Discussion
Chapter 20: data
data
Not easily replaced after a major incident
Data risks:
Physical loss due to a device failure or disaster
Logical loss caused by an application error
Risk assessment
Viruses
Natural disasters
Human-created outages
Hard drive crash
Laptop or smartphone loss or theft
Software failures
Application failures
Vendor failures
Risk assessment – cont’d
Compromised information
Lost productivity
Employee downtime
Loss of customer information
Increased help desk support required
Strategic issues
Loss of opportunity
Decreased operation efficiency
Inability to support customers
Increased systems costs
Noncompliance issues
Costs from serious data loss
Customer notification
Litigation expenses
Internal investigations
Forensic experts
Software updated
Subpoenas by government authorities
Stock prices
reputation
Creating your data recovery plan
Planning
Identify critical data
Create an appropriate policies and procedures
Determine types of backup
Develop recovery processes
Plan testing and maintenance
planning
Cold site
Warm site
Hot site
Cloud backup
Mobile site
Mirrored site
Identify critical data
Determine types of data
Categorize the data
Identify critical data
Nonessential data
Create appropriate policies and procedures
Business critical
Sensitive
Legally required
Noncritical
Determine types of backups
Regular backup to tape or other removable media
Remote mirroring
Electronic vault storage
Periodic or real-time backup to cloud provider
Develop recovery processes
Recovery time objective
Recovery point objective
Availability
Restoration
Value
Performance
Data storage options
Tape backup
Disk mirroring
RAID
Load balancing
Network attached storage
Storage area network
Cloud backups
virtualization
Data storage become mobile and easier to deploy
Virtual tape library
Production and recovery storage environment no longer homogeneous
Disaster recovery costs can be lower
Administration is made easier during recovery
Greater flexibility in managing application storage requirements
Heterogeneous storage devices
Applications could experience a decrease in performance
Ensure storage metadata is protected and backed up
Plan testing and maintenance
Ability to restore critical applications from backups
Performance of recovery personnel
Performance of backup equipment
communications
Plan testing and maintenance – cont’d
Items to be monitored:
Hardware, software and peripheral equipment
Business operations requirements
Security requirements
Technology changes
Recovery team contact information
Vendor information
Regulatory requirements
summary
Data is the lifeblood of businesses
Simple steps:
Identify what data is important
How soon do you need it?
What is it going to cost not to have it?
Test your recovery procedures