Business Continuity Planning and DRP

Business Continuity Planning & Disaster Recovery Planning – Answer any one of the question

Business Continuity Planning and Disaster Recovery Planning.

Please respond to one of these Questions

Question 1) Chapter 18 – Which type of retention policy does your place of employment use or write about your own experience?

Question 2) Chapter 19 – Describe some of the risks that social engineering creates for the company?

Question 3) Chapter 20 – Describe 3 ways that you would protect your company’s data.


Question 3) Chapter 20 – Ways that you would protect your company’s data.

Business Continuity Planning and Disaster Recovery Planning.

Business Continuity Planning and Disaster Recovery Planning. Human and software faults can both risk the business data in your company’s Computer network system. If the companies have not taken the essential precautions, they are putting their survival and credibility in jeopardy. Further, they may lose clients to their competitors. In addition, it is difficult to recover after a security breach; it generally takes a significant amount of time and money, making it critical to safeguard their business data adequately. Furthermore, the global expansion of data protection laws has given an extra degree of urgency to the requirement for all businesses to establish effective data protection procedures.
In recent years, data security has become a must-have for all businesses, regardless of size. Large corporations are often far ahead of the game, having developed and tested their cyber security procedures over the previous few years (Wallace & Webber, 2017). Therefore, the discussion will entail three ways to protect data in a company and ensure corporate data security.

i. Developing data plan recovery

Various steps must be taken to create an implementable strategy for effectively recovering a company's data after a disaster. They are as follows: planning, identifying essential data, developing appropriate guidelines and standards, determining the backup type, developing recovery methods, and organizing testing and management.
An effective data recuperation strategy starts with correct planning, as with any job. Initially, the backup and recovery objectives should be reviewed by relevant stakeholders. Find out what your business demands are and whether they are concerned with regulatory standards. Few firms have not planned data retrieval. Therefore the next step is to assess the current backup and recovery plans.

Many mechanisms are in place for data backup and recovery. These include conventional offline means for storing hard copying printouts, magnetic disks, CD-ROM, and external hard drives, as well as microfiches. However, online options such as disk mirroring, storage servers, and computer backups provide speedier data recovery. To the success of your rehabilitation strategy, assessment and selection of suitable solutions are essential (Wallace & Webber, 2017). Many companies have experienced a disaster to find that the software needed to read their storage devices has been obsolete, hard to access, or just not available anymore.

A significant factor is also where the data are stored. It is best if the company has several different places where data may be stored. The company may also agree to store data for each other with another incompetent company. Naturally, the corporation must be relatively convinced that the same calamity will not damage both sites. The firms must also ensure that both sites handle the increased workload if one website is offline. The choice is not always good in practice and tough to handle (Wallace & Webber, 2017). Another way to maintain the integrity of your media is to employ a professional storage firm that has an integrated environmental facility. It has also tried and established techniques to store and retrieve data in an urgent procedure and provide guidance on business continuity strategies.

Most firms have no data storage and classification rules and processes. And many of the policies are poorly enforced. The policy that is not implemented might generate a false sense of security that is worse than no policy. The first stage in the implementation of data storage and classification policies is to identify data owners. An identifiable owner who understands the relevance and the usage of the data should bear all the data in the firm. Upon identifying the owners of the data, design a strategy to determine how relevant the data is (Wallace & Webber, 2017). A categorization strategy can then be developed. Some classifications that the company may utilize are essential, sensible, legally necessary, and non-critical.

ii. Identify crucial data

The corporation is likely to adopt a variety of strategies that balance time-to-data against cost compensation. Traditional tape backups are still often used, although they can cause transit problems, storage problems, and recovery problems. They can be helpful. Tapes might fail without warning if they are not correctly handled and preserved. You also need to refresh the program and program for reading the cassettes (Wallace & Webber, 2017). The company may maintain their data over LAN or WAN, such as the Internet, using digital vaults, and they can quickly restore it than disk.

