Disaster Recovery Overview
Business Continuity and Disaster Recovery Solutions offer the resources required to survive a catastrophic event and keep your applications and business processes running. Our integrated service delivery model reduces risk, eliminates vendor fragmentation and accelerates your critical recovery processes. Nexwrx offers consulting services to help you put together a IT Disaster Plan and actualize it.
Network disaster recovery planning not always a priority
When it comes to network infrastructures, disaster recovery planning isn't often a huge priority. Network security, by contrast, is usually a high priority because a porous perimeter spells doom for most organizations. Preventing unauthorized access by hackers and other criminal types, and introduction of viruses and denial of service (DOS) attacks are usually high priorities that get management attention.
Tips for Network Disaster Recovery Planning
Disaster Planning & Preparation: If you want to protect your network infrastructures and related assets from unplanned events that could disrupt network operations, you need a plan. It doesn’t have to be hundreds of pages long. A one-page plan with the right information can be more valuable than a voluminous document that nobody can use.- Get Familiar with Business Continuity Standards - Almost two dozen BC/DR standards are available worldwide.
- Simple Instructions Are Best - Depending on how your voice/data/Internet/wireless networks are configured, your plans will need to reflect that same level of structure and complexity.
- Network Related Response - Assuming you are creating a plan to respond to specific network-related incidents, include only the information needed for the response and subsequent recovery.
- Update & Test Often - Once the plan is complete, exercise the plan at least twice annually (more often if your network configuration changes frequently) to ensure that the documented procedures make sense in the sequence indicated.
- Be Flexible - A single disaster recovery template may not be applicable to all networks, especially if your organization has many corporate locations served by the network and multiple data centers; you may want to consider more complex templates, specialized network DR software or consultants experienced in network disaster recovery.
Key Issues to Address
The process of developing a network disaster recovery plan should be a relatively easy process. The keys to success include defining step-by-step response and recovery procedures, validating these activities through tests, and keeping the plan up to date.
- Initial Data - Once you have identified primary and backup networking staff to contact in a network disruption, position their contact data at the front of the plan, so you won’t have to waste valuable seconds paging through a lengthy document.
- Revision Management - Have a page that reflects your change management process
- Purpose and scope - Provide details on these attributes, as well as assumptions, team descriptions, a list of terms, and other background information.
- Emergency Instructions - Provide data on circumstances under which the plan will be activated, including outage time frames, who declares a disaster, who should be contacted and response procedures to be used.
- Policy Information - If the IT department has a BC/DR policy, be sure to include relevant policy information; this is also a good place to reference the use of standards documents.
- Plan Details. If possible, provide step-by-step procedures, as these are easier to follow than broad general statements such as “reconfigure network channels to alternate location” which may require significant detail to complete properly. In addition, describe how often the plan is to be reviewed and updated, and by whom.
- Checklists & Flow Diagrams - Assuming a network disruption has occurred, identify steps to address it; these can be in the form of checklists (useful to keep track of scheduled and completed tasks) and flow diagrams that provide a high-level view of response and recovery.
- Information Gathering - Information needs to be gathered before officially declaring a network disruption; this includes network performance data and first-hand reports from IT staff and employees and first responders (if needed); convene meetings as soon as possible with key IT network emergency team members to evaluate the facts before proceeding to a declaration.
- Declaring - Once initial facts on the network disruption are obtained, the plan should list actions to take when it becomes necessary to declare a network disaster.
- Recovering - Once the situation has been brought under control, subsequent parts of the plan should provide instructions on recovering and restoring network operations, restoring network connectivity devices, and related activities
- Appendixes - Detailed appendixes are provided at the end of the template; these include lists and contact details on all IT and non-IT emergency teams, primary and alternate network vendors, alternate network configuration data, and other relevant information. It is very important to keep this information up to date.
Business Continuity Plan
When business is disrupted, it can cost money. Insurance does not cover all costs and cannot replace customers that defect to the competition. A business continuity plan to continue business is essential.
Development of a business continuity plan includes four steps:
- Conduct a business impact analysis to identify time-sensitive or critical business functions and processes and the resources that support them.
- Identify, document, and implement to recover critical business functions and processes.
- Organize a business continuity team and compile a business continuity plan to manage a business disruption.
- Conduct training for the business continuity team and testing and exercises to evaluate recovery strategies and the plan.
 |
| Business Continuity Plan Scope |
IT Disaster Recovery Plan
Businesses use information technology to quickly and effectively process information. Employees use electronic mail and Voice Over Internet Protocol (VOIP) telephone systems to communicate. Electronic data interchange (EDI) is used to transmit data including orders and payments from one company to another. Servers process information and store large amounts of data. Desktop computers, laptops and wireless devices are used by employees to create, process, manage and communicate information. What do you when your information technology stops working?
An information technology disaster recovery plan (IT DRP) should be developed in conjunction with the business continuity plan. Priorities and recovery time objectives for information technology should be developed during the business impact analysis. Technology recovery strategies should be developed to restore hardware, applications and data in time to meet the needs of the business recovery.
Businesses large and small create and manage large volumes of electronic information or data. Much of that data is important. Some data is vital to the survival and continued operation of the business. The impact of data loss or corruption from hardware failure, human error, hacking or malware could be significant. A plan for data backup and restoration of electronic information is essential.
