SlideShare a Scribd company logo

Disaster Recovery Plan

Download as DOCX, PDF
David Donovan
David Donovan
1 of 14
0 | P a g e Interpharm DR Plan Business Impact Analysis Contained in this document are instructions on how to recover from a disaster quickly and with only minor disruption to normal business. It includes a Business Impact Analysis and a Disaster Recovery Plan. The main objective is to have critical services restored within 4 hours in the event of Total Network Outage. David Donovan 5/5/2013
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 1 Table of Contents Introduction ......................................................................................................................................2 Maximum tolerable outage / Recovery Time Objective ................................................................2 Recovery tasks and duration........................................................................................................2 Internet Connection ......................................................................................................................3 Total cost......................................................................................................................................3 Level of Protection ...........................................................................................................................4 Policy Statement..............................................................................................................................5 Staff Responsibilities ....................................................................................................................5 Business Impact Analysis ................................................................................................................6 Note: MTO- Maximum Tolerable Outage......................................................................................6 Critical Functions for IT Network: .................................................................................................6 Device Recovery Times................................................................................................................7 Disaster Definitions..........................................................................................................................8 Important contacts:.......................................................................................................................9 Backup Strategies ........................................................................................................................9 Disaster Recovery Implementation ................................................................................................10 Steps for Disaster Plan...............................................................................................................10 Flow Chart..................................................................................................................................11 Testing Disaster Recovery Plan.....................................................................................................12 Works Cited ...................................................................................................................................13 Disclaimer ......................................................................................................................................13
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 2 Introduction Interpharm requires that no data is to be outsourced or transmitted over shared bandwidth. A disused bomb shelter has been purchased for use as an emergency site. This recovery ‘cold site’ site has a dedicated Ethernet over First Mile Point to Point connection with Berkley Vale Office. File server needs to be running continuously so data stored on Interpharm’s File Servers is continuously replicated to the server at the Emergency Site. XenServer needs to be installed on the physical servers so the hard-drives storing the backup of the virtual servers at Berkley Vale can be plugged into the physical servers quickly. Maximum tolerable outage / Recovery Time Objective Diagram 1 – MTO and RTO This plan achieves a recovery time objective (RTO) of 2.5 hours. The maximum tolerable outrage is 5 hours. Specific Disaster Recovery instructions are specified on page Recovery tasks and duration Task Name Duration Minutes Report Fault 10 Evaluate and Declare Disaster 20 Contact Relevant Personnel 10 Obtain Relevant Documentation 15 Collect backups 10 Go to Recovery Site 30 Boot Needed Servers and Workstation. 15 Connect Virtual Devices 10 Test 30 Total Hours 2.5
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 3 Internet Connection Internet: Will be provided by Telstra Business Broadband Ethernet Plans 10Mbps Synchronous connection. Carriage is via a dedicated business- only network, supported by Telstra’s IT staff. Staff can access the network from any location using the VPN server. (Telstra, 2013) Infrastructure The following has been set-up and cabled at the emergency site. Hardware:  2 Routers  2 Switches  6 Virtual Servers 3 Physical Servers With Citrix XenServer Installed. a. 2 domain controller’s (to be used as DHCP server for workstations) b. 1 file server. (Storage) c. 1 exchange server (to be used as file and internal web server) d. 1 VPN server. (To be used so remote staff can access network.)  20 thin clients.  5 Workstations Software: 1. Backups of all switch and router start-up configurations. 2. Citrix Xen Server 6.1.0 (3 licences) 3. Citrix Xen Centre 6.1.0 (1 licence can be installed on a workstation) Total cost Hardware Servers, Routers, etc. (Inc. Generator, surge protector and UPS) $60, 000 Software Licences Virtualization Software shown on pg. 2 $5,787 Internet Connection $95,172 per year Unlimited. Location $130,000 Total $195,787 + $95,172 /12 months Table 1 http://www.telstra.com.au/business-enterprise/business-products/internet-data/ethernet- dsl/business-broadband-ethernet/index.html
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 4 Level of Protection (Gould, 2001) The DR plan will give us between tier 5 and tier 4 recovery times, with no loss of data. This is the best option for Interpharm.  It gives Interpharm total control over the security.  It provides an off-site location where all important data can be replicated instantly. So there is no-chance of losing important data.  Equipment is there if needed, but not running continuously.
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 5 Policy Statement Corporate management has approved the following policy statement The company shall develop a comprehensive IT disaster recovery plan. A formal risk assessment shall be undertaken to determine the requirements for the disaster recovery plan. The disaster recovery plan should cover all essential and critical infrastructure elements, systems and networks, in accordance with key business activities. The disaster recovery plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed. All staff must be made aware of the disaster recovery plan and their own respective roles. The disaster recovery plan is to be kept up to date to take into account changing circumstances. Staff Responsibilities Staff must report any problems with connecting with the company network / Internet and hardware/software faults with workstations to IT staff members immediately. If possible, Disaster Recovery should only be implemented after IT recovery officers determine that IT operations cannot be resumed within the MTO (Maximum Tolerable Outage).
