3. Availability
Ability of an IT Service or other configuration item to perform its
agreed function when required.
• Reliability – How Long?
• Maintainability – How Quickly?
Availability (%) =
Agreed service Time (AST) – Downtime * 100
Agreed Service Time
• High Availability
• Continues Availability
4. Importance of Availability in
information Security
Availability is essential to information security, because for any
such system to satisfy its purpose, the information on it must
be available as needed by any authorized personnel.
DDoS attacks - The primary aim of DDoS attacks is to deny users
of the website access to the resources of the website. Such
downtime can be very costly.
Availability systems make certain that they are available all the
time, stopping disruptions to information service from the likes
of power outages, system upgrades, or hardware failures.
5. Business Resiliency
Business As Usual – No Matter What
Business Resiliency is the ability of an
organization to absorb the impact of a
business interruption and continue to
provide an acceptable level of service
It is to work out how to continue
operations under adverse conditions that
include malicious attacks, hack, database
corruption, theft, vandalism, regional
incidents like earthquake and floods, and
national incident like pandemic illness.
6. Business Impact Analysis
BIA is the an assessment performed on below given Parameters
to determine the different Recovery Objectives. The BIA
Establishes the objective so that the appropriate recovery
strategy can be developed to meet different recovery
objectives.
Financial Impact
Client Impact
Legal/Contractual & Regulatory Obligations
Market Impact
Reputation Impact
Internal Impact
7. RTO – Recovery Time Objective
RTO is Defined as the Maximum
time that a business can be out
of service before adverse impact
as determined by the business
impact analysis. Recovery time is
defined from the time of incident
to the time of restoration of the
application.
Time is the Key ….
8. RPO – Recovery Point Objective
RPO is defined as the point in
time to which data must be
recovered after a system outage,
liming the loss of data wihin
manageable level as required by
the business.
Backup is key ….
9. RCO – Recovery Capacity Obj.
RCO is the capacity required to
run the application in DR.
Attention should be paid tin the
infrastructure design that the
application can run production
loads in DR.
Strength is the Key ….