After the Attack. Business Continuity. Planning and Testing Steps. Disaster Recovery. Business Impact Analysis (BIA) Succession Planning

Size: px
Start display at page:

Download "After the Attack. Business Continuity. Planning and Testing Steps. Disaster Recovery. Business Impact Analysis (BIA) Succession Planning"

Transcription

1 After the Attack Business Continuity Week 6 Part 2 Staying in Business Disaster Recovery Planning and Testing Steps Business continuity is a organization s ability to maintain operations after a disruptive event Examples: power outage earthquake cyber attack 1. Identify exposure to threats 2. Create preventative and recovery procedures 3. Test procedures to determine if they are sufficient Sacramento State - Cook - CSc Summer 2018 Succession Planning Business Impact Analysis (BIA) Often employees will quit, are incapacitated (sick), or pass away This is used in any large business, government, etc Succession planning determines, in advance, who is authorized to take over key roles Business Impact Analysis identifies business functions and impact of their loss Identifies threats through risk assessment Determines impact if threats are realized 1

2 Steps to Create a BIA BIA Interview Form Questionnaires used to prompt thinking about impact of a disaster In-person interviews held discuss different scenarios interview form helps organize information obtained Section Name of Business Unit Employees Function Parent Dependencies Child Dependencies Description Description of the unit's function Number of full time staff A description of the principle activities the unit performs (marketing, production, etc ) Names of other units that this unit needs to operate Names of other units that needs this unit BIA Interview Form Section Technology Recovery Quantitative Impact Qualitative Impact Recovery Strategy Description Critical IT functions that are needed (database, network, hardware) Financial loss to the company if unit cannot function Nonfinancial loss to company (reputation, customers) if unit cannot function Actions the unit can take to recover normal function (employees work from home, alternative site) Disaster Recovery Recovery Time Amount of time needed to recover For when "it" hits the fan Disaster Recovery Disaster Recovery Plan Subset of business continuity planning and testing Also known as contingency planning Focuses on protecting and restoring information technology functions Disaster Recovery Plan is a written document detailing process for restoring IT resources Mean time to restore (MMTR) measures the average time needed to reestablish services after a disaster 2

3 Common Features Definition of plan purpose and scope Definition of recovery team and their responsibilities List of risks and procedures and safeguards that reduce risk Outline of emergency procedures Detailed restoration procedures Fault Tolerance Stuff Breaks and never when you want it Fault Tolerance Fault Tolerance Many systems have a single point of failure Defined as a component or entity which will disable the entire system if it fails Examples: processor on your phone spark plugs on your car So the basic approach is to remove single point of failure Primary mechanism to ensure business continuity Results in high availability Redundancy Server Redundancy Redundancy way to address single point of failure idea is to build backup systems to protect against failures applies to servers, storage, networks, power Servers play a key role in network infrastructure failure can have significant business impact Some organizations stockpile spare parts for servers or have redundant servers Server cluster multiple servers that appear as a single server connected through public and private cluster connections 3

4 Asymmetric Servers Symmetric Servers Asymmetric servers perform no function except to be ready if needed So, when one fails, the next one is brought online Used for databases, messaging systems, file and print services Symmetric server cluster uses multiple servers together If one server fails, remaining servers take on failed server s workload More cost effective than asymmetric clusters Used for Web, media, and VPN Data Redundancy RAID Technology Hard drives are often one of the first components to fail Some organizations keep spare hard drives Mean time between failures (MTBF) measures average time until a component fails and must be replaced can be used to determine number of spare hard drives an organization should keep Redundant Array of Independent Devices (RAID) makes use multiple redundant hard disks Greatly increases reliability and performance Several levels of RAID exist RAID Level 0 RAID Level 0 RAID Level 0 (striped disk array) stores data across several hard drives Each hard drive is striped into smaller partitions data, written to the stripes, is alternated across the drives No redundancy if one drive fails, all data on that drive is lost but data on other drives is preserved Greatly improves speed, but dangerous! 4

5 RAID Level 1 RAID Level 1 mirrors multiple drives to the same disk controller card Each hard drive is a mirror of each other controller sends each the same write commands so, each hard drive is a duplicate If any single drive fails data will not be lost other drives will take over the workload dead drive can be removed and replaced RAID Level 5 RAID Level 5 uses mirrored disks that store error checking data on each other Distributes parity (error checking) data stored on one drive and its parity data is stored on another drive Hard drives sometimes malfunction does not fail, but is not working correctly other drives will see the discrepancy Backups Hide ya data, Hide ya bytes 5

