Scribd
Upload
35 views20 pages

Week 3 Security Policies Part 1

This document discusses security policies and procedures including business continuity, authentication models, logging, audits, redundancy planning, disaster recovery, and applicable legislation. It covers understanding business continuity through utilities, high availability, redundancy, fault tolerance, and spare parts. Authentication models and their components are summarized. Redundant Array of Independent Disks (RAID) is explained along with the most common RAID levels. Disaster recovery procedures including backups, onsite and offsite storage are also outlined.

Uploaded by

Clinton Akili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
35 views20 pages

Week 3 Security Policies Part 1

This document discusses security policies and procedures including business continuity, authentication models, logging, audits, redundancy planning, disaster recovery, and applicable legislation. It covers understanding business continuity through utilities, high availability, redundancy, fault tolerance, and spare parts. Authentication models and their components are summarized. Redundant Array of Independent Disks (RAID) is explained along with the most common RAID levels. Disaster recovery procedures including backups, onsite and offsite storage are also outlined.

Uploaded by

Clinton Akili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 20

Security Policies and

Procedures
This Chapter:
• Understanding Business continuity
• Summarize the various authentication models and identify the
components of each
• Execute proper logging procedures and evaluate the results
• Conduct periodic audits of system security settings
• Explain redundancy planning and its components.
• Implement disaster recovery procedures
• Identify and explain applicable legislation and organizational policies.
Understanding Business Continuity
• Utilities
• Water, Electricity
• To keep it comfortable and functioning properly
• High Availability
• The process of keeping services and systems operational during an outage
Understanding Business Continuity
• Redundancy
• Redundancy refers to systems that are either duplicated or that fail over to
other systems in the event of a malfunction.

• Fail-over refers to the process of reconstructing a system or switching over to


other systems when a failure is detected. In the case of a server, the server
switches to a redundant server when a fault is detected.
Server Clustering in a networked
environment
Understanding Business Continuity
• Fault Tolerance - Fault tolerance is primarily the ability of a system to
sustain operations in the event of a component failure

• Spare Parts
• Always be readily available to repair any system critical component if it should
fail.

• Electrical Power
Redundant Array of Independent Disks
• Redundant Array of Independent Disks to be discussed next meeting.
Redundant Array of Independent Disks

• Redundant Array of Independent Disks (RAID) is a technology that


uses multiple disks to provide fault tolerance. There are several
designations for RAID levels.
The most commonly implemented RAID
levels are as follows:
• RAID 0 is disk striping. It uses multiple drives and maps them together
as a single physical drive.
RAID 1
RAID 3
Raid 5
Scenario
• Your primary server is currently running four 300GB disks in a RAID 5
array. Storage space is at a premium, and a purchase order has just
been approved for four 500GB disks. Still utilizing a RAID 5 array, what
is the maximum data storage space this server will be able to host?
Disaster Recovery
• Disaster recovery is the ability to recover system operations after a
disaster. A key aspect of disaster-recovery planning is designing a
comprehensive backup plan that includes backup storage,
procedures, and maintenance.

Depending on Backups
• Backups are duplicate copies of key information, ideally stored in a
location other than the one where the information is currently stored.
Primary starting point for disaster recovery
• Financial Statements
• Incorporation Documents
• Loan Documents
• Personnel Information
• Tax Record
• Board Resolution
Primary starting point for disaster recovery
• Applications
• Appointment Files
• Customer List
• Database Files
• Email correspondence
• Financial Data
• User Files
• User Information
You might need to restore information from backup copies for any
number of reasons. Some of the more common reasons are listed
here:

• Accidental Deletion
• Applications Errors
• Natural Disasters
• Physical Attacks
• Server Failure
• Virus Infection
• Workstation Failure
• Working copies - Working copy backups—sometimes referred to as
shadow copies—are partial or full backups that are kept at the
computer center for immediate recovery purposes. Working copies
are frequently the most recent backups that have been made.

• Onsite storage - Onsite storage usually refers to a location on the site


of the computer center that is used to store information locally.
Onsite storage containers are available that allow computer
cartridges, tapes, and other backup media to be stored in a
reasonably protected environment in the building
Offsite storage
• Offsite storage refers to a location away from the computer center
where paper copies and backup media are kept. Offsite storage can
involve something as simple as keeping a copy of backup media at a
remote office, or it can be as complicated as a nuclearhardened high-
security storage facility.

You might also like