Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College,...

Disaster Recovery PlanningDisaster Recovery Planning

Because It’s Time!

Copyright Columbia University and Bentley College, 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Disaster Recovery Planning: Because It’s

Time

Leslie MaltzDeputy VP, I.T. Planning and Standards

Columbia University

Gwen KreagerManager, Technology Deployment and

Integration

Bentley College


Time

Pre 9/11Pre 9/11

Disasters were really operational emergencies Power failures Floods Fires Blizzards


Time

On 9/11On 9/11

No dial tonesLimited transportationInternet and I2 remained working

Web Email VoIP


Time

On 9/11On 9/11

Think on our feetInstinctive responsesFear and anxietyCreativity substituted for plans


Time

Post 9/11Post 9/11

Time for a plan!Who should be involved?Centralized IT (Admin and Academic),

Distributed (Schools)How do we decide what to include in a

plan?


Time

RisksRisks

NYC urban campus Highly visible Highly populated

Vulnerable to natural and manmade emergencies and disasters


Time

Prepare for the PlanPrepare for the Plan

Emphasis on preparedness Pre-think

Who will need to do what How to contact people Who will be in charge Training, documentation, resources


Time

Prepare for the Plan, cont’d.Prepare for the Plan, cont’d.

Have Command Centers ready to use Identify critical IT resources and

applications Prioritize order for restoration


Time

12 Step Process12 Step Process

1. Identify applications

2. Determine criticality

3. Identify resources needed to recover

4. Identify priorities and dependencies

5. Users review and revise priorities

6. Identify contacts and means for communication


Time

12 Step Process, cont’d.12 Step Process, cont’d.

7. Complete operational documentation

8. Compile all documentation – CD and paper

9. Establish and stock IT Command Centers

10. Train Duty Managers

11. Test plans (drills)

12. Revise and update


Time

How to Begin Infrastructure How to Begin Infrastructure PlanningPlanning Define a disaster in the context of your

institution Plan for Applications and Server replacement

Get a handle on what needs to be replaced in the context of your institution

Plan for Network Redundancy


Time

Identify key Identify key I.T.I.T. specificspecific vulnerabilitiesvulnerabilities

Loss of (or damage to) building housing computer room Loss of building housing central network hub, cutting

off access to rest of campus Loss of building housing internet connection Damage to administrative or web servers

…and maintain focus!


Time

Bentley’s 3 Levels of DisasterBentley’s 3 Levels of Disaster

Level 1 Destruction of building housing main computer room

Level 2 Destruction of building housing core network hub Damage to cable plant at critical location

Level 3 Damage to individual wiring closet Damage to individual server


Time

Server ReplacementServer Replacement Start with an up-to-date inventory

Applications Custodial agreements Backup schedules and tape storage Maintenance agreements

Divide into functional groups Establish three priority categories

Critical Important Non-critical

Obtain consensus from all divisions


Time

Bentley’s Bentley’s Priority APriority A Server Server Replacement PlanReplacement Plan

Options evaluated and discarded Hot site contract coverage Cold site contract coverage, with or without mobile

trailers

Selected method is a mixture of solutions developed in house Use of data mirroring Consolidation of servers where applicable Purchase of redundant servers


Time

Plan for Network RedundancyPlan for Network Redundancy

Requires a complete, up-to-date survey of equipment and wiring

Key points of failure must be identified Consequences of network failure points

communicated so administration can reach consensus on course of action


Time

Bentley’s Plan for Network Bentley’s Plan for Network RedundancyRedundancy

Separate redundant network hubs Pre-install necessary fiber

optic cabling Establish redundant network link for

selected buildings or parts of campus


Time

IT Command CentersIT Command Centers

Locations (more than one)Resources availableStaffingProceduresDrills


Time

LocationsLocations

Multiple locationsAway from normal activitiesVarying distances


Time

Resources AvailableResources Available

CommunicationsDocumentation on CD and PaperEquipmentDigital CameraFood and Water


Time

CommunicationsCommunications

Rolm phones and POTS linesNetwork connectionsVoIPLocal 2-way RadiosCell PhonesPortable Radio and Cable TV


Time

DocumentationDocumentation

Emergency Application Templates (ERATs) for each critical application Resources needed for recovery: Equipment, Data,

People, Timing Contact Information

Staff-campus, home, cell, email(s) Vendors Users and Administrators


Time

EquipmentEquipment

LaptopsPrintersUPSDigital CameraFlashlights/batteries


Time

StaffingStaffing

Duty Managers Primary and Secondary Training

Monthly Staffing Rotation and Inspection of Inventory

Drills

Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College,...

Documents

Transcript of Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College,...