Development of Disaster Recovery Plan

/in /by

[ad_1]

DISASTER RECOVERY RESEARCH PAPER

DISASTER RECOVERY

ABSTRACT:

Now-a-days, in a wide range huge organization are facing problems with natural disasters, data breach and once it happened it’s a hard time for that organization to recover from that. This paper illustrates about the importance and how many possible ways are there to recover the data from its current state to original state and how can we provide the better and best disaster recovery plan which must be made in case of any natural calamities. Let’s see and explain everything in detail.

Introduction:

Every organization is doing business to obtain money and to make their products popular. Every company probably will have data storage on site or off-site. They have very important and sensitive information stored in all their safes. If they store the data on on-site, if something happens all the data will be gone. So secure backups need to be in place. The company needs to have proper disaster recovery plan.

               A contingency plan can be defined as a plan invented with a careful thought other than the original or expected plan. They are used for risk management. They are basically implemented by governments or business.

For Example, the employees of an organization are travelled by bus, which got an accident, killed so many and got injured by severe crash. Then in that case, company got ruined or must take risk to bear the loss or sometimes they even need to give explanation for the concerned authorities that why it happened. Every company has their own policies and procedures to follow and the plan may include them to mitigate this type of loss or disasters potential impact.

Disaster recovery plan should be in such a way that it needs to come up with a proper solution for any disaster occurred at any level of business.

Every organizations have their own policies and procedures so that the company can ensure all their functionality based on that. Security threats, cyber-attacks, hacking might be faced by any company due to unusual attacks. To eradicate all these problems, disaster recovery team is there and to handle those incidents CSIRT team is there. The main objectives and goals of these teams are even though companies face natural disaster after that too, there is no impact on their   business and its productivity and helping in its continuity.


Disaster reasons

Disasters are due to

  1. Human Errors
  2. Power outages
  3. Unexpected patches and updates
  4. Fire or explosions
  5. Server Issues
  6. Severe weather

                                    A disaster recovery team is a group of individuals who are responsible for establishing and maintaining business recovery procedures. They also coordinate the recovery of business processes and functions. A disaster recovery team is essential for an effective implementation and maintenance of a disaster recovery plan. We don’t know what will be in the future. we never predict what is going to happen in the future. The disaster recovery team coordinate all these functions which needs to process to retain all the resources back to its normal states. These teams are charge of creating and inventing a disaster recovery plan. Team strength depends on the size, location of the concerned department. These teams aim and mainly focus on the giving the best backup strategies like database, cloud or on-premises without causing any latency.

Speed up the restoration and performing all the operations will be the high priority.

     The disaster recovery team need to analyze the locations, storages, network systems, protocols, customer impacts, customers, risks, security factors, policies, and forms. They need to collaborate and get all the decisions from all the department people so that it is very easy to restore everything for that particular location from the scratch.


Disaster Planning

Main advantages of Disaster recovery team planning include

1. Team should plan accordingly in such a way that it should have all the plans, which needs to between in action

and keep on updating for the changes.

2. It needs to have basic operational functionalities and constraints.

3. It needs to get all the requirements and considerations for the planning.

4. Appropriate resources must be identified.

5. They need to be aware of their roles and responsibilities.

Principles of Disaster Recovery Team:

a. Members should be expertized at Organizational level.

b. Authoritative leadership to provide right directions in order fall in right place at right time.

c. Members of this team should be technically strong in IT management.

d. Business operational knowledge should be great value for this team members.

Goals and objectives:

1. Collaboration

2. coordination

3. Operational needs

4. Cooperation

5. Incident handling skills

                              Incident Handling skills will be taken care by CSIRT team. CSIRT can abbreviated as Computer Security Incident Response Team is a team or organization that collects all the reports, all the documentation of security breaches, perform and conduct analyses of the reports and responds to the sender’s requests. Basically CSIRT, might be a group or team handling many proactive tasks as needed basis. Team consists of Manager or team lead who is showing right directions and listening to team members intentions as well getting responses from them regarding to relevant tasks. Helpdesk staff/hotline provide assistance to the end users. Incident handlers will work on the incidents. Vulnerability handlers will take care of security issues. Trainers are there, to train the staff who are newly joined. CSIRT staff member is expected to have some minimum set of basic skills to do the work effectively.

