Disaster Recovery Planning for NIST - Essay Example

Disaster Recovery Planning Contents of the Report Introduction Physical Risks Need for a Disaster Recovery Plan Essentials of a Disaster Recovery Plan NIST Guidelines: The 7 steps to IT Contingency Planning Contingency Policy Statement Business Impact Analysis Identification of Preventive Controls Outline of Recovery Strategies Contingency Plan Testing Methodology Ongoing Plant Maintenance Case Study Conclusion References Introduction According to Herman Mehling, "A disaster recovery plan is a bit like car insurance; you don't realize its value until you're in an accident" (Mehling, 2007). This was the common state of affairs in every organization a few years back. Most companies felt disaster recovery was an unnecessary investment because the management felt that they were safe from physical disasters. However, over the few years, the situation has changed. Management of corporations are taking this matter at a corporate level. The line managers of various departments now realize that they can never be sure about safety from disasters. Therefore organizations such as NIST have outlined several disaster recovery best practices in order to help companies implement a contingency plan. This article looks at the various essential elements of disaster recovery planning how NIST guidelines can be applied to implement a disaster recovery plan. Physical Risks Physical risks for business include and are not restricted to natural calamities like Earth Quakes, Storms, and Floods etc. Fire accidents, power failures, Use of Unsafe machinery and Equipment all come under Physical Risks. Malfunctioning of Individual units in a system, Network Cables, Cable tapping are some of the physical factors that pose risk to a Business (Cooper, 1995). Physical risks to a business also include risks to the physically existing things like buildings, the computers, related media and equipment. Few of the physical risks are mentioned below. Natural Calamities: Natural Calamities like Earth Quakes, Storms and Floods disrupt any business and their corresponding data that is stored. A single quake can destroy entire business information in no time and nullify its existence. Continuous monitoring of this information and assessing the risks that these factors cause, becomes an important issue. All business data and resources (movable and immovable) are at stake if risk due to these factors is not analyzed. Malfunctioning of Cables and Other Components: Another major risk faced by the business is due to the improper functioning of components present in a system or the Network cables that make up the backbone of any network. Hardware faults are inevitable, so nullifying them will not be possible. Their affect could be equally frustrating and annoying. Even these cause many problems to the organizations that include data loss, increased response time, network congestions, and un-timely break up of systems and temporary stagnation of work (Cooper, 1995). Managing these risks is not only necessary but also very important for the growth of an organization. Trashing: Trashing, also known as dumpster diving is a possible physical risk commonly found in the corporate sector. In this method, sensitive data is searched for in the trash and most of the times, the crackers become successful. History has proved that many industrial spies achieved remarkable success with this approach. It is common for crackers to find useful information in used tape drives, disks and discarded print outs. Crackers often find computer manuals, passwords and other information in them. All sensitive data that should not be saved will be saved and can be easily recoverable from trash. This becomes the initial point for the risks. A cracker sees a highway ahead to breach the system with this approach (Cooper, 1995). Eaves Dropping: Business data may be prone to interception with this approach, commonly known as Eaves dropping. It is a known fact that upon pressing a key on the keyboard, Electro Magnetic waves will be generated (Cooper, 1995). Many crackers use this property to capture these signals and decode them. This is more easily done than said. Intelligence personnel, media and Industrial spies have improved technical devices that facilitate this process. Pushing of unnecessary data on to the line or tapping of a message or changing the content of a message is done here. This Interception of data proves to be very costly for the Businesses. Need for a Disaster Recovery Plan The purpose of security in any Information System, Computer Network Infrastructure or Computing/Database System is to assure three essential features: Confidentiality, Integrity and Authenticity. Confidentiality: Confidentiality is ensuring that sensitive information does not fall into the hands of those who are not authorized to have it (Dhillon, 2001). Confidentiality is also known as secrecy or privacy. Integrity: Integrity means that the information is protected against unauthorized changes that are not detectable to authorized users (Kinkus, nd). Authenticity: Authentication means that the parties involved in communication first prove their identity before communication can begin (Tipton & Krause, 2007). The level of security required in a particular system will depend upon the risks associated with the system, the data held on the system and the working environment of the system. To assure