StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Restoration and Recovery of Information Systems and Data - Case Study Example

Cite this document
Summary
This case study "Restoration and Recovery of Information Systems and Data" focuses on the recovery and restoration of information services by the Palm Beach Sheriff's Office. The incorporation of recovery and restoration plan of information systems should be incorporated into state emergency plans to ensure services. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.4% of users find it useful
Restoration and Recovery of Information Systems and Data
Read Text Preview

Extract of sample "Restoration and Recovery of Information Systems and Data"

Introduction Restoration and recovery of information system operations has become one of the most important concerns in information systems management. Restoration and recovery falls under risk management of information systems and entails identifying, managing minimizing risks and assessment and evaluation (Calder & Watkins, 2005). The objective is to provide continuity of operations during emergencies or disasters and to generate prevalence information of system risks and damage to enhance restoration and recovery response (Stoneburner, Goguen, & Feringa, 2002). The need for effective information systems restoration and recovery has been emphasized in the United States with the legislation of Presidential Decision Directives (PDD) 63 and 67, Federal Preparedness Circular (FPC) 65, the Office of Management and Budget's (OMB) CircularA-1301. These directives and orders are part of Continuity of Operations (COOP) planning is required for Federal Government Agencies. PDD 63 or the Critical Infrastructure Protection directive and FPC 65 summarize the requirements for COOP information system infrastructure and emergency measures. FPC 65 stipulates that federal agencies are required to get back into operations within 12 hours from any kind of service collapse. OMB CircularA-130 prescribes continuity of operations planning which includes emergency procedures and policies for immediate operations recovery and restoration as well as long-term mitigation of potential services interruption of critical operations (EMC Corporation, 2006). In any kind or emergency, police and emergency services are the most essential. Therefore, the integrity, restoration and recovery of information systems in these branches of government should be the utmost priority. Florida is one of the states that have had to be vigilant regarding these concerns since the 1990's (Mittler, 1995). The Palm Beach Sheriff's Office is no exception to these circumstances. Palm Beach's experience with Hurricane Katrina emphasized not only the need to be prepared for the disasters and the essential role that police and emergency services have to play in recovery (Kam & Gomez, 2005). Restoration and Recovery of Information Systems and Data Breakdowns of information systems and data loss are not limited to the event of disasters. Natural disasters may impact systems extremely and can impair critical functions when they are needed the most but system attacks, hacking and other related crimes that is becoming the most urgent. Restoration of Information System Operations According to the National Security Agency (NSA), through the Information Assurance Directorate (IAD), information assurance refers to procedures designed to safeguard and secure information and information systems against failure, collapse or attacks. Part of this program is the re-establishment of information systems by the development of security, response and resolution competencies into the system (2006). These standards govern feral information systems and have been adopted by industry as well. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities. Public sector agencies and departments must comply within the prescribed recovery period and point service levels depending on the significance of their operations and information. They have to take into account considerable quantities of paper and electronic data, data storage distribution, necessity for nonstop operations and high data security and integrity measures (EMC Corporation, 2006) Recovery of Data Data backup and replication are the underlying concern in restoration and recovery. The primary factors considered are cost, management, reliability and security Effective back up strategies limit the need to reinstall programs and regenerate data in the events of data loss. However, data loss over a long period of time either by malicious acts or because of inadequate systems is more difficult to salvage and may go unnoticed (Ginty, 2005). According to Smith (2003), 40% of data loss can be attributed to hardware failure, 29% is due to human error, 13% is due to software corruption, 9% due to viruses and similar programs, 6% due to theft and 3% id due to hardware destruction. Hardware failure and hardware destruction are usually due to disasters or emergencies while the rest may be acts of negligence or crime either deliberate or not (Stoneburner, Goguen, & Feringa, 2002). Palm Beach Sheriff's Office's Action Plan Considering the federal and state requirements regarding the recovery and restoration of information systems for the continuance of services after system breakdowns or attacks, the Palm Beach Sheriff's Office should have a restoration and recovery plan that secures its information systems but also one that ensures that it will be able to perform its critical functions. The degree of comprehensiveness and responsiveness of the plan it enforces will determine its reliability to deal with any related situation regardless of nature, motive or gravity. Situational Assessment and Program Initiation The first is step is to make an audit of what are the risk factors to Palm Beach Sheriff's Office's information system. Based on the assessment, Palm Beach Sheriff's Office must prioritize what is to be addressed first and the specific measures to be done. Options to create the information infrastructures should follow criteria set by FEMA2 and pursue information assurance standards. It is important to choose feasible options using cost-benefit analysis since the systems to be set up will be used long term and significant expense. After the selection of the infrastructure, the training of personnel using the system must be the focus. Information systems are extremely vulnerable and with human error and software corruption accounting for 42% of average data loss (Smith, 2003), it would be advisable to delineate thoroughly function, responsibility and accountability. The last part of this phase is the development of the contingency plan. The contingency plan should involve alternatives for systems failure and data loss setting up as well as during implementation. Risk levels should be mapped according to severity and priority as well as have corresponding operational standard response. System and data checks and related monitoring safeguards should be scheduled and incorporated into overall system calendars and maintenance protocols. Information System Operation Breakdown and Data Loss Event In the event of either information system operation breakdown or data loss event, a background system should be available to record and give notice. Event and user tracking give information on the event and information on the intent and