Free Essay

Case Study of Designing a Self-Service Disaster Recovery Plan

In: Science

Submitted By syam1991
Words 1084
Pages 5
TITLE: Case Study of Designing a Self-Service Disaster Recovery Plan

1.0 Issues regarding disaster recovery plan (DRP)

Disaster recovery plan (DRP) is a clearly defined and documented plan of action for use at the time of a crisis. Typically a plan will cover all the key personnel, resources, services and actions required to implement and manage the DR process (comission, 2014).

A large US public power provider, with millions of residential and business customers, needed to rethink its disaster recovery program. Due to budget constraints, the utility’s data recovery program had not been updated or tested for several years. Under the existing program, systems recovery could take up to 20 days—an unacceptable timeframe for a utility relied upon by numerous states for critical infrastructure services. Moreover, the utility was grappling with internal audit findings pertaining to unresolved disaster recovery deficiencies, which attracted the attention of board members. The board suggested that the utility modernize its disaster recovery program and keep it up to date.

A Disaster Recovery Plan is designed to ensure the continuation of vital business processes in the event that a disaster occurs. The September 11, 2001 attacks on the World Trade Center has trigger the urgent of the DRP (Krocker, 2002).

1.1 Reason for a self-service disaster recovery plan

1.1.1. Ease of Getting Started

Deploying and managing a traditional disaster recovery plan can be complex and require time, budget, and staff that you may not have. Disaster Recovery provides an easy way to get started with an effective disaster recovery plan without investing in any hardware, without hiring and training new specialists, and without having to invest in a secondary site. The service provides a simple, secure, automated process for replicating and recovering applications and data in the case of a local disaster or disruptive event.

1.1.2. Flexible, Lower Cost Alternative

The costs of traditional disaster recovery solutions can force you to make tradeoffs on what you can afford to protect versus what you need to protect. This can leave your organization vulnerable to having inadequate protection. Disaster Recovery addresses variable capacity requirements needed to support common DR use cases, such as replication, failover, and recovery, at a significantly reduced price point over traditional in-house disaster recovery solutions or managed service alternatives. You have the scalability to accommodate shifting requirements, you pay only for what you need, and you have flexible subscription options.

1.1.3. Management Consistency

The ongoing maintenance and monitoring of a disaster recovery solution can require new training and skills, and introduce time-consuming manual processes. By choosing suitable software, the companies are able to get up and running faster as the admins can use the software that they are most familiar and comfortable with to manage the company disaster recovery environment.

1.1.4. Self-Service Protection

With disaster recovery solutions, the caliber of the support available and the ability to test recovery procedures often can make a difference in the degree of confidence you have in recovering your systems. Disaster Recovery enables self-service protection, and comprehensive failover and failback workflows for each virtual machine. You have control over what to protect and when. You can set custom Recovery Point Objectives (RPO) per virtual machine for fine-grained control over replication frequency based on business application priorities. You also have best-in-class customer service and testing support with a single vendor to call

2.0 Objective

The objective is to design a self-service disaster recovery plan that use minimum cost of budget and easy to be handle.

3.0 Methadology

As the first step, we met with key stakeholders to assess the utility’s existing program and associated risks.

The method of this reseach is start with reviewing the general view of the DRP flow chart from the guideline on disaster recovery planning for the ICT industry in Saudi Arabia (comission, 2014).

After getting the basic view of DRP, then we start to find the related new technology of modernization of DRP technologies thus upgrade the system performance from taking 20 days to recovery to shorter days to meet the board directors demand.

4.0 Findings

4.1 The status of the company DRP

The conventional DRP of the company has not been updated or tested for several years. Under the existing program, system recovery could take up to 20 days which is unacceptable timeframe for a utility relied upon by numerous states for critical infrastructure services.

We found that a Business Impact Analysis (BIA) had never been performed to prioritize disaster recovery based on the cost of loss. We also found a significant lack of integration of disaster recovery governance into the overall organizational structure.

