disaster recovery planning in business continuity planning faculty of computer science institute of...

Disaster Recovery Planning inBusiness Continuity Planning

Faculty of Computer Science Institute of Systems Architecture, Chair of Computer Networks

Dresden, 2/2/2010 Tenshi Harahara@inf.tu-dresden.de

Agenda

1 Necessity

2 Planning

3 Testing

4 Use-case

5 Conclusion

6 Sources2

1 Necessity

Resuming business operations has been important throughout history.

-Romans used multiple messengers for redundant delivery

-Knights of Templar coded redundant information into billing

-Businessmen create carbon-copies of orders, bills, etc.

-Recent reminder: 9/11-attacks

3

© Reuters

1 Analysis of the 9/11-disaster

4

© Reuters

Directly affected area

Area containing the backup-sites

- Several redundant backup-sites existed

All within WTC or close proximity(within downtown Manhattan)

WTC-buildings designed as mutual backup-site for each other

Nobody expected both buildings to collapse

- Business-Operations (incl. brokerage) were down for weeks

Lead to worldwide financial collapse

1 Results

- US government issued the Emergency Preparedness and Business Continuity Standard

- developed by the NFPA

- endorsed by the NIST and DHS

- also focusing on actions after terror-attacks

- Other standards: BS 25999-1, ISO/IEC 27001:2005

Source: SBA, 2006

5

1 Necessity

- Strategic planning can help

- One must know which risks exist

- After investing into solutions, one shall maintain them!

A BCP is the result of a strategic Business Impact Analysis!

6

Marvin says:

2 Business Impact Analysis

Goals:

- Assess risks

- Evaluate the possible

- Make suggestions for solutions

Limits:

- Can not give a 100% accurate evaluation of costs and benefits

- Is only as good as sense of realism

7

BusinessImpact

Analysis

BusinessImpact

Analysis

Businessoperations

andtransactions

Businessoperations

andtransactions

BCP/DRPBCP/DRP

RisksRisks Costs

Costs

dero

gate aff

ect

affect affect

modify

limit/

mod

ify

limit/

mod

ify

evalu

ate

d b

ygenera

tes

TestingTestingevaluates

determines

2 Knowing the limits

One can never be prepared for everything!

Vogons could decide to build an interstellar highway… And Earth could be in the way!

8

2 Economic Utility vs. Accounting

Economic point of view:

Total Benefit ∙ Probability = Economic Monetary Value

Accounting point of view:

Return on Investment = [(Benefits – Costs) / Costs] ∙ 100%

Putting BCP/DRP down to numbers puts the entire plan at risk of competing for financial resources with other departments!

9

66 no or almost no data-lossno or almost no data-loss

33 electronic vaulting/bunkering

electronic vaulting/bunkering22 data-backup with hot-sitedata-backup with hot-site

11 data-backup with no hot-site

data-backup with no hot-site

2 Share’s 7-Tier model

10

00 no off-site datano off-site data

44 point-in-time copiespoint-in-time copies

55 transaction integritytransaction integrity

77 highly automated and integrated

highly automated and integrated

2 Share’s 7-Tier model

- Higher tiers do not necessary include the lower

- Often leads to misunderstandings

Serious solution-providers won’t suggest solutions of Tier 4 or below

Mostly, ready-to-use solutions with a sort of “turn on; works fine”-guarantee (classified by Tier 6 and 7) are the solutions of choice

11

3 Testing

- Businesses often do not actually have a working BCP/DRP-solution

- Most testing is limited to one initial test

- Periodic testing leads to additional expenses

- Difficult for IT-experts to justify testing-expenses

- “The severity rather than the frequency of loss is what can be used to justify the additional expenses associated with disaster recovery planning and testing. In a worst-case scenario, information critical to the business may be permanently lost.”(Harry L. Waldron, 2008)

12

3 Testing

Mostly forgotten:

- Regular testing leads to a training-effect

- Prepares all affected to face actual recovery challenges

- Optimizes responses to be more efficient

- Testing must be integrated, non-negligible part of maintaining

- Benefit of testing hardly quantifiable, but costs still easier to calculate than the potential loss due improper recovery process

13

determines

evaluates

RecoveryProcessRecoveryProcess

3 Testing

14

DisasterDisasterCounter-Measure

s

Counter-Measure

s

NormalOperationNormal

Operation

AbnormalOperationAbnormalOperation

defi

nes

reco

gniz

es

analyzes

defines & tr

iggers

disturbs

healscounters

and a

naly

zes

evaluates &

learns from

BCP/DRPBCP/DRPTestingTesting

4 Solution-provider: Swiss Data Safe AG

• Facilities placed in hardened bunkers within mountains in the Swiss Alps

• Facilities physically detached

• Each facility has redundant outward-connections

• Self-sustaining, EMP-resistive infrastructure

• “we deliver what you need, but don’t ask how it works”-mentality.

15

16

© Hans Rudolf Schneider

4 Further use-cases

• Plans are considered business-secrets

• Implementation-details are secret

• Fear of attacks against BCP/DRP

• BCP/DRP is a good source of money

17

5 Conclusion

• Government regulations suggest existence of standing plans within “important” businesses

• Many businesses actually do not take the necessary steps in order to have a BCP/DRP

• Those taking steps often have ineffective plans

• Testing is imperative, but often neglected

• Current secrecy of solution-providers and solution-users combined with future demand for disaster-readiness shows necessity of academic research to prepare future system-administrators for tasks awaiting

18

6 Sources

• Miller (Protiviti Inc.). From Expense to Asset. KnowledgeLeader. 2008.

• British Standards Institute. BS 25999-1, BS 25999-2. Standard. 2006.

• International Organization for Standardization. ISO/IEC 27001:2005. Standard. 2005.

• Marquis. The Paradox of the 9s. 2006. http://www.itsmsolutions.com/newsletters/DITYvol2iss47.htm.

• Thinking the Unthinkable - Trading Firms Look for Backups Sites. Traders. 2001.

• United States National Archives and Records. 2006 Annual NARA-report.

• United States Small Business Administration. How to prepare for Disaster. SBA Small Business Resource. 2006.

• Waldron. Windows Tips. Testing Windows disaster recovery plans. 2008. http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1299649,00.html.

19