Another course I should take on LinkedIn Learning is this one: https://www.linkedin.com/learning/cism-cert-prep-2-information-risk-management/disaster-recovery-planning. I copied & pasted the section of the course that attracted my attention.
Disaster recovery planning
“- [Instructor] Business continuity programs are designed to keep a business up and running in the face of a disaster. But unfortunately, they don't always work. Sometimes continuity controls fail or the sheer magnitude of a disaster overwhelms the organization's capacity to continue operations. That's where disaster recovery begins. Disaster recovery is a subset of business continuity activities, designed to restore a business to normal operations as quickly as possible following a disruption. The disaster recovery plan may include immediate measures that get operations up and running again temporarily. But the disaster recovery effort is not finished until the organization is completely back to normal operations. The initial response following an emergency disruption is designed to contain the damage to the organization and recover whatever capacity may be immediately restored. The activities during this initial response will vary widely depending upon the nature of the disaster and…
Backups
“- [Instructor] Backups are perhaps the most important component of any disaster recovery plan. Most businesses today are built around data. Whether it's proprietary designs, confidential customer lists, or information databases, data drives business. For many organizations, the complete loss of their data would be a disaster of tremendous proportions. Backups provide organizations with a fail-safe way to recover their data in the event of a technology failure, human error, natural disaster, or other circumstances that result in data's accidental or intentional deletion or modification. Backups are a crucial safety net for data-driven businesses. Organizations may back up their data in many different ways. Traditionally, organizations wrote their backups to tape, and this is still a very common practice today. However, tapes are unwieldy to manage, and modern backup approaches often use alternative storage that has become much less expensive over the past few years. For example, some…
Validating backups
“- [Instructor] Backups play a crucial role in an organization's disaster recovery strategy. But it's surprising how often organizations fail to properly test those backups to verify that they were completed properly and that they're ensuring the continued availability of critical business information in the event of a disaster. One of the most important data protection actions that you can take is regularly verifying your backups to ensure that they're functioning properly. There are several different types of backup tests that you should perform. First, all modern backup software has built-in verification mechanisms. You can use these mechanisms to validate that a backup was successful immediately after creating the backup. This is just the bare bones of backup verification because you are relying upon the software that performed the backup to tell you that it worked properly. However, it's amazing how many organizations have this verification feature turned off, either because they…
Disaster recovery sites
“- [Narrator] During a disaster organizations may need to shift their computing functions from their primary data center to alternate facility design to carry the load when their primary site is unavailable or nonfunctioning. Disaster Recovery Sites, are alternate processing facilities especially design for this purpose. Most of the time they sit idol, waiting to step in when an emergency situation arises. There're three main types of alternate processing facilities: Hot Sites. Cold Sites. And Warm sites. Hot sites are the premier form of disaster recover facility. They are fully operational data centers that have all of the equipment and data required to handle operations ready to run. Technology staff can active the Hot Sites at a moment's noticed and in many cases, the Hot site will actually activate itself, if the primary site fails. This provides an unparalleled level of redundancy, but it also comes at great expense. The costs of building and maintaining a Hot Site are typically…
Testing BC/DR plans
“- [Instructor] Disaster recovery plans are critical to ensuring the continuity of business operations. As with any security control, disaster recovery plans should be tested to ensure that the plan functions properly and will be ready to restore business operations in the event of a disruption. Each test of a disaster recovery plan has two goals. First, it validates that the plan functions correctly and that disaster recovery technology will work in the event of an actual disaster. Second, the disaster recovery test provides an opportunity to identify necessary updates to the plan due to technology or business process changes. Let's talk about five types of disaster recovery testing. Read-throughs, walk-throughs, simulations, parallel tests, and full interruption tests. Read-throughs are the simplest form of disaster recovery testing. They're also known as checklist reviews. In this approach, disaster recovery staff distribute copies of the current plan to all personnel involved in…
No comments:
Post a Comment