We worked with the utility to perform a BIA to identify critical business processes, the likelihood of service disruption, and the projected cost of loss. We then helped the utility understand the business risks of systems and technology services interruption.

The team prioritized investments for disaster recovery initiatives, and in conjunction with business unit leaders, designed a tiered model highlighting recovery priorities. These priorities were validated with IT infrastructure leaders to help ensure alignment. As failover and system recovery was essential to success, we trained the utility’s personnel to test for enterprise-wide disaster and technical recovery.

4.2 New modern DRP The new DRP involve the use of cloud. Before the advent of the Cloud, a traditional DR plan was complex, time-consuming, and costly to deploy and manage (Burke, 2015). This new method of DRP is called as cloud computing. The cloud computing is the gateway to disaster recovery risk management. This new DRP requires no hardware and it don’t need to build, staff, manage, and maintain a secondary data center (Donoghue, 2014).

The new trend called the Disaster Recovery as a Service (DRaaS) is a smart idea to the company which meet the requirement of the board members to have a modernize DRP with the latest update. DRaaS processes are automated and secure. The right DRaaS provider can offer the company strategic advice and tactical help in both Disaster Recovery Risk Management and Disaster Recovery planning.

5.0 Conclusion

In conclusion, the DRaaS is the solution that needed by the company to upgrade the old DRP of the company. DRaaS is more efficient and cost effective. Management are able to have easy of mind and the board members will be please with the new modern DRP technologies as it able to meet their requirement.

Similar Documents

Premium Essay

Disasters and Development

...Edition Disasters and Development Disaster Management Training Programme GE.94-02894 Disasters and Development 2nd Edition Module prepared by: R.S.Stephenson, Ph.D. DHA Disaster Management Training Programme 1994 Disaster and Development This training module has been funded by the United Nations Development Programme in collaboration with the Office of the United Nations Disaster Relief Coordinator for the Disaster Management Training Programme (DMTP) in association with the University of Wisconsin Disaster Management Center. This material draws substantially on the work of Mary Anderson and Fred Cuny, and on United Nations Development Programme and World Bank Guidelines. The draft for this text was reviewed by Yasemin Aysan and Ian Davis, Oxford Polytechnic Disaster Management Centre and Gustavo Wilches-Chaux. Editorial services, including design, educational components and formatting, have been provided by InterWorks. Design consultation and desktop publishing have been provided by Artifax. Cover Photo: Destruction of a bridge by flood waters. VIZDOK photo The first edition of this module was printed in 1991. Utilization and duplication of the material in this module is permissible, however, source attribution to the Disaster Management Training Programme (DMTP) is required. 4 CONTENTS Introduction .................................................................................................... 7 The relationship between disasters and development...

Words: 18124 - Pages: 73

Premium Essay

Jit2

...management and business contingency plan for my first client, ORAZON Corporation. ORAZON Corporation operates retail clothing stores worldwide and sells clothing on the web. A. A risk is the likelihood of something undesirable happening at a given time (Merna, 2008). Risk management is a two-step process ̶ identifying what risks exist and then handling them in the way best-suited to the business objectives (Investopedia, 2012 at).ORAZON is a well-known corporation that started in 1930. From a company that opened the first clothing website and sold the first shoes and clothes on the World Wide Web, the corporation is recognized globally. ORAZON also hosted its website in Ghana, a country located on the west coast of Africa. ORAZON has customers worldwide that buy its clothing on the website. ORAZON ships its products to customers from almost every country in the world on a daily basis. Like any other business, many risks must be considered. Below is a risk register that shows eight risks currently facing ORAZON. 1. Risk one is power outage Description:| ORAZON Corporation hosts its website from Ghana. Ghana is a country situated on the West African coast. Ghana has a history of a constant power outage because Ghana is a poor country that does not have money to update its electrical grids. ORAZON Corporation needs electrical power to host its website. The company also needs to provide light to the employees that work in Ghana, In the case of a power outage, or the employees...

