Business continuity planning involves creating a logistical plan for how an organization will recover from a disaster in a predetermined time. Disaster recovery planning addresses procedures for recovering critical business functions after an interruption. The document discusses business continuity planning lifecycles, objectives of business continuity and disaster recovery plans, developing and testing plans, differentiating business continuity and disaster recovery plans, types of backups and disaster recovery plans, recovery time objectives and recovery point objectives, threats to organizations, and risk analysis and planning considerations.

1. BUSINESS CONTINUITY PLANNING /
DISASTER RECOVERY PLANNING

2. Business Continuity Plan
BCP is the creation and
validation of a practical
logistical plan for how an
organization will recover and
restore partially or completely
within a predetermined time
after a disaster has occurred.

3. Business Continuity Planning Lifecycle

4. Need for BCP/DRP
Objectives Goals Areas
Minimize loss by
Minimizing the cost
associated with
disruptions
Identify weaknesses Business
Resumption
Planning
Enable the
Organization to
survive a disaster
Minimize the
duration of a serious
disruption to b/s
operations
Disaster Recovery
Planning
Facilitate effective
co-ordination of
recovery tasks
Crisis Management
Reduce the
complexity of the
recovery effort

5. Developing a BCP
Initiate
Obtain understanding of the existing
and projected systems
Establish a ‘Steering Committee’
Develop a Master Schedule and
milestones

6. Perform Risk Assessment

7. Choose Recovery Strategy
Plan Development
• Determine all available
options and strategies
• Business – Logistics,
HR, Accounting
• Technical – IT (Client –
Server, Mainframes,
Databases, Networks
Identify Recovery Strategy
• Recovery plan components
and standards are defined,
developed and
documented
• Define notification
procedures
• Establish Business
recovery teams for each
CBS

8. Test and Validate
•Validate the BCP
•Develop and document contingency test plans
•Prepare and execute tests
•Maintenance
•Update disaster recovery plans and procedures

9. Working of a BCP Process

10. Differentiation of BCP and DRP
Business Continuity Plan:
It is the process of defining arrangements and
procedures that enable an organization to continue
as a viable entity.
It addresses the recovery of a company’s critical
business functions after an interruption
Disaster Recovery Plan:
It involves making preparations for a disaster and
also addresses the procedures to be followed during
and after a loss. It is specific to the information
system function

11. Disaster Recovery & Business Continuity
What is DR and BC?
• Process, policies and procedures related to preparing for recovery
or continuation of technology infrastructure critical to an
organization after a natural or human-induced disaster
• Scope is limited to technology and technology availability
Disaster Recovery (DR)
• Planning out how to stay in business in the event of disaster
• Scope encompasses all critical business operations (sales,
customer support, financial and admin services, etc)
Business Continuity (BC)
While not the same, they are tightly interdependent.

12. Types of Disaster Recovery Plans
Emergency
Plan
Backup Plan Recovery Plan Test Plan
It specifies
actions to be
undertaken
when the
disaster happen
It specifies the type
of backup to be kept,
frequency of backup
to be undertaken,
procedures, location,
personnel, priorities
assigned and a time
frame
It specifies
procedures to
restore full
information system
capabilities
Final Component
Identification of
situations which
requires plan to
be invoked
It needs continuous
updates as changes
occur
Formation of a
recovery committee,
specify
responsibilities and
guidelines for proper
functioning
Identification of
deficiencies in the
emergency, backup
or recovery plans or
tin the preparation of
an organization for
facing a disaster

13. Types of Backup
Full Backup Incremental
Backup
Differential
Backup
Mirror Backup
IT captures all
files on the
disk or within
the folder
selected for
backup
It captures files
that were created
or changed since
the last backup,
regardless the
backup type
It stores files that
have changed
since the last full
backup.
It is identical to a
full backup, with
the exception that
the files are not
compressed in zip
files and they
cannot be
protected with a
password

14. RTO and RPO
Maximum tolerable length of time that a
computer, system, network, or application
can be down after a failure or disaster occurs
Recovery Time Objectives (RTO)
Age of files that must be recovered from
backup storage for normal operations to
resume (i.e, how many hours of work is lost)
Recovery Point Objectives (RPO)

