Disaster Recovery Plan

11/07/2009 - Cloud storage DRP and SOA is a wave of the future

The advent of cloud computing and service-oriented data protection is mutating the role of backup administrator. The backup process is becoming a service offering by the IT department as part of the internal cloud's application service level agreement.

The backup administrator's role is transforming from the traditional "tape jockey" into a "data protection policy manager". An example of this is the push by many to make network backup more of a policy engine for backup and disaster recovery Â– business continuity.

Three recent advancements in technology are beginning to transform data center operations and the role of the IT Administrator:

Â· Virtualization (Server and Storage)

Â· Disk-based continuous and snapshot data protection

Â· Data Deduplication

Virtualization (Server and Storage): The role of server virtualization is to provide an abstraction layer between the server hardware and applications, so they can be moved between servers at will, and the role of storage virtualization is to provide the same abstraction between the servers and the storage.

The ability to abstract applications and storage from the actual hardware makes the hardware a commodity, enables applications to be moved from one server to another at anytime, without downtime, and allows storage to be purchased based on price and reliability, rather than functionality in the firmware.

Storage virtualization also facilitates the movement of data. Application data can be moved anywhere, anytime, based on performance or other requirements via a policy created by the IT admin.

Disk-based continuous and snapshot data protection: A continuous data protection (CDP) and snapshots to the mix eliminates the need to do bulk transfers of data over the network to make actual backup copies. The definition of a backup is a copy of the data, and it has to be a full copy to actually be a backup.

The backup copy must be separate from the production copy, and must be stored on physically separate hardware or storage media. Once the base copy is available, that copy can be used as the source for snapshots so that the primary copy is unaffected.

In order to accomplish real-time non-disruptive snapshots, the copy must be continually updated via CDP technology to capture any new information between snapshots. Instead of the traditional method of backing the data up with a bulk copy operation, data is simply always protected, continually through CDP, and periodically via the snapshots.

Data Deduplication (DD ): So far, we have virtualized everything and have implemented continuous protection for our critical data, and are making periodic snapshots of everything else. Backup is the killer application for DD, but DD also helps make DRP/BCP much more efficient. The reason backup is the killer application is because a full backup copies the same files over and over again. As an example, let's take a legal company with 500 desktops running Excel that are backed up using weekly full copies with a 30 day retention.

How many copies of excel.exe do you need to store? Without DD the first week there are 500 copies of it on tape, the next week there are 1000, the week after that there are 1500 copies, and the last week there are 2000 copies of that one file before the tapes are over written.

Now extrapolate that out to every file in the organization. You can see how it a DDs up real fast. If you do the math, using typical backup operations and retention requirements, 20TB worth of data with a 2% change rate and 3% growth rate will require over 101TB of media storage if retained over 5 weeks.

With DD The same 20TB with the same growth and change rate at a 7:1 DD ratio could be stored in about 24TB. (101TB - 24TB = a savings of 77TB worth of space!) You can begin to see how much money you can save over time here. But that's not the main benefit of DD.

The main financial benefit of DD (besides less media and storage) is how it saves WAN bandwidth for data replication. WAN bandwidth is typically a re-occurring monthly cost, and although the cost has been going down, it's still a major part of most IT budgets, which is the reason many companies are still shipping backup tapes offsite for disaster recovery. Imagine being able to get data replicated offsite electronically more efficiently and at a lower cost than shipping and storing tapes!

In summary the steps to create an internal corporate cloud.

1. Virtualize everything so application and data location are irrelevant

2. Continually protect, rather than use a bulk copy backup for data protection, which will change the physics of backup by removing the need to move large amounts of data at the same time.

3. DD everything so it can be stored and moved efficiently

4. Create policies for storage tiers and data life-cycle, and apply those policies on the objects being stored (files, blocks, and tapes) so that the entire data life-cycle is automated, and everything moves to where it belongs based on that policy.

- more

10/30/2009 - Pandemic Disaster Recovery Plans At Risk

Pandemic disaster recovery planning should consider the impact the H1N1 flu virus could have on the Internet if workers and students are forced to stay home because of the pandemic. Officials at the U.S. Government Accountability Office weighed in on the potential for clogged networks in a 71 page preport.

Although the issue has been raised before by various ISPs and network carriers, recent worries have focused on securities firms that depend on third parties to clear trades and process payments over the Internet, according to the GAO.

"Internet congestion during a severe pandemic that hampers teleworkers is anticipated, but responsible government agencies have not developed plans to to address such congestion and may lack clear authority to act," the GAO warned.