these factors a disaster recovery plan is essential to ensure the business continuity in case of disasters. Essentials of a Disaster Recovery Plan Ideally, a well-conceived disaster recovery plan will include strategies for rapidly restoring any mission-critical business applications. However, the creation of (and maintenance of) a sound business continuity and disaster recovery plan, is a complex undertaking, involving a series of steps. Texas A&M University states that a sound plan generally includes but is not limited to the following (TAMU, nd): Disaster project team with a list of basic responsibilities for the team members. List of offices and programs in order of assessed critical dependence upon automated data processing (ADP) Risk assessment of types of disasters Recovery priorities and operations Requirements analysis Plan update criteria and review schedule Hardware and software inventory Support agreements with agencies and vendors NIST Guidelines: The 7 Steps to IT Contingency Planning National Institute of Standards and Technology (NIST), one of the prominent organization responsible for creating, maintaining and regularly updating standards, provides guidelines to individuals/groups responsible for preparing and maintaining IT contingency plans for companies. NIST's IT contingency planning guide identifies fundamental planning principles and practices to help personnel develop and maintain effective IT contingency plans. The NIST guidance should be considered during every stage of contingency planning, starting with the conceptualization of contingency planning efforts through plan maintenance and disposal of the contingency plan. Apart from describing the life-cycle of the contingency plan implementation, NIST has jotted down seven major steps to develop and maintain an effective IT contingency plan. They are: Develop the contingency planning policy statement Conduct the Business Impact Analysis (BIA) Identify preventive controls Develop recovery strategies Develop an IT contingency plan Plan testing, training, and exercises Plan maintenance The following sections now discuss the general steps a company which is intending to implement an IT contingency plan must undertake with respect to the seven steps outlined by NIST. Develop the contingency planning policy statement: A policy is an organizational statement that is drafted at the corporate level. A policy is important since it binds all the members affiliated to the company to follow the policy guidelines. To be effective and to ensure that personnel fully understand the agency's contingency planning requirements, the contingency plan must be based on a clearly defined policy. NIST enumerates the key elements of the policy statement: Roles and responsibilities, Scope as applies to the type(s) of platform(s) and organization functions subject to contingency planning, Resource requirements, Training requirements, Exercise and testing schedules, Plan maintenance schedule and Frequency of backups and storage of backup media. Conduct the Business Impact Analysis (BIA): According to NIST, Business Impact Analysis (BIA) is an essential step in the contingency planning process. This step mainly involves in analyzing how the IT infrastructure and the contingency plan affects the business processes. This allows the company to analyze the disruption impacts and the allowable outage times. These results are incorporated into the iterative plan development. Based on these results, priorities can be established to various processes and thereby appropriate contingency plans may be developed. For example, if the outage impacts step determines that the system must be recovered within 4 hours, the Contingency Planning Coordinator would need to adopt measures to meet that requirement. Identify Preventive Controls: As indicated in the previous section, the BIA can provide the Contingency Planning Coordinator with vital information regarding system availability and recovery requirements. In some cases, the outage impacts identified in the BIA may be mitigated or eliminated through preventive measures that deter, detect, and/or reduce impacts to the system. Some of the common examples of preventive controls include utilizing an Uninterpretable Power Supply (UPS) system for the designated number of hours as discovered from the BIA, Gasoline powered generators for long term power supply, Fine Suppression Systems, Smoke Detectors and Frequently scheduled backups. However it must be noted that these preventive controls are generally expensive and will require purchasing products from competitive vendors. Therefore the companies must perform an extensive research about the various solutions available and make the best decision based on the resource constraints. Develop recovery strategies: Whenever there is a service disruption, the recovery strategies come into picture. These strategies aim at providing quick restores in events of disasters. Once again, the strategies must be developed by keeping the BIA results in mind. Some common recovery methods include commercial contracts with cold, warm, or hot site vendors, mobile sites, mirrored sites, reciprocal agreements with internal or external organizations, and service level agreements with the equipment vendors. In addition, technologies such as Redundant Arrays of Independent Disks (RAID), automatic fail-over, interruptible power supply (UPS), and mirrored