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 6 Business Impact Analysis This following is for IT staff to work out priorities when recovering from a major disaster. MTO for network (hrs.) Priority Production 4 2 Sales 4 5 Warehouse &Distribution 4 3 Marketing 8 6 Finance & Accounts 4 5 IT 4 1 Research & Development 12 7 Admin 4 4 Table 2 Note: MTO- Maximum Tolerable Outage Critical Functions for IT Network: 1. Receiving orders through via Internet. 2. Connecting remote users to the network 3. Issue bills and receive payments. 4. Maintain/Secure data & records. 5. Maintain and monitor specialised applications. 6. Inter-Department communication. 7. VoIP Department Critical function Production Applications to monitor & control equipment, communicate with W&D + Accounts. Warehouse & Distribution Communicate with Production, Accounts Accounts Send out bills and receive payments Table 3
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 7 Device Recovery Times Recover Critical Network Equipment Device Name Replace Hardware(min) Recover Settings(min) Recover all Data (min) Total Recovery (min) BVDC1 60 60 60 180 BVDC2 60 60 60 180 BVPROXY1 60 60 60 180 BVSW1 30 20 30 80 BVROUTER1 30 20 30 80 WGSW1 30 20 30 80 WGROURER1 30 20 30 80 WGRODC1 60 60 60 180 WGPROXY1 60 60 60 180 WGSAMBA1 60 60 60 180 NCSW1 30 20 30 80 NCROUTER1 30 20 30 80 NCRODC1 60 60 60 180 NCPROXY1 60 60 60 180 NCSAMBA1 60 60 60 180 total (hours) 12 11 12 Berkley Vale 12 Hours Total Time Wollongong 12 Hours 35 Hours Newcastle 12 Hours Table 4 Note: Device names are written on the outside of all hardware. Or they can be found in the logical network diagram.
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 8 Disaster Definitions Key trigger issues at headquarters that would lead to activation of the DRP are: • Total loss of all communications • Total loss of power • Flooding of the premises • Loss of the building When an incident occurs the Emergency Response Team (ERT) must be activated. The ERT will then decide the extent to which the DRP must be invoked. All employees must be issued a Quick Reference card containing ERT contact details to be used in the event of a disaster. Responsibilities of the ERT are to: • Respond immediately to a potential disaster and call emergency services; • Assess the extent of the disaster and its impact on the business, IT network, etc.; • Establish and manage disaster recovery team to maintain vital services and return to normal operation; Ensure employees are notified and allocate responsibilities and activities as required Note: DRP – Disaster Recovery Plan Table 5 (Kirvan, IT Disaster Recovery (DR) Plan Template, 2009)Disaster Potential D Probability Rating Impact Rating Brief Description Of Potential Consequences & Remedial Actions Flood 3 4 Critical Network equipment is located on second floor Fire 3 4 FM200 suppression system installed in main computer centers. Fire and smoke detectors on all floors. Tornado 5 Electrical storms 5 Act of terrorism 5 Act of sabotage 5 Electrical power failure 3 4 Redundant UPS array together with auto standby generator that is tested weekly & remotely monitored 24/7. UPSs also remotely monitored. Loss of communications network services 4 4 Ethernet over First mile comes with backup dedicated circuits. As well as dialup access for remote staff.
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 9 Important contacts: Name Number Telstra (Nadil Hazma) 43254745 Grahame Beard (CEO) 43422112 Bruce McWhirter (CIO) 43422111 Ambulance 000 Fire 000 Table 6 Backup Strategies KEY BUSINESS PROCESS BACKUP STRATEGY IT Operations Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Facilities Management Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Email Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Finance Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Warehouse & Inventory Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Product Sales Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Web Site (internal) Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Table 7 (Kirvan, IT Disaster Recovery (DR) Plan Template, 2009)
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 10 Disaster Recovery Implementation Steps for Disaster Plan Step 1 Declare Disaster Before implementing this plan, ensure a disaster has been declared by ERT staff listed it this table below. Or if the one of the key triggers listed in the disaster definitions occurs. If none of these people are on-site at the time attempt to contact them in the order listed. One of the IT staff will contact the CIO and CEO. IT Contacts (Emergency Response Team) ERT. Name Position Location Email Number Dave Williams IT Staff Berkley Vale dave@Interpharm.local 43666669 Richard Nixon IT Staff (systems back- up Administrator) Berkley Vale richard@Interpharm.local 43009099 Rod Rude IT Staff (recovery officer) Berkley Vale Rod@Interpharm.local 40339902 Table 8 (Copies of backups are kept by Richard Nixon, Rod Rude and Ben Dover.) Step 2 Ensure the safety of the people around you. Step 3 Assemble at the recovery site with the network documents and backup media. Step 4 Connect Backup Drives to the Virtual Server. And power up physical devices. Step 5 Using Xen Centre on the IT’s workstation boot the virtual machines. Step 6 Perform Testing procedures.
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 11 Flow Chart Will the fault impact the critical network functions? Use the tables provided to determine if the critical infrastructure can be recovered by the Recovery Point Objective (RPO) Fix the problem and have normal services resumed within the RTO. Email IT support to report the problem No Determine if the problem device/s can be recovered within 4 hours Recovery Site has a copy of all network devices and servers. These have been setup with the same settings. Network documentation of secure site can be found in the safe. Yes Declare a Disaster Inform all Staff in Table 4 to assemble at Recovery Site. Yes No Recovery Staff will power up all equipment and test Services Resume
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 12 Testing Disaster Recovery Plan The disaster recovery plan needs to be updated and tested every 6 months to ensure plan is effective. Be sure to replicate any changes to the network to the emergency site. And the table below shows the optimum time to strive for. Task Name Duration Minutes Report Fault 10 Evaluate and Declare Disaster 20 Contact Relevant Personnel 10 Obtain Relevant Documentation 15 Collect backups 10 Go to Recovery Site 30 Boot Needed Servers and Workstation. 15 Connect Virtual Devices 10 Test 30 Total Hours 2.5 Table 9
Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 13 Works Cited Gould, P. (2001, Feb 18th). N/A. N/A, N/A, Australia. Kirvan, P. (2009, September 9th). IT Disaster Recovery (DR) Plan Template. Retrieved May 5th, 2013, from SearchDisasterRecovery: http://searchdisasterrecovery.techtarget.com/feature/IT-disaster-recovery-DR-plan- template-A-free-download-and-guide Kirvan, P. (2009, July 7th). Using a Business Impact Analysis Template (BIA). Retrieved May 5th, 2013, from SearchDisasterRecovery: http://searchdisasterrecovery.techtarget.com/feature/Using-a-business-impact-analysis- BIA-template-A-free-BIA-template-and-guide Disclaimer This document is based on the template provided by TechTarget, Inc. Conditions for the use of copyright material can be found at http://searchdisasterrecovery.techtarget.com/about/copyright

