Misd chap 12 disaster recovery


Published on

Published in: Education, Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Misd chap 12 disaster recovery

  2. 2. OVERVIEW <ul><li>Daily routine life highly depends on IT </li></ul><ul><li>Incident like Sept 11, Katrina 2005, tsunami 2004 and other crises reminders us to be prepared for the worst </li></ul><ul><li> – > DISASTER RECOVERY </li></ul><ul><li>IT disasters can come in all shapes and sizes, hardware failures, computer viruses, blizzards, floods, and terrorist attacks </li></ul><ul><li>Even though there have solutions to various outages and failures, such as redundant servers, backups, transactions logs, but it can only handle the failure of specific component. What if the entire environment fails? </li></ul><ul><li>The key to good disaster recovery is the involvement of as many components and all facets of the organization including every department, employee, customers, suppliers </li></ul>
  3. 3. DEFINING THE SCOPE <ul><li>Depends on the organization dependent on IT and how much money to invest </li></ul><ul><li>Key questions: </li></ul><ul><ul><li>Which critical applications and services </li></ul></ul><ul><ul><li>How quickly it must recover? </li></ul></ul><ul><ul><li>What other scenario to plan for? </li></ul></ul><ul><ul><li>How long the interruption to recover? </li></ul></ul><ul><ul><li>How quickly to access the data and system </li></ul></ul>
  4. 4. SCOPE DEFINITION PHASE <ul><li>Objective </li></ul><ul><ul><li>Recover Time Objective (RTO) </li></ul></ul><ul><ul><ul><li>The amount of time between the disaster and when services are restored </li></ul></ul></ul><ul><ul><li>Recover Point Objective (RPO) </li></ul></ul><ul><ul><ul><li>The age, or freshness, of the data available to be restored </li></ul></ul></ul>
  5. 5. DISASTER RECOVERY COMMITTEE <ul><li>Depending on the priorities, the involvement of other department, including: </li></ul><ul><ul><li>Finance, Human resources, Legal, Key user dept (Mfg, Customer service), building facilities </li></ul></ul><ul><li>The committee can: </li></ul><ul><ul><li>Develop the plan (before the disaster) </li></ul></ul><ul><ul><li>Provides leadership and guidance to the rest of organization (during the disaster recovery) </li></ul></ul>
  6. 6. APPLICATION ASSESSMENT <ul><li>Inventory is a critical tool for disaster recovery planning </li></ul><ul><li>It can be used to assess, along with other dept </li></ul><ul><li>Set up some guidelines for the assessment, base on the framework of the organization priorities </li></ul><ul><li>Consideration: </li></ul><ul><ul><li>The application </li></ul></ul><ul><ul><li>The data loss </li></ul></ul>
  7. 7. CREATE A DISASTER RECOVERY PLAN <ul><li>Communication plan </li></ul><ul><ul><li>A plan for contacting key personnel, customers, vendors etc </li></ul></ul><ul><li>Documentation </li></ul><ul><ul><li>Written material describing the existing environment, procedures for declaring a disaster, procedure for re-establishing services in a disaster recovery mode </li></ul></ul><ul><li>Real estate and IT facilities </li></ul><ul><ul><li>Where will people meet if the facility is suddenly off-limits, inaccessible, or out of commission. </li></ul></ul>
  8. 8. CREATE A DISASTER RECOVERY PLAN <ul><li>Off site storage of data </li></ul><ul><ul><li>Have an up-to-date copy of data at an off-site facility </li></ul></ul><ul><li>Hardware availability </li></ul><ul><ul><li>Can get replacement hardware if it destroyed </li></ul></ul><ul><li>Regular updating and testing </li></ul><ul><ul><li>Regularly test and update the disaster recovery plan to ensure it retains its value </li></ul></ul>
  9. 9. COMMUNICATION PLAN <ul><li>Must have a call list in printed an electronic form: </li></ul><ul><ul><li>Of home phone number, mobile number, pin number for handheld devices and non-work email address </li></ul></ul><ul><ul><li>Of all members of IT, key executives, individuals from key dept, key partners and suppliers and appropriate regulatory agencies </li></ul></ul><ul><ul><li>The list of account number for each telecommunication services </li></ul></ul>
  10. 10. DOCUMENTATION <ul><li>A disaster recovery documentation is the foundation of an effective disaster recovery plan </li></ul><ul><li>It included the existing environment </li></ul><ul><li>Every key member should have at least two copies of the documentation ( each at office and home) </li></ul><ul><li>All documentation should be reviewed and updated at least once a year to reflect changes to the environment, operations, procedures etc </li></ul>
