Business Continuity Planning


1) Which type of retention policy does your place of employment use or write about your own experience?

2) Describe some of the risks that social engineering creates for the company?

3) Describe 3 ways that you would protect your company’s data.



Business continuity planning is the process of ensuring that an organization’s critical operations and systems are in place in the event of a disruption. Continuity planning is an important part of overall business resilience, as it helps ensure that the organization can continue to operate under difficult conditions.

Best practices for business continuity planning

Human and software faults can both risk the business data in your company’s
Computer network system. If the companies have not taken the essential precautions, they are
putting their survival and credibility in jeopardy. Further, they may lose clients to their
competitors. In addition, it is difficult to recover after a security breach; it generally takes a
significant amount of time and money, making it critical to safeguard their business data
adequately. Furthermore, the global expansion of data protection laws has given an extra degree
of urgency to the requirement for all businesses to establish effective data protection procedures.
In recent years, data security has become a must-have for all businesses, regardless of size. Large
corporations are often far ahead of the game, having developed and tested their cyber security
procedures over the previous few years (Wallace & Webber, 2017). Therefore, the discussion
will entail three ways to protect data in a company and ensure corporate data security.

i. Developing data plan recovery in business continuity planning

Various steps must be taken to create an implementable strategy for effectively
recovering a company’s data after a disaster. They are as follows: planning, identifying essential
data, developing appropriate guidelines and standards, determining the backup type, developing
recovery methods, and organizing testing and management.
An effective data recuperation strategy starts with correct planning, as with any job.
Initially, the backup and recovery objectives should be reviewed by relevant stakeholders. Find
out what your business demands are and whether they are concerned with regulatory standards.
Few firms have not planned data retrieval. Therefore the next step is to assess the current backup
and recovery plans.

Data backup and recovery

Many mechanisms are in place for data backup and recovery. These include
conventional offline means for storing hard copying printouts, magnetic disks, CD-ROM, and
external hard drives, as well as microfiches. However, online options such as disk mirroring,
storage servers, and computer backups provide speedier data recovery. To the success of your
rehabilitation strategy, assessment and selection of suitable solutions are essential (Wallace &
Webber, 2017). Many companies have experienced a disaster to find that the software needed to
read their storage devices has been obsolete, hard to access, or just not available anymore.
A significant factor is also where the data are stored. It is best if the company has several
different places where data may be stored.

Storing data

The company may also agree to store data for each other with another incompetent company. Naturally, the corporation must be relatively convinced that the same calamity will not damage both sites. The firms must also ensure that both sites handle the increased workload if one website is offline. The choice is not always good in practice and tough to handle (Wallace & Webber, 2017). Another way to maintain the integrity of your media is to employ a professional storage firm that has an integrated environmental facility. It has also tried and established techniques to store and retrieve data in an urgent procedure and provide guidance on business continuity strategies.

Data storage and classification rules

Most firms have no data storage and classification rules and processes. Many of the
policies are poorly enforced. The policy that is not implemented might generate a false sense of
security that is worse than no policy. The first stage in the implementation of data storage and
classification policies is to identify data owners. An identifiable owner who understands the
relevance and the usage of the data should bear all the data in the firm. Upon identifying the
owners of the data, design a strategy to determine how relevant the data is (Wallace & Webber, 2017). A categorization strategy can then be developed. Some classifications that the
company may utilize are essential, sensible, legally necessary, and non-critical.

ii. Identify crucial data

The corporation is likely to adopt a variety of strategies that balance time-to-data against
cost compensation. Traditional tape backups are still often used, although they can cause transit
problems, storage problems, and recovery problems. They can be helpful. Tapes might fail
without warning if they are not correctly handled and preserved. You also need to refresh the
program and program for reading the cassettes (Wallace & Webber, 2017). The company may
maintain their data over LAN or WAN, such as the Internet, using digital vaults, and they can
quickly restore it than disk.