systems should be considered when developing a system recovery strategy. Develop an IT contingency plan: IT contingency plan development is a critical step in the process of implementing a comprehensive contingency planning program. The plan contains detailed roles, responsibilities, teams, and procedures associated with restoring an IT system following a disruption. This plan is particularly important since it details the responsibilities each personnel must undertake in case of contingency. This should involve the notification phase, which describes who and how should the disruption be notified. The plan must also include the recovery phase which details the sequence of recovery activities in case of contingency. Finally the plan must also include the re-constitution phase which deals with testing and termination operations. Plan testing, training, and exercises: To test the capability of a contingency plan, a plan test is crucial. Testing enables plan deficiencies to be identified and addressed. Testing also helps evaluate the ability of the recovery staff to implement the plan quickly and effectively. The important areas the must be addressed in the contingency testing are System recovery on an alternate platform from backup media, Coordination among recovery teams, Internal and external connectivity, System performance using alternate equipment, Restoration of normal operations and Notification procedures. Testing is generally carried out as a demo exercise. A testing environment is created and disasters are introduced in a controlled way and the participants walk through the procedures listed in the contingency plan. The recovery personnel are generally trained on the following procedures: Purpose of the plan, Cross-team coordination and communication, Reporting procedures, Security requirements, Team-specific processes (Notification/Activation, Recovery, and Reconstitution Phases) and Individual responsibilities (Notification/Activation, Recovery, and Reconstitution Phases). Plan Maintenance: Like any other IT system, even an IT contingency plan must be placed in a 'production' state where it can be readily applied when most necessary. An important aspect of plant maintenance is regular review and updates. The updates must be synchronous to the changes in the IT system infrastructure of the company. The essential ares which are reviewed in the plan review are Operational requirements, Security requirements, Technical procedures, Hardware, software, and other equipment (types, specifications, and amount), Names and contact information of team members, Names and contact information of vendors, including alternate and off-site vendor POCs, Alternate and offsite facility requirements and Vital records (electronic and hardcopy). Case Study Exploring the technology and business ramifications following the tragic events of September 11 in United States of America gives us a picture about the losses that could occur if appropriate contingency planning is not applied. ZDNet.co.uk, states that Approximately 8,000 Intel-based servers and approximately 5,000 UNIX servers were lost at an approximate replacement cost of $370 million (ZDNet.co.uk, 2002). The extreme scenarios that have occurred as a result of the terrorist attacks in New York City provide a good lesson in how sometimes, even the best-laid plans can fail. organizations must now learn from these types of events and adapt current disaster recovery and business continuity plans to reflect these new issues and needs. Conclusion The information resources of any company are so integral to the mission of the companies that contingency planning must be in place to allow recovery of essential functions in face of either a natural or a man-made disaster. The people at the management level and their team members must work together to prioritize and create appropriate plans and actions to assure the company can continue to function in the face of a catastrophic event. Best practices developed by reliable organizations like NIST must be followed in order to ascertain business continuity in adverse situations. References Cooper, Frederic J, Goggans, Chris,; Halvey, John K.; Hughes, Larry; Morgan, Lisa; Siyan, Karanjit; Stallings, William; Stephenson, Peter (1995), "Implementing Internet Security", Indianapolis: New Riders Publishing. Gurpreet Dhillon (2001), "Information Security Management: Global Challenges in the New Millennium", IGI Press, Chapter 1. Jane F. Kinkus, "Science and Technology Resources on the Internet: Computer Security", Purdue University, Found at: http://www.istl.org/02-fall/internet.html. Harold Tipton & Micki Krause (2007), "Information Security Management Handbook", Auerbach Publications, 6th Edition. Herman Mehling (2007), "Disaster Recovery Planning brings peace of mind", Found at: http://searchcio.techtarget.com/tip/0,289483,sid19_gci1275061,00.html [Online Source] TAMU (nd), "Disaster Recovery Plan", Found at: http://falcon.tamucc.edu/compserv/pdf/Disaster_Recovery_Plan.pdf [Online Source] ZDNet.co.uk(2002), "Disaster Recovery: Hard Lessons from September 11th", Dave Shore, Found at: http://news.zdnet.co.uk/hardware/0,1000000091,2110487,00.htm [Online Source] NIST(2001), "Contingency Planning Guide for Information Technology Systems", Recommendations of the NIST, Publication:800-34, Found at: http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf [Online Source] Read More