  Disaster recovery measures can be classified mainly into three types:

  1. Preventive measures
  2. Corrective measures
  3. Detective measures

We don’t know what will be in the future. we never predict what is going to happen in the future.

For every organization or company or enterprise needs to keep their data secure and store

somewhere else. Because data backup is very important and crucial thing for businesses to continue their works, operations from day to day without taking a break before and after any uncertain situations so that they can withstand from data breaches, natural disasters and

any human errors or human made mistakes. Hacking attacks and security threats are more often

in these days even though we have backups. The company has to select the site based on the storage either it may be on-site or offsite. Both of them has its advantages as well as disadvantages (pro’s and con’s).


Onsite backup:

Through this backup, we can store our data within the premises. we can access this very quickly

without requirement of network connections. No need to bear high cost and they are non

expensive we can store them in tapes, hard drives. This will be beneficial for small companies.

Hard drives are easy to install and manage. Businesses with limited professional capabilities can

easily backup without any help of others. In terms of DVDS, CDS, video tapes. The size of the

data may depend on the capacity of the storage. We can recover it as soon as possible. The

physical devices are stored on the original data location and can be recovered within fraction of

seconds. It may not be secure and security factors need to be considered to protect the onsite

backup strategy.

In these security issues may involve and damage leads the whole data corrupted.

Remote backup:

 We can call them as off-site backups also. Cloud backups are more popular and secured

backups. There are different types of backups like incremental backups, differential backups, full

backups, mirror backups. Rather than storing a data in on premises, its better to store them in

remote locations. Multiple copies of data can be replicated and copied it on multiple data centres.

If one stops working, we can have an option of retrieving it back from other locations. This

backup is of more concern and in terms of security also. we can protect our data against all risks.

Cloud backups are more expensive, and we have to pay as you go. We need to pay per second

according to the utilization of their resources.

Hence off-site backup is more better than on-site backup.

 Security analysts will give the business data loss and remedy measures needs to be taken for the security issue. Security Engineers will monitor all the system and keep on detecting the incidents and log collections, whether the systems and applications are up and running, and all the data is up to date or not.

Tolerance might be an issue either it may be system level and data center level.

Single system Fault tolerance:

To reduce and avoid all the problems, fault tolerance comes into picture which means even there is a failure at any point, the system continues to work may not affect the usage of application by an end user. No impact on the business, there is no productivity loss, no need to worry about anything. In case of power supply failure, we can use generators and inventors. In case of data

stored on the systems, we can use databases which should be on-premises as well as cloud backups. The smartest way to store is cloud backup strategy. We can restore the data very easily if you follow these.

Data center level Fault tolerance:

Based on the performance, data centers are ranked according to the hierarchy. Higher executives will give the ranks for the datacenters as per their functionality following four tier center method. The last one in any data center we will take or consider it as a fault tolerant, keeping this in place. Automation, configuration, orchestration and software provisioning should be followed by each and every data center so that automatically if there are any faults, they will notify the employees. All the people in the company should be aware of the alerts. Equipment in the data center should be installed and used following the guidelines of that.

Example:

               Data Breach happened for Verizon, a largest wireless network provider in USA. The company files got hacked due to the impact of malware. They reported that, they found the small breaches and more than 100 files got affected which almost cost business between $20,000-$40,000. The problem got affects a lot of customers.

          Because in those files, it consists customers personal information like date of birth, SSN number, Credit card details along with CVV, billing address. It was the most recent incident happened. Concerns were like, if we have money to prevent the problem regularly, then it’s time to implement an effective backup strategy.

              Not only Verizon, Survey indicated that more than 25 countries almost had these types of incidents which led to data loss with a combined loss of $1.5 trillion due to data loss and downtime.