  11. 11. REAL ESTATE AND IT FACILITIES <ul><li>Where to go? </li></ul><ul><li>DR facilities considerations </li></ul><ul><ul><li>Proximity to your location </li></ul></ul><ul><ul><li>Costs </li></ul></ul><ul><ul><ul><li>Standby fee, activation fee, use fee, test fee </li></ul></ul></ul><ul><ul><li>Number of clients </li></ul></ul><ul><ul><li>Other required services </li></ul></ul><ul><ul><ul><li>Space, hardware, staff, telecommunication, air conditioning, electricity, furniture, phones etc </li></ul></ul></ul>
  12. 12. OFF-SITE STORAGE OF DATA <ul><li>Backup tapes </li></ul><ul><ul><li>To get those: </li></ul></ul><ul><ul><ul><li>Contact information </li></ul></ul></ul><ul><ul><ul><li>Method to identifying which tape to retrieve </li></ul></ul></ul><ul><ul><ul><li>Customer ID, account number to identify yourself </li></ul></ul></ul><ul><ul><ul><li>The address where the tape should be delivered </li></ul></ul></ul><ul><li>Data Replication </li></ul><ul><ul><li>A number of storage vendors have solutions for replicating data between sites </li></ul></ul><ul><ul><li>Database vendors have features and utilities to keep multiple copies of database </li></ul></ul><ul><ul><li>Transaction logs </li></ul></ul>
  13. 13. HARDWARE AVAILABILITY <ul><li>Size of the environment </li></ul><ul><ul><li>More large more complex environment, and more difficult to ensure the equipment is available </li></ul></ul><ul><li>Duplicating the entire environment </li></ul><ul><ul><li>Make sure the application software has to be recompiled before it will run on the hardware you have </li></ul></ul><ul><li>Equipment at home </li></ul>
  14. 14. REGULAR UPDATING AND TESTING <ul><li>Review and update </li></ul><ul><ul><li>At least once a year </li></ul></ul><ul><ul><ul><li>Emergency contact list is current </li></ul></ul></ul><ul><ul><ul><li>Internal safety net is working </li></ul></ul></ul><ul><ul><ul><li>The backup tapes can be read by the equipment at the backup site </li></ul></ul></ul><ul><ul><ul><li>Copies of media and installation instructions for the requisite software </li></ul></ul></ul><ul><ul><ul><li>Have current critical password </li></ul></ul></ul><ul><li>Testing </li></ul><ul><ul><li>Need to offline the primary site for a while </li></ul></ul><ul><ul><li>Develop a test plan to ensure things are working as expected </li></ul></ul><ul><ul><li>Coordinate other users to prepare and participate </li></ul></ul><ul><ul><li>Do the post mortem </li></ul></ul>
  15. 15. AFTER THE DISASTER <ul><li>When the disaster is over, you can return to your primary facility. </li></ul><ul><li>It needs to have a plan to get the data from the disaster recovery facilities back to your primary site </li></ul>
  16. 16. REGIONAL AND CATASTROPHIC DISASTER <ul><li>The local computer retailer may be rushed by other organization </li></ul><ul><li>Hotel rooms may sold out </li></ul><ul><li>Telephone companies will be very busy </li></ul><ul><li>The vendors and service providers are not functioning </li></ul><ul><li>The employees priority will not the company but their families </li></ul>
  17. 17. THE ACT MODEL <ul><li>A – acknowledge and name the trauma </li></ul><ul><li>C – communicate both competence and caring </li></ul><ul><li>T – transition. Communicate an expectation of recovery </li></ul>
  18. 18. A WORD ABOUT BUSINESS CONTINUITY <ul><li>Business Continuity Planning and Disaster Recovery are often used as interchangeable terms </li></ul><ul><li>Business Continuity Planning (BCP) </li></ul><ul><ul><li>Is a methodology used to create a plan for how an organization will resume partially or completely interrupted critical functions within a predetermined time after a disaster or disruption </li></ul></ul><ul><li>Disaster Recovery (DR) </li></ul><ul><ul><li>Is the ability of an infrastructure to restart operations after a disaster </li></ul></ul>
  19. 19. ISSUES COVERS <ul><li>BCP </li></ul><ul><ul><li>Communication plan </li></ul></ul><ul><ul><ul><li>List of phone numbers </li></ul></ul></ul><ul><ul><ul><li>A large number of employees </li></ul></ul></ul><ul><ul><li>Place to meet and continue the business </li></ul></ul><ul><ul><li>Plans for continuing key business operations and working with critical partners </li></ul></ul><ul><ul><li>Copies of vital files and information </li></ul></ul><ul><ul><li>Availability of cash </li></ul></ul><ul><li>DR </li></ul><ul><ul><li>Secondary data centers </li></ul></ul><ul><ul><li>Off site storage of backup tape </li></ul></ul><ul><ul><li>Redundancy of technical resources </li></ul></ul><ul><ul><li>Replication of data </li></ul></ul><ul><ul><li>UPS and generation solution </li></ul></ul>
  20. 20. THE HIDDEN BENEFITS OF GOOD DISASTER RECOVERY PLANNING <ul><li>Know exactly the location of each hardware by preparing the inventory </li></ul><ul><li>Having the list of current contacts lists for people outside direct reports </li></ul><ul><li>Having complete data backup procedure and set-up off-site backup </li></ul>