1
00:00:00,970 --> 00:00:02,970
<v ->Disaster Recovery Planning.</v>

2
00:00:02,970 --> 00:00:06,060
Disaster recovery planning is a development of an organized

3
00:00:06,060 --> 00:00:07,900
and in-depth plan for problems

4
00:00:07,900 --> 00:00:09,970
that could affect the access of your data

5
00:00:09,970 --> 00:00:11,740
or your organization's building.

6
00:00:11,740 --> 00:00:13,140
So if you think about the fact that you might have

7
00:00:13,140 --> 00:00:15,870
a cyber attack, or a flood, or a fire,

8
00:00:15,870 --> 00:00:17,970
all of these things might be things that are covered

9
00:00:17,970 --> 00:00:19,990
by your disaster recovery plan.

10
00:00:19,990 --> 00:00:21,440
Now planning should also include

11
00:00:21,440 --> 00:00:23,210
information regarding redundancy,

12
00:00:23,210 --> 00:00:25,470
such as what sites you have, are they warm sites,

13
00:00:25,470 --> 00:00:27,170
cold sites, or hot sites.

14
00:00:27,170 --> 00:00:28,320
How your backups are done

15
00:00:28,320 --> 00:00:30,230
and where they're going to be restored from,

16
00:00:30,230 --> 00:00:32,420
but it shouldn't include any information

17
00:00:32,420 --> 00:00:35,270
that deals with day-to-day operations of your organization.

18
00:00:35,270 --> 00:00:37,420
So I'm not going to have a procedure of how to conduct

19
00:00:37,420 --> 00:00:39,710
the backup, but I might have a policy

20
00:00:39,710 --> 00:00:41,470
on when they should be done.

21
00:00:41,470 --> 00:00:43,960
We should always do full backups on Sunday

22
00:00:43,960 --> 00:00:46,500
and incremental backups every single day thereafter,

23
00:00:46,500 --> 00:00:47,850
those kind of things.

24
00:00:47,850 --> 00:00:49,540
There are a lot of things you need to think about

25
00:00:49,540 --> 00:00:52,080
when creating disaster recovery plans, for example,

26
00:00:52,080 --> 00:00:54,060
what are you going to do in case of a fire.

27
00:00:54,060 --> 00:00:56,270
Now I don't mean about how are you going to put out the fire,

28
00:00:56,270 --> 00:00:58,340
but I mean, how are you going to recover from that fire?

29
00:00:58,340 --> 00:00:59,900
Let's say that it only happened in room,

30
00:00:59,900 --> 00:01:00,920
you had a small fire,

31
00:01:00,920 --> 00:01:02,640
and you were able to put it out with an extinguisher,

32
00:01:02,640 --> 00:01:05,060
but it ruined all of the desks and computers

33
00:01:05,060 --> 00:01:06,520
in that particular office,

34
00:01:06,520 --> 00:01:08,270
let's say that was the accounting office.

35
00:01:08,270 --> 00:01:10,140
How are you going to get those accountants back up

36
00:01:10,140 --> 00:01:12,480
and online with the rest of the organization?

37
00:01:12,480 --> 00:01:14,010
You're going to have to put them in a temporary space,

38
00:01:14,010 --> 00:01:15,780
you're going to have to get new cables and computers

39
00:01:15,780 --> 00:01:18,770
and get all that stuff brought up and recover their data.

40
00:01:18,770 --> 00:01:19,890
That's the kind of thing we're talking about

41
00:01:19,890 --> 00:01:21,280
with disaster recovery,

42
00:01:21,280 --> 00:01:22,750
or what if there's a flood?

43
00:01:22,750 --> 00:01:25,340
If the building gets flooded and you lose access to it,

44
00:01:25,340 --> 00:01:27,310
how are you going to keep your business up and running?

45
00:01:27,310 --> 00:01:29,900
You don't want to be figuring that out when it happens,

46
00:01:29,900 --> 00:01:31,550
you need a plan for that ahead of time

47
00:01:31,550 --> 00:01:33,960
and that's the whole idea of disaster recovery planning

48
00:01:33,960 --> 00:01:36,110
and continuity of operations planning.

49
00:01:36,110 --> 00:01:38,310
What are you going to do if there's a long-term power loss,

50
00:01:38,310 --> 00:01:39,740
for example, maybe you're in an area

51
00:01:39,740 --> 00:01:41,940
where there's hurricanes and the entire power grid

52
00:01:41,940 --> 00:01:44,080
in your area goes out for five days.

53
00:01:44,080 --> 00:01:46,160
Do you have back up generators that can last that long?

54
00:01:46,160 --> 00:01:47,600
Do you have enough gas for 'em,

55
00:01:47,600 --> 00:01:49,890
and if not, how are you going to shift your operations

56
00:01:49,890 --> 00:01:51,680
to a secondary location?