Data recovery approach

The first issue with your data recovery approach is to discover the data. The amount of
data created now by the company is continually increasing. These contain pictures, writing files,
timing sheets, sound recordings, and other improved data formats, not only data in typical
databases. In addition, terabyte databases are becoming widespread in many enterprises (about
one billion bytes); terabytes datasets are immediately around the way. In addition, paper remains
an essential database system; such paper files are saved in file cases and desk drawers (Wallace
& Webber, 2017). In many companies, videotape and microfiches are still used. Items are
produced for the automated discovery of a database system on the network for stored data

File Servers

Users save a lot of data on their file servers that are unnecessary for the organization to
run. It contains material covering up space, such as email documents, Internet cache data, and
personal data, such as digital photos. In a variety of ways, non-essential information can raise the
cost of business continuity. If the firm has a hot-site facility, it will need extra disk storage capacity. Added media will be necessary for backups if you are utilizing cassettes or CDs. If the
company uses replication to a remote site, extra bandwidth may be required to facilitate the
transmission of all these data.

An excellent place to minimize the volume of unnecessary files is to implement
regulations that ban the storing of personal data on business servers. Strict adherence to these
principles can significantly reduce the quantity of data that has to be backed up. The company
should also think about restricting the storage space accessible to each user, which will compel
them to think carefully about what they want to keep in their folders.

CIOs in business continuity planning

Although the internet has become a crucial element of digitizing efforts, the question of
safety has caused heated discussions amongst CIOs and in data management circles as data
migrating to the cloud. While many claims that the security procedures used by Internet service
providers on their servers much outnumber those used by a small or even big corporation on its
on-premise servers, many businesses are concerned that the security of their most critical
information is out of their hands. Big companies utilize technologies specializing in cloud data
security or a restriction of data kinds that are encrypted as a matter of policy (Wallace &
Webber, 2017). Another approach is to secure critical data before they are sent to the clouds.

iii. Options of data storage

Several options for data storage options are used, with each having both advantages and

a. Backup tape

Backup tape is nearly as ancient as the computer. The cost per gigabyte of cable is
inexpensive, and transfer and storage are pretty easy. Tape is a solid workhorse, but it is not
infallible for stocking and storing essential data. Tapes may fail, and it is thus necessary to regularly inspect backup tapes. The audit should be performed randomly by picking a tape and
ensuring that it can be read and restored by multiple devices. Urgency is not a time to see that the
tapes are illegible or that the equipment for creating the backup can read them only. If data files
are sufficiently vital for backup, they are adequately significant to adopt the proper physical and
logical security layers. Ensure that the cassettes are stored free from dust and other contaminants
in a climatic conditions environment (Wallace & Webber, 2017). The company should also copy the tapes that can keep at several points to increase the odds of catastrophe surviving data.

Grandfather-Father-Son (GFS)

It is critical to establish a tape rotation plan as to how and where the tapes are kept. Every time support is done, everything is unusable in all but the smallest businesses; thus, it is customary to do a complete backup occasionally (for example, daily, weekly, or monthly) and then regularly back up modifications after the whole backup. The Grandfather-Father-Son (GFS) backup plan is the most frequent type of videotape rotational technique. Some of the advantages include; maintaining all system data stored in a given set of tapes; it is straightforward to comprehend and do, making it easier to follow; the recovery of lost information from backups using this procedure is pretty clear (Wallace & Webber, 2017); reduces both tapes and appliances wear and tear.

b. Mirroring of disks in business continuity planning

The organization may produce several identical copies by writing data to two distinct
drives, thereby enhancing the chance of at least one copy of the data being available at all
moment. A secured disk is termed the primary disk for store information, and a backup disk has
termed the disk to which the data has been copied. Both disks might be located in the same place
or distinct locations. If the Backup Disk is located elsewhere on the encrypted disk, hence utilize
WAN. The backup at another site is designed to defend against a disaster at the secured hard drive location. There are two primary forms, synchronized and asynchronous, of disk mirrors.
Each offers distinct recuperation time-to-date, and each has varied aspects of the performance
(Wallace & Webber, 2017). The synchronized reflecting works by first writing to your backup
drive and then writing to the encrypted disk after registering on the backup disk has been
determined to be effective.


The data is the backbone of large organizations; users can ensure their companies can
sustain an unforeseen disaster through an effective data management plan. The stages are
primary but must be carried out methodically to be efficient: establish what data are critical; how
quickly does the company need them? ; What would the cost of not having it be? ; test your
techniques for recovery.  Such reflections assure that backup data is always up to date but are
slower and more expensive than reflections. Some disk managers need two-way interfaces
between the disks, and between data collection on the backup systems and waiting for clearance
is an inherent latency.

Please reach us on any academic assignment on

Related articles