...Outline Database 2 Data Protection for Business Continuity Introduction Motivation Recovery Objective Data Protection Techniques Classes of Data Mapping of Company Size, Classes of Data, and Techniques Denny (denny@cs.ui.ac.id) International Bachelor Program Faculty of Computer Science 2004/2005 Version 1.0 - Internal Use Only DB2/DP/DN/V1.0/2 Introduction Why do we need data protection? SEPTEMBER 11, 2001 = 100 MEGABYTES OF DATA MORE THAN US$ 1 MILLION DATA PROTECTION DB2/DP/DN/V1.0/3 DB2/DP/DN/V1.0/4 1 Why do we need data protection? Causes of unplanned outages (Disaster Recovery Journal, 2001) Why Do We Need High Data Availability? CAN COST 1 HOUR OF DOWNTIME US$ 6.5 MILLION DB2/DP/DN/V1.0/5 DB2/DP/DN/V1.0/6 Why Do We Need High Data Availability? Data Protection and Business Continuity So, in this topic, we will see: techniques to protect data and ensure business continuity when disaster occurs. GLOBALISATION DB2/DP/DN/V1.0/7 DB2/DP/DN/V1.0/8 2 Recovery Objective LAST BACKUP DISASTER OCCURRED SYSTEM BACK TO OPERATION Data Protection Techniques Overview 1. TIME DATA LOSS RECOVERY POINT OBJECTIVE (RPO) RECOVERY TIME OBJECTIVE (RTO) 2. 3. 4. 5. 6. Vaulting Physical: backup to tape Electronic: backup over the Internet Server fortification RAID: same copies, or split into several disks Dual power supplies Network cluster NAS: independent disks connected directly to network SAN: a network...
Words: 1858 - Pages: 8
...provides continuous backup and recovery protection from the server to the desktop. The software protects the company’s data while providing the opportunity to reduce storage costs and improve backup performance through integrated deduplication and archiving technology. (Symantec 3, 2010) Symantec Backup Exec was chosen due to Symantec’s reputation for producing quality products along with the outstanding technical support that the company provides. The Backup Exec software is one of the leading software packages available and includes some of the best features when compared to other backup and recovery software options. About Symantec “Symantec was founded in 1982 by visionary computer scientists. The company has evolved to become one of the world’s largest software companies with more than 18,500 employees in more than 50 countries. Symantec provides security, storage and systems management solutions to help their customers – from consumers and small businesses to the largest global organizations – secure and manage their information-driven world against more risks at more points, more completely and efficiently than any other company.” (Symantec 2, 2011) Specifications * Market leading data protection for physical and virtual server environments from desktop to servers * Integrated and adaptable deduplication * Unified archiving * First-to-market granular recovery for virtual applications * Patent-pending Granular Recovery Technology (GRT) recovers...
Words: 1333 - Pages: 6
... The purpose of this plan is to address fundamentals necessary to provide stability of services during emergencies/disasters. The plan’s intent is to provide detailed procedures required to implement management’s requirements and an expeditious response to disasters/emergencies compromising or halting day to day operations. This will be imperative if prompt recovery of daily operations can’t be accomplished by implementing normal day to day operations. This BCP will explore the protection and ethical use of Petley Tea’s sensitive corporate data and customer records. It will provide a detailed communication plan to be followed during the event of an emergency/disaster. As well as, details on restoring operations following an emergency/disaster. I. Pre-Incident Changes to follow to ensure the well- being of Petley Tea During the occurrence of disaster Petley Tea will immediately change over to a contingency organization. The mission for Petley Tea at this point is continuation or restoration of time-sensitive operations. Pre-Incident planning is imperative to accomplish this goal. To expedite a successful recovery from an emergency/disaster Petley Tea must...
Words: 2792 - Pages: 12
...Table of Contents INTRODUCTION………………………………………………………………………………...3 PURPOSE………………………………………………………………………………………….3 SCOPE……………………………………………………………………………………………..3 ETHICAL USE AND PROTECTION OF SENSITIVE DATA…………………………………3 ETHICAL USE AND PROTECTION OF CUSTOMER RECORDS…………………….…….4 COMMUNICAN PLAN…………………………………………………………………...……….5 RESTORING OPERATIONS…………………………………………………………...………...5 REFERENCES……………………………………………………………………………………..7 INTRODUCTION This document contains the Contingency Plan for Co name. It is intended to serve as the centralized repository for the well-being of the enterprise, which includes the ethical use and protection of sensitive date and customer records, as well as, the communication plan and the process for restoring operations. This procedure is to be followed only when daily operating procedures are unable to be followed. Co name is committed to the 4R Action approach which covers reduction, readiness, response, and recovery. Therefore, it is essential that the action plan and the information contained in this plan remain viable and be maintained on a regular basis to ensure the accuracy of its contents. This also includes the following ongoing activities: • Perform activities required to reduce impact • Prepare employees for readiness by training and continual training B1. In order for Co name to ensure the well-being of the company, the following strategic changes should...
