This is an SLO assignment to gauge whether you really understand the concept

of security in the term of backup and disaster recovery.

The premise is simple; how do we prevent loss of data and by extension clients’
information. There more than one aspect to this. The first task is to have some data
and files available for recovery when users and hackers accidentally or by malice
delete or change data. Loss or corruption of data in these cases could be severe but
usually is not an existential threat.

The more serious and catastrophic long-term approach is dealing with disaster, which,
in effect means what happens if the IT infrastructure is fully or partially destroyed.
Events such as earth quakes, floods, fire, tornados hurricanes terrorist attacks can and
do cause irreparable damage. After the 9/11 attack, 300 firms that were in the World
Trade Center completely went out of business because their records were destroyed
and could not be recreated, even though many of the principals and workers had
survived.

In this quiz, I am presenting you with two different scenarios; two different
businesses. I would like you to develop backup and disaster recovery plans for both.
Look at the type of business, they are different and their needs are different. To make
is easier for you and me, I would like a short listing and explanation for each item.

A few hints are in order here. Some clients need hourly back up so they can restore to
a “point in time.” Also, just having solely Cloud backup is not always a good solution
when you are faced with total loss of date, Why it that? Additionally, remember your
RAID (Redundant array of independent disks) categories and apply as needed.

I will start you with item 1.

1. Daily, on premise, Backup of data

Now you will need to elaborate on that and additional steps you should implement.
What data and how often etc. I can identify at least 5 different backup and disaster
recovery steps. A short paragraph for each step would be fine. See what you can do.

The following are the two scenarios. You are required to do both of them.

1. A medium size criminal defense law firm in San Francisco. There are five partners,
50 attorneys and 15 support staff including an administration manager and an IT
administrator. The company specializes in cases of murder, racketeering, grand
 theft etc. It also works with private investigators and has a large database of very
sensitive information on clients, suspects, law enforcement and judicial officers.

a. Daily, on premise, Backup of data for important company data

b. Hardware RAID-5 with three or more disks and parity data stored on
some of the stripes. If one drive fails, the “parity” data can be used to
recover the data. Hardware removes load from the operating system, and
is “hot swappable” - replace a disk with zero downtime.
c. Off-site storage of backups in case of disasters.
d. Test backups are essential to notice any failed backup procedures.
Elements of testing includes backups, server restoration, server
redundancy, and alternative sites. Test can be done with cutover test:
turn off real equipment during business day to make sure the backup
takes over.
e. Protecting backup with clear labeling and physical security. Transfer is
protected from theft and loss. Older data can be stored in cold site.
f. Update backups. Incremental backup is ok to preserve both new and old
company data.
g. Document and review disaster recovery phases.

2. A stock broker and financial consultant. There are 100 employees in three different
locations, New York, Dallas and Seattle. Half of the staff is located on Wall Street in
New York; the others are evenly divided between the two other locations.
Remember the nature of business. When the markets are open, there is constant
flow of transactions and trades happening. Also remember that they are keeping
records of clients worth billions of dollars in total and any serious breach of security
or data loss can put them out of business.

a. Daily, on premise, Backup of data for important company and client data.
It could be differential backup for faster restoration to ensure smooth
operation of transactions, which could be hot and mirrored site for
immediate data recovery.
b. Hardware RAiD-6 with at least four disks and parity data with added
parity block. It continues to operate even if two drives fail. If one drive
 fails, the “parity” data can be used to recover the data. Hardware
removes load from the operating system, and is “hot swappable” -
replace a disk with zero downtime.
c. Server redundancy for constant uptime with heartbeat goes through
internal network. Load balancers distribute traffic to a cluster of servers
for high scalability and high availability.
d. Power redundancy for uninterruptable power supply, as well as generator
in place to maintain power supply during market open.
e. If required proper destruction by wiping or physically destroy media.

(DRP: )

a. Specify plan to recover servers. Planning communications such as war

room for people to go to for information; Focus on IT contingency
planning and succession planning.
b. Specify recovery steps for different types of disasters.
c. List hierarchy of critical systems.
d. Prioritize systems to restore after outage.