Recommended

Business continuity
Business continuityBusiness continuity
Business continuityAlka Mehar
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planningguest340570
 
Disaster Recovery Plan for IT
Disaster Recovery Plan for ITDisaster Recovery Plan for IT
Disaster Recovery Plan for IThhuihhui
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity PlanningDipankar Ghosh
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Planmhdpaknejad
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
 
Building a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprintBuilding a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprintluweinet
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery PlanIndeevari Ramanayake
 

Recommended

Business continuity
Business continuityBusiness continuity
Business continuityAlka Mehar
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planningguest340570
 
Disaster Recovery Plan for IT
Disaster Recovery Plan for ITDisaster Recovery Plan for IT
Disaster Recovery Plan for IThhuihhui
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity PlanningDipankar Ghosh
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery Planmhdpaknejad
 
Disaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanDisaster Recovery Plan / Enterprise Continuity Plan
Disaster Recovery Plan / Enterprise Continuity PlanMarcelo Silva
 
Building a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprintBuilding a business impact analysis (bia) process a hands on blueprint
Building a business impact analysis (bia) process a hands on blueprintluweinet
 
Disaster Recovery Plan
Disaster Recovery PlanDisaster Recovery Plan
Disaster Recovery PlanIndeevari Ramanayake
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop FinalBill Lisse
 
Bcp
BcpBcp
Bcpmadunix
 
Business Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationBusiness Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationPECB
 
IT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business ContinuityIT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business Continuitymascot4u
 
Business Continuity Detailed Plan
Business Continuity Detailed PlanBusiness Continuity Detailed Plan
Business Continuity Detailed PlanWissam Abdel Baki
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planningalanlund
 
Business Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBusiness Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBob Winkler
 
Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy Chandrak Trivedi
 
Bcp drp
Bcp drpBcp drp
Bcp drpaqel aqel
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planingHanaysha
 
Business continuity management www.reconglobal.in
Business continuity management www.reconglobal.inBusiness continuity management www.reconglobal.in
Business continuity management www.reconglobal.inSatya Yadav
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAnand Subramaniam
 