Words: 1017 - Pages: 5
...February 26, 2012 James (Garrett) Miller LAN Consulting Plan Data Assurance: 1. Backup system: a. Type? Backup of data will be done with the Norton 360 version 6.0 antivirus protection suite provided backup utility, Symantec Backup Exec. There are two types of backup for this network. The first is a digital tape drive backup that is located on site for intermediate recovery based on the disaster conditions. The second backup is a mirror backup on a bank of servers at an external site to ensure the security of the data in the case of total disaster of the network site. b. Backup Schedule? The backup schedule will be determined by the importance of the information. Business critical information will be backed up at the completion of the task. A scheduled mirror backup will be done daily during the off business hours. c. Backup Data Storage plan? The first backed up data will be stored on an independent server drive using RAID at the main site location for ease of access in the case of an independent component failure. The second backup will be also use RAID and be stored at a different graphical location than the network. Data Integrity: 1. Antivirus system: a. Type? Norton 360 version 6.0 antivirus program is installed at each geographical location including the offsite backup of the network. This security protection will provide virus protection, spyware protection, and scan incoming and outgoing e-mail. b. Scan Schedule? ...
Words: 1841 - Pages: 8
...February 26, 2012 James (Garrett) Miller LAN Consulting Plan Data Assurance: 1. Backup system: a. Type? Backup of data will be done with the Norton 360 version 6.0 antivirus protection suite provided backup utility, Symantec Backup Exec. There are two types of backup for this network. The first is a digital tape drive backup that is located on site for intermediate recovery based on the disaster conditions. The second backup is a mirror backup on a bank of servers at an external site to ensure the security of the data in the case of total disaster of the network site. b. Backup Schedule? The backup schedule will be determined by the importance of the information. Business critical information will be backed up at the completion of the task. A scheduled mirror backup will be done daily during the off business hours. c. Backup Data Storage plan? The first backed up data will be stored on an independent server drive using RAID at the main site location for ease of access in the case of an independent component failure. The second backup will be also use RAID and be stored at a different graphical location than the network. Data Integrity: 1. Antivirus system: a. Type? Norton 360 version 6.0 antivirus program is installed at each geographical location including the offsite backup of the network. This security protection will provide virus protection, spyware protection, and scan incoming and outgoing e-mail. b. Scan Schedule? ...
Words: 1841 - Pages: 8
...date c. LAN Domain- Data in the network d. LAN-to-WAN Domain- Malicious software outside the network e. Remote Access Domain- Infected with virus and not knowing f. WAN Domain- Anything over the internet g. System/ Application Domain- Servers 2. What is Risk Management and list the various risk management techniques. Risk management is the thought of handling risk. The techniques are avoidance, transfer, mitigate, and accept 3. List examples for the various risk mitigating techniques. h. Alter the physical environment i. Change procedures j. Add fault tolerance k. Modify the technical environment l. Train employees 4. What is a CBA and why would you perform one? A CBA is a cost benefit analysis and you would perform one to help determine which controls or counter-measures to implement. 5. U.S. Laws Affecting Compliance Law | Security Summary | Affects | Federal Information Security Management Act (FISMA) | Ensure that federal agencies protect their data | Federal Agencies- the government | Health Insurance Portability and Accountability Act (HIPPA) | Ensures that health information data is protected | Anybody with health information | Gramm-Leach-Bliley Act (GLBA) | Ensures that companies protect customers data, | Mainly Banks and Insurance Companies | Sarbanes- Oxley Act (SOX) | To hold executives and board members personally responsible for financial data | Any company that is publicly...
