...Disaster recovery plans allows and gives the opportunity to a business to be able to recoup from any number of disasters, whether it may be a natural disaster or a fault of equipment to include power loss. These plans can be fairly basic with a goal and summary of what is to happen in the event of a disaster, to intensely involved and well spelled out plans that break down the summary, personal, intent, goal, and a timeline of events to follow. While disasters are unforeseen events that a business may never see or have to implement their plan, it allows them to be setup for success if it were to happen and not be doomed for failure in hopes of it not being a possibility. For this report, contact was made with Richmond County in Augusta Georgia to their IT department to discuss their disaster recovery plan. Some organizations are well equipped and have staffed members that specialize and have sole intent on being the disaster recovery planner and implementer. Others may contract out to other businesses to provide support and guidance on the matter. In this case, Richmond County has looked to a company called intelliSystems to provide hands-on assistance in their disaster recovery plan. IntelliSystems is a local company to the area with a mission to help “many businesses rid themselves of technology worries so that they can concentrate on growing their businesses and realizing their goals” (intelliSystems, 2015). They do this by providing key areas of: Microsoft Small Business...
Words: 646 - Pages: 3
... Roles of the DRP/ECP Team • Declares a disaster has occurred • Maintain current documentation of the DRP • Responsibility of staff • Testing DRP Six Resilience Layers 1. 2. 3. 4. 5. 6. Strategy Organization Processes Data / Application Technology Facilities / Security Outline of Resilience Layers 1. Strategy • Achieving business goals and objectives • Complete resilience assessment: • Determine the baseline for the organization • Asses vulnerabilities and risk • Success of resilience plan Outline of Resilience Layers 2. Organization • • • • • Executive committee sponsor Details roles and responsibilities Accountabilities Communication Skills important to the organization Outline of Resilience Layers 3. Processes • Creating and sustaining a processes • Alternate processes and procedures • Contingency plan Outline of Resilience Layers 4. Data / Application • • • • • Reliable data provided Alignment of disparate data and application Measurement of Key application Modification of application and data Testing of applications Outline of Resilience Layers 5. Technology • • • • Hardware and software Aligning IT investment with business objective Primary site vs. alternative site Points of failure within the system Outline of Resilience Layers 6. Facilities / Security • • • • Logical and physical security Environmental considerations Safety measures Testing Examples of Resilience • Recovery • Hardening • Redundancy • Accessibility •...
Words: 330 - Pages: 2
...Communications of the IIMA 25 2006 Volume 6 Issue 2 Disaster Planning and Management Holmes E. Miller Muhlenberg College, Allentown, PA 18104 Kurt J. Engemann Iona College, New Rochelle, NY 10801 Ronald R. Yager Iona College, New Rochelle, NY 10801 ABSTRACT Recent events such as hurricanes, tsunamis, earthquakes, power outages, and the threat of pandemics have highlighted our vulnerability to natural disasters. This vulnerability is exacerbated by many organizations’ increasing dependence on computer, telecommunications, and other technologies, and trends toward integrating suppliers and business partners into everyday business operations. In response many organizations are implementing disaster recovery planning processes. In this paper we discuss how to identify threats and scenarios; how to articulate the disaster recovery strategies; and four elements of the generic disaster recovery plan: Mitigation, preparedness, response, and recovery. We then provide examples of software that can help disaster recovery professionals in the planning and implementation process. Finally we present some trends that will reinforce the criticality of the issue. Keywords: Disaster Recovery Planning; Business Continuity Planning; Risk Assessment INTRODUCTION Several major natural disasters that have occurred in the past few years have placed disaster management on the front pages: The Tsunami of late 2004, Hurricanes Katrina and Rita, and the earthquake in Pakistan in 2005 affected both...
