Restoration and Recovery of Information Systems and Data - Case Study Example

Introduction Restoration and recovery of information system operations has become one of the most important concerns in information systems management. Restoration and recovery falls under risk management of information systems and entails identifying, managing minimizing risks and assessment and evaluation (Calder & Watkins, 2005). The objective is to provide continuity of operations during emergencies or disasters and to generate prevalence information of system risks and damage to enhance restoration and recovery response (Stoneburner, Goguen, & Feringa, 2002). The need for effective information systems restoration and recovery has been emphasized in the United States with the legislation of Presidential Decision Directives (PDD) 63 and 67, Federal Preparedness Circular (FPC) 65, the Office of Management and Budget's (OMB) CircularA-1301. These directives and orders are part of Continuity of Operations (COOP) planning is required for Federal Government Agencies. PDD 63 or the Critical Infrastructure Protection directive and FPC 65 summarize the requirements for COOP information system infrastructure and emergency measures. FPC 65 stipulates that federal agencies are required to get back into operations within 12 hours from any kind of service collapse. OMB CircularA-130 prescribes continuity of operations planning which includes emergency procedures and policies for immediate operations recovery and restoration as well as long-term mitigation of potential services interruption of critical operations (EMC Corporation, 2006). In any kind or emergency, police and emergency services are the most essential. Therefore, the integrity, restoration and recovery of information systems in these branches of government should be the utmost priority. Florida is one of the states that have had to be vigilant regarding these concerns since the 1990's (Mittler, 1995). The Palm Beach Sheriff's Office is no exception to these circumstances. Palm Beach's experience with Hurricane Katrina emphasized not only the need to be prepared for the disasters and the essential role that police and emergency services have to play in recovery (Kam & Gomez, 2005). Restoration and Recovery of Information Systems and Data Breakdowns of information systems and data loss are not limited to the event of disasters. Natural disasters may impact systems extremely and can impair critical functions when they are needed the most but system attacks, hacking and other related crimes that is becoming the most urgent. Restoration of Information System Operations According to the National Security Agency (NSA), through the Information Assurance Directorate (IAD), information assurance refers to procedures designed to safeguard and secure information and information systems against failure, collapse or attacks. Part of this program is the re-establishment of information systems by the development of security, response and resolution competencies into the system (2006). These standards govern feral information systems and have been adopted by industry as well. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities. Public sector agencies and departments must comply within the prescribed recovery period and point service levels depending on the significance of their operations and information. They have to take into account considerable quantities of paper and electronic data, data storage distribution, necessity for nonstop operations and high data security and integrity measures (EMC Corporation, 2006) Recovery of Data Data backup and replication are the underlying concern in restoration and recovery. The primary factors considered are cost, management, reliability and security Effective back up strategies limit the need to reinstall programs and regenerate data in the events of data loss. However, data loss over a long period of time either by malicious acts or because of inadequate systems is more difficult to salvage and may go unnoticed (Ginty, 2005). According to Smith (2003), 40% of data loss can be attributed to hardware failure, 29% is due to human error, 13% is due to software corruption, 9% due to viruses and similar programs, 6% due to theft and 3% id due to hardware destruction. Hardware failure and hardware destruction are usually due to disasters or emergencies while the rest may be acts of negligence or crime either deliberate or not (Stoneburner, Goguen, & Feringa, 2002). Palm Beach Sheriff's Office's Action Plan Considering the federal and state requirements regarding the recovery and restoration of information systems for the continuance of services after system breakdowns or attacks, the Palm Beach Sheriff's Office should have a restoration and recovery plan that secures its information systems but also one that ensures that it will be able to perform its critical functions. The degree of comprehensiveness and responsiveness of the plan it enforces will determine its reliability to deal with any related situation regardless of nature, motive or gravity. Situational Assessment and Program Initiation The first is step is to make an audit of what are the risk factors to Palm Beach Sheriff's Office's information system. Based on the assessment, Palm Beach Sheriff's Office must prioritize what is to be addressed first and the specific measures to be done. Options to create the information infrastructures should follow criteria set by FEMA2 and pursue information assurance standards. It is important to choose feasible options using cost-benefit analysis since the systems to be set up will be used long term and significant expense. After the selection of the infrastructure, the training of personnel using the system must be the focus. Information systems are extremely vulnerable and with human error and software corruption accounting for 42% of average data loss (Smith, 2003), it would be advisable to delineate thoroughly function, responsibility and accountability. The last part of this phase is the development of the contingency plan. The contingency plan should involve alternatives for systems failure and data loss setting up as well as during implementation. Risk levels should be mapped according to severity and priority as well as have corresponding operational standard response. System and data checks and related monitoring safeguards should be scheduled and incorporated into overall system calendars and maintenance protocols. Information System Operation Breakdown and Data Loss Event In the event of either information system operation breakdown or data loss event, a background system should be available to record and give notice. Event and user tracking give information on the event and information on the