business continuity planning
play

Business Continuity Planning Information Security Prof Hans Georg - PowerPoint PPT Presentation

Business Continuity Planning Information Security Prof Hans Georg Schaathun lesund University College Autumn 2011 Week 13 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 Week 13 1 / 20 The session Outline The


  1. Business Continuity Planning Information Security Prof Hans Georg Schaathun Ålesund University College Autumn 2011 – Week 13 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 1 / 20

  2. The session Outline The session 1 Response Planning 2 Continuity Strategies 3 Insurance and Responsibility 4 Closure 5 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 2 / 20

  3. The session Session objectives understand the relationship between incident response, disaster recovery, and business continuity be able to identify risks and possible solutions to business continuity Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 3 / 20

  4. Response Planning Outline The session 1 Response Planning 2 Continuity Strategies 3 Insurance and Responsibility 4 Closure 5 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 4 / 20

  5. Response Planning Incident response and disaster recovery Incident response Disaster recovery Introduced before; what do we mean? Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 5 / 20

  6. Response Planning Incident response and disaster recovery Incident response (IR) immediate action effective IR should mean negligible effect on operation serious disasters may be out of scope for IR Disaster recovery restoring status quo restoration may take time production loss may incur while we wait Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 6 / 20

  7. Response Planning Business Continuity Plans keep the business going when incident response falls short while we wait for disaster recovery BCP supplements IR and DR The scope is the most serious incidents when IR/DR is insufficient Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 7 / 20

  8. Response Planning Why is BCP important? What happens if you loose email connection for . . . 10 minutes? . . . 1 hour? . . . 4 hours? . . . 2 days? . . . a week? . . . a month? Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 8 / 20

  9. Response Planning Why is BCP important? What happens if you loose email connection for . . . 10 minutes? . . . 1 hour? . . . 4 hours? . . . 2 days? . . . a week? . . . a month? Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 8 / 20

  10. Response Planning Incidents and Productivity 100 80 60 Productivity 40 20 0 0 2 4 6 8 10 12 14 16 Days Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 9 / 20

  11. Response Planning Contingency Planning Incident Incident Incident IRP Recovery Detection Reaction Incident Disaster DRP Recovery Reaction Alternate Continuity DCP Site Op’s Reaction Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 10 / 20

  12. Continuity Strategies Outline The session 1 Response Planning 2 Continuity Strategies 3 Insurance and Responsibility 4 Closure 5 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 11 / 20

  13. Continuity Strategies What are the challenges in a disaster? Hardware Software and configuration Data (restored from backup) Location — Buildings Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 12 / 20

  14. Continuity Strategies What are the challenges in a disaster? Hardware Software and configuration Data (restored from backup) Location — Buildings Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 12 / 20

  15. Continuity Strategies Dedicated sites Hot Sites a fully functional computing facility installed and configured for the organisation Warm Site a partially installed computing facility. It typically includes server hardware, but not applications and workstations. Cold Site is just a spare building where a computing facility may be installed Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 13 / 20

  16. Continuity Strategies Shared facilities Time-Share several organisations share a hot/warm/cold site. This gives more value for money, assuming that two organisations will not hit simultaneous disasters... Service Bureaus provide a service for a few, such as an agreement to provide physical facilities in the event of a disaster Mutual Agreements is some agreement between organisations to assist eachother in the event of a disaster. Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 14 / 20

  17. Continuity Strategies Different facilities Server and Data Centres High-security facilities. Security-aware management. Good planning is common. PC-s and Workstations Are often forgotten. Left to the attention of individual users. Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 15 / 20

  18. Continuity Strategies Remote Storage Backup is an obvious control Most common threats to control are media decay and disk failure user errors (deleting the wrong file) Rarer events include fire and theft Remote storage is essential to avoid losing both in the same event BCP: roll out the backup on an alternate site can you do it quickly enough? Do you make remote backups as frequently as local backups? Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 16 / 20

  19. Insurance and Responsibility Outline The session 1 Response Planning 2 Continuity Strategies 3 Insurance and Responsibility 4 Closure 5 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 17 / 20

  20. Insurance and Responsibility Continuity Planning versus Insurance Is insurance an alternative to continuity planning? Insurance will normally cover recovery. It will rarely cover consequential loss such as lost productivity Extended down-time may cause irrepairable loss Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 18 / 20

  21. Insurance and Responsibility Continuity Planning versus Insurance Is insurance an alternative to continuity planning? Insurance will normally cover recovery. It will rarely cover consequential loss such as lost productivity Extended down-time may cause irrepairable loss Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 18 / 20

  22. Closure Outline The session 1 Response Planning 2 Continuity Strategies 3 Insurance and Responsibility 4 Closure 5 Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 19 / 20

  23. Closure Conclusions Business Continuity Planning supplements other plans for security Where other plans focus on resolving a situation BCP only provides a temporary solution to keep going while the other plans are executed BCP often includes a backup facility to run operations temporarily Prof Hans Georg Schaathun Business Continuity Planning Autumn 2011 – Week 13 20 / 20

Recommend


More recommend