15. RTO – Recovery Time Objective
How quickly should critical services be restored
RPO – Recovery Point Objective
From what point before system loss should data be available
How much data loss can be accommodated
Last System Backup/Copy
System Loss/Failure
System Restored
RPO (Recovery Point
Objective) – Time Since Last
Good Backup
RTO (Recovery Time
Objective) – Time to Recover
Overall Recovery Time – From Last Backup to System Recovery

16. Threats Landscape
Threats from within External Threats
Malicious Intent
If a malicious insider is intent on
compromising systems, there is little
that can be done by traditional
security products to prevent this
form of attack krowten emos elihW .
nac seuqinhcet roivaheb tsoh dna
taerht redisni na yftinedi ot pleh
eb lltis nac redisni suoicilam a ,eussi
lufsseccus.
•To steal information, the
attacker can copy restricted
information onto a thumb drive,
or install a covert key logger on a
keyboard cable disguised as a
ferrite bead .
•To disrupt operation, the
attacker might unplug a critical
system.
There are 4 primary threat vectors
1- Malcode
Malcode comes from programs, scripts, or macros that can execute on user
machines, and are malicious in nature. This category of threat is often
subdivided into Viruses and Trojan horses ro ,dehcatta edoc si suriv A .
a si esroh najorT A .tnemucod ro margorp etamtiigel a nihtiw deniatnoc
suoicilam trevoc sah osla tub ,esoprup elbisiv lanretxe na sah taht margorp
.resu eht ot nwonknu si taht roivahebMalcode can contain many
components, and categorization is subdivided according to the components
purpose (password stealers ,keyboard loggers ,botnets ,droppers )yteirav A .
tuohtiw dellatsni edoclam peek ot deyolped eb nac ygolonhcet htlaets fo
,elpmaxe rof( noticetedrootkits fleS .)-detangised nefto si edoc gntiagaporp
a saworm.
2- Vulnerabilities
Vulnerabilities come from deficiencies in legitimate code that is running
on internal computer systems, or a system misconfiguration that can
lead to an unexpected outcome. Vulnerabilities types such as SQL
injection vulnerabilities are well known for being easily exploited to gain
knowledge of internal database structure and contents. Cross-site
scripting vulnerabilities (XSS edoc tpircs etucexe ot desu netfo era )
seitilibarenluv fo sepyt gnitatsaved tsom eht tuB .sresworb sresu nihtiw
sa detangised esoht eraremote code execution .These vulnerabilities,
when exploited, allow native code execution on the computer containing
the vulnerable code. Perhaps the biggest remote code vectors used to
compromise systems in the past year are vulnerabilities contained in
browsers, or browser based plug-ins. If a user is enticed into visiting a
malicious Web site that hosts a document containing an exploit for a
browser vulnerability, the users machine can be owned.
3- Data leakage
Data leakage often comes from unintentional insiders transferring
restricted information to external systems. But it can also be the result of
malcode installed on the users machines. The problem is detecting and
preventing the transfer of sensitive information from within the
organization to an unauthorized external site.
4- Denial-of-service
Denial-of-service gnikcatta smetsys ro sresu lanretxe morf semoc
noitarepo eht tpursid ot si aedi lareneg ehT .erutcurtsarfni smetsys a
laineD fo smrof suoirav era erehT .metsys eht fo-fo-.skcatta ecivres
lained ytilibarenluv eht si enO-fo-seitilibarenluv era erehT .ecivres
nac tub ,noitucexe edoc etomer tiolpxe ot elba eb ton thgim taht
a gnidnes yb retupmoc a hsarc nac rekcatta nA .metsys eht hsarc
.tsoh elbarenluv eht ot tekcap elgnisMore common are denial-of-
service disruptions that come from generating a volume of traffic
that overwhelms a network, or host computer in the network.DNS
servers are particularly vulnerable when dealing with malformed
DNS requests. If an attacker can find a packet that causes a lot of
cycles to be spent by the host computer, then a flood of these
packets to the host can cause a denial-of-service.Bandwidth denial-
of-service attacks seek to exhaust the network capacity by
flooding the network with traffic. Often these attacks are mounted
from thousands of different host computers (distributed denial-of-
service era gnikcatta era taht sretupmoc eht yllausu dna ,)
tob htiw desimorpmoc-senihcam eht no dellatsni edoclam ten.
Unintentional insider threats
the unintentional compromise of
restricted data by insiders is a big
problem that can, and is addressed by
security systems.