Disaster recovery
Disaster recoveryDisaster recovery
Disaster recoverySameeu Imad
 
Disaster Recovery Planning
Disaster Recovery PlanningDisaster Recovery Planning
Disaster Recovery PlanningJohn Wilson
 
Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Narudom Roongsiriwong, CISSP
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planningmmohamme1124
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
An Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery PlanningAn Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery PlanningNEBizRecovery
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
009.itsecurity bcp v1
009.itsecurity bcp v1009.itsecurity bcp v1
009.itsecurity bcp v1Mohammad Ashfaqur Rahman
 
Ruben urquidez
Ruben urquidezRuben urquidez
Ruben urquidezrujsd1
 
Business Continuity Plan
Business Continuity PlanBusiness Continuity Plan
Business Continuity PlanPlash Chowdhary
 

More Related Content

What's hot

Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop FinalBill Lisse
 
Business Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationBusiness Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationPECB
 
IT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business ContinuityIT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business Continuitymascot4u
 
Business Continuity Detailed Plan
Business Continuity Detailed PlanBusiness Continuity Detailed Plan
Business Continuity Detailed PlanWissam Abdel Baki
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planningalanlund
 
Business Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBusiness Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBob Winkler
 
Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy Chandrak Trivedi
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planingHanaysha
 
Business continuity management www.reconglobal.in
Business continuity management www.reconglobal.inBusiness continuity management www.reconglobal.in
Business continuity management www.reconglobal.inSatya Yadav
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAnand Subramaniam
 
Disaster recovery
Disaster recoveryDisaster recovery
Disaster recoverySameeu Imad
 
Disaster Recovery Planning
Disaster Recovery PlanningDisaster Recovery Planning
Disaster Recovery PlanningJohn Wilson
 
Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Narudom Roongsiriwong, CISSP
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planningmmohamme1124
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
An Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery PlanningAn Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery PlanningNEBizRecovery
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 

What's hot (20)

Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop Final
 
Bcp
BcpBcp
Bcp
 
Business Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationBusiness Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS Implementation
 
IT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business ContinuityIT Disaster Recovery & Business Continuity
IT Disaster Recovery & Business Continuity
 
Business Continuity Detailed Plan
Business Continuity Detailed PlanBusiness Continuity Detailed Plan
Business Continuity Detailed Plan
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
 
Business Continuity Planning Presentation Overview
Business Continuity Planning Presentation OverviewBusiness Continuity Planning Presentation Overview
Business Continuity Planning Presentation Overview
 
Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy Business Continuity and Disaster Recovery Strategy
Business Continuity and Disaster Recovery Strategy
 
Bcp drp
Bcp drpBcp drp
Bcp drp
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planing
 
Business continuity management www.reconglobal.in
Business continuity management www.reconglobal.inBusiness continuity management www.reconglobal.in
Business continuity management www.reconglobal.in
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
 
Disaster recovery
Disaster recoveryDisaster recovery
Disaster recovery
 
Disaster Recovery Planning
Disaster Recovery PlanningDisaster Recovery Planning
Disaster Recovery Planning
 
Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)Business continuity & disaster recovery planning (BCP & DRP)
Business continuity & disaster recovery planning (BCP & DRP)
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planning
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcp
 
An Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery PlanningAn Introduction to Disaster Recovery Planning
An Introduction to Disaster Recovery Planning
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity Capability
 
009.itsecurity bcp v1
009.itsecurity bcp v1009.itsecurity bcp v1
009.itsecurity bcp v1
 

Viewers also liked

Ruben urquidez
Ruben urquidezRuben urquidez
Ruben urquidezrujsd1
 
Business Continuity Plan
Business Continuity PlanBusiness Continuity Plan
Business Continuity PlanPlash Chowdhary
 
Best Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingAxcient
 
Disaster management and role of nurse
Disaster management and role of nurseDisaster management and role of nurse
Disaster management and role of nurseAIIMS, Rishikesh
 
Developing an Intranet Strategy
Developing an Intranet StrategyDeveloping an Intranet Strategy
Developing an Intranet StrategyDNN
 

Viewers also liked (6)

Ruben urquidez
Ruben urquidezRuben urquidez
Ruben urquidez
 
Business Continuity Plan
Business Continuity PlanBusiness Continuity Plan
Business Continuity Plan
 
How to Design for High Availability & Scale with AWS
How to Design for High Availability & Scale with AWSHow to Design for High Availability & Scale with AWS
How to Design for High Availability & Scale with AWS
 
Best Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and TestingBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and Testing
 