6 Data Backups Backup Philosophy Essential element in any Disaster Recovery Plan A backup is the act of copying information to a different medium and storing it in event of a disaster Basic question: how much data you can afford to lose Any data created between backups can be lost forever Consider this data to be in danger! Backup Philosophy Data Backup Methods Typical considerations What needs to be saved How often to backup Media that should be used Where to store backups Hardware/software to be used Backup software can internally designate which files have already been backed up Windows contains an file attribute called "archive" for this very purpose How it works: anytime file contents change, attribute is changed to true (1) backup software saves these files and sets the attribute to false (0) When To Backup Recovery point objective (RPO) maximum length of time organization can tolerate between backups can be months or hours Recovery time objective (RTO) time it will take to recover backed up data small times are better less downtime 6

7 Disk to Tape Backups Disk to Disk Backups Data can be saved to magnetic tape each tape can store up to 800GB of data relatively inexpensive Standard for over 40 years Disadvantages of magnetic tape backups slow backup speed high failure rates data not encrypted on tape Disk to Disk (D2D) data is copied from one hard drive to another automatically takes place on RAID 1 better RPO and RTO than magnetic tape may be subject to failure or data corruption Disk to Disk to Tape (D2D2T) uses disk as a temporary storage area data later transferred to magnetic tape Student Guide Backup depending... upon how much data you can afford to lose whenever you complete something "major" once a week should be good enough Store backups in a safe place different location from your computer be careful you don't want it stolen Incident Response Procedures Response and Investigation Incident Response Procedures Basic Forensics Procedures When unauthorized incident occurs a response is required Incident response procedures is a list of guidelines followed after an attack Secure the crime scene Collect the evidence Establish a chain of custody Examine for evidence 7

8 Secure the Crime Scene Collect the Evidence Goal is to preserve the evidence by taking steps to minimize the loss of evidence What happens first responders contacted physical surroundings documented photographs taken before anything is touched team takes custody of entire computer team interviews witnesses Digital evidence is very fragile can be easily altered or destroyed especially the case if the system is "live" most fragile data must be preserved first Team captures volatile data such as RAM, current network connections Capture entire system image hard drives, etc Order of Volatility Establish the Chain of Custody Location Register, cache, peripheral memory RAM Network state Running Processes Sequence to Retrieve First memory overwritten quickly Second don't use applications Third Fourth Evidence must be under strict control at all times No unauthorized person given opportunity to corrupt the evidence Keep in mind who can get access there may be more people than you think! (e.g. my office) can you prove no one had access Examine Evidence Very complex given how complex computers are Computer forensics expert searches documents Examples of things to look at Windows page files slack space file metadata logs 8

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 13 Business Continuity

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 13 Business Continuity Security+ Guide to Network Security Fundamentals, Third Edition Chapter 13 Business Continuity Objectives Define business continuity Describe the components of redundancy planning List disaster recovery

More information

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting

More information

Financial CISM. Certified Information Security Manager (CISM) Download Full Version :

Financial CISM. Certified Information Security Manager (CISM) Download Full Version : Financial CISM Certified Information Security Manager (CISM) Download Full Version : http://killexams.com/pass4sure/exam-detail/cism required based on preliminary forensic investigation, but doing so as

More information

Module 4 STORAGE NETWORK BACKUP & RECOVERY

Module 4 STORAGE NETWORK BACKUP & RECOVERY Module 4 STORAGE NETWORK BACKUP & RECOVERY BC Terminology, BC Planning Lifecycle General Conditions for Backup, Recovery Considerations Network Backup, Services Performance Bottlenecks of Network Backup,

More information

Business Continuity and Disaster Recovery. Ed Crowley Ch 12

Business Continuity and Disaster Recovery. Ed Crowley Ch 12 Business Continuity and Disaster Recovery Ed Crowley Ch 12 Topics Disaster Recovery Business Impact Analysis MTBF and MTTR RTO and RPO Redundancy Failover Backup Sites Load Balancing Mirror Sites Disaster

More information

3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007

3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007 3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007 Fault tolerance refers to the capability of a computer or network to continue to function when some component fails. Disk fault tolerance refers

More information

The 10 Disaster Planning Essentials For A Small Business Network

The 10 Disaster Planning Essentials For A Small Business Network The 10 Disaster Planning Essentials For A Small Business Network If your data is important to your business and you cannot afford to have your operations halted for days or even weeks due to data loss

