1009 Jupiter Rd. Plano, TX 75074

(855) 870-8998
Global IP Network
Global IP Network

Your business runs on technology. Some call that “mission critical. You might even say you’re “technology dependent”. But technology on its own is not enough. It’s actually people that make the difference. People committed to engineering custom technology solutions specifically for your business. People committed to doing everything it takes to keep your network running no matter what.

That’s tenacity. That’s Global IP Networks.

IT BEST PRACTICES

Subscribe to
IT Best Practices.

STAY CONNECTED

    SANS Policy Templates: Disaster Recovery

    The SANS Institute has published several information security policy templates describing best data security practices in template format. This largely means that you can ‘fill in the blanks’ when developing a security policy (although some modification will be in order for your specific circumstances). In this post we’ll look at the SANS template for disaster recovery planning.

    Disaster recovery planning is like security policy in two important ways. Like security policy, the reason for developing, updating and reviewing a disaster recovery policy is not always obvious in terms of immediate benefit. That is to say, a manager can quantify precisely how and why one payment processing vendor benefits the company more or less than another, but disaster recovery planning is more nebulous. There is no benefit derived on a daily basis from a disaster recovery plan, but at the same time such a plan requires resources to develop and maintain. Also like security policy, a disaster recovery plan needs to be sold to management, and will periodically need to be resold every period that a disaster doesn’t strike the company necessitating activating the plan.

    The SANS template acknowledges this status for disaster recovery planning by defining a plan overview, purpose and scope. The overview is an executive summary which states why the company has such a plan (competitive advantage, business continuity) and what is needed (practical management support in spirit and actually). The purpose of the plan is often overlooked since, after all, everyone knows what they mean when they use a phrase like disaster recovery and, as keywords go, disaster recovery and business continuity sound like good ones. However, a formal stated purpose tightens and formalizes what disaster recovery means to the company and gets stakeholder approval. The time to specify precisely what is covered, is not covered and what may need to be covered is before a disaster strikes; this is plan scope.

    Once these preliminary stages are addressed the SANS template gets into the substantive issues of policy. This means defining what (is covered by the plan), who (are the key people to execute the plan), where (the company accesses emergency resources or prepares off-site backups, etc.), how (the plan will be practiced to the degree possible before it is needed, and executed when needed). Policy compliance verifies that current processes are at minimum not in conflict with the plan; periodic audits certify this. Definitions and terms ensure stakeholder-wide agreement over terms and definition, which in turn means that one group says is clearly and accountably understood by another.

    Planning for your company should at minimum consider and address these areas. For more information on making Global IP Networks a part of your disaster recovery  planning, please contact us.

    SANS Policy Templates: Disaster Recovery

    The SANS Institute has published several information security policy templates describing best data security practices in template format. This largely means that you can ‘fill in the blanks’ when developing a security policy (although some modification will be in order for your specific circumstances). In this post we’ll look at the SANS template for disaster recovery planning.

    Disaster recovery planning is like security policy in two important ways. Like security policy, the reason for developing, updating and reviewing a disaster recovery policy is not always obvious in terms of immediate benefit. That is to say, a manager can quantify precisely how and why one payment processing vendor benefits the company more or less than another, but disaster recovery planning is more nebulous. There is no benefit derived on a daily basis from a disaster recovery plan, but at the same time such a plan requires resources to develop and maintain. Also like security policy, a disaster recovery plan needs to be sold to management, and will periodically need to be resold every period that a disaster doesn’t strike the company necessitating activating the plan.

    The SANS template acknowledges this status for disaster recovery planning by defining a plan overview, purpose and scope. The overview is an executive summary which states why the company has such a plan (competitive advantage, business continuity) and what is needed (practical management support in spirit and actually). The purpose of the plan is often overlooked since, after all, everyone knows what they mean when they use a phrase like disaster recovery and, as keywords go, disaster recovery and business continuity sound like good ones. However, a formal stated purpose tightens and formalizes what disaster recovery means to the company and gets stakeholder approval. The time to specify precisely what is covered, is not covered and what may need to be covered is before a disaster strikes; this is plan scope.

    Once these preliminary stages are addressed the SANS template gets into the substantive issues of policy. This means defining what (is covered by the plan), who (are the key people to execute the plan), where (the company accesses emergency resources or prepares off-site backups, etc.), how (the plan will be practiced to the degree possible before it is needed, and executed when needed). Policy compliance verifies that current processes are at minimum not in conflict with the plan; periodic audits certify this. Definitions and terms ensure stakeholder-wide agreement over terms and definition, which in turn means that one group says is clearly and accountably understood by another.

    Planning for your company should at minimum consider and address these areas. For more information on making Global IP Networks a part of your disaster recovery  planning, please contact us.

    Subscribe to
    IT Best Practices.

    STAY CONNECTED

      ALL ARTICLES

      Cloud Services

      Component Highlight: Veeam Data Protection and Backup

      READ MORE
      Cloud Services

      Meet the team – A word (or two) from our CEO, Reyner Natahamidjaja

      READ MORE
      Cloud Services

      Why you need a full cloud platform, and the pitfalls of going piecemeal

      READ MORE
      Cloud Services

      Component Highlight: IBM Flash Storage

      READ MORE
      Cloud Services

      Can You Trust Your Old Data with Hyperscale Providers?

      READ MORE
      Cloud Services

      Increasing Data Integrity & Security through multi-site replication with CloudKey

      READ MORE
      Cloud Services

      The Dissolution of AWS and their Cloud Monopoly

      READ MORE
      Cloud Services

      Meet the team – The Insights of Chris Martin

      READ MORE
      Cloud Services

      Component Highlight: Palo Alto Firewalls and Edge Security Services

      READ MORE
      Cloud Services

      How the right cloud platform can reduce your RTO and RPO

      READ MORE

      You Have The Momentum. We Help Keep It Going.

      At Global IP Networks, our mission is to keep your net working. Our team of dedicated, certified IT experts is 100% committed to your success. For over 20 years, we’ve relentlessly helped companies like yours tackle their IT challenges to maximize the security, uptime and performance of their networks.

      That’s tenacity. That’s Global IP Networks.

      wLearn More