Presentation is loading. Please wait.

Presentation is loading. Please wait.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies.

Published byCornelia Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies."— Presentation transcript:

1 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies Chapter 19

2 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Objectives Describe the various ways backups are conducted and stored. Explain different strategies for alternative site processing. Describe the various components of a business continuity plan. Explain how policies and procedures play a daily role in addressing the security needs of an organization.

3 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms Acceptable use policy (AUP) Business continuity plan (BCP) Business impact assessment (BIA) Cold site Delta backup Differential backup Disaster recovery plan (DRP)

4 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms (continued) Due care Due diligence Fault tolerance Full backup High availability Hot site Incident response policy Incremental backup

5 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms (continued) Least privilege Mutual aid agreement Policies Procedures Separation of duties Service level agreement (SLA) Standards Warm site

6 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery Organizations face a variety of disaster scenarios. Disasters can be caused by nature or manmade events. Disaster recovery plans consider all types of organizational disruption. Different disruptions will require different recovery strategies.

7 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery Plans (DRP) / Process DRPs intended to minimize disaster impact. –Defines the data, resources, and necessary steps to restore critical organizational processes. Planning process, initial phase: –Consider needed resources to perform the company’s mission. –Identify critical functions.

8 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery Plans / Process Disaster Recovery Plans / Process (continued) Initial phase yields the business impact assessment (BIA). Continued planning includes: –Outline of processes and procedures to restore an organizations critical operations –Prioritized according to criticality for restoral

9 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 CategoryLevel of the Function’s NeedHow Long Can the Organization Last Without the Function CriticalAbsolutely essential for operations. Without the function, the basic mission of the organization cannot occur. The function is needed immediately. The organization cannot function without it. Necessary for normal processing Required for normal processing, but the organization can live without it for a short period of time. Can live without it for at most 30 days before your organization is severely impacted. DesirableNot needed for normal processing but enhances the organization’s ability to conduct its mission efficiently. Can live without the function for more than 30 days, but it is a function that will eventually need to be accomplished when normal operations are restored. OptionalNice to have but does not affect the operation of the organization. Not essential, and no subsequent processing will be required to restore this function. Consider eliminating No discernable purpose for the function. No impact to the organization; the function is not needed for any organizational purpose.

10 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Business Continuity Plan (BCP) Focuses on continued operation of a business in extenuating circumstances. Stronger emphasis placed on critical systems. Will describe the functions that are most critical, based on a previously conducted BIA. Will describe the order in which functions should be returned to operation. Describes what is needed for the business to continue to operate.

11 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Backups Critical part of BCP and BRP Provides valid, uncorrupted data for restoration Good backups include all needed files –Applications, operations systems, and utilities

12 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 What Needs to Be Backed Up? Data Application programs Operating systems Utilities for the hardware platform Personnel, equipment, and electrical power must also be part of the plan. Backup plan should back up the files that change more often than the files that do not chance much.

13 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Backup Strategy Backup considerations –Size of the resulting backup –Media used for the backup –How long backups will be stored Four types of backups –Full, differential, incremental, delta

14 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Backup Types Full backup –All files copied onto the storage media Differential backup –Files that have changed since last full backup Incremental backup –Files since last for full or incremental backup Delta backup –Portions of files changed since last backup

15 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 FullDifferentialIncrementalDelta Amount of SpaceLargeMedium Small RestorationSimple InvolvedComplex Characteristics of Different Backup Types

16 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Backup Frequency / Retention Base frequency on time organization can survive without current data. Base retention on operational environment and frequency of backups. Retention strategy should avoid putting all backups in one location. –Ideally an offsite location will also be used.

17 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Alternative Sites Should be considered in BCP / DRP Three types of sites: –Hot site: Fully configured environment that can be operational immediately –Warm site: Partially configured, lacks more expensive computing components –Cold site: Basic environmental controls but few computing components

18 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Utilities Power failures may disrupt operations –UPSs provide enough power to allow systems to be shutdown gracefully. –Backup generator may be necessary for sustained power needs. Other utilities like telephone and Internet should be considered.

19 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Secure Recovery Provide power, communications, and technical support. Offer a secure operating environment. Provide restoration of critical files and data.

20 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Cloud Computing Allows for the contracting of functions like e-mail and file storage to third parties Can be more cost effective but also comes with inherent risks

21 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 High Availability and Fault Tolerance High availability is the ability to maintain availability during disruptive events. Fault tolerance is the mirrored system that takes over if a fault occurs. Single point of failure is the point in a critical operation that would cause the entire operation to fail if it failed.