More information

BUSINESS CONTINUITY: THE PROFIT SCENARIO

BUSINESS CONTINUITY: THE PROFIT SCENARIO WHITE PAPER BUSINESS CONTINUITY: THE PROFIT SCENARIO THE BENEFITS OF A COMPREHENSIVE BUSINESS CONTINUITY STRATEGY FOR INCREASED OPPORTUNITY Organizational data is the DNA of a business it makes your operation

More information

Introduction to Business continuity Planning

Introduction to Business continuity Planning Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources

More information

Introduction. Read on and learn some facts about backup and recovery that could protect your small business.

Introduction. Read on and learn some facts about backup and recovery that could protect your small business. Introduction No business can afford to lose vital company information. Small-business owners in particular must take steps to ensure that client and vendor files, company financial data and employee records

More information

Information Security in Corporation

Information Security in Corporation Information Security in Corporation System Vulnerability and Abuse Software Vulnerability Commercial software contains flaws that create security vulnerabilities. Hidden bugs (program code defects) Zero

More information

What is Data Protection and Disaster Recovery?

What is Data Protection and Disaster Recovery? powered by MORE What is Data Protection and Disaster Recovery? A HANDBOOK FOR COST-EFFECTIVE DISASTER PLANNING powered by MORE Data loss and disasters will impact every business in time. Fortunately, data

More information

Disaster Recovery and Business Continuity

Disaster Recovery and Business Continuity Disaster Recovery and Business A Rackspace White Paper Spring 2010 Summary The purpose of this guide is to cut through the jargon around Business and Disaster Recovery, explain the differences and help

More information

The 10 Disaster Planning Essentials

The 10 Disaster Planning Essentials The 10 Disaster Planning Essentials For A Small Business Network 252 Plymouth Ave. S. Rochester, NY 14608 585-546-4120 info@capstoneitinc.com www.rochestercomputersupport.com The 10 Disaster Planning Essentials

More information

The Microsoft Large Mailbox Vision

The Microsoft Large Mailbox Vision WHITE PAPER The Microsoft Large Mailbox Vision Giving users large mailboxes without breaking your budget Introduction Giving your users the ability to store more email has many advantages. Large mailboxes

More information

PowerVault MD3 Storage Array Enterprise % Availability

PowerVault MD3 Storage Array Enterprise % Availability PowerVault MD3 Storage Array Enterprise 99.999% Availability Dell Engineering June 2015 A Dell Technical White Paper THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS

More information

Disaster Recovery and Business Continuity Planning (Mile2)

Disaster Recovery and Business Continuity Planning (Mile2) Disaster Recovery and Business Continuity Planning (Mile2) Course Number: DRBCP Length: 4 Day(s) Certification Exam This course will help you prepare for the following exams: ABCP: Associate Business Continuity

More information

Disaster Recovery and Mitigation: Is your business prepared when disaster hits?

Disaster Recovery and Mitigation: Is your business prepared when disaster hits? 1 Disaster Recovery and Mitigation: Is your business prepared when disaster hits? 2 Our speaker today: Catherine Roy, Director of PMO at Hosting 15 years Project Management experience At HOSTING since

More information

Guide to Computer Forensics and Investigations Fourth Edition. Chapter 2 Understanding Computer Investigations

Guide to Computer Forensics and Investigations Fourth Edition. Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition Chapter 2 Understanding Computer Investigations Objectives Explain how to prepare a computer investigation Apply a systematic approach to an

More information

DATA DOMAIN INVULNERABILITY ARCHITECTURE: ENHANCING DATA INTEGRITY AND RECOVERABILITY

DATA DOMAIN INVULNERABILITY ARCHITECTURE: ENHANCING DATA INTEGRITY AND RECOVERABILITY WHITEPAPER DATA DOMAIN INVULNERABILITY ARCHITECTURE: ENHANCING DATA INTEGRITY AND RECOVERABILITY A Detailed Review ABSTRACT No single mechanism is sufficient to ensure data integrity in a storage system.