intent and implication in either concern. Notice of both events also becomes crucial one the system is unable to correct itself or retrieve lost data on its own. Intervention of assistance to the system either by physical intervention of via another system or software have to be set and functional. Power system supports, system integrity programs and alarms. The objective of this phase is to limit damage and data loss and to collect enough information for recovery and restoration. Restoration & Recovery of Systems and Data In the restoration and recovery phase, technical, administrative and security procedures should be utilized (Schneier, 2004). These procedures involve the identification of the risk events, response and security response (Stoneburner, Goguen, & Feringa, 2002): Identification and classification - not all system and data changes should be considered infringements. An assessment of their risk should be done and based on the risk map be addressed as formulated. Operational controls and containment assessment - Procedures at this stage should detect the level of intrusion, existing integrity level of both the system and the data, and resulting irregularities and vulnerabilities due to the system and data events. The effect of planned operational control and containment procedures to current system and data states should also be assessed and reported before procedures are actually implemented. Integrity confirmation and verification - this phase should involve the running of a system integrity mechanism. The procedure should not only be limited to the actual system and data but should also run through the monitors and controls. Indicators of integrity as provided for should be verified with independent programs to ensure the absence of embedded security problems that may become incorporated into the system. Restoration to a secure system point and regeneration of data - the secure system point must be have been pre-established and one that is with unquestionably integrity because this will also be the point were needed repairs and further restoration or retrieval will be done. System check and assessment post restoration - a system check should be done once more after all restoration and retrieval to verify system and data. Though according to this designed program, the restoration should not have anymore security issues, it would be advisable to run a check once more. The more important part of this phase is to assess system integrity loss or violation and data loss to support future security actions After Restoration & Recovery The tracking and monitoring programmed into this design should be utilized by Palm Beach Sheriff's Office to pursue legal or police action as needed. Malicious acts to steal data or sabotage their system should be considered with great concern since these action compromise Palm Beach Sheriff's Office ability to deliver critical services. The information gathered from the information system breakdown, data loss, recovery and restoration (whether successful or not), should be utilized to improve current infrastructure. The Palm Beach Sheriff's Office should be vigilant in updating its information system operations to keep ahead with the demands of its office, the escalation of information security crimes and the increasing need to be online to delver critical services. Conclusion Recovery and restoration of information services by the Palm Beach Sheriff's Office is essential if it is to be able to deliver critical services. The incorporation of recovery and restoration plan of information systems should be incorporated into state emergency plans to ensure services. The Federal Emergency Management Agency has specified guidelines to this effect to enhance state and federal coordination (Federal Emergency Management Agency [FEMA], 2006c). Beyond the need for emergency preparedness, the Palm Beach Sheriff's Office and organizations regardless of their nature will benefit from maintaining system integrity to prevent system failures and data loss. The implementation of the designed program concentrates on the preparation against and system and data intrusion and the need to learn about the risks that it has to deal and actually deals with. The Palm Beach Sheriff's Office, like all other government agencies play an important role in the lives and welfare of its citizen. The integrity and responsiveness of informational operational systems is a direct indication of its capability to fulfill its duties and responsibilities. References Calder, Alan and Watkins, Steve (2005). IT Governance: a Manager's Guide to Data Security and BS7799/ISO17799, 3rd Edition. London: Kogan Page. EMC Corporation (2006). Recovery Management for Continuity for Continuity of Operations. Hopkinton, MA: EMC Corporation. Retrieved on September 27, 2006 from http://www.emc.com Federal Emergency Management Agency. (2006a). Community Recovery and Planning. Retrieved September 27, 2006 from http://www.fema.gov/government. Federal Emergency Management Agency. (2006b). Continuity of Operations Self-Assessment Tool. Retrieved August 10, 2006 from http://www.fema.gov/doc/government/coop Federal Emergency Management Agency. (2006c). COOP Assessment. Retrieved September 27, 2006 from http://www.fema.gov/government/coop. Kam, Dara and Gomez, Alan (2005). Lack of Plan Hurt Katrina-Hit States' Response. Palm Beach Post. Retrieved on September 27, 2006 from http://www.palmbeachpost.com/storm/content/state/epaper/2005/09/10/m1a_response_0910.html. Mittler, Elliot (1995). Case Study of Florida's Emergency Management since Hurricane Andrew. Retrieved on September 27, 2006 from http://www.colorado.edu/hazards/wp National Security Agency (2006). Information Assurance FAQ's. Retrieved on September 27, 2006 from http://www.nsa.gov/ia/iaFAQ.cfmMenuID=10. Ginty, Ed (2006). Secure Data-Archiving: How to Protect and Store Your Data. Retrieved on September 27, 2006 from http://www.infosectoday.com/Articles/Archive.htm Schneier, Bruce (2004). Security Information Management Systems: Solution, or Part of the Problem. Retrieved on September 27, 2006 from http://www.schneier.com/essay-054.html Smith, David M. (2003). The Cost of Lost Data. Graziadio Business Report: Journal of Contemporary Business Practices, Volume 6 Number 3. Los Angeles, CA : Pepperdine University - The George L. Graziadio School of Business & Management. Retrieved on September 27, 2006 from http://gbr.pepperdine.edu/033/dataloss.html Stoneburner, Gary, Goguen, Alice and Feringa, Alexis (2002). Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology, Special Publication 800-30. Falls Church, VA: National Institute of Standards and Technology, Information Technology Laboratory, Computer Security Division Read More