Disaster Recovery

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 15 minutes
Difficulty
Intermediate
CEU/CPE
8
Video Transcription
00:00
>> Hi there and welcome to Disaster Recovery.
00:00
In this module, we'll talk
00:00
about disaster recovery plans,
00:00
some of the key concepts,
00:00
some of the recovery strategies,
00:00
a little bit about third-party sites,
00:00
some of the IT contents for DRP,
00:00
some DRP scenarios, common responsibilities,
00:00
and the testing and auditing of DRP.
00:00
You'll notice that this has got
00:00
some similarities to
00:00
business continuity that we just covered,
00:00
but there are some differences as well,
00:00
although there is quite a bit of crossover
00:00
and they do need to work hand in hand together.
00:00
Without any further ado, let's begin.
00:00
The disaster recovery plan
00:00
needs to interact with the BCP.
00:00
They need to work hand in hand and ensure that they both
00:00
work to achieve the common objectives
00:00
of recovering the business.
00:00
The disaster recovery plan,
00:00
as opposed to the BCP,
00:00
has a soul focus on the restoration of
00:00
IT services or IT processes after a disruption.
00:00
Business continuity plan will deal with the business,
00:00
disaster recovery plan primarily
00:00
deals with the IT aspects,
00:00
but again, there are crossovers.
00:00
This should also be a continuous process,
00:00
so it's basically ensuring that
00:00
disaster recovery is developed and
00:00
maintained and is still current for the organization,
00:00
just like the BCP,
00:00
and often in some organizations
00:00
be subject to compliance requirements as well.
00:00
Disaster recovery needs to be in place to
00:00
maintain legislative or regulatory requirements.
00:00
A few of the key concepts,
00:00
and as we saw with the BCP,
00:00
we've got recovery point objective
00:00
and recovery time objective,
00:00
we have what's referred to as interruption window,
00:00
which is the maximum window of
00:00
downtime that can be acceptable
00:00
for the business to maintain the business requirements.
00:00
We have a service delivery objective
00:00
and maximum tolerable outages.
00:00
A couple of recovery strategies,
00:00
we've got some key factors here.
00:00
The criticality of the processes
00:00
and supporting applications,
00:00
the need to be identified and determined.
00:00
There needs to be cost elements calculated to determine
00:00
exactly the cost of
00:00
the disaster recovery versus
00:00
the cost of potential lost business,
00:00
the time required to recovery,
00:00
and also the security aspects.
00:00
In terms of the strategies,
00:00
there's a couple of alternatives.
00:00
We've got cold sites, in other words,
00:00
the site that we can walk
00:00
into the door and turn on and set up.
00:00
Mobile sites, warm sites,
00:00
host sites, mirrored sites,
00:00
and reciprocal agreements where
00:00
you can have an arrangement with
00:00
another organization to provide
00:00
disaster recovery services for you in your time of need.
00:00
With third-party sites, there's
00:00
a couple of issues to consider.
00:00
If you're basically by third-party site,
00:00
if you are going to use another organization or
00:00
any other provider to help you
00:00
get your systems back up and running,
00:00
here are a few things you need to look at.
00:00
You need to determine if the configuration
00:00
of the site is the
00:00
same as yours and is acceptable for your business,
00:00
you also need to make
00:00
sure that there's alignment with the definition of
00:00
the disaster so that they have an understanding of
00:00
exactly when you will be coming to them,
00:00
you need access to the site,
00:00
and also an indication of priority,
00:00
particularly with third party sites that
00:00
specialize in
00:00
providing these disaster recovery services,
00:00
you need to know that if a disaster
00:00
occurs and it's infecting a couple of their clients,
00:00
what's your priority in terms of access.
00:00
That feeds into availability,
00:00
are you able to get to the site?
00:00
Also, the speed of availability,
00:00
how quickly that the site
00:00
is able to be brought up and running.
00:00
A couple of other issues in terms
00:00
of preferences, insurance requirements,
00:00
any usage period, communications, warranties, orders,
00:00
and testing all need to be taken into
00:00
account when considering third-party sites.
00:00
Some of the DRP contents,
00:00
and this will be very similar again to the BCP.