More information

Provided as an educational service by: Introduction

Provided as an educational service by: Introduction DPC TECHNOLOGY THE GUIDE DISASTER PLANNING ESSENTIALS CLAY ARCHER DPC TECHNOLOGY Provided as an educational service by: Clay Archer, CEO DPC Technology 7845 Baymeadows Way, Jacksonville, FL 32256 (844)

More information

Internet of Things Toolkit for Small and Medium Businesses

Internet of Things Toolkit for Small and Medium Businesses Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors

More information

5 Things Small Businesses Need to Know About Disaster Recovery

5 Things Small Businesses Need to Know About Disaster Recovery 5 Things Small Businesses Need to Know About Disaster Recovery WHY WORRY ABOUT DISASTER RECOVERY? THERE WOULD BE NO NEED TO THINK ABOUT DISASTER RECOVERY IF ANY OF THE FOLLOWING WERE TRUE: Your chance

More information

Backup vs. Business Continuity

Backup vs. Business Continuity EBOOK Backup vs. Business Continuity 1 datto.com Data protection solutions are essential for businesses of all sizes to implement, regardless of size, industry and geographic location. In this white paper,

More information

Business continuity management and cyber resiliency

Business continuity management and cyber resiliency Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,

More information

A Practical Guide to Cost-Effective Disaster Recovery Planning

A Practical Guide to Cost-Effective Disaster Recovery Planning White Paper PlateSpin A Practical Guide to Cost-Effective Disaster Recovery Planning Organizations across the globe are finding disaster recovery increasingly important for a number of reasons. With the

More information

Information Storage and Management TM Volume 2 of 2 Student Guide. EMC Education Services

Information Storage and Management TM Volume 2 of 2 Student Guide. EMC Education Services Information Storage and Management TM Volume 2 of 2 Student Guide EMC Education Services July 2009 1 2 Business Continuity Section 3 2009 EMC Corporation. All rights reserved. Introduction to Business

More information

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Charting the Course... Certified Information Systems Auditor (CISA) Course Summary Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business

More information

How to Conduct a Business Impact Analysis and Risk Assessment

How to Conduct a Business Impact Analysis and Risk Assessment How to Conduct a Business Impact Analysis and Risk Assessment By Larry Pedrazoli Business Recovery Analyst Miller Brewing Company February 2006 Project Management Institute, La Crosse, WI Chapter Agenda

More information

Chapter 1. Storage Concepts. CommVault Concepts & Design Strategies: https://www.createspace.com/

Chapter 1. Storage Concepts. CommVault Concepts & Design Strategies: https://www.createspace.com/ Chapter 1 Storage Concepts 4 - Storage Concepts In order to understand CommVault concepts regarding storage management we need to understand how and why we protect data, traditional backup methods, and

More information

Routing Journal Operations on Disks Using Striping With Parity 1

Routing Journal Operations on Disks Using Striping With Parity 1 Routing Journal Operations on Disks Using Striping With Parity 1 ABSTRACT Ramzi Haraty and Fadi Yamout Lebanese American University P.O. Box 13-5053 Beirut, Lebanon Email: rharaty@beirut.lau.edu.lb, fadiyam@inco.com.lb

More information

High Performance Computing Course Notes High Performance Storage

High Performance Computing Course Notes High Performance Storage High Performance Computing Course Notes 2008-2009 2009 High Performance Storage Storage devices Primary storage: register (1 CPU cycle, a few ns) Cache (10-200 cycles, 0.02-0.5us) Main memory Local main

More information

The Problem. Business Continuity/ Disaster Recovery. Course Outline and Structure. The Problem The Coverage. Sean Gunasekera

The Problem. Business Continuity/ Disaster Recovery. Course Outline and Structure. The Problem The Coverage. Sean Gunasekera Course Outline and Structure Week 1 Security Governance Week 2 Managing Security in the organisation Risk Management Week 3 Risk management Breaches, threats, vulnerabilities Week 4 IS security access

More information

Why the Threat of Downtime Should Be Keeping You Up at Night

Why the Threat of Downtime Should Be Keeping You Up at Night Why the Threat of Downtime Should Be Keeping You Up at Night White Paper 2 Your Plan B Just Isn t Good Enough. Learn Why and What to Do About It. Server downtime is an issue that many organizations struggle

More information

Modern RAID Technology. RAID Primer A Configuration Guide

Modern RAID Technology. RAID Primer A Configuration Guide Modern RAID Technology RAID Primer A Configuration Guide E x c e l l e n c e i n C o n t r o l l e r s Modern RAID Technology RAID Primer A Configuration Guide 6th Edition Copyright 1997-2003 ICP vortex

More information

Disaster Recovery Is A Business Strategy

Disaster Recovery Is A Business Strategy Disaster Recovery Is A Business Strategy A White Paper By Table of Contents Preface Disaster Recovery Is a Business Strategy Disaster Recovery Is a Business Strategy... 2 Disaster Recovery: The Facts...