22 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Increasing Reliability RAID can mitigate availability problems caused by disk failures. Redundant systems and spare parts also serve to decrease availability issues. RAIDs –0: no redundancy, improved performance –1: mirrored drives, expensive –5: spread across disks with parity, inexpensive redundancy

23 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Spare Parts and Redundancy Common applications of redundancy –Redundant servers –Redundant connections –Redundant ISPs –Spare parts

24 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Computer Incident Response Teams (CIRT) Investigate incidents, advise on how to proceed. CIRTs should consist of permanent and ad hoc team members. Details of CIRT team should be finalized before an incident occurs.

25 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Test, Exercise, and Rehearse DRP should be practiced periodically. –Reveals potential flaws in the plan Exercise to practice procedures. Test to grade performance. Evaluate performance and make improvements as needed.

26 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Policies and Procedures Policies are high-level, broad statements of what an organization wants to accomplish. Procedures are generally step-by-step instructions on how to implement policy. Standards are mandatory elements regarding the implementation of policy.

27 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Security Policies Security policies define high-level goals for security for an organization. Other more specific policies include: –Acceptable use policy –Internet usage policy –Email usage policy –Due care and due diligence

28 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Additional Security Policies Prudent person principle Separation of duties Need to know and least privilege Password management Disposal and destruction Change management policy Classification of information

29 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Privacy Privacy policy should be completed detailing how information is safeguarded. Privacy is enforced by law for some organizations. Personally Identifiable Information (PII) is becoming increasingly important to safeguard.

30 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Service Level Agreement Agreement between two entities that specifies: –Minimum levels of service –Penalties for failing to meet specified service levels –May also define service providers’ responsibility in a BCP or DRP

31 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Human Resources Policies People are the weakest link in security. Specific policies should be developed regarding: –New hire screening processes –Periodic review process for current employees –Employee termination process –Mandatory vacation to uncover wrongdoing

32 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Code of Ethics Describes expected behavior from a high- level standpoint Sets tone for employee conduct Encourages integrity and high ethical standards

33 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Incident Response Policies and Procedures Several phases should be covered in an incident response policy: –Preparation –Detection –Containment and eradication –Recovery –Follow-up actions

34 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Incident Response: Preparation Preparation activities –Determine points of contact. –Train employees for understanding. –Establish the incident response team. –Acquire needed equipment. –Complete and specialized training needed.

35 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Incident Response: Detection, Containment, and Eradication Detection activities –Determine if an incident has occurred; work with network and system administrators. Containment and eradication activities –Contain the intruder; decide about prosecution. –Restore operations without destroying evidence. –Update antivirus and network peripherals as needed. –Take steps to prevent future incidents (patching, etc.).

36 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Incident Response: Recovery Recovery activities –Assess the situation to determine what actually occurred. –Begin recovery based on assessment. –May involve use of BCP to return business back to normal operation.

37 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Incident Response: Follow-Up Actions Follow-up activities –Report on the incident to senior management. –Report should address what happened and how it was addressed. –Give recommendation to prevent future incidents.

38 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Chapter Summary Describe the various ways backups are conducted and stored. Explain different strategies for alternative site processing. Describe the various components of a business continuity plan. Explain how policies and procedures play a daily role in addressing the security needs of an organization.

Download ppt "Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies."

Similar presentations

Information Technology Disaster Recovery Awareness Program.

Information Technology Disaster Recovery Awareness Program.
Business Plug-In B4 MIS Infrastructures.

Business Plug-In B4 MIS Infrastructures.
Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,

Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Principles of Incident Response and Disaster Recovery

Principles of Incident Response and Disaster Recovery
Designing new systems or modifying existing ones should always be aimed at helping an organization achieve its goals State the purpose of systems design.

Designing new systems or modifying existing ones should always be aimed at helping an organization achieve its goals State the purpose of systems design.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 6 Enterprise Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 6 Enterprise Security.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.

Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FIVE INFRASTRUCTURES: SUSTAINABLE TECHNOLOGIES CHAPTER.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FIVE INFRASTRUCTURES: SUSTAINABLE TECHNOLOGIES CHAPTER.
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Business Continuity & Disaster Recovery Planning at The Chicago Board of Trade Presented By: Bryan Durkin Sr. Vice President The Chicago Board of Trade.

Business Continuity & Disaster Recovery Planning at The Chicago Board of Trade Presented By: Bryan Durkin Sr. Vice President The Chicago Board of Trade.
Network security policy: best practices

Network security policy: best practices
Maintaining Windows Server 2008 File Services

Maintaining Windows Server 2008 File Services
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

Similar presentations

Ads by Google