Disaster Recovery

Such services will include, but are not limited to the following:

 

 

 

 

 

·         Provide engineer to develop testing plan for failover system for bank network;

·         Engineer shall guide system vendor of client’s choice in testing of the plan while onsite and provide all guidelines for testing;

·         Engineer shall supervise testing of the plan and be involved in any actual testing where client advises once onsite

·         Engineer shall write a neutral third party audit report on any test results gathered from testing or from vendor testing as directed by client and deliver written report in hardcopy and electronic format, once any drafts of said report are approved by client management

 

 

 

Full documentation of our work will be maintained and printouts of such work are included as part of this report.  This information should be referenced when reading this report and is considered to be an integral part of the report as it is the basis for the issues presented.

 

 

Consulting Work for New Offsite Emergency Response/Failover Center:

 

 

NOTE:  MILE2 STRONGLY suggests that this project commence no later than late February of 2010 to allow a full eight weeks for the work below, plus a possible 3-4 additional weeks by the Client to conduct any final installation work by the non-MILE2 equipment vendor.  By moving along this schedule the Client has time to finalize all arrangements for this critical new site PRIOR to the start of hurricane season in late spring.

 

 

 

 

 

3 Phases:

 

Phase 1:  Discovery, research and Assess DR options.

this includes the on-site observation at both facilities).

 

Phase 2:  Coordinate installation and create a DR blueprint. 

days to assess, create and develop the Disaster Recovery Plan.

 

 

 

Phase 3:   Evaluate and Test  (See Below) Serve as project manager, assist with final design, and sign off on suggested implementation/design from equipment/IT vendor on the project as to final level of soundness/security standards.  to assist in final design, project management and sign off of final design prior to implementation of the system by the equipment/IT vendor chosen by Client

 

 

 

This time period is my best assumption with the limited information I have presently

 

Part I:

 

 

Assess and provide practical guidelines covering each step of the BCP development process. The Guidelines start with project initiation, with the identification of the BCP Project Manager's duties and responsibilities, involvement of the top management and Board and project control activities and then provide detailed and practical guidance to the BCP Project Team through each step of the BCP process. Consider the A. asset's of the company, B. decide what critical networking components the client must consider for redundancy, C.  decide the range of allowable down time, D. consider what type of DR site they desire, that is warm or a hot site, E. finally, consider the budget the client has. These decisions made through out the discovery phase will build a potential DR plan that would prepare the client in any type of emergency should occur. Once our team assess  mitigating factors and address residual risk , the client can consider several DR plans by the client for the best cost effective approach towards creating an industry acceptable Disaster Recovery and business continuity plan.  This would require full disclosure towards company networking infrastructure, on-site assessment to both the working location as well as the off shore DR facility and full cooperation with those responsible in forming the DR team.

 

 

Once we have that we can assess mitigating factors and address residual risk.

 

Part II

After the on-site assessment and DR plan is chosen,  our team will coordinate the installation of the fail over network with a 3rd party vendor. Once this is completed, a report with comprehensive planning templates consisting of forms, check lists and control sheets will be entailed. The DR plan templates will provide the plan developers with the tools required to control the development of the BCP and the attainment of each milestone in turn. In addition, the DRP will provide will aid BCP Project Team with a structured framework for for following companies Business Continuity Plan, which will ultimately contain detailed procedures for each business area supported by appropriate diagrams and control schedules.

 

 

 

Several questions that will need to be considered:

 

 

What assets does the client want to secure?

What critical components must be reproduced?

What is the acceptable down time acceptable?

What is the client budget?

A warm site might be desired but is a hot site industry standards?

The blue print must address pandemics.

When is it a critical time when the finishing of the SOW must be.

 

 

 

Phase  III

 

As far as testing, we have several issues to consider when testing and it goes in phases.  First, we do a checklist test to make sure all of the procedures are sound and revamp as needed.  Second, we do a roundtable discussion to make sure plan is sound.  Next we do a walkthrough simulation.  We take this right up to the point before relocation.  Next we run a parallel test, running both systems in tandem to make sure it is viable.  Lastly, the big test. Shut down the main system and just run on backup system. This is the most dangerous.  If the system doesn’t work, hopefully main system still does, but sometimes this creates a disaster, so this has to be handled expertly and delicately. We have been requested to serve as project manager during this phase, which we estimate will add roughly two weeks to Phase III, for a total of four weeks for this phase, during which Saturn will review final design of the system as recommended by the equipment/IT vendor on the project, and complete a checklist of steps where Saturn will evaluate the system as to common sound security practices, suggest proper maintenance and hardening for the finished system and basically deliver an opinion to the Client as to the quality of the final suggested design; at that point implementation/installation is in the hands of the chosen equipment IT vendor. It will require total cooperation between us and the install network vendor for the alternate system as well as the system is for the main system should any major changes need to be done . 

 

mile2: A Worldwide Name in IT Security! mile2 provides services for companies like Penetration Testing, Ethical Hacker Training, Digital Forensics, and mile2's
upgrade to Certified Ethical Hacker Certification known as CPTEngineer and CPEH.
mile2 designs, develops, and delivers Information Security training and consulting services that meet military, government,
private sector and institutional specifications. mile2 also provides security vulnerability scans and assessments to clients around the world.
You can become an Ethical Hacker with our answer to Certified Ethical Hacker Training. Click Here
Interested in Digital Forensics?