More information

White Paper: Backup vs. Business Continuity. Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

White Paper: Backup vs. Business Continuity. Backup vs. Business Continuity: Using RTO to Better Plan for Your Business Backup vs. Business Continuity: Using RTO to Better Plan for Your Business Executive Summary SMBs in general don t have the same IT budgets and staffs as larger enterprises. Yet just like larger organizations

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,

More information

The Cyber War on Small Business

The Cyber War on Small Business The Cyber War on Small Business Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Meet Our Speaker Dillon Behr Executive Lines Broker Risk Placement Services, Inc. Previously worked as Cyber

More information

Keys to a more secure data environment

Keys to a more secure data environment Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting

More information

Next Generation Backup: Better ways to deal with rapid data growth and aging tape infrastructures

Next Generation Backup: Better ways to deal with rapid data growth and aging tape infrastructures Next Generation Backup: Better ways to deal with rapid data growth and aging tape infrastructures Next 1 What we see happening today. The amount of data businesses must cope with on a daily basis is getting

More information

WHY BUILDING SECURITY SYSTEMS NEED CONTINUOUS AVAILABILITY

WHY BUILDING SECURITY SYSTEMS NEED CONTINUOUS AVAILABILITY WHY BUILDING SECURITY SYSTEMS NEED CONTINUOUS AVAILABILITY White Paper 2 Why Building Security Systems Need Continuous Availability Always On Is the Only Option. If All Systems Go Down, How Can You React

More information

IT CONTINUITY, BACKUP AND RECOVERY POLICY

IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY Effective Date May 20, 2016 Cross- Reference 1. Emergency Response and Policy Holder Director, Information Business Resumption

More information

New Model for Cyber Crime Investigation Procedure

New Model for Cyber Crime Investigation Procedure New Model for Cyber Crime Investigation Procedure * *Dept. of IT & Cyber Police, Youngdong University, Rep. of Korea ydshin@youngdong.ac.kr doi:10.4156/jnit.vol2.issue2.1 Abstract In this paper, we presented

More information

Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI)

Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI) Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI) Duration: 5 days You Will Learn How To Understand how perimeter defenses work Scan and attack you own networks, without actually harming

More information

Cyber Resilience. Think18. Felicity March IBM Corporation

Cyber Resilience. Think18. Felicity March IBM Corporation Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

HIPAA Compliance Checklist

HIPAA Compliance Checklist HIPAA Compliance Checklist Hospitals, clinics, and any other health care providers that manage private health information today must adhere to strict policies for ensuring that data is secure at all times.

More information

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government Florida Government Finance Officers Association Staying Secure when Transforming to a Digital Government Agenda Plante Moran Introductions Technology Pressures and Challenges Facing Government Technology

More information

SMD149 - Operating Systems - File systems

SMD149 - Operating Systems - File systems SMD149 - Operating Systems - File systems Roland Parviainen November 21, 2005 1 / 59 Outline Overview Files, directories Data integrity Transaction based file systems 2 / 59 Files Overview Named collection

More information

OUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE

OUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE CONTENTS 1 ABOUT THIS PART... 2 2 GENERAL... 2 3 CLOUD INFRASTRUCTURE (FORMERLY UTILITY HOSTING)... 2 4 TAILORED INFRASTRUCTURE (FORMERLY DEDICATED HOSTING)... 3 5 COMPUTE... 3 6 BACKUP & RECOVERY... 8

More information

Balancing RTO, RPO, and budget. Table of Contents. White Paper Seven steps to disaster recovery nirvana for wholesale distributors

Balancing RTO, RPO, and budget. Table of Contents. White Paper Seven steps to disaster recovery nirvana for wholesale distributors White Paper Seven steps to disaster recovery nirvana for wholesale distributors Balancing RTO, RPO, and budget In our last white paper, Thinking through the unthinkable: Disaster recovery for wholesale

More information

esureit Online Backup vs. Portable Media

esureit Online Backup vs. Portable Media esureit Online Backup vs. Portable Media Online Backup vs. Portable Media May 2008 Backing up data has become a standard business practice and in most industries it is an operational requirement. With

More information

4 Criteria of Intelligent Business Continuity

4 Criteria of Intelligent Business Continuity 4 Criteria of Intelligent Business Continuity BEYOND BACKUP AND DISASTER RECOVERY As we move further into the age of high availability and instant gratification we must adapt our business practices to

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Cyber Security importance by Ashraf Hasanov Business Continuity Expert BCMS BS25999 Lead Auditor Regional Disaster Response Team Member of IFRC What could stop your business?

