Disaster Recovery Planning *

Business Continuity Planning **

Cromino S.R.L.
Str.Florilor Nr.148 Ap.13 407280, Floresti, Jud Cluj, Romania Cell+4(075)2979579 office@secure-data.ro www.secure-data.ro

According to research by the University of Texas, only 6 % of companies suffering from a catastrophic data loss survive, while 43 % never reopen and 51 % close within two years. Gartner, on the other hand estimates that only 35 % of SMBs have a comprehensive disaster recovery plan in place. According to a recent National Small Business Poll, man-made disasters affect 10% of small businesses, whereas natural disasters have impacted more than 30%. According to a recent Touche Ross study, the survival rate for companies without a disaster recovery plan is less than 10%! According to analyst firm IDC, about 70% of all successful attacks on computer networks were carried out by employees and insiders.

Don't take chances

Steps in DRP/BCP
1. 2. Identifying the scope and boundaries of business continuity plan and determination of limitations and boundaries of plan. It also includes audit and risk analysis reports for clients assets. Conduct a business impact analysis Business Impact Analysis (BIA) which is a study and assessment of financial losses to institution resulting from destructive event as unavailability of important business services. Client approves BCP/DRP and made organizational activities to conduct key tasks. Each department will need to understand its role in plan and support to maintain it so in case of disaster, each department can be prepared for the action. The BCP project team must implement the plan. DRP/BCP audit by third party and implementation of ISO standard

Protect your personal and business digital assets!

3. 4. 5.

6.

Prior to selecting a disaster recovery strategy, Cromino will refer to client a business continuity plan which will indicate the key metrics of recovery point objective (RPO) and recovery time objective (RTO) for various business processes such as the process to run payroll, generate an order, etc. Once the RTO and RPO metrics have been mapped to IT infrastructure, the Cromino can determine the most suitable recovery strategy for each system. An important note here however is that the business ultimately sets the IT budget and therefore the RTO and RPO metrics need to fit with the available budget. While most business unit heads would like zero data loss and zero time loss, the cost associated with that level of protection may make the desired high availability solutions impractical. The following is a list of the most common strategies for data protection. Backups made to tape and sent off-site at regular intervals (preferably daily) Backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk Replication of data to an off-site location, which overcomes the need to restore the data (only the systems then need to be restored or synced). This generally makes use of storage area network (SAN) technology High availability systems which keep both the data and system replicated offsite, enabling continuous access to systems and data

* - Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. ** - Business continuity planning (BCP) is the creation and validation of a practiced logistical plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption.