adam's notes

Business Continuity and Disaster Recovery (BC/DR)

Business Continuity (BC)

Business continuity (BC) is a collection of processes that enable an organization to maintain normal business operations in the face of some adverse event.

  • two events impact BC:
    • disaster
      • is an environmental, accidental, or intentional catastrophic event
    • incident
      • is an accidental or intentional security-related event
  • relies on two abilities:
    • Disaster Recovery (DR)
      • is an organization’s ability to return to normal operations after a disaster
    • Incident Response (IR)
      • is an organization’s ability to recognize and respond to an incident
  • describes the work the organization does to:
    • keep running
    • manage the legal ramification of the event
    • keep staff employed
    • work with insurance companies
    • provide internal and external communications regarding the event and its ramifications
    • investigate the root cause
    • develop plans to prevent reoccurrence
    • etc.

Disaster Recovery (DR)

Disaster recovery (DR) is a collection of process focused on the resumption of operations after an interruption due to a disaster.

  • is a component of an overall business continuity plan
  • describes the efforts taken to restore infected systems to a safe operating state

Plans

Disaster recovery and business continuity plans limit the risk and impact of disruptions and catastrophic events.

  • Usually required by contracts and regulatory bodies to:
    • have a contingency plan in place
    • and continuously test and revise contingency plans
  • formalize in governance

Components

  • Critical Asset Discovery
    • include necessary hardware, software, and media
  • Disaster Criteria
    • distinguish normal administrative functions from an event and disaster response
      • disaster process comes with costs
    • balance risks and benefits of overreaction and under-reaction
  • Disaster Declaration Process
    • determine a named authority for the purpose of formal event or disaster declaration
    • avoid possibility of overreaction
      • initiation should be instigated by someone informed, trained, and responsible on the determination
    • should also have qualified individual declare resumption of normal operations
  • Essential Points of Contact
    • include the contact info of offices responsible for BC/DR and relevant external entities
    • be as specific as possible
  • Detailed Actions, Tasks, and Activities
    • have checklists for procedures
      • describe specific actions necessary
      • aligned in order of execution
      • constitute a record of actions taken
      • allow for someone who is not trained to be able to act

Types

Strategies for disaster recover and business continuity

  • Data mirroring
    • setting up the operating system to simultaneously write copies of the data on several storage devices
  • Data backups
    • If something happens to one drive, another drive will be used in place of the faulty one, enabling the systems to recover functionality quickly without significant degradation of service
    • tape archival is common because tape drives are inexpensive and can be transported to off-site location
  • Off-site storage
    • if the primary site is damaged in some way, the data can likely be restored at another site
    • Salt mines and caves are popular locations for physical storage because of the low humidity and the protection provided by the earth’s terrain
    • Storing data in the cloud is another popular option

Prioritizing Safety

  • Health and human safety is of paramount importance in BC/DR
  • notification should take several redundant and differing forms to ensure the widest and most thorough dissemination
    • channels:
      • telephone call tree
      • website posting
      • SMS blasts
    • audience:
      • organization personnel
      • public
      • regulatory and response agencies
  • Physical layout informs evacuation, protection, and egress methods
    • considerations:
      • Getting people out
        • should be no obstruction or delay of people leaving facility
        • all doors along emergency path should fail safe
        • have sufficient lighting
      • Getting out safely
        • Sprinkler systems on egress path
        • non-water fire suppression system cannot risk human life
          • should have added controls
        • communicate and train on emergency plan to all personnel
      • Design for protection
        • meet architectural, engineering, and construction code to local needs
        • facilities should be built to withstand environmental hazards

Graph View

Backlinks