+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

Cloud Outsourcing and Disaster Recovery Bundle

  • PDF Icon

    Report

  • 500 Pages
  • June 2022
  • Region: Global
  • Janco Associates, Inc
  • ID: 5596104

Ransomware Attacks Highlights Major Operational Risks

The Cloud Outsourcing and Disaster Recovery Bundle includes in editable Microsoft WORD and PDF formats:

  • How to Guide for Cloud Processing and Outsourcing includes a job description for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 - 27002 - 27031 security audit checklist, Business and IT Impact Questionnaire and much more.
  • Disaster Recovery Plan (DRP) can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption. The template is IS0 27000 (27031) Series, COBIT, Sarbanes Oxley, PCI-DSS, and HIPAA compliant.

CIOs, CSOs, and IT managers have eagerly implemented Internet-based applications to reap its many benefits including lower hardware, infrastructure, and energy costs.  However recent cyberattacks have shown how these applications put companies at risk.

Now the focus is on having security and business continuity solutions that utilize cloud processing as a top priority. The recent pipeline cyberattack has focused many CIOs on the protection and recovery from them as a top priority. They understand protection and business continuity plans need to be more resilient.

The 2022 editions of the Cloud, DR/BC, and Security Templates have addressed those needs directly.

Samples

Loading
LOADING...

Executive Summary

Cloud Disaster Recovery and Security Template - IT managers have eagerly implemented cloud applications to reap its many benefits: lower hardware and energy costs, more flexibility, faster responsiveness to changing and new applications, and improved resiliency.

But when disaster strikes, some IT managers find their disaster recovery techniques and hardware configuration have not kept pace with their changing production environment, and they're stuck, along with their recovery times, in the pre-cloud era. They falsely believe the improved day-to-day resilience of their cloud environment lessens their need for disaster recovery (DR) planning. In fact, the opposite is true: Catastrophic hardware failures in the cloud environments bring down many more applications than in non-virtualized environments, making DR planning and implementation more critical, not less.

Protecting business means protecting ongoing access to functional applications, servers and data; traditionally that means backing up data. However, backing up the data is only part of the equation. If you can't restore the data, the backup effort is useless. If a business relies on tape backup alone, restoration is easy only for the simplest failure, and only if everything goes perfectly. If a hard disk fails and all the backup tapes are good and the staff is practiced at doing the repair and restore, then you might be able to simply buy a replacement part and get things up within a couple of hours - though the data will be from last night's backup. If the problem is more complicated and involves a replacement server, for instance, you will probably need a day or two to get new hardware in place before you even begin to recover.

The right way to evaluate the quality of your system and data protection is to evaluate the Recovery Time Objective (RTO) and Recovery Point Objective (RPO). These metrics define how long you think it will take you to get back online and how current the data has to be.

The best way to ensure a fast recovery is to have replacement equipment standing by at an off-site location with the necessary software and configuration to quickly transfer users and data. The best practice includes a remote data center with servers, storage, networking equipment and internet access.

Restoring to this remote data center from backup tapes will likely take too long, assuming that the tapes were not affected by the original problem and still leaves the risk of only recovering old data. Instead, replication software can be used to keep the backup systems constantly updated.

A four hour RTO and RPO requires:
  • Off-site hardware and infrastructure to run servers and applications
  • Data updates to the DR site more often than every four hours; preferably real-time
  • Continuous updates of the application and OS configuration (without this, recovery may fail after a patch or an upgrade).
  • A method to deal with any hardware differences between production and recovery environments.