Words: 1408 - Pages: 6
...Sorrells 11/30/2012 The 123 Textile Corporation has several solvable issues that we will address in this network updating proposal. They have been exposed to inclement weather and as of late a break in resulting in the companies sever and all pertinent data for sales, production, human resources. This proposal will lay out all necessary hardware upgrades as well as the software upgrades needed to maintain the new hardware. It will also look at off-site back up as a potential resolution to being in an area that may be more susceptible to break-ins resulting in equipment loss and or damage. The proposal will also address the issues of inclement weather and possible protection from natural disasters. Hardware and equipment proposal; A required designated space for the new computer equipment should be around 50 square feet with through wall ventilation but no window or exterior access points. In addition a cable line for modem connection and power source will be required. Power source should be of 20 amp circuit and non GFI, number of circuits at primary location in room to be four. In consideration of power outages that could result in loss of data a recommended solution will be the installation of an online UPS battery backup unit which provides continuous power while plugged in through the unit’s battery allowing for smoother and quicker power transition. This unit provides not only a source of power in the event of power loss but additionally...
Words: 1340 - Pages: 6
...BitLocker Drive Encryption Overview 73 out of 98 rated this helpful - Rate this topic Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Vista BitLocker Drive Encryption is a data protection feature available Windows Server 2008 R2 and in some editions of Windows 7. Having BitLocker integrated with the operating system addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. Data on a lost or stolen computer is vulnerable to unauthorized access, either by running a software-attack tool against it or by transferring the computer's hard disk to a different computer. BitLocker helps mitigate unauthorized data access by enhancing file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled. BitLocker provides the most protection when used with a Trusted Platform Module (TPM) version 1.2. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system was offline. On computers that do not have a TPM version 1.2, you can still use BitLocker to encrypt the Windows operating system drive. However, this implementation will require the user to insert a USB startup key to start the computer or resume from hibernation, and it does not provide the pre-startup system integrity verification...
Words: 1463 - Pages: 6
...contingency plans and insurance polices so that we could deal with catastrophic events that might affect our business. In addition, to minimize the risk of unforeseen events when it occurs we would surely required to take out the insurance policies that we have to protect and minimize the assets that were lost, should we unable to cover the lost. Also, determining the cost of the protection plan is very important because if the plan cost more, than the plan is a failure and we should come up with a better plan. Digital and Physical Protection Plans The plans that are made for the company should be effective so to ensure that the protection plan works effectively we would need to come up with good strategy like: Consulting Expert. The executives for that company might consult from a trusted source like lawyers or accountants to ensure that they can protect their physical assets or they can consult IT professional to ensure that they data are intact. Also, the main objectives for this consulting should be the budget and the company main objectives. Data and System Protection. The plan to back up data from the...
Words: 431 - Pages: 2
...Risk Management JIT 2 Task 1b American International Insurance BCP William Gardner May 9, 2015 Task B. Create a business contingency plan (BCP) that the company would follow if faced with a major business disruption (e.g., hurricane, tornado, terrorist attack, loss of a data center, the sudden loss of a call center in a foreign country, the collapse of a financial market or other catastrophic event) in which you include the following: 1. Analyze strategic pre-incident changes the company would follow to ensure the well-being of the enterprise. 2. Analyze the ethical use and protection of sensitive data. 3. Analyze the ethical use and protection of customer records. 4. Discuss the communication plan to be used during and following the disruption. 5. Discuss restoring operations after the disruption has occurred (post-incident). Since 1919, A.I.I. has been in the business of insuring businesses and people from losses incurred through disasters. For 95 years (A.I.I.) has stood by its clients as they faced many challenges from the financial collapse of 1929 to the drought of the dust bowl years and even the ravages of World War Two. Assisting our clients in the face of hurricanes, tornados and even terrorist attacks is an everyday occurrence at A.I.I... However, who is planning and preparing for A.I.I.? A BCP is a plan to do exactly that, during the financial collapse of 2008 several flaws in the existing plans were exposed; flaws that not even the...