Back Up

             Cloud Computing plays a vital role in present era and now it’s trending all over. Now-a-days, organizations are migrating from on-premises to cloud. Cloud are of different types. They are Amazon Web Services, Google cloud platform, Blue mix and pivotal cloud foundry. Every resource will be like as pay as you go. And it completely depends on which service it belongs to like Platform as a service, Infrastructure as a service, software as a service. All services will provide certain amount of resources and we need to utilize them as much as company needs. We have different types of clouds like public cloud, private cloud, hybrid cloud and main cloud. Getting all of them and we were unable to pay them in time is a huge and biggest challenging task and it is the one of the thing need to face Incident handlers should at least have a minimum basic understanding of cloud and it works how it functions and how companies are utilizing the resources.

Amazon Web Services

  1. They should have a basic knowledge on how all these resources are configured.
  2. How the set of infrastructures takes place?
  3. What are the security concerns comes in to picture?
  4. Different types of load balancers like network load balancer, application load balancer and classic load balancer and if requests come’s in huge how we need to route the traffic and balance the load.
  5. Concept of autoscaling. When to scale up and scale down the instances based on the traffic.
  6. How the storage is acting in cloud when compared to normal data centers? And how the files and folders are allocating?
  7. Minimum awareness on the databases like mongo DB, Cassandra, RDMS, My SQL, No SQL, Oracle.
  8. If something abnormal happens, how the alerts and notifications set up was done? Whom to send an email regarding this?
  9. Full focused on the different operating systems like Linux, Mac OS, and Unix.
  10. In depth knowledge on memory management like utilization of CPU, RAM, Disk space and hard drive etc.
  11. Scheduling the resources at different locations as the need basis.
  12. Need to have an awareness on different virtualization technologies like Docker, hypervisors and virtual machines.
  13. Knowing of all the services like PAAS, SAAS & IAAS.

Right Backup strategy are required to eradicate all the issues, problems and concerns of any organization.

1. Cloud Backups: Smart backup option for any enterprise and helps us to come out of the disasters also. We can able to restore the data off-site. Amazon Web Services provides S3, snapshot as a backup feature for your info. Likewise, many cloud providers are offering options to store and retrieve your data onsite as well as off-site.

2. Testing backups: We need to test the integrity of backups and proper documentation needs to generate that will let you know if any files got missed, failed to transfer or nay corruptions occurred.

3. 24/7 support: It doesn’t matter what time and what day is?? If your network goes down, or any data loss happened you need a provider to support that.

4. Encryption: Across all the network, overall data needs to be protected with an encryption plan and it’s a key factor.

5. Strategies: They are different types of backup strategies like full backup, incremental backup, differential backup. It involves backups located such as on-premise and cloud storage.

Conclusion:

By taking all these into goals, necessary action should be taken. For any disaster either it may be natural disaster or data breach, we should have proper disaster recovery plan so that even after the disaster, they can restore or retrieve the data and no loss in the productivity of the business. Storage backups should be stored in the cloud so that it can be retrieved from a data base storage.

 

References:

  1. Smits, R., Van Merkerk, R., Guston, D. H., & Sarewitz, D. (n.d.). The Role of Technology Assessment in Systemic Innovation Policy. The Theory and Practice of Innovation Policy.
  2. Penev L, Hagedorn G, Mietchen D, Georgiev T, , Erwin T (2011) Interlinking journal and wiki publications through joint citation: Working examples from ZooKeys and Plazi on Species-ID. ZooKeys 90: 1-12.  Retrieved from https://doi.org/10.3897/zookeys.90.1369. (n.d.).
  3. What is disaster recovery plan (DRP)?-Definition from WhatIs.com. (n.d.). Retrieved from https://searchdisasterrecovery.techtarget.com/definition/disaster-recovery-plan
  4. IT Disaster Recovery Plan (n.d.). Retrieved from https://www.ready.gov/business/implementation/IT
  5. Who is on a disaster recovery team? (2015, September 03). Retrieved from https://www.bizmanualz.com/solve-business-problems/who-is-on-a-disaster-recovery-team.html
  6. http://pinimbus.com/affordable-disaster-recovery-plan-with-automation-and-public-cloud/ Retrieved from Disaster Recovery plan course book.

The post Development of Disaster Recovery Plan appeared first on mynursinghomeworks.

[ad_2]

Source link