Disaster management and role of nurse
Disaster management and role of nurseDisaster management and role of nurse
Disaster management and role of nurse
 
Developing an Intranet Strategy
Developing an Intranet StrategyDeveloping an Intranet Strategy
Developing an Intranet Strategy
 

Similar to Disaster Recovery Plan

Joe Graziano – Challenge 2 Design Solution (Part 1)
Joe Graziano – Challenge 2 Design Solution (Part 1)Joe Graziano – Challenge 2 Design Solution (Part 1)
Joe Graziano – Challenge 2 Design Solution (Part 1)tovmug
 
Boomerang Total Recall
Boomerang Total RecallBoomerang Total Recall
Boomerang Total Recallbdoyle05
 
Business Continuity Plan V5
Business Continuity Plan V5Business Continuity Plan V5
Business Continuity Plan V5Rick Percuoco
 
Disaster Recovery: Understanding Trend, Methodology, Solution, and Standard
Disaster Recovery: Understanding Trend, Methodology, Solution, and StandardDisaster Recovery: Understanding Trend, Methodology, Solution, and Standard
Disaster Recovery: Understanding Trend, Methodology, Solution, and StandardPT Datacomm Diangraha
 
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMaryJWilliams2
 
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...VAST
 
Cyberdyne systems (2)
Cyberdyne systems (2)Cyberdyne systems (2)
Cyberdyne systems (2)Bryan Moss
 
Washington_Course_Project_Week_8
Washington_Course_Project_Week_8Washington_Course_Project_Week_8
Washington_Course_Project_Week_8Douglas Washington
 
Cloud-Based Disaster Recovery Service Overview
Cloud-Based Disaster Recovery Service OverviewCloud-Based Disaster Recovery Service Overview
Cloud-Based Disaster Recovery Service OverviewPT Datacomm Diangraha
 
A guide to modern it disaster recovery
A guide to modern it disaster recoveryA guide to modern it disaster recovery
A guide to modern it disaster recoveryJohn Brouillard
 
Jonathan Frappier – Challenge 2 Design Solution
Jonathan Frappier – Challenge 2 Design SolutionJonathan Frappier – Challenge 2 Design Solution
Jonathan Frappier – Challenge 2 Design Solutiontovmug
 
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud Computing
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud ComputingIRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud Computing
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud ComputingIRJET Journal
 
Disaster Recovery and the Cloud
Disaster Recovery and the CloudDisaster Recovery and the Cloud
Disaster Recovery and the CloudJason Dea
 
Network Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster recNetwork Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster recrosu555
 
Disaster Recovery Planning
Disaster Recovery Planning Disaster Recovery Planning
Disaster Recovery Planning Keystone IT
 
Bluelock's Recovery Suite
Bluelock's Recovery SuiteBluelock's Recovery Suite
Bluelock's Recovery SuiteBluelock
 
How to Make an Effective Cloud Disaster Recovery Strategy.pdf
How to Make an Effective Cloud Disaster Recovery Strategy.pdfHow to Make an Effective Cloud Disaster Recovery Strategy.pdf
How to Make an Effective Cloud Disaster Recovery Strategy.pdfSysvoot Antivirus
 
Cyber resilience: planning to bounce back
Cyber resilience: planning to bounce backCyber resilience: planning to bounce back
Cyber resilience: planning to bounce backJisc
 

Similar to Disaster Recovery Plan (20)

Joe Graziano – Challenge 2 Design Solution (Part 1)
Joe Graziano – Challenge 2 Design Solution (Part 1)Joe Graziano – Challenge 2 Design Solution (Part 1)
Joe Graziano – Challenge 2 Design Solution (Part 1)
 
Boomerang Total Recall
Boomerang Total RecallBoomerang Total Recall
Boomerang Total Recall
 
Business Continuity Plan V5
Business Continuity Plan V5Business Continuity Plan V5
Business Continuity Plan V5
 
Disaster Recovery: Understanding Trend, Methodology, Solution, and Standard
Disaster Recovery: Understanding Trend, Methodology, Solution, and StandardDisaster Recovery: Understanding Trend, Methodology, Solution, and Standard
Disaster Recovery: Understanding Trend, Methodology, Solution, and Standard
 
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
 
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
 
Cyberdyne systems (2)
Cyberdyne systems (2)Cyberdyne systems (2)
Cyberdyne systems (2)
 
Washington_Course_Project_Week_8
Washington_Course_Project_Week_8Washington_Course_Project_Week_8
Washington_Course_Project_Week_8
 
Cloud-Based Disaster Recovery Service Overview
Cloud-Based Disaster Recovery Service OverviewCloud-Based Disaster Recovery Service Overview
Cloud-Based Disaster Recovery Service Overview
 