More information

SECURITY PRACTICES OVERVIEW

SECURITY PRACTICES OVERVIEW SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim

More information

SAS SOLUTIONS ONDEMAND

SAS SOLUTIONS ONDEMAND DECEMBER 4, 2013 Gary T. Ciampa SAS Solutions OnDemand Advanced Analytics Lab Birmingham Users Group, 2013 OVERVIEW SAS Solutions OnDemand Started in 2000 SAS Advanced Analytics Lab (AAL) Created in 2007

More information

An introductory guide to Disaster Recovery and how it can ultimately keep your company alive. A Publication of

An introductory guide to Disaster Recovery and how it can ultimately keep your company alive. A Publication of An introductory guide to Disaster Recovery and how it can ultimately keep your company alive. A Publication of are prepairing to fail. By failing to prepare, you - Benjamin Franklin Table of Contents Introduction

More information

EMC GLOBAL DATA PROTECTION INDEX STUDY KEY RESULTS & FINDINGS FOR THE USA

EMC GLOBAL DATA PROTECTION INDEX STUDY KEY RESULTS & FINDINGS FOR THE USA EMC GLOBAL DATA PROTECTION INDEX STUDY KEY RESULTS & FINDINGS FOR THE USA 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

Audit & Advisory Services. IT Disaster Recovery Audit 2015 Report Date January 28, 2015

Audit & Advisory Services. IT Disaster Recovery Audit 2015 Report Date January 28, 2015 Audit & Advisory Services IT Disaster Recovery Audit 2015 Report Date January 28, 2015 Audit & Advisory Services Mission and Function The JCCC Audit & Advisory Services department provides an independent

More information

Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

Backup vs. Business Continuity: Using RTO to Better Plan for Your Business Backup vs. Business Continuity: Using RTO to Better Plan for Your Business Executive Summary SMBs in general don t have the same IT budgets and staffs as larger enterprises. Yet just like larger organizations

More information

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: 1/30/2017.

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: 1/30/2017. Aljex Software, Inc. Business Continuity & Disaster Recovery Plan Last Updated: 1/30/2017 Table of Contents Introduction... 3 Business Continuity... 3 Employee Structure... 3 On-Site Disruption Procedures...

More information

Countering ransomware with HPE data protection solutions

Countering ransomware with HPE data protection solutions Countering ransomware with HPE data protection solutions What is ransomware? Definition Malware that prevents or limits users from accessing their system by: Locking the system s screen Encrypting files

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,

More information

CLOUDALLY EBOOK. Best Practices for Business Continuity

CLOUDALLY EBOOK. Best Practices for Business Continuity CLOUDALLY EBOOK 8 Disaster Recovery Best Practices for Business Continuity Introduction Disaster can strike at any moment, and it s impossible to plan for every eventuality. When Hurricane Katrina hit

More information

Incident Response. Figure 10-1: Incident Response. Figure 10-2: Program and Data Backup. Figure 10-1: Incident Response. Figure 10-2: Program and Data

Incident Response. Figure 10-1: Incident Response. Figure 10-2: Program and Data Backup. Figure 10-1: Incident Response. Figure 10-2: Program and Data Figure 10-1: Incident Response Incident Response Chapter 10 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Incidents Happen Protections sometimes break down Incident Severity

More information

QuickBooks Online Security White Paper July 2017

QuickBooks Online Security White Paper July 2017 QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a

More information

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR ITALY

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR ITALY EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR ITALY 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 GLOBAL KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

The Data Breach: How to Stay Defensible Before, During & After the Incident

The Data Breach: How to Stay Defensible Before, During & After the Incident The Data Breach: How to Stay Defensible Before, During & After the Incident Alex Ricardo Beazley Insurance Breach Response Services Lynn Sessions Baker Hostetler Partner Michael Bazzell Computer Security

More information

High Availability and Disaster Recovery Solutions for Perforce

High Availability and Disaster Recovery Solutions for Perforce High Availability and Disaster Recovery Solutions for Perforce This paper provides strategies for achieving high Perforce server availability and minimizing data loss in the event of a disaster. Perforce

