Ensuring Continuing Operations and Disaster Recovery By: Alyssa Gatrell Mike Harker Amy Shumway

What are the Threats? n Natural disasters n Power failures n Hardware failures n Theft of assets and data n Hacking n Virus infections n Departure of key personnel or disgruntled employees

What is Ensuring Continuing Operations? n Preventative measures to ensure that a system is not disrupted by potential threats. u Uninterruptible power sources u Storage measures u Measures to protect from departure of key personnel u Measures to protect from disgruntled former employees u Physical security measures u Virus protection u Firewalls u Encryption

What is a Virus? n A piece of self-replicating code

Kinds of Viruses n Boot Sector Viruses n Macro Viruses

Identifying the Threat n Floppy disk brought in n PC’s taken home or on business (laptops) n Increased use of n Increased use of the Internet

Minimizing the Virus Threat n Regular backups of data n Check all incoming software n Write-protect floppy disks whenever possible

Anti-Virus Tools n Floppies u “Sheep-dip” n PC’s u On-access scanners u On-demand scanners u Behavior blockers u Heuristic analysis

Functions of a Firewall n Controller n Filter n Monitor n Security guard n Screener

How Firewalls Work n Firewalls are like gatehouses in a medieval castle that provide perimeter defenses to determine who or what will be allowed to enter Castle Gatehouses Commons/Market Area Inner Mote and Wall Illustration taken from Disaster Recovery Journal Winter 1999 Outer wall

Types of Firewalls n Dual-Home Gateway n Screened-Host Gateway n Screened Subnet n Dual-Homed Routers

Dual-Home Gateway Internet Private Network Bastion Host

Screened-Host Gateway Internet Private Network Bastion Host Router

Screened Subnet Internet Private Network Router Sub-network

Dual-Homed Routers Internet Private Network Outside Router Inside Router

Other Thoughts on Firewalls n Internal firewalls are as important as external firewalls n Not the answer to total protection n Firewalls come in degrees of protection and complexity. n Companies should measure risk with costs of implementation and maintenance

Encryption n Alters information into an unintelligible format to prevent unauthorized access n Can only be decrypted with specified digital key n Prevents against data theft as it is passed from one person to another

What is Disaster Recovery? n Measures taken before a disaster that can lead to a successful reimplementation of systems u Backup regimen u Redundant hardware u Recovery facilities u Backup phone lines

Process for Determining Backup Needs n Step 1: Location identification n Step 2: Establish criticality of data n Step 3: Select backup medium u Factors F Quantity of data F Speed of backing up F Ease of recovery

Possible Mediums n Removable disks n Second hard drive / PC n Magnetic tape cartridges n Optical disks n Online services n Storage area network (SAN)

Implementation Procedures n Scheduling intervals and time of day n Verification n Media stocks and rotation u Two sets u Extra media n Source documentation n Storage u Away from destructive force u Off-site location

All Measures Should be Tested n Backup restoration n Firewall penetration testing n Intermittent checks of backup power