CYA - Cover Your Assets. Disaster Recovery 101
description
Transcript of CYA - Cover Your Assets. Disaster Recovery 101
Cover Your Assets: Disaster Recovery 101
Cole LakesSpiceworks Support Engineer
Former IT Admin
Business Continuity Plan
• Overarching plan to cover entire business
• Includes:– Preventive measures– Detective measures– Corrective measures
What Is Considered a “Disaster?”Disaster [dih-zas-ter, -zah-ster]
nounAnything that interrupts business continuity and
normal operations, be it environmental disaster or human (PEBKAC) error.
Potential Disasters
• Common disasters– Power/UPS failure– Natural Disasters– User Error
• Less Common disasters– Disgruntled user – Equipment malfunctions– Software bugs– Diggers cut phone/Internet
• How do you communicate this to employees?
Prepping the plan
• Not just an IT function
• Important to keep services online, not just servers
• Services to cover defined by Business Owners
Fun fact: Of companies that had a major loss of business data, 43% never reopen, 51% close within two years, and only 6% will survive long-term.
What Should It Cover?• Identify Potential Disasters
– What are the dangers in your location? Business?
• List in order of risk, impact, probability, potential cost– Dept. deadlines affect priority
Who Should Be Involved?
• All Department heads– Discuss each dept.’s mission critical services
• Compliance officer(s)– Make sure DR plan
meets guidelines (DPA, FIA, SOX, Etc.)
• Business Owners– Bigwigs and
checkbook holders
Decision maker
Departmental Disaster Definitions• Different for every
department– Development’s source
code
– Sales/Marketing’s contacts or emails
• Not just digital info– What about physical HR
and Tax forms?
Protecting the Business
• What happens if you’re hit by a bus?
– Call Tree
– Job Responsibilities
– Info Locations
– Owners of each segment
Back That Asset Up
• Location consideration– Local vs. Cloud
• Cost consideration– Can we afford it all?
• Size consideration– Disk space requirements?– Takes time to backup
• Automation
• How often?
Location, Location, Location• Local or Colocation
– How far away?
– Stable power grid?
– Backup generators?
– Natural disaster proof?
– Remote support?
– Stable connection between sites?
Location, Location, Location (cont.)• Cloud/Third party
– Security• Is data protected?
– Backup process• Incremental/Delta/Block
– Restore Process• Quick? Easy? Good.
– Provider• Rackspace, AppAssure, Amazon, Dropbox, Azure, etc.• Do your due diligence - still not 100% disaster proof
Talking Numbers
• How large is the budget?– DR generally 2-4% of overall
budget
• Does budget cover it all?
• Are there (cheaper) alternatives?
• Cost per dept.?
Testing
• A plan is only good if it works– Test, then test again
– Test each phase separately
– Make sure each phase is feasible in timeframe given
Finding Help
• Disaster Recovery Planning group– http://community.spiceworks.com/group/show/218
Questions? Queries? Comments?