Great overview of how businesses can plan and be prepared for disasters so that they can minimize cost and downtime. This Powerpoint presentation covers how to build a DR team, set recovery goals and objectives, identifying gaps, selecting technologies, and implementing and maintaining Disaster Recovery Processes. This Presentation also discusses Best Practices that companies should be using to protect themselves and their customers.
2. Discovery (Steps 1-5)
1. Build your team
Select the people who understand your system best to help
create a DR plan and execute when disaster strikes
2. Analyze what DR technology is already in place
You are probably already backing up, but what else?
3. Do a business impact analysis
what does downtime cost?
4. Prioritize operations
What needs recovering first
5. Set goals for recovery
How long should recovery take
3. Action Steps (6-10)
6. Identify and fill gaps in technology
Are any of your goals impossible with your current infrastructure
Implement
technology
or
processes
to
meet
recovery
goals
7. Design Recovery or Failover Environment
Alternate location facilities, hypervisor, bare-bones machines, etc
8. Design Response protocol
Design the actual steps taken to recover downed systems
Should employees BYOD? Use cell phones? Relax?
9. Document important information
Have at important information at the ready in your DR plan
10. Implement, Test, and Revise
Distribute the plan and make sure everyone know their duties
Test to make sure there are no holes in your plan, revise to make sure
your plan stays up to dates
4. • Spearheaded
by
an
execu/ve
– Leadership
– Decision
making
– Access
to
necessary
resources
– Make
sure
project
receives
necessary
a<en=on
• Designate
a
DR
Coordinator
– In=mate
knowledge
of
IT
system
– Creates
and
updates
DR
plan
– Leads
recovery
during
disaster
– Makes
execu=ve
decisions
during
disaster
• DR
Team
– Employees
from
a
variety
of
departments
– Help
DR
coordinator
execute
recovery
– Predetermined
responsibili=es
for
recovery
5. Stake
Holders
C-‐Level
DR
IT
Coordinator
manager
DR
Team
IT
Opera=ons
Facili=es
6. • Analyze
the
DR
technology
that
you
currently
have
in
place
– Data
backup?
– Skeleton
Servers?
– Cloud
Services?
– Virtualized
Machines?
– Ac=ve/Ac=ve
geographically
diverse
systems?
– Uninterrupted
Power
Supply
• Understand
the
capabili=es
and
restric=ons
of
each
7. Start by conducting a Business Impact Analysis
Availability requirements, such as maximum allowable systems
downtime, for an organization form the basis for risk
mitigation and recovery strategies, developed to drive a
higher level of business resiliency.
8. A BIA assesses the risks of various types of threats to determine
the potential direct and indirect impacts. These include:
• Financial
• Regulatory
• Operational
• Competitive
• Reputation
9. • Halt
opera=ons
for
extended
=me
– Extended
systems
down=me
could
mean
the
same
for
your
business
• Permanently
set
the
company
back
– Lost
data
could
undo
months
of
your
work
• Bankruptcy
– A
significant
number
of
companies
that
experience
a
major
data
loss,
will
close
their
doors
within
6
months
• Regulatory
risk
of
not
being
in
compliance
(PCI,
SSAE
16,
SOX,
HIPAA)
• Your
company
could
face
fines
and
other
penal=es
if
you
– Lose
client
data
– Have
a
breach
of
security
in
regards
to
client
data
– Lose
access
to
client
data
– Do
not
no=fy
clients
of
such
events
10.
11. After completing the BIA, it should be clear which processes are
most important to your business, thus which should be
recovered first after a disaster.
Restore
Emergency
Level
of
Service
Restore
Key
Business
Processes
Restore
to
Business
as
Usual
12. Understand
the
IT
dependencies
for
each
business
process,
and
what
level
of
IT
service
is
required
for
that
process.
Priori=ze
recovery
for
IT
systems
and
services.
Understand
what
can
be
recovered
as
a
stand
alone
service,
and
what
required
greater
underlying
network
support.
13. • Recovery
Time
Objec/ve
(RTO)
– How
long
aer
a
disaster
does
a
business
process
need
to
be
opera=onal,
or
what
is
the
acceptable
down=me?
• Recovery
Point
Objec/ve
(RPO)
– What
point
back
in
=me
would
you
like
to
recover
to?
10
minutes?
1
hour?
1
day
before
the
disaster?
This
is
determined
by
how
oen
you
perform
backups.
• Recovery
Level
Objec/ve
(RLO)
– Recovering
from
a
disaster
does
not
happen
all
at
once.
