90 disruption or a security event for an organization. An example of a tabletop exercise would be the creation of an organizational incident response document
and then practice your company's incident response by calling all the identified employees in
without warning to the conference room, informing them that an organizational disruption event has occurred. For example, a computer virus has just attacked the network and that the computer virus shut down all access to the customer relationship management platform or C. R M.
The team that would be called into the conference room would run and grab the documented business continuity plan and start the business of both assessing the situation and then performing the steps necessary to recover from such an event. Tabletop exercises are a great way for an organization to practice a business continuity plan, learn from their mistakes, change and adjust the plan is necessary
and improve their BCP
and their continued operations and disaster recovery strategies. Going forward,
I cannot overemphasize the influence of the cloud of clouds, offerings and capabilities like Platform is a service. Storage is a service and software as a service to organizational business continuity, planning, continued operations and disaster recovery.
The cloud has completely changed how we in the enterprise strategize, design and execute the continued operations of her I T systems and network infrastructure and our business operational processes.
We will talk through some of these clouds strategies. Next we can choose to use the cloud is one of our copies of our data that is off premise. Instead of using tape and taking it home, for example, this is the first level and simplest level of deployment. Oven organizations cloud business continuity strategy
a second, a more complex level used in the cloud, and our business continuity plan is what we call cloud warm D R disaster recovery cloud warm D R Reserve Some of our elastic compute as a platform or stories is a platform to use in case of a disaster or a disruption event. You will heal. Organizations call the call these tears cold,
warm and hot backups
or cold, warm and hot d. R in a cloud Warm d r. The organization won't actually have the backup platforms. For example, Windows Server 2016 in Microsoft. SharePoint for examples up and running in the cloud of secondary fail over platforms. But they will have the CPU memory and storage on reserve. So, in case of business disruption,
if they can quickly and easily spend up the needed APS
timely so say as little as four to his many as eight hours from service disruption to back online In the cloud, the cost of being down for 4 to 6 or even eight hours is measured against the cost of having the apse running in the cloud always on and always ready and always to be used. His backups.
The cost of being down, wins out against the cost of boys running in the cloud to a point
which leads us toward a unique recovery time of Jeff Tibbs. Based on a risk assessment and our business impact assessment in what systems service is an up times we have determined are required Hot cloud de yards. Exactly what it sounds like we're replicating are on premise. Environments are physical and virtual servers and their storage,
so that we can easily and quickly change for our primary service is being those on premise
to those being cloud based. If a critical disruption to our premise based data center were to occur,
software as a service in the cloud has also changed how we d our mission. Critical applications like Microsoft Exchange. The slight is referencing the architecture of the enterprise Exchange 2016 deployment. If it looks like there's a lot of stuff going on, that's because there is. There are numerous Microsoft Server rules that have to be deployed in an enterprise exchange deployment.
You need to first have multiple mailbox servers to service the U boat user community
thes. Make up your database of Visibility Group or DAG. You need to maintain your own Microsoft Active directory infrastructure for user directory service is user authentication. Service is in group security policy, and then you have to have your own edge transport server and server rules to ensure you are properly smart. Routing your email correctly
with Microsoft Office 3 65 Software's of service
on organization no longer needs to maintain all of these exchange servers on premise and then have redundant Siri's of servers provided hot providing hot D are at the secondary data center. All of these capital expenses and operational expenses then go away from having to deliver the 592 reliability on premise.
After all of these different e mail service is both primary and secondary of both data centers.
Now all I have to do is point my redundant Internet connections to office 3 65 The Cloud and I have solved my hot D R E mail requirements, and my business continuity plan was significantly less cost and hugely less ongoing email management requirements.
That's why you're backing up this lectures MP four File to the cloud. Let's take this opportunity for a learning jack.
What is the business continuity plan
before you develop A B, C P. What must you under understand and measure in your organization?
How do tabletop exercises help your organization's business continuity plan?
And what are the three levels of business continuity and the cloud? So go check the status of your backup to the cloud, and when you're back up, window is complete, come back and we'll review our answers together. A business continuity plan is an organization's written plan on the recovery of critical business operations when a business disruption or a disaster occurs. A BCP is only good if you test it
and always improving it with the goals to reduce your recovery times and minimize the cost of business disrupting events
before you develop a B C P. You must understand an account for the risks to your organization, such as lost revenue, lost customers or the lost of materials such as a warehouse is destroyed when a disaster occurs. A tabletop exercise is a great way to practice your business continuity plan by practicing your organization's incident response
if business disruption were to occur
and the three levels of business continuity are the simplest, which is cloud backup. And then there's the warm D. R, which uses the cloud capacity of spare Resource is in the case of a disruption, which delivers typically 4 to 8 hours work every time objectives. And then there's Hot D R, which replicates all the critical compute storage and network service is in the cloud
so that we can have less than five minutes of downtime between switching over
from our primary, which is down back to our replicated service is in the cloud pretty amazing stuff.
So today we learned about business continuity, planning, BCP, continued operations and disaster recovery. We learn how the cloud has changed, how we think about BCP and designed for continued operations. Using service is such a CZ. The clouds platform is a service storages, service and software as a service, and we learned the Cloud BCP means we can
save a lot of organizational money. And Resource is pushing our continued operation service's and applications to the cloud
compared to secondary data centers. So that's it for Module four. We hope you learned a few things and had some fun doing it. Our next module is a review of the changes that are network architectures to connect to our cloud providers and some of the clouds. Networking as a service offers like wireless land and security Firewall Service's
really looking forward to working with you next time. Here in Cloud architecture foundations,
behalf of the entire cyber and Security I t. Team, an incredible group of professionals dedicated with the goal of making this course and other courses like it possible. We want to wish you and all the users on your network farewell Good day and happy packets
Up Next