1 / 16

Disaster Prevention and Recovery

Disaster Prevention and Recovery. Team Members. Gwenn Cooper Kristy Short John knieling Carissa Vancleave Matthew Owens. Agenda. Introduction Prevention and Recovery Plan IT Security Functions Computer Crime Viruses COBIT Wrap-up. Katrina. August 29 th , 2005.

zachariah
Download Presentation

Disaster Prevention and Recovery

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Disaster Preventionand Recovery

  2. Team Members • Gwenn Cooper • Kristy Short • John knieling • Carissa Vancleave • Matthew Owens

  3. Agenda • Introduction • Prevention and Recovery Plan • IT Security Functions • Computer Crime • Viruses • COBIT • Wrap-up

  4. Katrina August 29th, 2005

  5. brought in pharmacy staff members from other markets and housed them in 50 RVs sent to stores in hard-hit areas. • hired new employees throughout the Gulf Coast who have lost their jobs because of the hurricane. • activated a new, proprietary pharmacy computer system that allows some of the steps in the prescription filling process to be done by Walgreens pharmacies in other areas. Prior to the hurricane, this system was only being tested in Florida. www.walgreens.com/about/press/othernews/091505.jsp

  6. Disaster Recovery Plan Defined: Disaster recovery plans ensure continuous service and recovery from any disaster. Jones & Rama, “Accounting Information Systems.”

  7. Steps to Prevention • Assessing Risk • Geographical area • Mapping critical functions • Downtime • IT Policy • Controls • Employees • Other aspects www.businesseye.org.uk/respirce/3080.61523.file.enq.pdf

  8. Testing • ISACA • Hypothetical; Component; Module; Full Testing • Alarm Testing • Natural Disaster Testing www.isava.org

  9. Salvaging • Techniques • Saving wet documents; salvaging wet furniture; repairing structural damage; remove mold. • Disaster Services Inc. • FEMA HTTP//PALIMPSEST.STANFORD.EDU

  10. IT Security Functions • Information Classification • ‘open’, ‘confidential’, ‘secret’, ‘top secret’ • Documentation Rules • Security handbook • User Identification and Authorization • User names,passwords, access cards, biometrics • Logging • Who, when, where, what? www.interpol.int/public/technologycrime/crimeprev/itsecurity.asp#5

  11. IT Security Functions • Back-ups • Interpol recommends a 5-step process. • (shown on next slide) • Firewalls • Packet filtering system • Application-level gateway • Intrusion Detection Systems (IDS) • Statistical detection • Pattern matching detection • Incident Handling (IH) • Preparation, Identification, Containment, Eradication, Recovery, Follow-up

  12. Backing up your data Interpol recommends the following 5-step process when making back-ups: • 1. Make sure that regular back-up copies are made of both data and system files. • 2. Back-up cycles should be of sufficient length to be of some use in the future. • 3. Take a full back-up (of both the system and the data) out of the cycle on a regular basis and archive it off site for an extended period. • 4. Back-up tapes/diskettes should be kept in a safe place under lock and key and away from the computer. Should be secured from fire, flood, or any other disaster, and preferably off site. • 5. Periodically test the back-up to ensure that the information can actually be restored in an emergency.

  13. Computer Crime • Computers becoming primary communication • Email, instant messaging, etc. • Two types of computer crime • 1 - using a computer to commit a crime • 2 - criminal activity that targets a computer • Internal threats vs. External threats • Prevention

  14. Viruses What are computer viruses? Computer viruses are basically a type software program, which has been deliberately created to interfere with computer operation and can cause the following effects. • Slow your computer down • Record unwanted data • Corrupt data • Delete data

  15. COBIT • COBIT was a publication created by the IT Governance Institute (ITGI). • Provides educational information on control objectives, management guidelines, and managing changes. • Includes a maturity model to offer businesses a tool for measuring their current level of IT sophistication and seeing how they align with their current business strategy. • Suggests that a business should control its IT process through impact assessment, authorization and implementation of any changes to its IT system • Accomplished by defining and communicating procedures, and by assessing, authorizing and reporting changes. IT Governance institute- cobit

  16. Wrap-up • 50-70% of companies go out of • business after a disaster • 40% have plans to recover data • Lose time, money, resources • Any Questions? WWW.DATACLINIC.CO.UK/DATA-BACKUP.HTM, WWW.LANSPEED.COM

More Related