The first issue with your data recovery approach is to discover the data. The amount of data created now by the company is continually increasing. These contain pictures, writing files, timing sheets, sound recordings, and other improved data formats, not only data in typical databases. In addition, terabyte databases are becoming widespread in many enterprises (about one billion bytes); terabytes datasets are immediately around the way. In addition, paper remains an essential database system; such paper files are saved in file cases and desk drawers (Wallace & Webber, 2017). In many companies, videotape and microfiches are still used. Items are produced for the automated discovery of a database system on the network for stored data

Users save a lot of data on their file servers that are unnecessary for the organization to run. It contains material covering up space, such as email documents, Internet cache data, and personal data, such as digital photos. In a variety of ways, non-essential information can raise the cost of business continuity. If the firm has a hot-site facility, it will need extra disk storage capacity. Added media will be necessary for backups if you are utilizing cassettes or CDs. If the company uses replication to a remote site, extra bandwidth may be required to facilitate the transmission of all these data. An excellent place to minimize the volume of unnecessary files is to implement regulations that ban the storing of personal data on business servers. Strict adherence to these principles can significantly reduce the quantity of data that has to be backed up.

The company should also think about restricting the storage space accessible to each user, which will compel them to think carefully about what they want to keep in their folders. Although the internet has become a crucial element of digitizing efforts, the question of safety has caused heated discussions amongst CIOs and in data management circles as data migrating to the cloud. While many claims that the security procedures used by Internet service providers on their servers much outnumber those used by a small or even big corporation on its on-premise servers, many businesses are concerned that the security of their most critical information is out of their hands. Big companies utilize technologies specializing in cloud data security or a restriction of data kinds that are encrypted as a matter of policy (Wallace & Webber, 2017). Another approach is to secure critical data before they are sent to the clouds. Business Continuity Planning and Disaster Recovery Planning.

iii. Options of data storage

Several options for data storage options are used, with each having both advantages and disadvantages.
a. Backup tape
Backup tape is nearly as ancient as the computer. The cost per gigabyte of cable is inexpensive, and transfer and storage are pretty easy. Tape is a solid workhorse, but it is not infallible for stocking and storing essential data. Tapes may fail, and it is thus necessary to regularly inspect backup tapes. The audit should be performed randomly by picking a tape and ensuring that it can be read and restored by multiple devices. Urgency is not a time to see that the tapes are illegible or that the equipment for creating the backup can read them only. If data files are sufficiently vital for backup, they are adequately significant to adopt the proper physical and logical security layers. Ensure that the cassettes are stored free from dust and other contaminants in a climatic conditions environment (Wallace & Webber, 2017).

The company should also copy the tapes that can keep at several points to increase the odds of catastrophe surviving data.
It is critical to establish a tape rotation plan as to how and where the tapes are kept. Every time support is done, everything is unusable in all but the smallest businesses; thus, it is customary to do a complete backup occasionally (for example, daily, weekly, or monthly) and then regularly back up modifications after the whole backup. The Grandfather-Father-Son (GFS)
backup plan is the most frequent type of videotape rotational technique. Some of the advantages include; maintaining all system data stored in a given set of tapes; it is straightforward to comprehend and do, making it easier to follow; the recovery of lost information from backups using this procedure is pretty clear (Wallace & Webber, 2017); reduces both tapes and appliances wear and tear.

b. Mirroring of disks
The organization may produce several identical copies by writing data to two distinct drives, thereby enhancing the chance of at least one copy of the data being available at all moment. A secured disk is termed the primary disk for store information, and a backup disk has termed the disk to which the data has been copied. Both disks might be located in the same place or distinct locations. If the Backup Disk is located elsewhere on the encrypted disk, hence utilize WAN. The backup at another site is designed to defend against a disaster at the secured hard drive location. There are two primary forms, synchronized and asynchronous, of disk mirrors. Each offers distinct recuperation time-to-date, and each has varied aspects of the performance

(Wallace & Webber, 2017). The synchronized reflecting works by first writing to your backup drive and then writing to the encrypted disk after registering on the backup disk has been determined to be effective. Business Continuity Planning and Disaster Recovery Planning.


The data is the backbone of large organizations; users can ensure their companies can sustain an unforeseen disaster through an effective data management plan. The stages are primary but must be carried out methodically to be efficient: establish what data are critical; how quickly does the company need them? ; What would the cost of not having it be? ; test your techniques for recovery.  Such reflections assure that backup data is always up to date but are slower and more expensive than reflections. Some disk managers need two-way interfaces between the disks, and between data collection on the backup systems and waiting for clearance is an inherent latency.

Refer to Other Related Articles


Wallace, M., & Webber, L. (2017). The disaster recovery handbook: A step-by-step plan to
ensure business continuity and protect vital operations, facilities, and assets. Amacom.