More information

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AMERICAS

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AMERICAS EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AMERICAS 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 GLOBAL KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

RAID: The Innovative Data Storage Manager

RAID: The Innovative Data Storage Manager RAID: The Innovative Data Storage Manager Amit Tyagi IIMT College of Engineering, Greater Noida, UP, India Abstract-RAID is a technology that is used to increase the performance and/or reliability of data

More information

VMware vsphere Clusters in Security Zones

VMware vsphere Clusters in Security Zones SOLUTION OVERVIEW VMware vsan VMware vsphere Clusters in Security Zones A security zone, also referred to as a DMZ," is a sub-network that is designed to provide tightly controlled connectivity to an organization

More information

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm Insider Threat Program: Protecting the Crown Jewels Monday, March 2, 2:15 pm - 3:15 pm Take Away Identify your critical information Recognize potential insider threats What happens after your critical

More information

DATA LOSS. - Whitepaper - A look at various data loss issues, how they happen and how you can solve the problem of data loss.

DATA LOSS. - Whitepaper -   A look at various data loss issues, how they happen and how you can solve the problem of data loss. DATA LOSS - Whitepaper - A look at various data loss issues, how they happen and how you can solve the problem of data loss. 1 P a g e Prepared by Try A Million TM for GuruSquad. (C) GuruSquad, 2015. E&OE.

More information

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AUSTRALIA

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AUSTRALIA EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR AUSTRALIA 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 GLOBAL KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

In this unit we are going to review a set of computer protection measures also known as countermeasures.

In this unit we are going to review a set of computer protection measures also known as countermeasures. 1 In this unit we are going to review a set of computer protection measures also known as countermeasures. A countermeasure can be defined as an action, device, procedure, or technique that reduces a threat,

More information

CANVAS DISASTER RECOVERY PLAN AND PROCEDURES

CANVAS DISASTER RECOVERY PLAN AND PROCEDURES CANVAS DISASTER RECOVERY PLAN AND PROCEDURES Instructure Security, Engineering, and Operations INSTRUCTURE, INC. 6330 South 3000 East Salt Lake City, Utah 84121 Table of Contents Disaster Plan and Procedures...

More information

TSC Business Continuity & Disaster Recovery Session

TSC Business Continuity & Disaster Recovery Session TSC Business Continuity & Disaster Recovery Session Mohamed Ashmawy Infrastructure Consulting Pursuit Hewlett-Packard Enterprise Saudi Arabia Mohamed.ashmawy@hpe.com Session Objectives and Outcomes Objectives

More information

vsan Security Zone Deployment First Published On: Last Updated On:

vsan Security Zone Deployment First Published On: Last Updated On: First Published On: 06-14-2017 Last Updated On: 11-20-2017 1 1. vsan Security Zone Deployment 1.1.Solution Overview Table of Contents 2 1. vsan Security Zone Deployment 3 1.1 Solution Overview VMware vsphere

More information

Contingency Planning and Disaster Recovery

Contingency Planning and Disaster Recovery Contingency Planning and Disaster Recovery Best Practices Version: 7.2.x Written by: Product Knowledge, R&D Date: April 2017 2017 Lexmark. All rights reserved. Lexmark is a trademark of Lexmark International

More information

Credit Card Data Compromise: Incident Response Plan

Credit Card Data Compromise: Incident Response Plan Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,

More information

Backup and Restore Strategies

Backup and Restore Strategies Backup and Restore Strategies WHITE PAPER How to identify the appropriate life insurance for your data At home, you safeguard against any incident to protect your family, your life, your property everything

More information

Digital Forensics at a University. Calvin Weeks Director, Oklahoma Digital Forensics Lab University of Oklahoma

Digital Forensics at a University. Calvin Weeks Director, Oklahoma Digital Forensics Lab University of Oklahoma Digital Forensics at a University Calvin Weeks Director, University of Oklahoma Calvin Weeks Director, Former Director of IT Security Certified EnCASE Examiner (EnCE) VP of the local chapter of HTCIA Co-Chair

More information

BME CLEARING s Business Continuity Policy

BME CLEARING s Business Continuity Policy BME CLEARING s Business Continuity Policy Contents 1. Introduction 1 2. General goals of the Continuity Policy 1 3. Scope of BME CLEARING s Business Continuity Policy 1 4. Recovery strategies 2 5. Distribution