A guide to modern it disaster recovery
A guide to modern it disaster recoveryA guide to modern it disaster recovery
A guide to modern it disaster recovery
 
Jonathan Frappier – Challenge 2 Design Solution
Jonathan Frappier – Challenge 2 Design SolutionJonathan Frappier – Challenge 2 Design Solution
Jonathan Frappier – Challenge 2 Design Solution
 
DR hosting & cloud
DR hosting & cloudDR hosting & cloud
DR hosting & cloud
 
BCM App brief
BCM App briefBCM App brief
BCM App brief
 
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud Computing
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud ComputingIRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud Computing
IRJET-Comparative Analysis of Disaster Recovery Solutions in Cloud Computing
 
Disaster Recovery and the Cloud
Disaster Recovery and the CloudDisaster Recovery and the Cloud
Disaster Recovery and the Cloud
 
Network Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster recNetwork Strategy and Design Final assignment disaster rec
Network Strategy and Design Final assignment disaster rec
 
Disaster Recovery Planning
Disaster Recovery Planning Disaster Recovery Planning
Disaster Recovery Planning
 
Bluelock's Recovery Suite
Bluelock's Recovery SuiteBluelock's Recovery Suite
Bluelock's Recovery Suite
 
How to Make an Effective Cloud Disaster Recovery Strategy.pdf
How to Make an Effective Cloud Disaster Recovery Strategy.pdfHow to Make an Effective Cloud Disaster Recovery Strategy.pdf
How to Make an Effective Cloud Disaster Recovery Strategy.pdf
 
Cyber resilience: planning to bounce back
Cyber resilience: planning to bounce backCyber resilience: planning to bounce back
Cyber resilience: planning to bounce back
 

