Page 756 - StudyBook.pdf
P. 756
740 Chapter 12 • Operational and Organizational Security: Policies and Disaster Recovery
Disaster Recovery Plan
Disaster recovery plans are documents that are used to identify potential threats,
and outline the procedures necessary to deal with different types of threats.When
creating a disaster recovery plan, administrators should try to identify all the dif-
ferent types of threats that may affect their company. For example, a company in
California would not need to worry about blizzards, but would need to be con-
cerned about earthquakes, fire, flooding, power failures, and other kinds of disasters.
Once the administrator has determined what disasters their company could face,
they can then create procedures to minimize the risk of such disasters.
Disasters are not limited to acts of nature, but can be caused through electronic
methods. For example, Denial of Service (DoS) attacks occur when large numbers
of requests are sent to a server, which overloads the system and causes legitimate
requests for service to be denied.When an e-commerce site experiences such an
attack, the losses can be as significant as any natural disaster.
Risk analysis should be performed to determine what is at risk when a disaster
occurs.This should include such elements of a system as:
■ Loss of data
■ Loss of software and hardware
■ Loss of personnel
Software can be backed up, but the cost of applications and OSes can make up
a considerable part of a company’s operating budget.Thus, copies of software and
licenses should be kept offsite so that they can be used when systems need to be
restored. Configuration information should also be documented and kept offsite, so
that it can be used to return the system to its previous state.
Additional hardware should also be available. Because hardware may not be
easily installed and configured, administrators may need to have outside parties
involved.They should check their vendor agreements to determine whether they
provide onsite service within hours or days, as waiting for outsourced workers can
present a significant bottleneck in restoring a system.
Personnel working for a company may have distinct skill sets that can cause a
major loss if that person is unavailable. If a person is injured, dies, or leaves a com-
pany, their knowledge and skills are also gone. Imagine a network administrator
getting injured in a fire, with no one else fully understanding how to perform that
job.This would cause a major impact to any recovery plans.Thus, it is important to
have a secondary person with comparable skills who can replace important per-
www.syngress.com