You
should
set
different
recovery
=mes
for
each
level
of
recovery.
And
possibly
a
different
recovery
point
for
various
systems.
14.
15. Do
you
have
all
the
proper
technologies
in
place
to
successfully
recover?
Is
it
possible
to
recover
in
a
manner
that
sa=sfies
your
objec=ves?
There
are
a
mul=tude
of
hardware,
soware,
and
services
you
can
use
to
meet
recovery
objec=ves.
Example:
If
your
RPO
is
under
15
minutes,
you
must
be
performing
backups
every
15
minutes
16. Compare recovery goals with the DR technology you are currently utilizing.
Using your goals as a baseline, look at each of your business processes, and analyze
the feasibility of restarting the respective IT dependencies within the objective time.
17. • Daily onsite and remote backups
• Bare-metal backups
• Cloud based software (SaaS)
– Gmail, Salesforce , Office 365
• Redundant and replicated systems
• Virtualized networks, servers, and desktops
• Bare-bones machines
• VoIP phones
• Diverse network service provider
18. Where do you intend on recovering vital computing resources to?
What if your system would take to long to recover on itself?
What if you don’t have access to your facilities?
What if your facilities have been destroyed?
What if a server fails and it takes weeks to get a similar one?
What if you need to recover a single email or a single mailbox, but you only have
image based backups?
19. Simple
Affordable
File
and
Employees
recover
Employees
work
folder
data
to
personal
devices
from
own
devices
backups
Easily
recover
data
Bare-‐Metal
and
all
system
and
user
configura=ons
Employees
work
from
where
Recovery
on
same
or
new
hardware
network
is
rebuilt
Comprehensive
Personnel
simply
Replicate
backups
at
Hot
Sites
an
alternate
and
remote
work
site
moves
to
new
worksite
and
resumes
work
Costly
Cloud
Easy
and
Instant
Failover
to
iden=cal
Employee
work
from
anywhere
with
Replica=on
machines
and
data
internet
access
23. • Do
your
employees
know
how
to
respond
to
a
disaster?
– Based
on
your
recovery
environment
and
recovery
objec=ves
– Develop
a
plan
for
each
department
to
resume
opera=ons,
star=ng
with
the
most
crucial
– Create
a
wri<en
plan
that
your
employees
can
use
to
help
them
get
back
to
work
as
fast
as
possible
24. In
your
plan
for
employees
– Address
of
alternate
work
sites
– Instruc=ons
to
recover
data
– Instruc=ons
to
login
to
cloud
based
DR
recovery
environments
– Calling
trees
– Important
contact
informa=on
– Amended
responsibili=es
26. It is important to have a well documented response procedure for restoring mission
critical systems as efficiently as possible
Instructions for Failover
• Document where resources will failover to
• Document which resources will failover
• Document how to failover resources
• Document how to get users on new system
• Document how to reroute phone numbers
27. Instructions to rebuild/repair:
• Rebuild Network
• Remedy crashed servers
• Purchase correct replacement parts
• Include estimates of how long it will take to reboot system
• Instructions to handle work load in the interim
28. In the appendix of your DR plan you should include a repository of critical
Systems information.
• Make, model, and specifications of all hardware
• Diagram of network
• List of applications used by each and license keys
• Location of backups for each machine
• Admin handles and passwords
• Database owners
• Warranty information
• Vendor information
• IP addresses
• VPN information
• Setting and Configurations
• Special Instructions
29. Once you have constructed your DR plan you must distribute the plan
among employees and start work with your DR team.
Your DR plan will not be effective if nobody knows about it.
30. • Make
sure
your
DR
plan
has
full
support
– Execu=ve
and
C-‐level
support
– IT
support
• Send
an
email
or
memo
to
all
employees
with
the
informa=on
they
need
to
know
• Distribute
hard
copies
and
instruc=ons
to
access
an
electronic
version
• Run
a
drill
and
test
31. • Test
oen
(Every
6
months)
• Only
through
tes=ng
will
you
uncover
everything
that
is
missing
from
your
plan
• Revise
aer
tes=ng
• Part
of
your
plan
will
become
stale
every
=me
you
test
it,
make
sure
all
the
informa=on
is
up
to
date
• Record
difficul=es
during
tes=ng
so
updates
can
be
made
32. For
more
informa=on:
Contact
Cloudni/on:
Evan
Kouimelis
630.297.4112
Ekouimelis@cloudni=on.com
www.Cloudni=on.com
Contact
BOB:
Thaer
Sous
630.590.6293
tsous@bobbroadband.com
www.bobbroadband.com