Recovery strategies should be developed for Information technology (IT) systems, applications and data. This includes networks, servers, desktops, laptops, wireless devices, data and connectivity.
Priorities for IT recovery should be consistent with the priorities for recovery of business functions and processes that were developed during the business impact analysis. IT resources required to support time-sensitive business functions and processes should also be identified. The recovery time for an IT resource should match the recovery time objective for the business function or process that depends on the IT resource.
Priorities for IT recovery should be consistent with the priorities for recovery of business functions and processes that were developed during the business impact analysis. IT resources required to support time-sensitive business functions and processes should also be identified. The recovery time for an IT resource should match the recovery time objective for the business function or process that depends on the IT resource.
- Computer room environment (secure computer room with climate control, conditioned and backup power supply, etc.)
- Hardware (networks, servers, desktop and laptop computers, wireless devices and peripherals)
- Connectivity to a service provider (fiber, cable, wireless, etc.)
- Software applications (electronic data interchange, electronic mail, enterprise resource management, office productivity, etc.)
- Data and restoration
Information technology systems require hardware, software, data and connectivity. Without one component of the “system,” the system may not run. Some business applications cannot tolerate any downtime. They utilize dual data centers capable of handling all data processing needs, which run in parallel with data mirrored or synchronized between the two centers.
Internal Recovery Strategies - Many businesses have access to more than one facility. Hardware at an alternate facility can be configured to run similar hardware and software applications when needed. Assuming data is backed up off-site or data is mirrored between the two sites, data can be restored at the alternate site and processing can continue.
Vendor Supported Recovery Strategies - There are vendors that can provide “hot sites” for IT disaster recovery. These sites are fully configured data centers with commonly used hardware and software products. Subscribers may provide unique equipment or software either at the time of disaster or store it at the hot site ready for use.
Data streams, data security services and applications can be hosted and managed by vendors. This information can be accessed at the primary business site or any alternate site using a web browser. If an outage is detected at the client site by the vendor, the vendor automatically holds data until the client’s system is restored. These vendors can also provide data filtering and detection of malware threats, which enhance cyber security.
Data streams, data security services and applications can be hosted and managed by vendors. This information can be accessed at the primary business site or any alternate site using a web browser. If an outage is detected at the client site by the vendor, the vendor automatically holds data until the client’s system is restored. These vendors can also provide data filtering and detection of malware threats, which enhance cyber security.
Developing an IT Disaster Recovery Plan - Businesses should develop an IT disaster recovery plan. It begins by compiling an inventory of hardware (e.g. servers, desktops, laptops and wireless devices), software applications and data. The plan should include a strategy to ensure that all critical information is backed up.
Identify critical software applications and data and the hardware required to run them - Using standardized hardware will help to replicate and reimage new hardware. Ensure that copies of program software are available to enable re-installation on replacement equipment. Prioritize hardware and software restoration.
Document & Test - Document the IT disaster recovery plan as part of the business continuity plan. Test the plan periodically to make sure that it works.
Businesses generate large amounts of data and data files are changing throughout the workday. Data can be lost, corrupted, compromised or stolen through hardware failure, human error, hacking and malware. Loss or corruption of data could result in significant business disruption.
Data backup and recovery should be an integral part of the business continuity plan and information technology disaster recovery plan. Developing a data backup strategy begins with identifying what data to backup, selecting and implementing hardware and software backup procedures, scheduling and conducting backups and periodically validating that data has been accurately backed up.
Developing the Data Backup Plan - Identify data on network servers, desktop computers, laptop computers and wireless devices that needs to be backed up along with other hard copy records and information. The plan should include regularly scheduled backups from wireless devices, laptop computers and desktop computers to a network server. Data on the server can then be backed up. Backing up hard copy vital records can be accomplished by scanning paper records into digital formats and allowing them to be backed up along with other digital data.
Options for Data Backup - Tapes, cartridges and large capacity USB drives with integrated data backup software are effective means for businesses to backup data. The frequency of backups, security of the backups and secure off-site storage should be addressed in the plan. Backups should be stored with the same level of security as the original data.
Many vendors offer online data backup services including storage in the “cloud”. This is a cost-effective solution for businesses with an internet connection. Software installed on the client server or computer is automatically backed up.
Data should be backed up as frequently as necessary to ensure that, if data is lost, it is not unacceptable to the business. The business impact analysis should evaluate the potential for lost data and define the “recovery point objective.” Data restoration times should be confirmed and compared with the IT and business function recovery time objectives.
Sources: Tech Target Article & Graphic and Disaster Recovery Plan Templates - FEMA
Sources: Tech Target Article & Graphic and Disaster Recovery Plan Templates - FEMA
3 comments:
I'm using AVG anti virus for a couple of years, I'd recommend this product to everybody.
Wow.. well written by combining key essentials, issue, overcome, development Of network disaster recovery plan. The article is enriched with all vital information, the main thing i would like to appreciate is the key address to issues.. good effort. Thanks for sharing
Nice blog post. It explain every aspects of disaster recovery solutions and benefits. Thanks for sharing.
Post a Comment