Internet backbone congestion from a pandemic is not a major concern. The larger problem may be with the network "edge" or "last mile" in the residential portion of the Internet. Janco says that work-at-home strategies for organization may not work as advertized as residential Internet access may not be sufficient. This is true both from a capacity and bandwidth at work at home sites.

Often many residential DSL users could share a single DSLAM connection at the carrier's switching office to reach the backbone, contributing to congestion problems. Last-mile DSL and cable modem networks are where remote access falls apart.

While the network edge impact would vary by neighborhood, the Centers for Disease Control planning guideline that assumes 40 percent of the workforce might not be in the workplace for an extended period of time during a pandemic.

- more

10/26/2009 - Pandemic Disaster Recovery and Business Continuity Planning First Steps

It is not possible to estimate the number of cases of the swine flu - (H1N1) England alone has over 100,000 infections and over 100 deaths. A worldwide pandemic is occurring. Young, obese, and pregnant individuals are primarily affected. The virus is easily destroyed; most cleansers will work, and it appears to be viable about 7 hours on a hard surface and one hour on porous fabric. Patients are most infectious when first coming down with flu, but remain infectious throughout the illness.

Disaster Planning documentation needs to be updated. In addition, businesses should take common-sense precautions before the pandemic, such as frequently having disinfecting wipes available, having employees and visitors wash hands with soap, use disposable towels in toilet areas, and having employees stay at home if they are feeling ill.

Organizations should start preparing now to operate in a quarantine scenario. A key word is cluster, when there are a number of related infections in a department or facility, you can expect to see it close for ten to twenty days and people either voluntarily not going there, or being directed not to go to that location.

Two of the most important issues are how to keep Information Technology and Computer Operations up. CIO and IT managers need to start asking hard questions right now, about how operations will continue if a significant number of people get sick. Technical people do not tend to look at all of the parts of the system and you do not want to wait till you are in a flu situation before you start asking questions and finding out that everything except backups and fund transfers can be done remotely.

Janco has just issued a pandemic press release on how to upate your disaster recovery plan.

- more

10/20/2009 - Audit Fatigue is Setting In for Some

(Internet Research Group) - Regulation is a part of business, regardless of company size, industry, or geography. In addition, for the most part, the larger the enterprise, the larger the potential for non-compliance risk. Non-compliance can mean a number of things Â– sanctions, fines, legal action, market value impact, and the cost of remediation may exceed the perceived cost of prevention.

The results are supportive of the term audit fatigue, that unmanaged IT Audit efforts within regulated organizations have a negative business impact on IT resources and reduce IT efficiency. However, respondents are largely aware of and interested in tools to automate audit processes and controls as a means of overcoming audit fatigue and freeing up IT budget and resources for innovation rather than compliance. This results in the following:

Compliance impact is increasing, resulting in high audit frequency and number: As can be expected, larger organizations must satisfy a number of IT audits. Small to mid-sized enterprises (SMBÂ’s) are also subject to an increased level of compliance requirements Â– resulting in higher than expected IT audit engagements. Given the lack of consistent IT standards across industries and geographies for audit criteria and reporting, compliance efforts Â– i.e., IT audit and remediation Â– are largely manual.
Audit costs are unmanaged, resulting in increased cost: Many respondents conduct audits on an ad-hoc basis rather than as a scheduled effort of an enterprise risk-management program. Given the inability to forecast audit and remediation, spending, budgetary control is lost Â– exacerbating the perceived impact of compliance efforts.
Lack of controls automation, limited process maturity: Audit fatigue can be attributed to lack of controls automation and unmanaged IT Audit processes. Limited controls maturity Â– i.e., repeatable and sustainable controls enforcement and audit processes Â– constrains IT innovation due to uncontrolled costs associated with IT Audit and issue remediation.

- more

10/17/2009 - Poor access contols encourage internal data breaches

Poor access controls cause most security and data breaches. A solution is to have access controls implemented which enforces specific tasks different administrators can perform, without disclosing the root password. This would help prevent the majority of data breaches that have occurred. Insider attacks are dependent upon access, and the following are effects, which are common and are inherently insecure and expose the enterprise to significant risk:

Full access to the network and user accounts. Even junior-level administrators have access to the network and to user accounts, so they can reset passwords, restart servers, and perform other administrative tasks. Of course, this may mean they can use the passwords of other users, if so inclined. This practice is even riskier in the Unix/Linux environment where it is a common occurrence for an entire IT department to share the root password for convenience at the expense of security.
Full access to the operating system of servers through a senior administrative account. Senior network and system administrators must have superuser (root) access to do their jobs. These privileged accounts are usually required for system functionality and are created when the system is installed. They can bypass system controls to access or destroy sensitive information. Superuser accounts make a variety of attack techniques possible, including the planting of logic bombs during system upgrades.
Unauthorized access to a privileged account. An example of this is seen when an unauthorized user may retrieve privileged account information for a database from an application server's configuration file, and subsequently use the credentials in a Structured Query Language (SQL) session over the network to retrieve or modify sensitive data.
Compromised encryption keys. This is commonly seen from any employees that have access to the operating system. System administrators know where to find these encryption keys, and they are frequently stored without security or encryption of any kind. Once encryption keys are stolen, all the vulnerable encrypted data is compromised.
Unauthorized uses of administrative access. Administrative accounts have been called the "keys to the kingdom" because they have unrestrained access. In native environments, someone with administrative access can destroy audit data to cover his tracks as he/she commits fraud by changing databases whose data is used to create financial records and statements. Worse yet, entire applications or databases are at risk to be destroyed.

- more

10/11/2009 - Air Force activates new cyberspace defense unit

The Air Force has activated a new communications organization that will support the Air Force's Space Command, a new command that combines space and cyber-space operations under one organization. The new 689th Combat Communications Wing, headquartered at Robins Air Force Base in Georgia, specializes in deployed communications.

The wing will play a support role in combat theaters where resources are sparse, such as Afghanistan, and in humanitarian aid operations, according to the Air Force. The dedicated cyber command, the 24th Air Force, reports to the Air Force Space Command. The Air Force created the cyber command this year, and it became operational Aug. 18.

As the Air Force activates the Combat Communications Wing it fills in a critical security niche. The 24th Air Force's integration under Space Command represents a landmark in Air Force operations, combining space and cyberspace under a single organization. Like traditional Air Force units, the 24th is set to provide forces for combat -- but unlike traditional units, these forces can also conduct cyber warfare.

The CCW is the newest of three sub-organizations supporting the 24th Air Force; the other two are the 688th Information Operations Wing and the 67th Network Warfare Wing.

The CCW nationwide will comprise roughly 6,000 active duty, reserve and National Guard airmen, as well as civilian and contractor support from the 3rd and 5th Combat Communications Groups, ten Air National Guard Combat Communications units and four Air Force Reserve Combat Communications squadrons.

- more

10/05/2009 - Harm threshold a concern to Congress

The so-called "harm threshold" provision was included in an interim final rule published late last month by the U.S. Department of Health and Human Services (HHS) in a bill requiring breach notification for unsecured health information. Under the provision, health-care entities would have to publicly disclose data compromises only if they think the breach would cause financial harm to those whose data was compromised or hurt their reputation.

In a letter dated Oct. 1, members of the House committee asked HHS Secretary Kathleen Sebelius to revise or repeal the new provision at the "soonest appropriate opportunity."

The letter noted that the new harm threshold provision runs counter to Congress' intent in passing the breach notification bill. The bill's statutory language does not imply a harm standard, Waxman wrote. In fact, in drafting the bill, Congress had explicitly rejected the idea of including such a provision because of the "breadth of discretion" it would have given a breached entity, the letter said.

The health-care breach notification law is part of the $20 billion Health Information Technology for Economic and Clinical Health Act (HITECH) that was passed by Congress earlier this year as part of President Obama's economic stimulus plan. The law, which went into effect last week, requires any organization covered under the Health Insurance Portability and Accountability Act (HIPAA) to notify patients of a data breach involving their personal health information. Companies that use encryption and data destruction methodologies to render sensitive health information unusable and unreadable to unauthorized individuals are exempt.

- more

10/01/2009 - Mobile Device Security Options

Because mobile devices reside outside the company firewall and beyond the reach of corporate security policies, they are often where unauthorized activity can occur. Users can inadvertently pass viruses, spyware, and other malware to the company network through the VPN. It still matters that a network has a formidable configuration of layered security, but when a notebook or smartphone is lost or stolen, the data stored on the notebookÂ’s is exposed. Enterprises have to have ways to protect that data regardless of its location or place of breach. Options available to the enterprise include:

