Business Continuity Plan (BCP) - ensure the restoration of organizational functions in the shortest possible time, even if services resume at a reduced level of effectiveness or availability. Similar to Continuity of Operations Plan (CoOP).
Disaster Recover Plan (DRP) - ensure a full recovery of operational capacity following a disaster (natural or manmade).
Should be determined and written prior to an incident.
A restoration plan also should include contingency planning.
Recovery Sites
Backup Sites - Locations for recovering systems and/or business operations.
Hot Site - Servers, networks, and telecom equipment in place and online to reestablish service. Most expensive.
Warm Site - Some equipment in place. May not be online. Requires admins to install and configure systems to resume ops.
Cold Site - Facility that isn't immediately ready to use. May need to bring your own equipment. Least expensive.
Order of Restoration
Prioritized restore sequence.
Based on Business Impact Assessment (BIA)
Most critical systems restored first.
Recovery Time Objective (RTO) - The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable.
Recovery Point Objective (RPO) - The point of last known good data prior to an outage that is used to recover systems.
Types of Backups
Full - Complete backup of all data.
The most time and resource intensive form of backup.
Incremental - Requires a full backup. Capture what has changed since the last incremental backup.
Requires each incremental backup along with the full for complete restoration.
Differential - saves the data that has changed since the last full backup.
Requires the full backup and most recent differential backup.
Copies and Snapshots - Like a full backup. Stored on the system.
Backup Strategy
Grandfather-Father-Son Backup - Define three sets of backups.
The first set, the son, represents daily backups.
A second set, the father, is used to perform full backups.
The fine set of three, the grandfather, is used to perform full backups on the last day of each month.
Over time, the son becomes the father and the father the grandfather.
The most common strat.
Geographic Considerations
Alternate Site Planning
Locations for Recovery
Utilities
Proximity to a Main Site
Personnel
Legal Implications
Use of Cloud Services
Continuity of Operations Planning (CoOP)
Policies and procedures - designed to ensure that an organization can recover from a potentially destructive incident and resume operations as quickly as possible following that event.
Ensures systems, data, and personnel availability.
Failover - system redundancy.
Availability of alternate processing, work sites, and facilities.