Words: 7241 - Pages: 29
...Disaster Recovery Plan Company Overview Strategic Business Solutions is a Veteran-owned small business with less than fifty employees and the business goal is to continue specializing in Information Technology (IT), project management, and business development solutions. Our main projects involve Internet-based E-commerce solutions. The following diagram depicts our current network, which is PCI compliant and can handle high-traffic websites: Risk Assessment Critical business processes Disruption of an information resource is not a disaster in itself, unless it is related to a critical business process, for example, an organization losing its revenue generating business process due to an information system failure. Other examples of potential critical business processes may include: * Production of finished goods * Advertising of the organization’s product(s) to be sold * Selling of the enterprise’s products or services * Receiving payments * Dispatching of finished goods * Provision of final services * Legal and regulatory compliance * Safeguarding of private and confidential data and other Information assets * Logistics services in the organization * Paying the employees Internal, external, and environmental risks Although all forms of corporate risks and potential damage can’t be avoided, but a realistic objective is to ensure the survival of the organization by establishing a culture that will identify and manage...
Words: 1568 - Pages: 7
...Riordan Manufacturing has asked our firm, LTB and Associates, to develop a web-based plan to be used as a Business-to-Business web site in order to purchase materials from their vendors. We have examined Riordan’s products and business systems, interviewed Riordan’s employees, and have determined the best course of action to implement the plan. Riordan Manufacturing is a plastics manufacturer based in several locations across the world. With three plants based in the continental US, which are located in Albany, Georgia; Pontiac Michigan; and in San Jose, California, which is the company headquarters. A fourth plant is located in Hangzhou, China will not be part of the plan as they purchase materials locally. This where we explain how the database will be set up. Refer to the ERD, Sequence diagram, Use Case diagram, and Class Diagram that followThe following paragraphs will describe the considerations that Riordan Manufacturing will need to make in implementing the database plan. Where ever it is possible to for our firm to do so, LTB and Associates will make a recommendation on the choice to make. In order to implement the database properly, these recommendations should be implemented in order to offer the tightest amount of security that will be possible. Type of Online ProcessingRiordan Manufacturing will need to decide between real-time asynchronous processing and batch processing. Real-time asynchronous processing is applicable when the processing must be performed...
Words: 2477 - Pages: 10
...Matthew Klutts NT2670 2/21/2016 Project part 1 I do this IIS or Internet Information Services is the best choice for an application server. This is because it is a windows system. It provides a secure, easy to manage, modular and extensible platform for hosting websites, services and applications. With IIS you can maximize web security with a reduced server foot print and automatic application isolation. IIS 7.0 and up have a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules that are required for specific functions are installed. IIS in my opinion will be the best choice for this server, because of all the information that I provided above, and the fact that I’m more comfortable with windows based systems. The ports that need to be open to host ftp, http, https, and streaming media are listed below. 1. FTP a. The default port range is 1024-5000, but the upper range can be changed. 2. HTTP b. Port 80 or port 8530 3. HTTPS c. Port 443 or port 8531 4. Streaming media d. Windows Media server uses TCP in ports to accept an incoming HTTP connection (80), RTSP connection (554), MMS connection (443). e. Windows Media Server uses UDP out ports 1024-5000 and 5004. Due to the design of IIS and its security features I don’t see many security concerns with having all these ports open on the same server. Although there is no way for any system to be completely safe...
Words: 769 - Pages: 4
...State of Oklahoma Disaster Recovery Plan Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and...
Words: 17396 - Pages: 70
...Company Members Project scope statement Project Title: Improve Network Structure for Lawyers Firm Date: June 27, 2012 Document prepared by: Email: * We will provide our clients with IT solutions that offer practical value today while positioning them to meet the business and technological needs of tomorrow. With our constant focus on improved business results, we will make and build definitive plans for the best and most economical IT hardware and solutions. Our goal is to ensure a solid network as well as a state of the art design and equipment for a Law Firm’s work environment. Assure that appropriate telecommunications and computing resources are available to support the mission of the firm Assure that each staff member who uses telecommunications and computing resources in his or her position has a computer of sufficient capability to fulfill their required job responsibilities Ease resource and financial planning by reducing the effort involved in budgeting and planning for new telephone units, computers, network, classroom equipment and server systems. Provide for the cost effective and timely purchasing and installation of new equipment while decreasing the deployment time for new equipment; and disposal of old and obsolete equipment. ------------------------------------------------- Deliverables Dell Desktops and laptops Cisco Routers, switches, and Ip phones will be installed and configured Firewalls will be installed Blade server holding case will be provided...
