Professional Documents
Culture Documents
Cisa 10
Cisa 10
Cisa 10
©
© 2009
2013 Global Knowledge
Security Training LLC.
Wits Technologies. All rights
All rights reserved.
reserved.
Section Objectives 10-2
Example (cont.):
There was sufficient radio communication equipment,
but:
No procedures for monitoring of the radio frequency
No recognition of emergency distress calls
Of the 2,228 passengers and crew, only 705 survived.
The Titanic tragedy resulted in the passage of the
Federal Radio Act of 1912, which
Requires a separate frequency for distress calls
Requires an adequate number of lifeboats
Requires lifeboat drills
Requires escape route diagrams
© 2013 Security Wits Technologies. All rights reserved.
Types of Disasters 10-8
Contingency Planning
Emergency
Risk Management Event Contingency Plan Execution
Security Control
Project management
and initiation
Business impact
Recovery strategy
assessment
Testing Maintenance
Management must see the need to provide for the the BCP.
Qualitative
Intuition, gut feeling, non-dollar
based, (i.e., high, medium, low)
Quantitative
Dollar based ($1; $100; $1,000;
$1,000,000)
Reputation
“It takes many good deeds to build a good
reputation, and only one bad one to lose it.”
Benjamin Franklin
Agreed upon
Pre-defined
Management approved
Determined to be the best course of action
based on the analysis of data during the BIA
Wks Days Hrs Mins Secs Secs Mins Hrs Days Wks
Database Clustering
shadowing
Remote data Remote
journaling replication
Online
restore
Tape Tape
backup restore
User recovery
Business process recovery
Facility and supply recovery
Operational recovery
Data recovery
© 2013 Security Wits Technologies. All rights reserved.
Business Process Recovery 10-31
Hardware
Software
Equipment
Data
Supplies
Furniture
Examples:
HVAC
Security
© 2013 Security Wits Technologies. All rights reserved.
End-User Environment 10-33
Employee requirements
Payroll
Workspace
Needed procedures and documents
Notifications
Individual responsibility
Backups
RAID
Electronic vaulting
Software escrow
© 2013 Security Wits Technologies. All rights reserved.
Data Backup Alternatives 10-36
Incremental
Differential
Full-backup
Secure
Controlled storage Shelf life
transfer retention
Data and
Labeling system
backup
Differential Yes No
Electronic Vaulting
A batch dump of backup data created offsite
automatically by the use of an electronic vaulting
provider
Remote Journaling
The parallel processing of transactions to an alternate
site
May only include moving the journal or transaction
logs to an off-site facility
Database Shadowing
Like remote journaling but creates duplicate database
sets to multiple servers for greater redundancy
On-line
(Hard drive)
Optical
Tape
off-line
Subscription services
Multiple centers
Reciprocal agreement
Other data center options
$$$$
Redundant site
$$$
Hot site
$$
Warm site
$
Cold site
Cost
2 hrs 24 hrs 1 week 4 weeks
Time
© 2013 Security Wits Technologies. All rights reserved.
Subscription Services and Off-Site
Facilities 10-43
Ease of understanding
Practicality
Clear indication of where/when to use
Location of BCP information:
Internal web site
Binder
Other
© 2013 Security Wits Technologies. All rights reserved.
Awareness 10-53
Desk-based evaluation
Paper test
Preparedness test
Parallel test
Paper-based test
Paper-based test
Costs of tests
When distributing new copies of the plan, make sure only the
latest version of the plan is available.
All old copies are to be collected and destroyed.
Also, there should be at least three copies of the plan; one
for marking up, one for use in an emergency on site, and one
stored offsite.
A plan must be physically printed as there is no guarantee
that information systems will be functional or accessible in
the event of a disaster.
The plan is of a need-to-know sensitivity and not everyone in
the organization gets to see the plan, and those that do may
not see all of the plan.
Only senior management and the BCP/DRP design team
know the whole plan.
Resumption team
Restore least critical work first
Prepare primary site for return to
processing
QUESTIONS?