Disaster Recovery Plan

  • 1. 0 | P a g e Interpharm DR Plan Business Impact Analysis Contained in this document are instructions on how to recover from a disaster quickly and with only minor disruption to normal business. It includes a Business Impact Analysis and a Disaster Recovery Plan. The main objective is to have critical services restored within 4 hours in the event of Total Network Outage. David Donovan 5/5/2013
  • 2. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 1 Table of Contents Introduction ......................................................................................................................................2 Maximum tolerable outage / Recovery Time Objective ................................................................2 Recovery tasks and duration........................................................................................................2 Internet Connection ......................................................................................................................3 Total cost......................................................................................................................................3 Level of Protection ...........................................................................................................................4 Policy Statement..............................................................................................................................5 Staff Responsibilities ....................................................................................................................5 Business Impact Analysis ................................................................................................................6 Note: MTO- Maximum Tolerable Outage......................................................................................6 Critical Functions for IT Network: .................................................................................................6 Device Recovery Times................................................................................................................7 Disaster Definitions..........................................................................................................................8 Important contacts:.......................................................................................................................9 Backup Strategies ........................................................................................................................9 Disaster Recovery Implementation ................................................................................................10 Steps for Disaster Plan...............................................................................................................10 Flow Chart..................................................................................................................................11 Testing Disaster Recovery Plan.....................................................................................................12 Works Cited ...................................................................................................................................13 Disclaimer ......................................................................................................................................13
  • 3. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 2 Introduction Interpharm requires that no data is to be outsourced or transmitted over shared bandwidth. A disused bomb shelter has been purchased for use as an emergency site. This recovery ‘cold site’ site has a dedicated Ethernet over First Mile Point to Point connection with Berkley Vale Office. File server needs to be running continuously so data stored on Interpharm’s File Servers is continuously replicated to the server at the Emergency Site. XenServer needs to be installed on the physical servers so the hard-drives storing the backup of the virtual servers at Berkley Vale can be plugged into the physical servers quickly. Maximum tolerable outage / Recovery Time Objective Diagram 1 – MTO and RTO This plan achieves a recovery time objective (RTO) of 2.5 hours. The maximum tolerable outrage is 5 hours. Specific Disaster Recovery instructions are specified on page Recovery tasks and duration Task Name Duration Minutes Report Fault 10 Evaluate and Declare Disaster 20 Contact Relevant Personnel 10 Obtain Relevant Documentation 15 Collect backups 10 Go to Recovery Site 30 Boot Needed Servers and Workstation. 15 Connect Virtual Devices 10 Test 30 Total Hours 2.5
  • 4. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 3 Internet Connection Internet: Will be provided by Telstra Business Broadband Ethernet Plans 10Mbps Synchronous connection. Carriage is via a dedicated business- only network, supported by Telstra’s IT staff. Staff can access the network from any location using the VPN server. (Telstra, 2013) Infrastructure The following has been set-up and cabled at the emergency site. Hardware:  2 Routers  2 Switches  6 Virtual Servers 3 Physical Servers With Citrix XenServer Installed. a. 2 domain controller’s (to be used as DHCP server for workstations) b. 1 file server. (Storage) c. 1 exchange server (to be used as file and internal web server) d. 1 VPN server. (To be used so remote staff can access network.)  20 thin clients.  5 Workstations Software: 1. Backups of all switch and router start-up configurations. 2. Citrix Xen Server 6.1.0 (3 licences) 3. Citrix Xen Centre 6.1.0 (1 licence can be installed on a workstation) Total cost Hardware Servers, Routers, etc. (Inc. Generator, surge protector and UPS) $60, 000 Software Licences Virtualization Software shown on pg. 2 $5,787 Internet Connection $95,172 per year Unlimited. Location $130,000 Total $195,787 + $95,172 /12 months Table 1 http://www.telstra.com.au/business-enterprise/business-products/internet-data/ethernet- dsl/business-broadband-ethernet/index.html
  • 5. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 4 Level of Protection (Gould, 2001) The DR plan will give us between tier 5 and tier 4 recovery times, with no loss of data. This is the best option for Interpharm.  It gives Interpharm total control over the security.  It provides an off-site location where all important data can be replicated instantly. So there is no-chance of losing important data.  Equipment is there if needed, but not running continuously.
  • 6. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 5 Policy Statement Corporate management has approved the following policy statement The company shall develop a comprehensive IT disaster recovery plan. A formal risk assessment shall be undertaken to determine the requirements for the disaster recovery plan. The disaster recovery plan should cover all essential and critical infrastructure elements, systems and networks, in accordance with key business activities. The disaster recovery plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be executed. All staff must be made aware of the disaster recovery plan and their own respective roles. The disaster recovery plan is to be kept up to date to take into account changing circumstances. Staff Responsibilities Staff must report any problems with connecting with the company network / Internet and hardware/software faults with workstations to IT staff members immediately. If possible, Disaster Recovery should only be implemented after IT recovery officers determine that IT operations cannot be resumed within the MTO (Maximum Tolerable Outage).
