 |
| |
| |
| |
Disaster Recovery, Planning, & Sarbanes-Oxley Auditing |
 |
| |
 Perhaps the most critical aspect of your business is planning for the worst. A disaster...
Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster.
Disaster recovery planning is a subset of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications (such as networking) and other IT infrastructure. A business continuity plan (BCP) includes planning for non-IT related aspects such as key personnel, facilities, crisis communication and reputation protection, and should refer to the disaster recovery plan (DRP) for IT related infrastructure recovery / continuity. This article focuses on disaster recovery planning as related to IT infrastructure.
Disaster Classification:
Disaster can be classified in two broad categories. Viz, 1) Natural disasters- Preventing a natural disaster is very difficult, but it is possible to take precautions to avoid losses. These disasters include flood, fire, earthquake, hurricane, smog, etc 2) Man made disasters- These disasters are major reasons for failure. Human error and intervention may be intentional or unintentional which can cause massive failures such as loss of communication and utility. These disasters include accidents, walkouts, sabotage, burglary, virus, intrusion, etc.
Security Vulnerabilities:
Security holes are the vulnerabilities in computing hardware or software. It provides indirect invitation to malicious brains to work on it and exploit it. It is achieved through flaws in network software which allows unintended control within the network. Components of network such as PCs and router hold these holes through their operating systems. Technical details of any systems should not be made public abundantly unless required. Once such holes are discovered, information about it should be immediately passed to security professional responsible for it. On the other hand such information is also passed quickly to hacker who might want to intercept into the network. Security professional should always work to heal such holes to eliminate possible attack.
Some Control Measures included with your tekGIANTS Disaster Recovery Plan:
Control measures are steps or mechanisms that can reduce or eliminate computer security threats. Different types of measures can be included in BCP/DRP
Types of measures:
1. Preventive measures - These controls are aimed at preventing an event from occurring.
2. Detective measures - These controls are aimed at detecting or discovering unwanted events.
3. Corrective measures - These controls are aimed at correcting or restoring the system after disaster or event.
These controls should be always documented and tested regularly.
(Definition from Wikipedia)
Schedule your free Disaster Recovery Assessment Today! |
 |
|
|
|
|
| |
|
|
|
 |
|
