Disaster Recovery & Business Continuity

-


Business Continuity & Disaster Recovery



Fact

  • 1 in 4 businesses never re-open their doors after a disaster.
  • 90% of businesses fail within 2 years after being struck by a disaster.
  • Information Systems are vulnerable to a variety of disruptions.
  • Mild : Temporary power outages, disk failures etc.
  • Severe : Equipment destruction, fire, natural disasters etc.
  •  Organizations must have the ability to withstand hazards and achieve business objectives through both gradual & sudden changes.
  •  Focus is on ‘Availability’ component of the famous C.I.A
  • We achieve this through ‘Disaster Recovery Planning’ & ‘Business Continuity Planning’.
 Disaster Recovery Planning (DRP) 

 The process of rebuilding your operations or infrastructure after the disaster has passed.

 Business Continuity Planning (BCP) 

The activities required to keep your organization running during a period of displacement or interruption of normal operations. 




 Why a Business Continuity needed for a Business

• Advancement of IT means businesses nowadays depend heavily on information systems.

• Many businesses cannot survive without 24 x 7 operations of IS. (e.g. e-commerce)

• Therefore traditional disaster recovery plans which focus on restoring centralized data & operations center might not be sufficient.

• More comprehensive and robust Business Continuity Plan is needed for critical IS. 



Business continuity plan should exist in the event of following disruptions or disasters.


 • Equipment Failure
 • Disruption of power supply or telecommunication
 • Application failure or database corruption
 • Human error, Sabotage, Vandalism & Strikes
 • Malicious Software (Viruses, Worms, Trojan Horses) Attack
 • Hacking or any other internet attack
 • Social Unrest or Terrorism
 • Fire 
 • Natural Disasters (Flood, Earthquake, Hurricanes etc.)

Business Continuity Planning : Team
  • Information systems have shifted from traditional centralized architecture to distributed and     client/server architecture.
  •  IT department alone cannot achieve BCP success
  • All executives, managers, employees must participate
  • BC/DR Coordinator is responsible for maintaining the BCP
  • He or She will carry out periodical reviews and redistribute document parts to relevant parties
There are different methods an organization can achieve BC
  • Cold Site: An empty facility located offsite with required infrastructure ready for installation in the  event of a disaster.
  •  Mutual Backup: Two organizations with similar system configuration agreeing to serve as backup site to each other.
  •  Hot Site: A site with hardware, software & network installed and compatible to original site.
  • Remote Journaling: Online transmission of data to backup systems periodically (every few hours) Minimizes loss of data and reduces recovery time.
  • Mirrored Site: A site equipped with identical facilities to the original site with system mirroring capability. Data is mirrored & backed up immediately. Transparent Recovery.


Mirrored Site
DR & BC Providers
  • Organizations can decide to use a facility delivered by a third party BC provider.
  • However following areas of concerns should be considered. 
  • Floor Space • Redundant Equipment
  • Redundant Network Capacity
  • Relationship with vendors to provide replacements or assistance
  •  Budgetary Constraints
  • Skilled personnel availability
Preparing the BC Plan: Phases
  1. Project Initiation BC objectives are defined and the scope is identified. A committee will be appointed to draw up BC policies.
  2. Business Analysis Performing the ‘Risk Analysis’, Considering alternative BC strategies, Cost-benefit analysis, strategy selection & establish the budget.
  3. Design & Development (Plan) BC team is identified and responsibilities are assigned. Develop BC strategy and action plan and plan activation criteria.
  4. Implementation (Plan) Prepare disaster response & recovery procedures. Vendor contracts prepared and recovery resources are purchased. Ensure that recovery team on alert.
  5. Testing - Exercise scenarios periodically & produce BC reports & evaluate. 6. Maintenance - Reviewing & constantly updating/improving the BC plan.
Legally Obligated
  • In some organizations business analysis  is not the only factor that determines BC Strategy.
  • They are legally obligated by regulators to provide certain levels of protection to client data.
  • Organizations who have direct public interest (such as banks) have legal obligations to implement DR & BC strategies.

Comments

  1. AnonymousAugust 28, 2018 at 12:49 PM

    It was very helpful article on disaster recovery & business continuity. I found this blog post very helpful. Thanks for sharing valuable content.

    ReplyDelete

Post a Comment

Popular posts from this blog

OAUTH AUTHORIZATION SERVER

-
Image
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices. This instructional exercise we will make an application which might login with FACEBOOK account. What's more, we will get the secured data by the Facebook. So let’s get started ! The following diagram shows all the steps associated in this flow. Here the steps are; The application requests authorization to access service resources from the user. If the user authorized the request, the application receives an authorization grant.  The application requests an access token from the authorization server (API) by presenting authentication of its own identity,...
Read more