Transcript Ensuring Continuing Operations and Disaster Recovery

Ensuring
Continuing Operations
and
Disaster Recovery
By:
Alyssa Gatrell
Mike Harker
Amy Shumway
What are the Threats?







Natural disasters
Power failures
Hardware failures
Theft of assets and data
Hacking
Virus infections
Departure of key personnel or
disgruntled employees
What is Ensuring
Continuing Operations?

Preventative measures to ensure that a
system is not disrupted by potential threats.








Uninterruptible power sources
Storage measures
Measures to protect from departure of key
personnel
Measures to protect from disgruntled former
employees
Physical security measures
Virus protection
Firewalls
Encryption
What is a Virus?

A piece of self-replicating code
Kinds of Viruses


Boot Sector Viruses
Macro Viruses
Identifying the Threat




Floppy disk brought in
PC’s taken home or on business
(laptops)
Increased use of e-mail
Increased use of the Internet
Minimizing the Virus Threat



Regular backups of data
Check all incoming software
Write-protect floppy disks
whenever possible
Anti-Virus Tools

Floppies
 “Sheep-dip”

PC’s
 On-access
scanners
 On-demand scanners
 Behavior blockers
 Heuristic analysis
Functions of a Firewall





Controller
Filter
Monitor
Security guard
Screener
How Firewalls Work

Firewalls are like gatehouses in a
medieval castle that provide
perimeter defenses to determine
who or what will be allowed to enter
Gatehouses
Inner Mote and Wall
Castle
Outer wall
Illustration taken from Disaster
Recovery Journal Winter 1999
Commons/Market Area
Types of Firewalls




Dual-Home Gateway
Screened-Host Gateway
Screened Subnet
Dual-Homed Routers
Dual-Home Gateway
Internet
Private Network
Bastion Host
Screened-Host Gateway
Internet
Private
Network
Router
Bastion Host
Screened Subnet
Internet
Router
Sub-network
Router
Private
Network
Dual-Homed Routers
Internet
Outside Router
Inside Router
Private
Network
Other Thoughts on
Firewalls




Internal firewalls are as important
as external firewalls
Not the answer to total protection
Firewalls come in degrees of
protection and complexity.
Companies should measure risk
with costs of implementation and
maintenance
Encryption



Alters information into an
unintelligible format to prevent
unauthorized access
Can only be decrypted with
specified digital key
Prevents against data theft as it is
passed from one person to another
What is Disaster Recovery?

Measures taken before a disaster
that can lead to a successful
reimplementation of systems
 Backup
regimen
 Redundant hardware
 Recovery facilities
 Backup phone lines
Process for Determining
Backup Needs



Step 1: Location identification
Step 2: Establish criticality of data
Step 3: Select backup medium
 Factors
 Quantity
of data
 Speed of backing up
 Ease of recovery
Possible Mediums






Removable disks
Second hard drive / PC
Magnetic tape cartridges
Optical disks
Online services
Storage area network (SAN)
Implementation
Procedures



Scheduling intervals and time of day
Verification
Media stocks and rotation
 Two
sets
 Extra media


Source documentation
Storage
 Away
from destructive force
 Off-site location
All Measures
Should be Tested



Backup restoration
Firewall penetration testing
Intermittent checks of backup
power