  • 7. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 6 Business Impact Analysis This following is for IT staff to work out priorities when recovering from a major disaster. MTO for network (hrs.) Priority Production 4 2 Sales 4 5 Warehouse &Distribution 4 3 Marketing 8 6 Finance & Accounts 4 5 IT 4 1 Research & Development 12 7 Admin 4 4 Table 2 Note: MTO- Maximum Tolerable Outage Critical Functions for IT Network: 1. Receiving orders through via Internet. 2. Connecting remote users to the network 3. Issue bills and receive payments. 4. Maintain/Secure data & records. 5. Maintain and monitor specialised applications. 6. Inter-Department communication. 7. VoIP Department Critical function Production Applications to monitor & control equipment, communicate with W&D + Accounts. Warehouse & Distribution Communicate with Production, Accounts Accounts Send out bills and receive payments Table 3
  • 8. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 7 Device Recovery Times Recover Critical Network Equipment Device Name Replace Hardware(min) Recover Settings(min) Recover all Data (min) Total Recovery (min) BVDC1 60 60 60 180 BVDC2 60 60 60 180 BVPROXY1 60 60 60 180 BVSW1 30 20 30 80 BVROUTER1 30 20 30 80 WGSW1 30 20 30 80 WGROURER1 30 20 30 80 WGRODC1 60 60 60 180 WGPROXY1 60 60 60 180 WGSAMBA1 60 60 60 180 NCSW1 30 20 30 80 NCROUTER1 30 20 30 80 NCRODC1 60 60 60 180 NCPROXY1 60 60 60 180 NCSAMBA1 60 60 60 180 total (hours) 12 11 12 Berkley Vale 12 Hours Total Time Wollongong 12 Hours 35 Hours Newcastle 12 Hours Table 4 Note: Device names are written on the outside of all hardware. Or they can be found in the logical network diagram.
  • 9. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 8 Disaster Definitions Key trigger issues at headquarters that would lead to activation of the DRP are: • Total loss of all communications • Total loss of power • Flooding of the premises • Loss of the building When an incident occurs the Emergency Response Team (ERT) must be activated. The ERT will then decide the extent to which the DRP must be invoked. All employees must be issued a Quick Reference card containing ERT contact details to be used in the event of a disaster. Responsibilities of the ERT are to: • Respond immediately to a potential disaster and call emergency services; • Assess the extent of the disaster and its impact on the business, IT network, etc.; • Establish and manage disaster recovery team to maintain vital services and return to normal operation; Ensure employees are notified and allocate responsibilities and activities as required Note: DRP – Disaster Recovery Plan Table 5 (Kirvan, IT Disaster Recovery (DR) Plan Template, 2009)Disaster Potential D Probability Rating Impact Rating Brief Description Of Potential Consequences & Remedial Actions Flood 3 4 Critical Network equipment is located on second floor Fire 3 4 FM200 suppression system installed in main computer centers. Fire and smoke detectors on all floors. Tornado 5 Electrical storms 5 Act of terrorism 5 Act of sabotage 5 Electrical power failure 3 4 Redundant UPS array together with auto standby generator that is tested weekly & remotely monitored 24/7. UPSs also remotely monitored. Loss of communications network services 4 4 Ethernet over First mile comes with backup dedicated circuits. As well as dialup access for remote staff.
  • 10. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 9 Important contacts: Name Number Telstra (Nadil Hazma) 43254745 Grahame Beard (CEO) 43422112 Bruce McWhirter (CIO) 43422111 Ambulance 000 Fire 000 Table 6 Backup Strategies KEY BUSINESS PROCESS BACKUP STRATEGY IT Operations Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Facilities Management Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Email Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Finance Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Warehouse & Inventory Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Product Sales Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Web Site (internal) Data replicated to Recovery Site continuously, copies of all Virtualized Hardware sent to recovery site once a month. Table 7 (Kirvan, IT Disaster Recovery (DR) Plan Template, 2009)
  • 11. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 10 Disaster Recovery Implementation Steps for Disaster Plan Step 1 Declare Disaster Before implementing this plan, ensure a disaster has been declared by ERT staff listed it this table below. Or if the one of the key triggers listed in the disaster definitions occurs. If none of these people are on-site at the time attempt to contact them in the order listed. One of the IT staff will contact the CIO and CEO. IT Contacts (Emergency Response Team) ERT. Name Position Location Email Number Dave Williams IT Staff Berkley Vale dave@Interpharm.local 43666669 Richard Nixon IT Staff (systems back- up Administrator) Berkley Vale richard@Interpharm.local 43009099 Rod Rude IT Staff (recovery officer) Berkley Vale Rod@Interpharm.local 40339902 Table 8 (Copies of backups are kept by Richard Nixon, Rod Rude and Ben Dover.) Step 2 Ensure the safety of the people around you. Step 3 Assemble at the recovery site with the network documents and backup media. Step 4 Connect Backup Drives to the Virtual Server. And power up physical devices. Step 5 Using Xen Centre on the IT’s workstation boot the virtual machines. Step 6 Perform Testing procedures.
  • 12. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 11 Flow Chart Will the fault impact the critical network functions? Use the tables provided to determine if the critical infrastructure can be recovered by the Recovery Point Objective (RPO) Fix the problem and have normal services resumed within the RTO. Email IT support to report the problem No Determine if the problem device/s can be recovered within 4 hours Recovery Site has a copy of all network devices and servers. These have been setup with the same settings. Network documentation of secure site can be found in the safe. Yes Declare a Disaster Inform all Staff in Table 4 to assemble at Recovery Site. Yes No Recovery Staff will power up all equipment and test Services Resume
  • 13. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 12 Testing Disaster Recovery Plan The disaster recovery plan needs to be updated and tested every 6 months to ensure plan is effective. Be sure to replicate any changes to the network to the emergency site. And the table below shows the optimum time to strive for. Task Name Duration Minutes Report Fault 10 Evaluate and Declare Disaster 20 Contact Relevant Personnel 10 Obtain Relevant Documentation 15 Collect backups 10 Go to Recovery Site 30 Boot Needed Servers and Workstation. 15 Connect Virtual Devices 10 Test 30 Total Hours 2.5 Table 9
  • 14. Disaster Recovery Plan (Diploma) 5/05/2013 David Donovan Page 13 Works Cited Gould, P. (2001, Feb 18th). N/A. N/A, N/A, Australia. Kirvan, P. (2009, September 9th). IT Disaster Recovery (DR) Plan Template. Retrieved May 5th, 2013, from SearchDisasterRecovery: http://searchdisasterrecovery.techtarget.com/feature/IT-disaster-recovery-DR-plan- template-A-free-download-and-guide Kirvan, P. (2009, July 7th). Using a Business Impact Analysis Template (BIA). Retrieved May 5th, 2013, from SearchDisasterRecovery: http://searchdisasterrecovery.techtarget.com/feature/Using-a-business-impact-analysis- BIA-template-A-free-BIA-template-and-guide Disclaimer This document is based on the template provided by TechTarget, Inc. Conditions for the use of copyright material can be found at http://searchdisasterrecovery.techtarget.com/about/copyright