Words: 3242 - Pages: 13
...Example: Quality Coffee A2. Risk Register/Sources Risk | Description | Owner | Source | Likelihood of Occurrence* | Severity of Impact* | Controllability* | Equipment | Failure to procure equipment on a timely manner | Procurement | Contract | High | High | Medium | Theft | Failure by management to properly supervise POS | Legal | Criminal | High | Medium | High | Taxation | Increased taxation on foreign imports | Finance Contacts | Economic | Medium | Medium | Medium | Natural Disaster | Disruption to utilities/services essential for conducting business | Corporate | Natural | Medium | High | Low | Terrorism | Disruption in the supply chain resulting in product shortages | Supply Chain Management | Political | Low | High | Low | Land Use | Restrictive local codes requiring additional permits | Legal | Planning | Low | High | Medium | Increased Competition | Lower than expected sales from aggressive local competitors | Marketing | Market | Medium | Medium | Medium | Quality Control Issues | Reduced quality of products due to poor training | HR | Project | Medium | High | High | A1. Risk from Global Marketplace Activity One risk that emanates from an aspect of the company’s global marketplace activities is the risk of natural disaster. Measures should be taken to ensure that the effect from supply interruption, resulting from a natural disaster, is curtailed. Natural disasters can significantly impact the company in the form of shortages and price...
Words: 2606 - Pages: 11
...Availability 5 3. Disaster Recovery Plan 6 3.1 Risk Assessment 6 3.1.1Critical Business Processes 7 3.1.2 Internal, external, and environmental risks 7 3.2 Disaster Recovery Strategy 8 3.3 Disaster Recovery Test Plan 8 3.3.1 Walk-throughs 8 3.3.2 Simulations 9 3.3.3 Checklists 9 3.3.4 Parallel testing 9 3.3.5 Full interruption 9 4. Physical Security Policy 10 4.1 Security of the building facilities 10 4.1.1Physical entry control 10 4.1.2 Security offices, rooms and facilities 11 4.13.Isolated delivery and loading areas 12 4.2 Security of the information systems 12 4.2.1Workplace protections 12 4.2.2Unused ports and cabling 13 4.2.3 Network/server equipment 13 4.2.4 Equipment maintenance 13 4.2.5 Security of laptops/roaming equipment 13 5. References 14 Executive Summary The objective of this proposal is to present the information security policy created for Bloom Design Group. The issue of a company’s network security continues to be crucial because the results of data loss or significant system failure can be disastrous for a company. An alarming number of companies fail to realize how vulnerable their network is to internal, external, and environmental risks. One of the top priorities of an organization should be maintaining and securing its network in order to protect its important and vital assets. The plan will outline the steps needed for Bloom Design Group to ensure the security of all data systems and equipment within...
Words: 3568 - Pages: 15
...of Designing a Self-Service Disaster Recovery Plan 1.0 Issues regarding disaster recovery plan (DRP) Disaster recovery plan (DRP) is a clearly defined and documented plan of action for use at the time of a crisis. Typically a plan will cover all the key personnel, resources, services and actions required to implement and manage the DR process (comission, 2014). A large US public power provider, with millions of residential and business customers, needed to rethink its disaster recovery program. Due to budget constraints, the utility’s data recovery program had not been updated or tested for several years. Under the existing program, systems recovery could take up to 20 days—an unacceptable timeframe for a utility relied upon by numerous states for critical infrastructure services. Moreover, the utility was grappling with internal audit findings pertaining to unresolved disaster recovery deficiencies, which attracted the attention of board members. The board suggested that the utility modernize its disaster recovery program and keep it up to date. A Disaster Recovery Plan is designed to ensure the continuation of vital business processes in the event that a disaster occurs. The September 11, 2001 attacks on the World Trade Center has trigger the urgent of the DRP (Krocker, 2002). 1.1 Reason for a self-service disaster recovery plan 1.1.1. Ease of Getting Started Deploying and managing a traditional disaster recovery plan can be complex and require time...
Words: 1084 - Pages: 5
...training, procedures, etc. With EPLAN, the main pieces for a disaster program would be around data. This company data is its key. This does not just contain customer data, but each individual’s data and their work needs to be backed up. Also they will need a plan for backing up all human resources filing and information, billing and finance and marketing data. First steps would be for the team to assemble a list of what are some of the hazards and assess the risks of losing this data. Second they would need to conduct an impact analysis plan to see if this will hurt the business. Third examine ways to prevent hazards from happening. With a company such as EPLAN, the team would evaluate all data and where the data is housed. Some servers are currently overseas but most data is stored in the office of Farmington Hills, MI. The server room is not protected by any Fire protection walls. The company data for employees are on their computers and are currently not being backed up onto the server as most of the employees work from home. The only employees that are backed up on the server are out of the Farmington Hills office. This office is where the Finance and human resource departments are located. So all of the electronic documentation is housed on the in house server but there currently they do not have a data warehouse to back up this data. All marketing data is housed on the marketing manager’s computer with no back up. This position works...
Words: 2318 - Pages: 10
