Business Continuity Planning Keeps IT Running Securely
By Edward J. Hawkins, II
When we consider the devastation that can result to an organization from any number of threats and threat actors, it is prudent to have a plan in place to keep that organization running, even if not at full capacity. This type of documentation is referred to as a business continuity plan (BCP).
In the realm of information technology (IT), it is normal to hear discussions regarding disaster recovery planning (DRP), but the same is not true for an IT BCP because when it comes to making these plans, there is a lack of emphasis on a BCP.
This lack of emphasis might stem from a misunderstanding of what the BCP’s function is or from an evaluation of errors, crashes or other system events that are considered an IT disaster. Therefore, the DRP is king.
If allowed to play out, this misunderstanding can be exacerbated in many different scenarios. In a true disaster, a threat actor can destroy critical files, systems or even lives. Systems and files can be restored but lives cannot.
Overall, the protection of human life will always take precedence over a computer or data files. This is also where the concept of the business continuity plan comes in.
A Business Continuity Plan Allows a Company to Keep Running Even after Damage from Threat Actors
The purpose of a BCP is to allow organizations to continue to operate after a threat actor has damaged their systems. For example, let’s say you have an organization that has a hard drive fail within a redundant array of inexpensive disks (RAID) set. But the organization also has an extra server that can take over operations while the failed drive is being replaced and rebuilt.
The two servers can continue to work in this degraded environment. In terms of IT security fundamentals, the BCP supports by providing the organization with a means of access to its customers.
IT Personnel Good at Creating Failure-Resistant Systems
Most IT system administrators, network engineers, and designers are usually good at creating environments that are highly resistant to failure. However, I have seen the insides of some environments that would make you cringe. In these situations, the people responsible for these environments might not be to blame because a lot of “IT folk” have had it beaten into their heads that there is only disaster recovery.
As noted by authors Michael Wallace and Lawrence Webber, “a disaster is any event that disrupts a critical business function.” While that may be true, enterprise security architect Keith Willett points out that “BC evolves to disaster recovery,” meaning that the business continuity plan comes first in the process and the disaster recovery plan provides gap coverage when the BCP fails.
Designing for Business Continuity
While IT processes are grounded in industry best practices, it should be noted that all organizations need to evaluate any potential solution for themselves so that any associated risks are properly identified and mitigated.
Remember, everything must be thoroughly documented and tested. The documentation should be reviewed regularly and updated at least annually.
The plan should also be tested at least twice a year. Here are the suggested steps to take:
- Identify critical information, processes, and positions. The organization needs to be able to understand proprietary versus commodity information, as well as the processes and positions that handle that information.
- Create an organizational site structure. Is there more than one location where the organization operates? If so, can IT services be replicated between the locations and create redundancy? If not, are third-party/cloud services an option?
- How often are backups conducted and what type are scheduled? There are various backup strategies available including full, partial and incremental backups. Solutions also could include tape or optical disk storage.
- Distribute power throughout an environment. Power should be distributed through an environment in such a way that, in the event of an outage, universal power supplies (UPS) can sustain the environment long enough to perform a graceful shutdown. (A graceful shutdown is user-initiated rather than a sudden loss of power.)
- Create alternate network paths to redundant organizational locations. This could be in the form of a second Internet service provider (ISP) or a second line with a single ISP that is routed through a different system. A secondary ISP might be preferred.
- Establish a recovery site. When it comes to the full or temporary loss of a physical location, having a fallback location may be something to consider for displaced employees.
- Use clustering servers to ensure that critical servers have a means to failover (having secondary components take over) in the event of some error. By implementing clustering, it is also possible to host a virtualized environment that creates a higher level of availability.
Older Technology Should Be Retained for a While
When considering any new technology related to an organization’s ability to maintain operations or recover from a disaster, it is important to realize that the old technology must be maintained for a given length of time.
For example, let’s use tape backup as an example. If an organization invests in a new backup system that uses a different type of tape medium and then disposes of the old system without transferring the data to the new system, that organization would not be able to recover any data prior to the new system’s installation date.
From an investigative standpoint, this might mean that needed digital evidence is not discoverable until a system can be acquired to review data stored on the associated media. It might be more advantageous to utilize removable hard drives as backups rather than tape. But the size and type of the hard drive must be taken into consideration as well.
A Business Continuity Plan Improves Survivability
When a business continuity plan is in place, the overall survivability of an organization is greatly improved. This is the result of understanding that not every event that affects an organization is a disaster and operations can be maintained in the face of degraded services.