Words: 11532 - Pages: 47
...Medical Management software along with a backup solution. The diagram below shows the current floor plan for HHC. It should be noted that more workstations, printers and laptops will be added (see next page). Additionally, wireless access points will be setup in the bullpen areas, designed with limited distance access. Floor Plan of Home Hospice [pic] The above illustration shows the floor plan for HHC. The equipment in the table below is what we’ll be requiring: |Employee Title |Computers | | |Needed | [pic] The table below indicates level of file permissions for the various positions [pic] Network Disaster Recovery Plan (This Draft will be finalized when approved by Management) Home Hospice Care (HHC) Emergency notification contacts |Name |Address |Home Phone |Mobile/Cell Phone | |Office Manager | | | | |Director of Prof Svcs | | | | |Managing Nurse | | | | |Office Head ...
Words: 1030 - Pages: 5
...Applying Information Security and SDLC to Business Team Names Here BIS/320 Date Applying Information Security and SDLC to Business Amazon.com - Bookstore Amazon.com is known as one of the largest retail online stores in the world. Of course this online retail store was not always the largest and had a shaky slow start because the online layout was not eye-catching. In 1994, Jeff Bezos, who founded Amazon.com started his business in his garage in Washington State selling books. However, in 1994, Nick Hanauer took an interest in Bezos business and invested $40,000, and in 1995 Tom Alburg invested $100,000 to join this venture. After receiving these investments Bezos decided to create a website that would be more appealing to customers and hoped to get his business to take off. Over the next three years Amazon increase in book sales, which amazed Bezos because after an analysis was completed he was shocked to find out outside of local customers who were purchasing books from Amazons but customers around the world. In 1997, Amazon reached revenue in the amount of $15.7 million. By 1998, Amazon was starting to show signs of success when Bezos started listing new products for the customers could purchase online (Amazon.com Mission Statement, 2012). Vision and Mission - The mission statement for Amazon.com success is centered on their customers and without their customers Amazon would not exist. Although customers...
Words: 3158 - Pages: 13
...where? Yes, C:\users\username\SecurityScans folder 9. Could you exclude patches to be scanned for? No. 10. Which are some of the major recommendations that you would provide to secure any Windows system? Harden the operating system FIRST; install only the necessary services; use server roles when possible; SCW to apply least privilege principle to applications; remove or disable unneeded services, user accounts and extra application components; only open the minimum required ports at the firewall; define unique user accounts; user strong authentication; use encrypted connections for all communications; encrypt file, folders and volumes that contain private data; develop and maintain a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP); disable any server...
Words: 368 - Pages: 2
...Enterprise Continuity Planning Integrated Principles of Disaster Recovery and Enterprise Continuity 19 Dec 2011 By Thomas A. Groshong Sr. Summary 1. DRP/ECP Roles 2. Resilience Layers 3. Resilience Layers Examples 4. Disaster Recovery Training 5. Outside Expertise 6. Awareness Campaign 7. Awareness Campaign Implementation 1.1 Disaster Recovery Plan / Enterprise Continuity Plan (DRP/ECP) Roles Maintaining DRP & ECP documents Personnel responsibilities Backup data scheduling Maintaining equipment status reports Security systems and emergency lighting Operational procedures Environmental controls (Cunningham et al., 2007) 2. Resilience Layers Six Resilience Layers 1. Strategy & Vision 2. Organization 3. Processes 4. Applications & Data 5. Technology 6. Facilities (Goble, G., Fields, H., & Cocchiara, R., 2002) 2.1 Strategy & Vision Business goals & objectives Resilience assessment Assess Risks Assess Vulnerabilities Strategic plan for success Baseline objectives (Goble et al., 2002; A comprehensive, 2007) 2.2 Organization Document roles Responsibilities Accountability Communications protocols Business links Skills critical to organization (Goble et al., 2002; A comprehensive, 2007) 2.3 Processes Process creation Process sustainment Process alternatives Contingency planning (Goble et al., 2002; A comprehensive, 2007) 2.4 Applications & Data Provide reliable data Align disparate data and applications Determine tolerance...