More information

Step into the future. HP Storage Summit Converged storage for the next era of IT

Step into the future. HP Storage Summit Converged storage for the next era of IT HP Storage Summit 2013 Step into the future Converged storage for the next era of IT 1 HP Storage Summit 2013 Step into the future Converged storage for the next era of IT Karen van Warmerdam HP XP Product

More information

Management: A Guide For Harvard Administrators

Management: A Guide For Harvard Administrators E-mail Management: A Guide For Harvard Administrators E-mail is information transmitted or exchanged between a sender and a recipient by way of a system of connected computers. Although e-mail is considered

More information

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS AND RESULTS FOR FRANCE

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS AND RESULTS FOR FRANCE EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS AND RESULTS FOR FRANCE 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 GLOBAL KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

Chapter 4 After Incident Detection

Chapter 4 After Incident Detection Chapter 4 After Incident Detection Ed Crowley Spring 10 1 Topics Incident Response Process SANs Six Step IR Process 1. Preparation 2. Identification 3. Containment 4. Eradication 5. Recovery 6. Lessons

More information

ECE Engineering Robust Server Software. Spring 2018

ECE Engineering Robust Server Software. Spring 2018 ECE590-02 Engineering Robust Server Software Spring 2018 Business Continuity: Disaster Recovery Tyler Bletsch Duke University Includes material adapted from the course Information Storage and Management

More information

DATA BACKUP AND RECOVERY POLICY

DATA BACKUP AND RECOVERY POLICY DATA BACKUP AND RECOVERY POLICY 4ITP04 Revision 01 TABLE OF CONTENTS 1. REVISION RECORD... 3 2. PURPOSE... 4 3. SCOPE AND APPLICABILITY... 4 4. DEFINITIONS AND ABBREVIATIONS... 4 5. POLICY STATEMENTS...

More information

Emergence of Business Continuity to Ensure Business and IT Operations. Solutions to successfully meet the requirements of business continuity.

Emergence of Business Continuity to Ensure Business and IT Operations. Solutions to successfully meet the requirements of business continuity. Emergence of Business Continuity to Ensure Business and IT Operations Solutions to successfully meet the requirements of business continuity. 2 3 4 5 Introduction Use of Virtualization Technology as a

More information

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR BRAZIL

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR BRAZIL EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR BRAZIL 1 THE DATA PROTECTION LANDSCAPE ARE YOU ON SOLID GROUND? 2 GLOBAL KEY FINDINGS GLOBALLY, ENTERPRISES ARE LOSING AS MUCH AS $1.7 TRILLION

More information

Preservation, Retrieval & Production. Electronic Evidence: Tips, Tactics & Technology. Issues

Preservation, Retrieval & Production. Electronic Evidence: Tips, Tactics & Technology. Issues Electronic Evidence: Preservation, Retrieval & Production Issues Tips, Tactics & Technology April 19, 2004 Discussion Outline 21 st Century Discovery E-Evidence Uncovered Preservation / Spoliation Computer

More information

Certified Digital Forensics Examiner

Certified Digital Forensics Examiner Certified Digital Forensics Examiner Course Title: Certified Digital Forensics Examiner Duration: 5 days Class Format Options: Instructor-led classroom Live Online Training Prerequisites: A minimum of

More information

ZYNSTRA TECHNICAL BRIEFING NOTE

ZYNSTRA TECHNICAL BRIEFING NOTE ZYNSTRA TECHNICAL BRIEFING NOTE Backup What is Backup? Backup is a service that forms an integral part of each Cloud Managed Server. Its purpose is to regularly store an additional copy of your data and

More information

HYBRID CLOUD BACKUP & DISASTER RECOVERY

HYBRID CLOUD BACKUP & DISASTER RECOVERY HYBRID CLOUD BACKUP & DISASTER RECOVERY What is NexProtect? NexProtect is a cost-effective, Hybrid Cloud Backup & Disaster Recovery solution that meets your business needs with an on-site appliance that

More information

University Information Technology Data Backup and Recovery Policy

University Information Technology Data Backup and Recovery Policy University Information Technology Data Backup and Recovery Policy I. Purpose and Scope A. The purpose of this policy is to document the University of Utah Information Technology (UIT) data backup and recovery

More information

Business Continuity Planning Keeping Pace with New Technology

Business Continuity Planning Keeping Pace with New Technology Business Continuity Planning Keeping Pace with New Technology Old issues, new threats Force Majeure Increasing severe weather incidents, terrorist attacks Legacy modernization Cutover issues, system crashes,

More information