VPN - Many enterprises use Internet Protocol Security (IPSec) VPNs, but the fact that IPSec works at the network layer can add exposure of the entire network to malware found on remote machines. Secure Sockets Layer (SSL) VPN technology works at the transport layer of the Transport Control Protocol/Internet Protocol (TCP/IP) stack and is session-oriented, offering more precision in granting access - even down to a specific application, file or window of time. Some vendors are offering all-in-one appliances that package not only VPN working on both layers, but also firewall, intrusion prevention and network antivirus.
Network Access Control (NAC) - NAC gives the network the ability to grant access to a device based on preset criteria, and then monitor it throughout its connection cycle. If the device behaves in a way that is out of line with policies, it is quarantined, given an opportunity to remediate and then disconnected if it remains noncompliant.
Encryption - A data-level form of protection, encryption is centrally managed and updated. It works by jumbling data according to a complex algorithm that machines are able to unlock once they have been authenticated. Everything from a single file to the entire hard disk can be encrypted.
Intrusion detection and prevention - Intrusion detection and prevention systems focus on identifying incidents, logging information about them, taking action to stop intrusions and reporting incidents to administrators for further review. These systems work well to stop unusual IPs and to block worms, botnets and other malware. They add an additional layer of security between the firewall and antivirus software.
Remote Lock Down and Data Destrition - Credentials and devices that are tagged as inactive can have "self desruct" or "remote lock down" code downloaded and activated in such a way that all of the "sensitive data" on the remote device is "erased" and the device put in such a state that it is not usable with intervention by the enterprise.. Extreme care should be used if this option is used and the help desk should have procedures in place so that devices remotely locked down in such a manner can be re-activated.
Data leakage protection - You can secure data, regardless of where it is in relation to the network, with data leakage prevention (DLP) technology. DLP solutions tag data based on a set of criteria such as location of data, application type, file type, keywords and common data strings. These tags alert IT when the data is being used in a certain manner. DLP can prevent the data from being copied, e-mailed, sent via IM, printed, saved to a different device, changed to a different file type or otherwise altered.

- more

09/29/2009 - Poor IT Infrastructure Impacts CIOs and CEOs

The primary concerns of CIOs and CEOs is reducing costs , reducing business and IT complexity , and improving ITÂ’s business ability to adapt to the changing business environment. Factors which contribute to the cost and complexity of maintaining and managing IT infrastructure include: security issues, staffing issues, legacy applications / systems, and lack of standards / standardization.

Strategic IT decision makers are more likely than their functional IT counterparts to cite improving IT's ability to respond quickly to changing business requirements (i.e. agility) as a frequent challenge.
Most CIOs and CEOs feel that IT infrastructure today has grown too complex and costly. in addition many feel that the cost of maintaining and managing IT infrastructure is limiting their companies' ability to deploy IT resources to more strategic aims and goals.
Many top executivies believe that the complexity of maintaining and managing IT infrastructure is hindering innovation at their companies.

- more

09/24/2009 - Steps to create a functional business continuity disaster recovery plan

Every good disaster recovery plan starts by addressing the needs of the business - not the IT department. That rule of thumb can turn a potentially complex task into a surprisingly simple exercise. The following can help you keep the business perspective in focus.

Assess the relationship between IT and the business - Identify critical business functions - sales order processing, billing, production, and customer service. Determine which systems, applications and data must be available to keep each function running smoothly. Customer service processes, for example, typically require the availability of customer information, a call routing system and workstations equipped with working telephones and computers.
Prioritize importance of each application and business function - Develop a hierarchy of business functions and processes based on their importance to operations. You will most likely find that, although some systems need to be up and running as soon as possible after a disaster, other systems can wait. Define the companyÂ’s requirements in terms of ideal RTOs and RPOs. That is, how long can the business wait to become operational again, and how much data can it afford to lose? Choose your technology based on these objectives.
Create the Disaster Recovery Business Continuity Plan with business and IT involvement - Gather representatives from across the business, from IT to human resources and facilities management. Each member should contribute to both the development of the disaster recovery plan and its execution. Define their responsibilities and the reporting hierarchy when a disaster occurs and to equip them with mobile technology, so they can make decisions when required.
Create a detail budget for when the plan is activated - Understand that a disaster recovery plan is only as effective as the resources that are committed to it. Once you have determined what it will require to support your business recovery objectives, you need to identify the tools and procedures needed to meet them. Be specific about the cost of these mechanisms, as well as the financial risk of disaster. Build a realistic business case.
Create a plan that is as detailed as possible - When you develop a plan, spell out tasks, responsibilities and roles - not only to revive systems, but also to provide access to users and enable operations to continue even under compromised circumstances. Identify the technology you need to meet the companyÂ’s recovery expectations.
Test and Maintain the Plan - Business goals, workforce, processes, and technology form a universe of change around your disaster recovery plan. To keep it up to date, you must test it, reexamine it and update it regularly - once a year, twice a year or even quarterly. Also, remember that there are continuing advancements in Information Technology and applications. Keep revisiting your options - keep the plan current, complete, and accurate.

- more