17. Threats and Risk Management
• Lack of Integrity
• Lack of Confidentiality
• Unauthorized Access
• Hostile Software
• Disgruntled Employee“disappointed”
• Hackers and computer crimes
• Terrorism and Industrial espionage

18. Risk Analysis
Determine appetite for downtime
(RTO) for each system
Rank your IT systems by impact
on business operations
Determine impact of data loss
for each system (RPO)
Likely risks like hardware and network
failure should go at the top
Unlikely risks like tornado should go at
the bottom
Rank the risks to that system
by likelihood to occur
Look for projects that address
multiple risks and/or systems and/or
non DR needs (better ROI)
Be sure to identify dependencies
List options to address each
risk, rank their effectiveness,
and estimate cost
This Risk Analysis creates a roadmap to address your DR needs!
Instead,
Perform
a basic
Risk
Analysis
:
Data Recovery for your entire IT Infrastructure is very expensive!

19. Planning
•Must include all executives
•Good DR plans involve more than the IT
department
Corporate buy-in is critical to success
Establish a budget - budget drives your options
•It is more difficult and more costly to design
DR for production systems
Planning should be part of the production
design
Use your Risk Analysis to establish a multi-year project
plan

20. Document, document, document!
•Be sure that your
documentation is available no
matter what the disaster!
Plan your actions – who, what,
where
Test and update regularly – a stale
DR Plan is a useless DR Plan
Virtualization and big bandwidth are
key enablers of DR since 2013
Planning

21. Insurance
•The purpose of insurance is to spread the economic cost
and risk loss from an individual or business to a large
number of people.
• Policies are contracts that obligate the insurer to
indemnify the policyholder from specific risks in exchange
of a premium
• Adequate insurance coverage is a key consideration while
developing a BRP/DRP and performing a risk analysis

22. Activities considered while testing
BRP/DRP plan
• Defining the boundaries
• Scenario
• Test Criteria
• Assumptions
• Briefing Session
• Checklists
• Analysing the test
• Debriefing session

23. Audit of DR/BR plan
• Based on the BIA
• Key employees have participated in the development
• Plan is simple and is realistic in assumptions
• Review the existing DR/BR plan
• Gather background info regarding its preparation
• Does the DR/BR plan include provisions for personnel, building
• Does the BR/DR plan include contact details of suppliers of
essential equipment
• Does the DR/BR plans include provisions for the approval to
expend funds that were not budgeted for the period? Recovery may
be costly

24. Business Continuity and Disaster Recovery Implementation
Approach
The System Dynamics approach to implementing effective
Business Continuity consists of two phases:
1. Solution Design – your Business Continuity/Disaster Recovery
requirements are identified and documented and a solution and an
implementation plan are developed
2. Solution Implementation – the previously defined and agreed solution
is implemented
Project
Initiation
Risk
Assessment
Business
Requirements
and
Impact
Analysis
Solution
Design
and
Documentation
Implementation
Plan
Roadmap
Solution
Implemen
tation
Testing
Solution Design
Solution
Implementation

25. BC-DR implementation process
BC/DR
PLAN
PROJECT
MANAGEMENT
PROGRAM
MANAGEMENT
RISK ANALYSIS
& REFVIEW
RECOVERY
STRATEEGY
BUSINESS
IMPACT ANALYSIS
PLAN
DEVELOPMENT
AWARENESS
& TRAINING
TESTING &
EXERCISING

26. Maintaining Business Continuity and Disaster Recovery
• Once implemented, effective business
continuity must be regarded as a
continuous process
• While this imposes an overhead it
ensures that business continuity
implementation will continue to meet the
requirements of the business and meet
audit compliance requirements
• Good solution design will minimize
maintenance effort as continuity is
embedded
Business
Continuity Project
Understand the
Critical Systems
and Applications
Develop Strategy
for Business
Continuity
Develop Business
Continuity Plans
and Processes
Embed Business
Continuity into
Exercise, Test and
Maintain Business
Continuity Plan

27. DR Site Design Options
Hot Site
Worm
Site
Cold
Site
Mobile
Site
Reciprocal
Agreement

28. DR Site Design Options
Duplicate of the
original site of the
organization, with
full IT systems as
well as near-
complete copies
of user data.
1- Hot Site
Useful when fast
recovery is critical
Organization requires
all the facilities at an
alternative location
It is
expensive
Hot
site