implication in either concern. Notice of both events also becomes crucial one the system is unable to correct itself or retrieve lost data on its own. Intervention of assistance to the system either by physical intervention of via another system or software have to be set and functional. Power system supports, system integrity programs and alarms. The objective of this phase is to limit damage and data loss and to collect enough information for recovery and restoration. Restoration & Recovery of Systems and Data In the restoration and recovery phase, technical, administrative and security procedures should be utilized (Schneier, 2004). These procedures involve the identification of the risk events, response and security response (Stoneburner, Goguen, & Feringa, 2002): Identification and classification - not all system and data changes should be considered infringements. An assessment of their risk should be done and based on the risk map be addressed as formulated. Operational controls and containment assessment - Procedures at this stage should detect the level of intrusion, existing integrity level of both the system and the data, and resulting irregularities and vulnerabilities due to the system and data events. The effect of planned operational control and containment procedures to current system and data states should also be assessed and reported before procedures are actually implemented. Integrity confirmation and verification - this phase should involve the running of a system integrity mechanism. The procedure should not only be limited to the actual system and data but should also run through the monitors and controls. Indicators of integrity as provided for should be verified with independent programs to ensure the absence of embedded security problems that may become incorporated into the system. Restoration to a secure system point and regeneration of data - the secure system point must be have been pre-established and one that is with unquestionably integrity because this will also be the point were needed repairs and further restoration or retrieval will be done. System check and assessment post restoration - a system check should be done once more after all restoration and retrieval to verify system and data. Though according to this designed program, the restoration should not have anymore security issues, it would be advisable to run a check once more. The more important part of this phase is to assess system integrity loss or violation and data loss to support future security actions After Restoration & Recovery The tracking and monitoring programmed into this design should be utilized by Palm Beach Sheriff's Office to pursue legal or police action as needed. Malicious acts to steal data or sabotage their system should be considered with great concern since these action compromise Palm Beach Sheriff's Office ability to deliver critical services. The information gathered from the information system breakdown, data loss, recovery and restoration (whether successful or not), should be utilized to improve current infrastructure. The Palm Beach Sheriff's Office should be vigilant in updating its information system operations to keep ahead with the demands of its office, the escalation of information security crimes and the increasing need to be online to delver critical services. Conclusion Recovery and restoration of information services by the Palm Beach Sheriff's Office is essential if it is to be able to deliver critical services. The incorporation of recovery and restoration plan of information systems should be incorporated into state emergency plans to ensure services. The Federal Emergency Management Agency has specified guidelines to this effect to enhance state and federal coordination (Federal Emergency Management Agency [FEMA], 2006c). Beyond the need for emergency preparedness, the Palm Beach Sheriff's Office and organizations regardless of their nature will benefit from maintaining system integrity to prevent system failures and data loss. The implementation of the designed program concentrates on the preparation against and system and data intrusion and the need to learn about the risks that it has to deal and actually deals with. The Palm Beach Sheriff's Office, like all other government agencies play an important role in the lives and welfare of its citizen. The integrity and responsiveness of informational operational systems is a direct indication of its capability to fulfill its duties and responsibilities. References Calder, Alan and Watkins, Steve (2005). IT Governance: a Manager's Guide to Data Security and BS7799/ISO17799, 3rd Edition. London: Kogan Page. EMC Corporation (2006). Recovery Management for Continuity for Continuity of Operations. Hopkinton, MA: EMC Corporation. Retrieved on September 27, 2006 from http://www.emc.com Federal Emergency Management Agency. (2006a). Community Recovery and Planning. Retrieved September 27, 2006 from http://www.fema.gov/government. Federal Emergency Management Agency. (2006b). Continuity of Operations Self-Assessment Tool. Retrieved August 10, 2006 from http://www.fema.gov/doc/government/coop Federal Emergency Management Agency. (2006c). COOP Assessment. Retrieved September 27, 2006 from http://www.fema.gov/government/coop. Kam, Dara and Gomez, Alan (2005). Lack of Plan Hurt Katrina-Hit States' Response. Palm Beach Post. Retrieved on September 27, 2006 from http://www.palmbeachpost.com/storm/content/state/epaper/2005/09/10/m1a_response_0910.html. Mittler, Elliot (1995). Case Study of Florida's Emergency Management since Hurricane Andrew. Retrieved on September 27, 2006 from http://www.colorado.edu/hazards/wp National Security Agency (2006). Information Assurance FAQ's. Retrieved on September 27, 2006 from http://www.nsa.gov/ia/iaFAQ.cfmMenuID=10. Ginty, Ed (2006). Secure Data-Archiving: How to Protect and Store Your Data. Retrieved on September 27, 2006 from http://www.infosectoday.com/Articles/Archive.htm Schneier, Bruce (2004). Security Information Management Systems: Solution, or Part of the Problem. Retrieved on September 27, 2006 from http://www.schneier.com/essay-054.html Smith, David M. (2003). The Cost of Lost Data. Graziadio Business Report: Journal of Contemporary Business Practices, Volume 6 Number 3. Los Angeles, CA : Pepperdine University - The George L. Graziadio School of Business & Management. Retrieved on September 27, 2006 from http://gbr.pepperdine.edu/033/dataloss.html Stoneburner, Gary, Goguen, Alice and Feringa, Alexis (2002). Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology, Special Publication 800-30. Falls Church, VA: National Institute of Standards and Technology, Information Technology Laboratory, Computer Security Division Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Restoration and Recovery of Information Systems and Data Case Study, n.d.)
Restoration and Recovery of Information Systems and Data Case Study. https://studentshare.org/information-technology/1519439-restoration-recovery-plan
(Restoration and Recovery of Information Systems and Data Case Study)
Restoration and Recovery of Information Systems and Data Case Study. https://studentshare.org/information-technology/1519439-restoration-recovery-plan.
“Restoration and Recovery of Information Systems and Data Case Study”. https://studentshare.org/information-technology/1519439-restoration-recovery-plan.
  • Cited: 0 times