Words: 9580 - Pages: 39

Free Essay

Software Based Digital Media Store

...Title Database and Service oriented framework for supporting / powering large volume of data Project Category NNdfdf Web Services Location of Implementation Sardar Patel Institute of Technology, Munshi Nagar, Andheri(W), Mumbai-400 058 Mumbai-400 058 Number of Team-Members 2 Project Description This project is aimed at efficient accessing of a service oriented framework for supporting a voluminous database. This database is a large media database which would provide the client with media files using these framework services. The performance of these services is improved by adding caching mechanism to the system. Languages Used C, Memcache utility & library, PHP. Abstract Nowadays, efficacious accessibility of data stored in large databases is a major aspect of any system which needs to access data stored in such databases especially over the web. In this project report, we first study an existing service oriented framework for supporting a voluminous database created by Mime360. This database is a large media database which would provide the client with media files using these framework services. The main purpose of this system is to provide accessibility to media files efficiently...

Words: 7023 - Pages: 29

Premium Essay

Public Health

...serious tropical disease, although eradication campaigns against mosquitoes waged since 1948 initially resulted in spectacular declines in incidence and a dramatic decrease in the island's mortality rate during a twenty-year period. Indeed, in some regions, especially the central highlands, these campaigns were almost completely successful, although malaria continues to be prevalent in the coastal regions, especially the east coast. As prevention practices faltered during the late 1970s and throughout the 1980s, the mosquito staged a comeback. The effect on a population with a significantly reduced resistance to malaria was devastating. For example, the Malagasy Ministry of Health reported 490,000 cases and 6,200 deaths from malaria in 1985, but these figures rose--to 760,000 cases and 11,000 deaths--in 1987. As of 1994, other serious diseases included schistosomiasis, tuberculosis, and leprosy. The prevalence of schistosomiasis, a parasitic ailment that spreads primarily through the passing of human wastes into ponds, irrigation canals, and slow-moving streams, reflects the continued lack of adequate sewage facilities, especially in the rural areas. Occasional outbreaks of bubonic plague occur in urban areas, the most recent of them in 1990. Yet Madagascar has been spared many of the diseases common in tropical countries, such as trypanosomiasis, cholera, brucellosis, and yellow fever. The occurrence of sexually transmitted diseases (STDs) has increased during the 1980s and...

Words: 4070 - Pages: 17

Premium Essay

Business Continuity and Disaster Recovery Planning for It Professionals

...436_XSS_FM.qxd 4/20/07 1:18 PM Page ii 443_Disaster_Rec_FM.qxd 5/25/07 3:07 PM Page i Visit us at w w w. s y n g r e s s . c o m Syngress is committed to publishing high-quality books for IT Professionals and delivering those books in media and formats that fit the demands of our customers. We are also committed to extending the utility of the book you purchase via additional materials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our solutions@syngress.com Web pages. There you may find an assortment of valueadded features such as free e-books related to the topic of this book, URLs of related Web sites, FAQs from the book, corrections, and any updates from the author(s). ULTIMATE CDs Our Ultimate CD product line offers our readers budget-conscious compilations of some of our best-selling backlist titles in Adobe PDF form. These CDs are the perfect way to extend your reference library on key topics pertaining to your area of expertise, including Cisco Engineering, Microsoft Windows System Administration, CyberCrime Investigation, Open Source Security, and Firewall Configuration, to name a few. DOWNLOADABLE E-BOOKS For readers who can’t wait for hard copy, we offer most of our titles in downloadable Adobe PDF form. These e-books are often available weeks before hard copies, and are priced affordably. SYNGRESS OUTLET Our outlet store at syngress...

Words: 189146 - Pages: 757

Premium Essay

Laudon Ch5

...Infrastructure and Emerging Technologies 168 Foundations of Business Intelligence: Databases and Information Management 222 Telecommunications, the Internet, and Wireless Technology 260 Securing Information Systems 312 Creating a New Internet Business 351 Part Three Chapter 9 Chapter 10 Chapter 11 Chapter 12 Part Three Project Key System Applications for the Digital Age 353 Achieving Operational Excellence and Customer Intimacy: Enterprise Applications 354 E-Commerce: Digital Markets, Digital Goods 388 Managing Knowledge 428 Enhancing Decision Making 470 Designing an Enterprise Information Portal 508 Part Four Chapter 13 Chapter 14 Chapter 15 Part Four Project Building and Managing Systems 509 Building Systems 510 Project Management: Establishing the Business Value of Systems and Managing Change 552 Managing Global Systems 592 Redesigning Business Processes for Healthlite Yogurt Company 629 International Case Study 631 Your Digital Portfolio 645 References R 1 Glossary G 1 Photo and Screen Shot Credits P 1 Indexes 11 iv Complete Contents Part One Chapter 1 Organizations, Management, and the Networked...

Words: 3508 - Pages: 15

Premium Essay

It Outsourcing

...http://is.lse.ac.uk/ © the author 2006 The Feeny-Willcocks Governance Framework Revisited: Implementing Core IS Capabilities Leslie Willcocks London School of Economics Willcockslp@aol.com David Feeny Templeton College, Oxford David.Feeny@templeton.ox.ac.uk Nancy Olson Warwick University Nancyox20@aol.com and Abstract In 1998, Feeny and Willcocks published a core IS capabilities framework suggesting four tasks and nine capabilities for any future IT function. This paper revisits the framework, examining the challenges and learning points from its implementation in two organizations from 1997 to 2005. The contrasting cases, studied longitudinally, involved a medium size organization beginning to outsource, and a global manufacturing company that had 10-year $US 4 billion outsourcing arrangements with two suppliers. Longitudinal case research revealed a range of omissions and resulting problems and underlined the importance of: retaining enough architecture planning and technical doing capability; ensuring future, business–oriented leadership tasks are fully resourced together with succession planning for these; ensuring informed buying and other capabilities to manage external supply and leverage business value from supplier performance are built; and ensuring that operational lynch-pin tasks such as relationship building (to business units) and contract...

Words: 6911 - Pages: 28

Premium Essay

Business

...SC Response to Terrorism Project MIT Center for Transportation and Logistics “Supply Chain Response to Terrorism: Creating Resilient and Secure Supply Chains” Supply Chain Response to Terrorism Project Interim Report of Progress and Learnings August 8, 2003 This report was pre pared by James B. Rice, Jr. of the MIT Center for Transportation and Logistics (CTL) and Federico Caniato of Politecnico di Milano for the Supply Chain Response to Terrorism Project team with contributions from team members Jonathan Fleck, Deena Disraelly, Don Lowtan, Reshma Lensing and Chris Pickett. This work was conducted under the direction of Professor Yossi Sheffi, CTL Director. Please contact James B. Rice, Jr. of CTL (jrice@mit.edu or 617.258.8584) if you have any questions or if you would like to discuss this report. 08/12/2003 1 SC Response to Terrorism Project Supply Chain Response to Terrorism Project: Interim Report of Progress and Learnings 1 2 Executive summary........................................................................................................... 4 Research introduction and background ............................................................................. 6 2.1 Introduction................................................................................................................ 6 2.2 Background Research ................................................................................................ 6 2.3 Project...

Words: 28274 - Pages: 114

Premium Essay

Information and Survey Analysis

...1. An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of: A. variable sampling. B. substantive testing. C. compliance testing. D. stop-or-go sampling. The correct answer is: C. compliance testing. Explanation: Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values. Substantive testing substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed. 2. The decisions and actions of an IS auditor are MOST likely to affect which of the following risks? A. Inherent B. Detection C. Control D. Business The correct answer is: B. Detection Explanation: Detection risks are directly affected by the auditor's selection of audit procedures and techniques. Inherent risks usually are not affected by the IS auditor. Control risks are controlled by the actions of the company's management. Business...

Words: 97238 - Pages: 389

Premium Essay

Cissp

...INTRODUCTION 4 DOMAIN 1: ACCESS CONTROL WHAT’S NEW IN ACCESS CONTROL? AN OVERVIEW 5 5 7 DOMAIN 2: SOFTWARE DEVELOPMENT SECURITY WHAT’S NEW IN APPLICATIONS SECURITY (NOW SOFTWARE DEVELOPMENT SECURITY)? AN OVERVIEW 9 9 10 DOMAIN 3: BUSINESS CONTINUITY & DISASTER RECOVERY WHAT’S NEW? AN OVERVIEW 12 12 13 DOMAIN 4: CRYPTOGRAPHY WHAT’S NEW? AN OVERVIEW 17 17 18 DOMAIN 5: INFORMATION SECURITY GOVERNANCE & RISK MANAGEMENT WHAT’S NEW? AN OVERVIEW 21 21 22 DOMAIN 6: LEGAL, REGULATIONS, INVESTIGATIONS, AND COMPLIANCE WHAT’S NEW? AN OVERVIEW 24 24 26 DOMAIN 7: SECURITY OPERATIONS WHAT’S NEW? AN OVERVIEW 28 28 29 DOMAIN 8: PHYSICAL & ENVIRONMENTAL SECURITY WHAT’S NEW? AN OVERVIEW 32 32 33 DOMAIN 9: SECURITY ARCHITECTURE & DESIGN WHAT’S NEW? AN OVERVIEW 36 36 38 DOMAIN 10: TELECOMMUNICATIONS & NETWORK SECURITY WHAT’S NEW? AN OVERVIEW 40 40 41 INFOSEC INSTITUTE’S CISSP BOOT CAMP COURSE OVERVIEW COURSE SCHEDULE 44 44 45 INTRODUCTION (ISC)²’s CISSP Exam covers ten domains which are:           Access Control Application Development Security Business Continuity and Disaster Recovery Planning Cryptography Information Security Governance and Risk Management Legal regulations, investigations, and compliance Operations Security Physical and Environmental Security Security Architecture and Design Telecommunications and Network Security Over the course...

Words: 11687 - Pages: 47

Premium Essay

Hello

...Findings – The paper contains a discussion of major factors related to a strategic approach to crisis management and a more proactive approach to building relationships with the media. Particular attention should be given to the roles and responses of the media and agencies acting on behalf of the company, as both should been treated in the same way as other relatively powerful stakeholders. The authors suggest that firms can obtain significant advantages through proactive preparation for major relevant contingencies, and its incorporation into the strategic management process. Originality/value – This paper brings together the debate on the strategic position of crisis management with scenario planning processes to provide a mechanism for designing, evaluating and managing crisis futures. It should prove useful to managers considering the development of crisis management, especially in a strategic context. Keywords Strategic planning, Strategic management Paper type Conceptual paper Strategic management 721 Received May 2005 Revised March 2006 Accepted April 2006 Introduction Crisis management has been a expanding...

Words: 8579 - Pages: 35

Premium Essay

Paper

...Management of Information Security Third Edition This page intentionally left blank Management of Information Security Third Edition Michael Whitman, Ph.D., CISM, CISSP Herbert Mattord, M.B.A., CISM, CISSP Kennesaw State University ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Management of Information Security, Third Edition Michael E. Whitman and Herbert J. Mattord Vice President, Career and Professional Editorial: Dave Garza Executive Editor: Stephen Helba Managing Editor: Marah Bellegarde Product Manager: Natalie Pashoukos Developmental Editor: Lynne Raughley Editorial Assistant: Meghan Orvis Vice President, Career and Professional Marketing: Jennifer McAvey Marketing Director: Deborah S. Yarnell Senior Marketing Manager: Erin Coffin Marketing Coordinator: Shanna Gibbs Production Director: Carolyn Miller Production Manager: Andrew Crouth Senior Content Project Manager: Andrea Majot Senior Art Director: Jack Pendleton Cover illustration: Image copyright 2009. Used under license from Shutterstock.com Production Technology Analyst: Tom Stover © 2010 Course Technology, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information...

Words: 229697 - Pages: 919

Premium Essay

Sasasas

.... Chapter Failure prevention and recovery 19 Eurotunnel response team during one of their regular patrols in the tunnel Source: Eurotunnel Introduction One obvious way of improving operations performance is by preventing failure. Failure is rarely unimportant, but in some operations it is vital that processes do not fail. Failure in aircraft in flight, for example, or electricity supplies to hospitals, or car seat belts, or the emergency services can be literally fatal. For these operations dependability is not just desirable, it is essential. Even in less critical situations, having dependable processes can give a competitive advantage. But no process is perfect and failures will occur. So it is important that we learn from all failures and have plans in place which help them recover and minimize their effects. Figure 19.1 shows how this chapter fits into the operation’s improvement activities. Operations strategy Failure prevention and recovery Operations process improvement makes processes better Design Operations management Improvement Total quality management organizes process improvement Planning and control Failure prevention and recovery stops processes becoming worse Topic covered in this chapter Figure 19.1 This chapter covers failure prevention and recovery . 618 Part Four Improvement Key questions I I I I I ??? Why do operations fail? How is failure measured? How can failure and potential failure be...

Words: 25060 - Pages: 101

Premium Essay

Bsat

...Roman G. Fall 2012 bsat 303: Final Exam Study Guide Note: The study guide should be used along with the classroom lectures I posted to Moodle, your personal notes from my lectures, and the information found within the chapters.  HTML (Basic knowledge and example code) o Tags, Hyperlinks, Emails, Images o o Hyperlink Visit MTV o  HTML – the language you use to create a Web site To insert an image Steps in Decision Support Systems o Decision support system (DSS) – a highly flexible and interactive system that is designed to support decision making when the problem is not structured o Decision support systems help you analyze, but you must know how to solve the problem, and how to use the results of the analysis o o   Model management component – consists of both the DSS models and the model management system o Data management component – stores and maintains the information that you want your DSS to use o User interface management component – allows you to communicate with the DSS Types of Decisions (Structured, Nonstructured, Recurring, Nonrecurring) o Structured decision – processing a certain information in a specified way so that you will always get the right answer o Nonstructured decision – one for which there may be several “right” answers, without a sure way to get the right answer o Recurring decision – happens repeatedly o Nonrecurring (ad hoc) decision – one you make infrequently Artificial Intelligence, Geographic...

Words: 4354 - Pages: 18

Premium Essay

Sr. Manager

...Government’s ability to serve the American public. Cloud computing has the potential to play a major part in addressing these inefficiencies and improving government service delivery. Amtrak, one of top client for Lockheed Martin is facing similar challenges to reduce the cost of IT infrastructure maintenance in their data center operations. Lockheed Martin has a unique cloud model which is focused on providing solutions as a service based on a mission focused approach to secure cloud delivery. They have successfully implemented cloud services for many clients. This study specifically focused on implementing the cloud computing strategy and services provided by Lockheed Martin that can significantly help Amtrak to provide highly reliable, innovative services in an efficient manner and at the same time reduce IT operating costs. Interviews were conducted with key business stakeholders at Amtrak and also with some of the IT project team members to learn about the existing data center model set up, data storage, and the hardware and software applications that are currently used. Interviews were also conducted with employees to understand the perception of cloud system infrastructure services and how it can help them. This report concludes that Lockheed Martin is deeply involved in delivery of cloud computing services to his clients and will provide a unique cloud computing framework that can benefit Amtrak. The challenge at Amtrak is that even though they ready for changes in the...

Words: 4167 - Pages: 17