Disaster Recovery

Aims and Objectives

To have an understanding of issues affecting IT security

and how we can overcome these.

• To understand the importance of disaster recovery planning • To be able to evaluate risks within a business context• To gain a deeper understanding of backup technologies and their

respective issues

What is disaster recovery?

The process, policies, and procedures relating to the preparation for the recovery

of technical infrastructure critical to the running of an organisation.

What do we mean by risk?

Risk = exposure to the chance of injury or loss; a hazard or dangerous chance

http://www.youtube.com/watch?v=cnTfGmgmrrA

Risk Awareness

• Viruses

• Fire

• Natural occurrences – earthquakes, floods, Volcanoes etc

• Hacking

• System failures

• Fraud

• Power failure

• Sabotage

• Theft

• Blackmail

• Terrorism

• Cabling issues

• Spilt drinks!

• Espionage……………………………etc etc etc

The reality

What issues are really likely to affect your IT systems?

• Loss of data – Missing laptops/pen drives/user hits delete!

• Server room overheat – failed air conditioning• Flooding – burst pipes, are you in a flood risk area• Infrastructure failure – your drive fails on the server• Spilt drinks!

Consequences

• No communications (phone orders)• Loss of knowledge• Bankruptcy – financial implications• No office space• Loss of reputation• Prosecution• Increased resources required, staff and equipment

Mitigation – minimising our exposure to risk

• Backup regularly.• If using portable media to backup eg tapes, rotate daily• One person to be responsible for backups• Store tapes off site• Rehearse recovery procedures• Use RAID on the servers• Do not allow storage of items on workstations (this is not

backed up)• Ensure sufficient level of antivirus software is used• Company should have a DR plan

Types of Media

• Floppy disk – very outdated and very small

• Cd/Dvd – poor transfer rates and reliability issues

• Pen drives – easily lost or stolen

• Hard drives – capacity issues if used in business environment

• Disk to disk – easy, large storage capacity, need two sites close to each other or becomes expensive

• Online – easy to use, stored off site, encrypted for security – what happens if company goes out of business?

• Tape – cheap? Can be used in robots, tapes can become corrupted, change library tapes may become unreadable

Recap

• We are surrounded by risks to our IT• We need to evaluate the possibility of these occurring• We need to determine if the solution is worth the cost • We can minimise our risk through the use of backups• We need a fast, efficient backup solution, that is easy and

reliable to restore from• Our backup solution needs to take into consideration previous

years data• If using any form of backup media eg tapes this needs to be

stored off site• Backups need to be run regularly and recovery procedures

practiced

Homework!

On Moodle – Disaster Recovery question. This is taken from 2010

A Level paper