Disaster Prevention and RecoveryIntroductionPrevention/ProtectionRedundancyRedundancySlide 62. Hardware3. Firewalls4. Virus ProtectionRecoverySlide 11TestingCOBITSlide 14COBIT DS-10COBIT DS-4Let’s Review…Slide 18Disaster Prevention Disaster Prevention and Recoveryand RecoveryKristen EmchKristen EmchChristine Jennings-GarantChristine Jennings-GarantIntroductionIntroductionPrevention, protection, and recovery Prevention, protection, and recovery are a crucial function to EVERY system are a crucial function to EVERY system or company.or company.It is most important to operations It is most important to operations within the systemwithin the system–Not so much management Not so much management Operations must have:Operations must have:–Disaster prevention and recovery plansDisaster prevention and recovery plans–Plans for back upPlans for back upPrevention/ProtectionPrevention/ProtectionPrevention – the act of keeping Prevention – the act of keeping something from happeningsomething from happeningThere are 4 main methods:There are 4 main methods:1.1.RedundancyRedundancy2.2.HardwareHardware3.3.Firewalls Firewalls 4.4.Virus ProtectionVirus Protection1.1.RedundancyRedundancyRedundancy – a system design that Redundancy – a system design that makes duplicates to provide makes duplicates to provide alternatives in case of failurealternatives in case of failureDevices, referred to as Secondary Devices, referred to as Secondary Storage, are used to create system Storage, are used to create system duplicates:duplicates:Secondary storage – storing large Secondary storage – storing large amounts of data and instructions more amounts of data and instructions more permanently permanentlyRedundancyRedundancyRAID (Redundant Array of RAID (Redundant Array of Independent/Inexpensive Disks)Independent/Inexpensive Disks)Allows system to make a Allows system to make a “reconstruction map” to rebuild data“reconstruction map” to rebuild data–Multiple hard drives copy data so that if one Multiple hard drives copy data so that if one drive fails, there is no single point of failuredrive fails, there is no single point of failureImproves efficiencyImproves efficiencyRedundancyRedundancySoftware may be used to monitor or Software may be used to monitor or check the back-up systemcheck the back-up systemImproves quality of the systemImproves quality of the systemValuable to keep copy of entire system Valuable to keep copy of entire system at an external locationat an external locationDisadvantageDisadvantage–If the back-up system isn’t monitored, the If the back-up system isn’t monitored, the company will lose its redundancycompany will lose its redundancyEx. Kerr administration building, 2 mos. agoEx. Kerr administration building, 2 mos. ago2. Hardware2. HardwareConsider the use of more Consider the use of more expensive hardwareexpensive hardware–Higher mean time between failure Higher mean time between failure (MBTF)(MBTF)–Better quality hardware lasts longerBetter quality hardware lasts longerDisadvantageDisadvantage–May not be financially possibleMay not be financially possible3. Firewalls3. FirewallsUsed to protect from external threatsUsed to protect from external threats–Break-ins or unauthorized access to the Break-ins or unauthorized access to the systemsystemServers vs. WorkstationsServers vs. Workstations–Anyone can access a website (server)Anyone can access a website (server)–Can set protocol levels of firewallsCan set protocol levels of firewalls–Ex. No access to COB from outsideEx. No access to COB from outsideOther preventative measures include Other preventative measures include the use of identification numbers and the use of identification numbers and passwordspasswords4. Virus Protection4. Virus Protection*Viruses are the #1 type of attack on *Viruses are the #1 type of attack on information systemsinformation systemsUsed to prevent contamination of Used to prevent contamination of systemsystem–Internal personnel pulling external threats Internal personnel pulling external threats into systeminto systemConstantly monitors and protectsConstantly monitors and protects–Should be frequently updatedShould be frequently updatedEx. Symantec updates onlineEx. Symantec updates onlineRecoveryRecoveryRecovery – regaining or saving Recovery – regaining or saving something lostsomething lostNaval Naval helicopterhelicopter crash crashRecoveryRecoveryMake sure data are never Make sure data are never compromisedcompromised–Overlaps with redundancyOverlaps with redundancyEx: COB writes tapes and takes Ex: COB writes tapes and takes them offsite every nightthem offsite every nightCompanies can be hired to do this Companies can be hired to do this jobjobTestingTestingRemoves the redundancy elementRemoves the redundancy elementAnything can happenAnything can happenElement of quality control (QC)Element of quality control (QC)Stage problemsStage problemsCOBITCOBITCOBIT is an IT governance COBIT is an IT governance framework and supporting toolsetframework and supporting toolsetAllows managers to bridge the gap Allows managers to bridge the gap between control requirements, between control requirements, technical issues, and business riskstechnical issues, and business risksCOBIT enables clear policy COBIT enables clear policy development and good practice for development and good practice for IT control throughout organizationsIT control throughout organizationsCOBITCOBIT2 for disaster prevention and 2 for disaster prevention and recoveryrecoveryDS 10- manage problemsDS 10- manage problemsDS 4 – ensure continuous serviceDS 4 – ensure continuous serviceRACI chartRACI chart–ResponsibleResponsible–AccountableAccountable–ConsultedConsulted–InformedInformedCOBIT DS-10COBIT DS-10RACI ChartRACI ChartCOBIT DS-4COBIT DS-4RACI ChartRACI ChartLet’s Review…Let’s Review…There are 4 main types of preventionThere are 4 main types of prevention–Redundancy *Redundancy *–HardwareHardware–FirewallsFirewalls–Virus ProtectionVirus ProtectionIf the back up system is not kept If the back up system is not kept track of, the system loses its track of, the system loses its redundancyredundancyLet’s Review…Let’s Review…Recovery is getting out of the Recovery is getting out of the problem once it’s too
View Full Document