CHECK THESE SAMPLES OF Restoration and Recovery of Information Systems and Data

Infrastructure for Data Storage

n a typical SAN display, the server-based applications obtain storage I/Os completed in a constantly short time and data is saved from missing.... This paper “Infrastructure for data Storage” demonstrates the options for data storage and technology.... In order to store data for the computer system, the DAS is the most well-known method.... However, SAN data can be accessed by any independent servers....
4 Pages (1000 words) Essay

Restoration and Recovery Plan: Ceramic Manufacturing Company

nbsp;… The evolution of information systems has come a long way, since an almost ad-hoc approach in their deployment of yore days to their current sophisticated, managed, planned, and well-engineered approach.... "restoration and recovery Plan: Ceramic Manufacturing Company " paper attempts to understand the restoration and recovery plan employed by an organization in case of any of an attack or failure of its Information System.... The data-backups ensure recovery of essential data whenever there is any kind of data loss by way of any file corruption, data-stealing, or manual transactional error....
5 Pages (1250 words) Case Study

Data Backup System over Networks

As these organizations begin to understand the importance of information security and data backup, they are developing security programs that are often under the direction of the CIO.... In the field of information technology, backup refers to the replication of data so that these supplementary copies may be restored after a data loss event.... The author of this paper "data Backup System over Networks" examines data types according to its sensitivity, backup methodology an archiving, failure types, disaster recovery planning, data restoring methodology, and the survey on data backup solutions being used in the market place....
21 Pages (5250 words) Dissertation

The Possible Effects of Splinting Natural Teeth to Dental Implant Restorations

It turns that the metal titanium can bond with organic material well and when placed surgically in a jawbone, it facilitates anchorage and also the full recovery of gums.... The rationale for this literature review "The Possible Effects of Splinting Natural Teeth to Dental Implant Restorations" is to discuss the recent discoveries in dental science....
8 Pages (2000 words) Literature review

A Plan for Restoration and Recovery for Information Systems

Interconnected capabilities of information systems allow system operators instant feedback from an inquiry.... Interconnected capabilities of information systems allow system operators instant feedback from an inquiry.... Though the risks of information systems are known among systems operators, protection plans are far and few between.... Wilcot (2004) points out the haphazard security of information systems: “In most agencies, security is relegated to someone in the information services (IS) department, who usually has many other duties....
7 Pages (1750 words) Case Study

Disaster Recovery Plan to Recover IT systems of ABC Inc

Following are the member of incident Management Group (Kadlec & Shropshire, 2010)• Chief Executive Officer• Chief Financial Officer• Chief Investment officer• Head of Operation • Head of information Technology • Head of Marketing4.... The paper "Disaster Recovery Plan to Recover IT systems of ABC Inc" gives the advice to perform damage assessment to identify the requirement for software, hardware, and database, acquisition of required software/hardware/network sources, the configuration of ESXi installation and configuration....
7 Pages (1750 words) Case Study

Comparison of Security Features in DB2 and MS Access

Database security is an important aspect that ensures that data availability, integrity and confidentiality are enhanced at all time in relational database.... User level security is tasked at controlling the kind of data that a particular user should be allowed to access (e.... preventing the sales personnel from accessing accounting data) and restricting the actions that can be performed on those particular data.... DB2 has a row-level security labelling with very strict security requirements to allow data access....
5 Pages (1250 words) Research Paper

Important and Critical Data of Business

Planning involves determining which systems and data need to be backed up, how often they should be backed up, and were backed up data should be securely stored.... The paper 'Important and Critical data of Business' focuses on information which is the lifeblood of today's business organizations, and loss of data means loss of business services and loss of revenue.... Therefore it is necessary to backup important and critical data of the business....
9 Pages (2250 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us