29. Have hardware and
connectivity already
established, though
on a smaller scale
than the original
production site or
even a hot site.
2- Warm Site
DR Site Design Options
Provides
intermediate
level of backup
Organization can
tolerate some
downtime
Organization
requires only
essential facilities
at an alternative
location
Warm
Site

30. Standby site with
no hardware,
established
connectivity, or
backups, but has
adequate facilities
to house IT
infrastructure.
3- Cold Site
DR Site Design Options
It is useful when
the organization
can tolerate some
downtime
Organization requires
minimum facilities at an
alternative location to
run its regular
operations
It is
inexpensive
Cold
site

31. No specific fixed
on the ground
facility
4- Mobile Site A Mobile site is self-
contained, transportable
shelter custom –fitted with
specific telecommunications
and IT equipment
Advantage :
•The organization have
full control over the
equipment.
Disadvantage:
• May offer limited information
processing capacity (as
compared to the primary data
center
• Require advance
coordination, resources may
not be immediately available (
i.e. equipment transport, setup,
and data restoration)
Mobile
site
DR Site Design Options

32. Two or more
organizations might
agree to provide backup
facilities to each other in
the event of one
suffering a disaster
It is relatively cheap
Each participant must
maintain sufficient
capacity to operate
another’s critical
system
Reciprocal
Agreement
DR Site Design Options
No specific fixed on the ground
facility
5- Reciprocal Agreement

33. Minimum Disaster Precautions
Daily backup
strategy with at least
weekly offsite
backups
A strategy for
monitoring and
remediating
problems with your
backups
Antivirus software on
all workstations and
servers with daily
signature updates
Patching on all
workstations and
servers kept up to
date

34. High Availability = Disaster Prevention
typically means that the system is automatically
redundant. Eliminate single points of failure!
High Availability (HA):
Enables very low RTO and RPO objectives

35. Network High Availability
Dual routers
Dual
firewalls
Dual
switches
Dual network
interfaces on
Servers
Router
Router
Firewall
Firewall
Switch
Switch
Server

36. High Availability Connectivity
Dual connections to the Internet
• Difficult and expensive to implement at a corporate level
• Need to use two separate carriers – very little protection if using the same carrier
• Multi-site companies can use another site’s Internet
Dual connections to remote sites
• Use separate carriers
• Use separate last mile media (E1 and Fiber, E1 and Cable)
• Easy and relatively inexpensive using Internet as failover with mesh
VPN technology

37. High Availability Power
Install quality power filtration and lightning arrestors
Use devices with dual power supplies
Where that isn’t possible, use an Automatic Transfer Switch
(ATS)
Note that an ATS creates a single point of failure
Feed devices with two separate power circuits
Better yet, feed from two separate power panels
Protect at least one circuit of each pair with an Uninterruptible
Power Supply (UPS)
Protect the UPS(s) with a generator

38. Virtualization = Server Hardware HA
Virtualization is the
key enabler of
server hardware HA
Divorces server software
from the underlying
hardware running it
Allows a server to
“move” between multiple
physical server
hardware
Enables rapid
replacement or
expansion of
physical hardware
on demand
Enables new backup
techniques that have less
impact on servers and
users, and allows for
much faster restore
times. Bye-bye bare
metal restores!!
Most importantly for
disaster recovery, allows
servers to “move”
between multiple
physical locations

39. Application HA
Virtualization addresses
hardware failures but
doesn’t address
application failures
•Exchange 2010 Database Availability
Groups (DAG)
•Microsoft SQL Clustered Services
•Microsoft SQL Bidirectional
Transactional Replication
•Windows Server 2008 DFS
Native Application HA
implementations are
typically the most effective
way to address HA for
specific apps
Native
Application HA
Schemes ex.

40. Geographic HA
•Typically proprietary
SAN based (LUN to LUN)
• DoubleTake
• Microsoft SQL Replication
• Microsoft Exchange lag database copies
• Microsoft DFS Replication
Server or Application Based
•Veeam Backup and Replication
Virtual snapshot based
All these techniques require high bandwidth
connectivity

Data Replication
Options


41. ThankYou
AtefYassin