Learning
Everyone loves hearing about the good old days of networking and system administration in the 90s, right? My nostalgia extends to the backup tape drives that were prevalent in my experiences for the first 5-10 years of my career. The image above is the Exabyte 8mm tape drive that I used the most.
In those days, we were taught a simple rule for data disaster recovery - a file doesn't really exist unless it is in three places, two of which should be on separate media, and one should be offsite. Therefore, you have your original file on your HDD, a backup file on daily/weekly tape or diskette, and monthly tapes are stored offsite. For disaster recovery we were mostly concerned with protecting data not with recovery of systems, hardware, intellectual property, reputation, etc. The idea of a hot site or cold site was out of reach for K-12 environments. Vendor relationships may have promised same day or next day replacements, but often were not utilized. Purchasing a backup server was also out of reach. In the environments where I worked, we ignored recovery time objectives in favor of recovery point objectives and data integrity. Of course, that all depended on whether anyone changed the tape on the previous night.
Today, we don't have to sacrifice to have good disaster recovery. In an Information Security context, we are concerned with confidentiality, integrity, and availability of data and systems. These three principles apply to our disaster planning. It's important that we plan in advance and put controls in place that help us recovery from disaster, maintain our resilience, and quickly recover with minimum data loss.
What is a disaster? There are three categories - natural, man-made, and a hybrid. A natural disaster can be defined as a storm, tornado, pandemic, earthquake, "Act of God", or similar. A man-made disaster can be the accidental or willful destruction of a system or data by a persons actions or lack or actions. Hybrid disasters are combinations of both. Imagine a hybrid disaster as a natural disaster that is triggered in some way by a man-made disaster - perhaps a dam break that causes a flood or the failure of an air conditioning unit that causes heat to destroy a data center.
Disasters happen every day. Don't think of your disaster recovery planning as something that will hardly ever be used. If your current plan is dusty or doesn't exist, there is work to do. Disasters are not once-in-a-lifetime. You may be affected by a down-stream or up-stream disaster. You may have a water line break in the middle of your school. A power failure could wreak havoc. You may have another pandemic strike. All disasters will attack confidentiality, integrity, and/or availability of systems and data.
The Disaster Recovery Plan (DRP) is an essential element of your security program. It's purpose is to inform and provide guidance for the preparation and/or recovery of a disaster. It should be easily read and understood by non-technical peoples including Board members and Superintendents. Unless you are following a framework like NIST 800-53 or NIST CSF or similar, there is no set template for a DRP. How you decide to organize the elements of a plan are up to you.
Ideally, your DRP should include the following elements:
- Identification of risk tolerance levels and common threats related to geographic or historical data
- Inventory and descriptions of major systems
- Inventory of hardware and software
- Backup and restorations plans and procedures for each major system
- Identification of recovery time and recovery point objectives
- List of responsibilities and roles of local staff
- Communication plan, contact list, and external vendor contacts and SLAs
- Locations of alternate sites and/or safe sites
- Explicit instructions for handling sensitive data in times of crisis
- Instructions for regular testing and review of the plan
Your DRP may include more than the technology elements of a disaster. In some businesses the DRP first addresses human safety and reporting, then moves to assets. A division's comprehensive DRP might include more detailed contact information, notification trees, or emergency closing codes. In our Virginia divisions, the technology DRP may be included in a comprehensive Continuity of Operations Plan (COOP). Your division may be unique in how detailed your DRP becomes.
Here are some resources that can help you develop a DRP for your division's technology:
DRP is more than just backups of data. Having a properly constructed plan to recover from a disaster can provide peace of mind not only to your IT staff but to all stakeholders. Information Security includes DRP as a means of protecting CIA in times of crisis. Make sure you include a basic DRP in your security program.
|