Words: 522 - Pages: 3
...Disaster Recovery Plans The headquarters of Hill Crest Corporation, a private company with $15.5 million in annual sales, is located in California. Hill Crest provides for its 150 clients an online legal software service that includes data storage and administrative activities for law offices. The company has grown rapidly since its inception 3 years ago, and its data processing department has expanded to accommodate this growth. Because Hill Crest’s president and sales personnel spend a great deal of time out of the office soliciting new clients, the planning of the IT facilities has been left to the data processing professionals. Hill Crest recently moved its headquarters into a remodeled warehouse on the outskirts of the city. While remodeling the warehouse, the architects retained much of the original structure, including the wooden-shingled exterior and exposed wooden beams throughout the interior. The minicomputer distributive processing hardware is situated in a large open area with high ceilings and skylights. The openness makes the data processing area accessible to the rest of the staff and encourages a team approach to problem solving. Before occupying the new facility, city inspectors declared the building safe; that is, it had adequate fire extinguishers, sufficient exits, and so on. In an effort to provide further protection for its large database of client information, Hill Crest instituted a tape backup procedure that automatically backs up the database...
Words: 348 - Pages: 2
...DRP / ECP Disaster Recovery Plan Enterprise Continuity Plan This presentation will explore the different parts and pieces necessary for a successful Disaster Recovery Plan / Enterprise Continuity Plan. More specifically, this presentation will provide information needed to garner and bolster support for such a plan from the university’s executive team. A well prepared, maintained and rehearsed recovery and/or continuity plan should have the ability to keep the university up and running throughout any type of disruptive event. DRP/ECP Team Members & Roles ● ● ● ● ● ● ● ● ● ● Crisis Management Team Administrative Support Team Damage Assessment Team Recovery Coordination Team Corporate Communications Team Human Resources Support Team Site Restoration Team Transportation Support Team System Restoration Team Voice Recovery Team and End-User Tech Support Team The Crisis Management Team should be a cohort of upper level management that will be responsible for all significant decision making in response to the current event. Only specific members of the Crisis Management team should be authorized to declare an emergency and decide on the appropriate action. Key responsibilities of this group include: analyzation of preliminary reports, disaster declaration, determination of appropriate response, activation of contingency plans and notification of team leaders (Hiles, 2010). The Administrative Support Team includes representatives from all major departments who can provide...
Words: 2423 - Pages: 10
...________________________________________________________________________ UNIVERSITI TEKNOLOGI MARA TEST 1 ________________________________________________________________________ COURSE : EDP AUDITING COURSE CODE : AUD 370 DATE : FEBRUARY 2013 TIME : 2 HOURS NAME : GROUP : MATRIX NUMBER : SEMESTER : DEC 2012 – APR 2013 INSTRUCTIONS TO CANDIDATES 1. 2. 3. Answer ALL questions. Start each answer on a new page. Do not bring any material into the examination room unless permission is given by the invigilator. DO NOT TURN THIS PAGE UNTIL YOU ARE TOLD TO DO SO This test paper consists of 8 printed pages 2 TEST 1 PART A This part consists of 20 multiple-choice questions. Choose the most suitable answer and shades the corresponding alphabet representing the answer. 1. Among the objectives of an operating system are as follows EXCEPT a. b. c. d. the operating system must protect itself from users the operating system must protect users from each other the operating system must protect users from themselves the operating system must be totally free from errors 2. One of the criteria for accessing the firewall effectiveness is _______________ a. authorization b. flexibility c. supervision d. access control 3. Electronic fund transfer is adopted by EDI trading partners due to implication on ________ a. b. c. d. Audit trails of transactions Cash disbursement and receipts ...
Words: 3159 - Pages: 13
