Disaster Recovery Flashcards
Disaster Recovery Plan (DRP)
enables companies to resume normal operations after a disaster.
In an IT context, this disaster generally involves a cybersecurity breach:
the loss, theft, or disappearance of sensitive data; a virus, a cyberattack, or cybercrime.
Disaster recovey
is broadly defined as an organisation’s ability to respond to and recover from catastrophic event.
In the wake of a cyber attack
teams need to have a disaster recovery plan in place to address problems as promptly and effectively as possible.
Cybersecurity is an increasingly common area where…
disaster recovery is critical to handling threats.
Disaster Recovery Plan is:
an organisation’s strategic documentation and process to restore access to compromised systems and infrastructure after a cyber attack, human error, natural disaster, or other catastrophic events.
Disaster recovery works two-fold to both…
maintain and reestablish critical IT systems and infrastructure following an incident.
Maintenance works
by properly replicating and backing up data and assets to specific restore points.
Recovery
is a reactionary effort to regain functionality and control over systems and data that become infected or breached.
What makes a disaster recovery plan effective is
anticipating threats before they arise and testing different threat scenarios to ensure the plan works.
An effective disaster recovery plan addresses an organisation’s unique
assets, infrastructure and vulnerabilities.
Several fundamentals elements should be considered as part of any disaster recovery plan:
- risk assessment: teams should thoroughly evaluate all possible threats and weaknesses in the organisation’s IT infrastructure and target areas of interes susceptible to cyber attacks.
- business continuity
- data archiving, backups, and recovery
- incident response
- communication
- training and education
- testing and drills
Steps to create a Disaster Recovery Plan
- Assemble your team: determine the roles and responsabilities across all members of your team as well as various departments.
- Develop an incident management plan: this should be a comprehensive documentation of the procedures used to pinpoint and report threats and cyber attacks, including incident response, investigation, and recovery procedures.
- Conduct a business impact analysis (BIA): The type of analysis, which helps inform the priorities and objectives of disaster recovery….
- Establish a recovery point objective (RPO): This metric defines the maximun acceptable amount of data loss measured in time.
- Determine a Recovery time objective (RTO)
- Define and document your plan
- Consistently test the disaster recovery plan
- Regularly review and update the plan