DISASTER RECOVERY DEALING WITH SITES AND INCIDENT RESPONSE

DISASTER RECOVERY DEALING WITH SITES AND INCIDENT RESPONSE PLAN • Student • Unit 3 Individual Project

Disaster Recovery Sites Options • Alternative sites for IT operations are important • Exclusive site options • Hot Sites • Cold Sites • Warm sites • Mobile sites

Warm Sites and Its Purpose • Hot site without data replication • Offers access to space, equipment and utilities • Requires the installation of current backups and restoration of the systems online to become operational • These sites works for organizations or businesses that can tolerate one or two days of downtime

Cold Sites and Its Purpose • Arrangements for access to the recovery site that is fitted with the necessary utilities and services. • Sites do not require substantial up-front outlays • Access to sufficient capital necessary to cover equipment acquisition • Bringing this site up requires one to two weeks

Mobile Sites and Its Purpose • Site operator creates portable structures that are equipped with computing equipment • Degree to which the computing environment is decided is influenced by varying factors • Make sense for organizations with less tolerance for resuming their IT operations.

Shared Sites and Its Purpose • Shared sites are less expensive • DR service providers rely on the perception that disaster cannot strike at the same time • Shared sites is associated with significant drawbacks

Computer Security Incident Response Plan: Preparation • Activities that will enable the ISO to respond to the cyberattack incident • Formulation of policies, acquisition of tools, stipulation of procedures, effective governance and communication plans to facilitate the response. • Instituting necessary controls

Detection • Discovery of the cyber-attack • The use of the defined security tools • Accurately ascertaining the nature of the attack • Running of periodic assessments

Containment • The affected the affected system is identified • Parties are notified and the investigative status is established • The ISO is required to maintain sufficient staffing • Use of the available tools for detecting new events

Investigation • The ISO together with the DR team will determine the scope, priority and the main cause of the cyber-attack. • Timely investigation to ensure that the downtime is limited • Determines the extent of the attack

Remediation • Enacting activities that are of importance to resuming business operations. • Main activities; • Post-incident repair of the affected systems • Instructions to the affected parties • Communication • Assessment to establish if the cyber-attack has been adequately contained.

Recovery • Conducting analysis of the breach • Gathering the metrics and integrating the ‘lesson learned” for use in future training and activities. • Insider or outsider threats are minimized

Conclusion • The disaster recovery site are critical to the organisation as this enables them to resume their operations. The different exclusive sites options provides businesses the opportunity to prepare for such attacks and limit their impact on the organization’s activities. Considerably, the disaster recovery plan details on the specific phases and procedures to be adopted after a system breach to restore the organization’s normal processes.

References • Cichonski, P. , Millar, T. , Grance, T. , & Scarfone, K. (2013). Computer security incident handling guide. International journal of computer research, 20(4), 459. • Willis, J. (2016). Disaster recovery site considerations. MIS science cooperation. Accessed From http: //www. missciences. com/docs/DRSite. Considerations. pdf