00:00
Escalation procedures, you need to
00:00
know when to declare a disaster.
00:00
Plan activation, who's
00:00
responsible for activating the plan.
00:00
Linkages with any other plans,
00:00
such as the BCP, for example.
00:00
We need personnel and their responsibility,
00:00
who is responsible to do what
00:00
given in a particular disaster.
00:00
Contact details and notification lists, in a disaster,
00:00
you want to make sure that you have
00:00
all your third-party suppliers,
00:00
all your personnel management,
00:00
and people you need to talk to
00:00
available and easily accessible.
00:00
You need to actually have the recovery process,
00:00
you need to determine exactly how do I get
00:00
my business back up and running
00:00
after this particular disaster.
00:00
You also need to have an indication of what
00:00
your important vendors and suppliers are,
00:00
and any spare resources that are
00:00
needed in this disaster recovery process.
00:00
Often cases with planning
00:00
and certainly with the development of the plan,
00:00
there are a couple of common
00:00
disaster recovery scenarios that
00:00
will more than likely be
00:00
covered in any plan that you see.
00:00
Loss of network connectivity,
00:00
loss of key systems,
00:00
loss of processing site or infrastructure,
00:00
any loss of critical data,
00:00
loss of an office itself or any other facility,
00:00
and loss of key service provider.
00:00
These would probably be common across
00:00
most disaster recovery plans,
00:00
and you'll often see in plans that these are
00:00
very detailed steps on what to
00:00
do in the event of these occurring.
00:00
A couple of common responsibilities
00:00
in terms of incident management,
00:00
administration and logistics,
00:00
and information technology.
00:00
There's quite a few areas of responsibility under
00:00
each of these headings that need
00:00
to be basically incorporated
00:00
into the plan and needs to be
00:00
signed to be managed throughout this process.
00:00
Testing DRP, very similar
00:00
to the tests conducted for the BCP.
00:00
You have a checklist review,
00:00
where you are essentially just walking through
00:00
the motions in a desktop review
00:00
as we discussed with the BCP.
00:00
A structured walk-through,
00:00
where you would go through the motions quite
00:00
physically in terms of each of
00:00
these processes, for example,
00:00
if your DRP called for you
00:00
to retrieve tapes from a offsite backup storage,
00:00
you would actually drive down to
00:00
the offsite backup storage
00:00
and determine how well that worked.
00:00
There's a simulation test where problems could be
00:00
entered into the system to simulate an attack,
00:00
for example, or a failure of a critical system.
00:00
There are parallel tests where you could
00:00
basically take down a particular aspect of
00:00
the system and run it as if there was a disaster
00:00
while the rest of the organization
00:00
maintains functionality.
00:00
A full interruption test,
00:00
which is the actual testing the
00:00
failure of the system entirely as if it really did occur.
00:00
Auditing DRP testing,
00:00
you'll see this very similar to
00:00
business continuity auditing.
00:00
You need to verify completeness and precision.
00:00
The plan has to be accurate
00:00
and has to reflect the business.
00:00
You also need to evaluate
00:00
how well the personnel performed during the testing.
00:00
You also need to evaluate the training and awareness of
00:00
the personnel who are not members of
00:00
the recovery response team.
00:00
In other words, is the disaster recovery,
00:00
just like the BCP,
00:00
known to the entire organization?
00:00
You also need to evaluate coordination among teams and
00:00
external supplies to make sure
00:00
that all the resources are
00:00
functioning under the one plan.
00:00
Asses the backup site capability.
00:00
While you have planned to move to
00:00
an offsite backup location,
00:00
does it have the capabilities to
00:00
really do what you need it to do?
00:00
Assess the vital records retrieval capability
00:00
and evaluate the state and
00:00
quantity of any of the recovery equipment.
00:00
That's disaster recovery.
00:00
We talked a little bit about disaster recovery plans,
00:00
some of the key concepts involved,
00:00
recovery strategies, third-party sites,
00:00
the DRP contents and scenarios,
00:00
some common responsibilities that need to be
00:00
assigned during a DRP,
00:00
and also testing and auditing of disaster recovery plans.
00:00
I hope you enjoyed this lesson
00:00
and I will see you at the next one.
Up Next