Disaster Recovery Plan
Provide an overview of the organization that will be delivered to senior management, defining the business goals and objectives and the size, layout, and structure of the organization. TechWidgets Inc., is an e-commerce company that provides merchandise to its customers through a web store. The core infrastructure is made up of 10 web servers in a single cluster to handle browsing requests, 5 servers in the web store clusters to hand transactions and processing and a data cluster stored on a storage area network (SAN). The core network is connected to the internet via 2 high speed connections (T-3) from two different providers. This infrastructure is replicated in the organization's alternate hot site for immediate failover in the event of a disaster to prevent any unscheduled downtime as well as being able to appropriately load balance any spikes in activity that would provide a less than adequate shopping experience for customers. The primary data center is located in Los Angeles, California and the hot site data center is located in Atlanta, Georgia. Although the cost associated with this configuration is high, it is the best way to provide the continuity of the business in the event of a catastrophic event such as a fire, flood or an earthquake.
Diagram of the organization’s network architecture and the proposed network architecture of an alternate computing facility in the event of a disaster.
Figure [ 1 ]
Develop the DRP Policy
Assessment of Security
Security and control within an organization is a continuing concern. It is preferable, from an economic and business strategy perspective, to concentrate on activities that have the effect of reducing the possibility of disaster occurrence, rather than concentrating primarily on minimizing impact of an actual disaster. This phase addresses measures to reduce the probability of occurrence. Security assessment of the computing and communications environment including personnel practices; physical security; operating procedures; backup and contingency planning; systems development and maintenance; database security; data and voice communications security; systems and access control software security; insurance; security planning and administration; and application controls. An accurate security assessment will enable the project team to improve any existing emergency plans and disaster prevention measures and to implement required emergency plans and disaster prevention measures where none exist. After the assessment is done presentation of the findings and recommendations resulting from the activities of the security assessment to the management so that corrective actions can be initiated in a timely manner. Potential Disaster Scenario and Methods of Dealing with the Disaster
The risk of running an e-commerce business is not much different than running a traditional business. You have personnel, building assets and technology assets so the potential disasters are similar. For example, in the event of a fire due to sabotage, electrical malfunction, or even the risk of wildfires, there are several measure that possible in dealing with a fire. Preventative and detective measures such as fire and smoke alarms are available to the facility, halon system to extinguish the fire if it breaks out in the data center computing areas, training users through the use of fire drills, proper documentation of diagrams of the building and all appropriate fire paths to exists are all ways to deal with a fire based disaster. Disaster Recovery Procedures
Should the fire be detected in the data center computing area (server room), the alarm will sound and all personnel should immediately exit the building, especially anyone in the server room because halon exposure is deadly, along the routes determined by supervisors. The halon extinguishing system will seal the server room and activate,...