57
00:01:51,680 --> 00:01:53,810
What if you have theft or a malicious cyber attack,

58
00:01:53,810 --> 00:01:55,130
or something else like that?

59
00:01:55,130 --> 00:01:56,860
How are you going to deal with those things?

60
00:01:56,860 --> 00:01:58,860
And I'm not talking about the actual incident response

61
00:01:58,860 --> 00:02:00,030
part of the cyber attack,

62
00:02:00,030 --> 00:02:01,640
but how are you going to get the business back up

63
00:02:01,640 --> 00:02:03,470
and running and keep your data flowing,

64
00:02:03,470 --> 00:02:06,170
and get everything back to the way business used to be?

65
00:02:06,170 --> 00:02:07,630
That's the thing with disaster recovery,

66
00:02:07,630 --> 00:02:09,550
you want to get things back to normal operations

67
00:02:09,550 --> 00:02:11,170
as quickly as possible.

68
00:02:11,170 --> 00:02:12,050
And the last thing is,

69
00:02:12,050 --> 00:02:13,830
what are you going to do if you lose the building?

70
00:02:13,830 --> 00:02:15,070
What if there's an earthquake damage

71
00:02:15,070 --> 00:02:17,350
and the building goes away, again like fire and flood,

72
00:02:17,350 --> 00:02:18,990
you got to find a new place to work.

73
00:02:18,990 --> 00:02:21,120
What if there's riots in the streets or protestors

74
00:02:21,120 --> 00:02:23,910
and you can't physically get into your building that day?

75
00:02:23,910 --> 00:02:25,970
How are your operations going to continue?

76
00:02:25,970 --> 00:02:27,600
All of these are things you need to think about

77
00:02:27,600 --> 00:02:30,610
with disaster recovery and continuity of operations.

78
00:02:30,610 --> 00:02:32,600
Now a good disaster recovery plan

79
00:02:32,600 --> 00:02:34,150
should always be written down,

80
00:02:34,150 --> 00:02:35,800
it shouldn't be here in my head.

81
00:02:35,800 --> 00:02:37,800
Everyone in the organization needs to know

82
00:02:37,800 --> 00:02:39,080
what those policies are.

83
00:02:39,080 --> 00:02:42,090
We should have clearly outlined disaster recovery policies,

84
00:02:42,090 --> 00:02:43,940
procedures, and information.

85
00:02:43,940 --> 00:02:46,320
We should have things like the contact information,

86
00:02:46,320 --> 00:02:48,430
who do I call when there is a disaster?

87
00:02:48,430 --> 00:02:51,240
If we have a flood in the basement, who do I call?

88
00:02:51,240 --> 00:02:52,630
Who's the facilities manager,

89
00:02:52,630 --> 00:02:54,650
who's the disaster recovery company

90
00:02:54,650 --> 00:02:56,950
that we're going to have come in and suck out all that water?

91
00:02:56,950 --> 00:02:58,740
Those type of things are really important.

92
00:02:58,740 --> 00:03:00,130
You also need to have a way to figure out

93
00:03:00,130 --> 00:03:02,400
how are you going to determine the impact of this?

94
00:03:02,400 --> 00:03:04,280
Now what is impact determination?

95
00:03:04,280 --> 00:03:06,332
Well that's when we're going to decide,

96
00:03:06,332 --> 00:03:08,130
okay this was a small fire in the accounting office,

97
00:03:08,130 --> 00:03:10,940
and so the rest of us can still come in and go to work,

98
00:03:10,940 --> 00:03:12,370
and we're going to have to move those accountants

99
00:03:12,370 --> 00:03:13,350
to someplace else.

100
00:03:13,350 --> 00:03:15,450
Maybe they're going to co-locate with the sales people

101
00:03:15,450 --> 00:03:18,340
for the next month while we get their building refurbished.

102
00:03:18,340 --> 00:03:20,360
Next we have to think about the recovery plan,

103
00:03:20,360 --> 00:03:22,240
the recovery plan's going to actually spell out,

104
00:03:22,240 --> 00:03:24,430
what is the order and priority of things

105
00:03:24,430 --> 00:03:25,760
that need to be recovered.

106
00:03:25,760 --> 00:03:27,070
For example, let's say I have a company

107
00:03:27,070 --> 00:03:30,770
that has four different offices spread out across this city,

108
00:03:30,770 --> 00:03:34,430
and all four of them end up getting affected by a fire,

109
00:03:34,430 --> 00:03:36,550
or flood, or a hurricane, or earthquake,

110
00:03:36,550 --> 00:03:37,820
or something like that.

111
00:03:37,820 --> 00:03:39,640
Who is my priority, who do I bring up first,

112
00:03:39,640 --> 00:03:41,720
because not everyone can be number one.

113
00:03:41,720 --> 00:03:43,560
You have to figure out who's first, who's second,

114
00:03:43,560 --> 00:03:45,210
who's third and who's fourth.

115
00:03:45,210 --> 00:03:47,440
Then you need to think about your business continuity plan,

116
00:03:47,440 --> 00:03:49,780
how do I keep operations up and running?

117
00:03:49,780 --> 00:03:52,280
That might be shifting operations to a hot site,

118
00:03:52,280 --> 00:03:53,400
it may be that I'm going to move in

119
00:03:53,400 --> 00:03:55,020
with my partner down the street,

120
00:03:55,020 --> 00:03:57,360
whatever those things are, you need to have a plan for that.

121
00:03:57,360 --> 00:03:59,830
Another thing you need is copies of all of your agreements,

122
00:03:59,830 --> 00:04:02,000
in a hard copy format or digital,

123
00:04:02,000 --> 00:04:04,410
that you can access from anywhere else that you need to.

124
00:04:04,410 --> 00:04:07,200
So in a good example of this, is in one organization I had,

125
00:04:07,200 --> 00:04:09,180
we didn't keep extra routers on hand

126
00:04:09,180 --> 00:04:11,860
because our routers only failed every three years,

127
00:04:11,860 --> 00:04:14,090
so we'd always order them when it came close

128
00:04:14,090 --> 00:04:16,520
to that three year period and bring them in at that point.

129
00:04:16,520 --> 00:04:18,270
But we had an agreement with Cisco

130
00:04:18,270 --> 00:04:20,170
that if our router failed before that,

131
00:04:20,170 --> 00:04:22,540
they would get us a replacement within four hours,

132
00:04:22,540 --> 00:04:24,560
and that was the maintenance agreement we had with them.

133
00:04:24,560 --> 00:04:25,950
By having a copy of that agreement,

134
00:04:25,950 --> 00:04:28,640
if we had a fire or flood, I can execute that and say,

135
00:04:28,640 --> 00:04:31,360
Cisco send me a new device, I need one now

136
00:04:31,360 --> 00:04:33,480
so I can get my network up and running.

137
00:04:33,480 --> 00:04:35,610
Also, you need to think about exercising

138
00:04:35,610 --> 00:04:38,280
these disaster recovery procedures, for example,

139
00:04:38,280 --> 00:04:40,210
I might know what they all are because I wrote 'em,

140
00:04:40,210 --> 00:04:42,670
but does everybody else in the company know?

141
00:04:42,670 --> 00:04:44,546
What if we have a big blizzard,

142
00:04:44,546 --> 00:04:46,290
does everybody know that they don't go to work that day?

143
00:04:46,290 --> 00:04:48,190
What if we're going to have a big fire,

144
00:04:48,190 --> 00:04:50,240
does everybody know what the procedures are to escape

145
00:04:50,240 --> 00:04:53,170
out of the building and save themselves before the data,

146
00:04:53,170 --> 00:04:54,890
and do they know where they're going to operate out of

147
00:04:54,890 --> 00:04:56,160
from there on?

148
00:04:56,160 --> 00:04:57,860
When you do disaster recovery exercises

149
00:04:57,860 --> 00:04:59,920
they can be small or they can be large,

150
00:04:59,920 --> 00:05:01,710
you might go through and actually practice,

151
00:05:01,710 --> 00:05:03,390
what are we going to do if there's a hurricane

152
00:05:03,390 --> 00:05:05,120
and we lose power for three days?

153
00:05:05,120 --> 00:05:06,970
How are we going to continue to operate?

154
00:05:06,970 --> 00:05:08,650
A disaster recovery plan that's on paper

155
00:05:08,650 --> 00:05:11,390
that's never been exercised is never going to be a good thing

156
00:05:11,390 --> 00:05:13,090
when you have to execute it for real.

157
00:05:13,090 --> 00:05:15,420
Always practice them and it's recommended you practice

158
00:05:15,420 --> 00:05:17,210
at least once a year.

159
00:05:17,210 --> 00:05:19,110
The last thing I want to talk about is you need to have

160
00:05:19,110 --> 00:05:21,860
a list of all your critical systems and critical data.

161
00:05:21,860 --> 00:05:24,010
You need to know what's critical so you know what you need

162
00:05:24,010 --> 00:05:26,610
to protect and what you need to bring online first,

163
00:05:26,610 --> 00:05:29,360
so if you have a disaster and you lose all of your servers,

164
00:05:29,360 --> 00:05:31,100
which one is the most important?

165
00:05:31,100 --> 00:05:33,330
Which is the second most important, and so on,

166
00:05:33,330 --> 00:05:35,450
down the list so you know what to bring up first

167
00:05:35,450 --> 00:05:38,513
and what you're going to get recovered before anything else.

168
00:05:39,367 --> 00:05:41,717
(techno music)