Prepared Plan with Regular Performance Checks
Data loss can result from many factors, including: fire, power outages, employee theft, viruses and hackers, as well as modern tragedies that can leave companies without access to buildings and important documents. Preparation is the key. Those who are prepared have a better chance of overcoming losses with minimal damage. The first step is to back up the system regularly. Often times the problem isn’t that companies are not creating backups, but that they are not verifying the efforts. This results in "false backups" where data is believed to be secured, only to find in an emergency the backups failed and data has been lost. This is especially true with tape backups as tapes can be more easily corrupted, damaged, worn out, or employees can forget to change the tapes. In either case, it is too late and data is already lost which can often take weeks, or even months for these systems to be restored, if ever. Therefore, it is extremely important for companies to follow best practices and create policies and procedures for creating regular backups and for testing their recovery environments. Among these policies should be regularly scheduled test recoveries in order to ensure that backup policies and procedures are working properly. Recovery events should be conducted once a quarter to make sure backups are running as planned.
The Recovery Plan
Companies must also implement fast recovery plans in the event of data loss or systems interruption in conjunction with regular backups. The first step in planning for recovery is the assessment of your environment. When assessing what to include in a disaster recovery plan, companies should keep in mind the following:
1. What network resources are most important?
2. What is the value of those resources, monetary, or otherwise?
3. What possible threats do these resources face?
4. What is the likelihood of those threats being realized?
5. What would be the impact of those threats on the business, employees, or customers, if those threats were realized?
6. Which resources do you need to bring online first?
7. What is the amount of time each one of these resources can be down?
8. Set an allowable downtime for each resource.
9. Set decontamination process for viruses, worms, etc.
When determining the value of an asset, organizations must consider both its monetary value and intrinsic value. Monetary value can be determined by considering what would happen if the asset was unavailable for any reason. Intrinsic value is the loss of data, privacy, legal liability, unwanted media exposure, loss of customer or investor confidence, and the costs associated with repairing security breaches. Once information assets are identified and valued, threats to those assets must be evaluated.