Cloud Disaster Recovery and Security

IT managers have eagerly implemented cloud applications to reap its many benefits: lower hardware and energy costs, more flexibility, faster responsiveness to changing and new applications, and improved resiliency.

Order Business Continuity Plan Cloud Business Continuity Security bundle

But when disaster strikes, some IT managers find their disaster recovery techniques and hardware configuration have not kept pace with their changed production environment, and they’re stuck, along with their recovery times, in the pre-cloud era. They falsely believe the improved day-to-day resilience of their cloud environment lessens their need for disaster recovery (DR) planning. In fact, the opposite is true: Catastrophic hardware failures in the cloud environments bring down many more applications than in non-virtualized environments, making DR planning and implementation more critical, not less.

Outsourcing TemplateProtecting business means protect ongoing access to functional applications, servers and data; traditionally that means backing up data. However, backing up the data is only part of the equation. If you can’t restore the data, the backup effort is useless. If a business relies on tape backup alone, restoration is easy only for the simplest failure, and only if everything goes perfectly. If a hard disk fails and all the backup tapes are good and the staff is practiced at doing the repair and restore, then you might be able to simply buy a replacement part and get things up within a couple of hours – though the data will be from last night’s backup. If the problem is more complicated and involve s a replacement server for instance, you will probably need a day or two to get new hardware in place before you even begin to recover.

The right way to evaluate the quality of your system and data protection is to evaluate the Recovery Time Objective (RTO) and Recovery Point Objective (RPO). These metrics define how long you think it will take you to get back online and how current the data has to be.

The best way to ensure a fast recovery is to have replacement equipment standing by at an off-site location with the necessary software and configuration to quickly transfer users and data. The best practice includes a remote data center with servers, storage, networking equipment and internet access.

Restoring to this remote data center from backup tapes will likely take too long, assumes that the tapes were not affected by the original problem and still leaves the risk of only recovering old data. Instead, replication software can be used to keep the backup systems constantly updated.

A four hour RTO and RPO requires:

  • Off-site hardware and infrastructure to run servers and applications
  • Data updates to the DR site more often than every four hours; preferably real-time
  • Continuous updates of the application and OS configuration (without this, recovery may fail after a patch or an upgrade).
  • A method to deal with any hardware differences between production and recovery environments.

Practical Guide for Cloud OutsourcingOrder

The template is provided in WORD and Adobe Reader PDF format. It is can be used in whole or in part to plan for, negotiate, and manage the cloud outsourcing process. In the 126 pages included are a job descriptions for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 - 27002 - 27031 security audit checklist, Business and IT Impact Questionnaire and much more.

Cloud Outsourcing and Disaster Recovery BundleOrder

The bundle includes in editable Microsoft WORD and PDF formats:

  • Practical Guide for Cloud Outsourcing includes a job descriptions for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 - 27002 - 27031 security audit checklist, Business and IT Impact Questionnaire and much more.

  • Disaster Recovery Plan (DRP) can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption. The template is IS0 27000 (27031) Series, COBIT, Sarbanes Oxley, PCI-DSS, and HIPAA compliant.

Cloud Outsourcing, Disaster Recovery, and Security BundleOrder

The bundle includes in editable Microsoft WORD and PDF formats:

  • Practical Guide for Cloud Outsourcing includes a job descriptions for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 - 27002 - 27031 security audit checklist, Business and IT Impact Questionnaire and much more.

  • Disaster Recovery Plan (DRP) can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption. The template is IS0 27000 (27031) Series, COBIT, Sarbanes Oxley, PCI-DSS, and HIPAA compliant.

  • Security Manual Template - (ISO CobiT SOX HIPAA Compliant) includes the Business Impact questionnaire and a Threat and Vulnerability Assessment Form (PDF and Excel). It is a complete Security Manual and can be used in whole or in part to comply with Sarbanes Oxley, define responsibilities, actions and procedures to manage the security of your computer, communication, Internet and network environment.

 

Order Business Continuity Plan Cloud Business Continuity Security bundle
Disaster Planning Security Policies Procedures Job Descriptions IT Infrastructure, Strategy, & Charter Template IT Salary Survey DRP Security