Developing an IT Disaster Recovery Plan
A disaster recovery plan (DRP) should be a collaborative process. At the minimum, you will need to have a knowledgeable representative from each department or area of the city that is touched by Information Technology. By involving as many of your users as possible, you will increase your ability to capture all the necessary information. Each representative will provide you with information about the types of services, software, and hardware that they would need in order to perform their respective jobs.
Step One
Your starting point for DRP should be a comprehensive inventory of hardware (servers, desktops, laptops, printers, wireless devices, routers, switches, etc.), software applications, and data. Your goal is to account for everything you would need to do business in the event of any or all types of disasters. Consider and document the different types of disasters that you are planning for and include disasters that your area or location might be more prone to for the specific location. For example, city hall is located in a flood zone. Include everything you would need to work at city hall or your disaster recovery site with redundancy, if physically and financially feasible (power, data connectivity, equipment, etc.).
Step Two
As part of the inventory, or once it is complete, take the time to classify or understand the impact level of your data and/or the security classification of the data. This information will be useful in the development of an IT Security Plan, a Business Continuity Plan, as well as with the DRP. Also make note of where the data is located (server drive or local PC). The Federal Information Processing Standard 199 (FIPS 199), Standards for Security Categorization of Federal Information and Information Systems (2004) defines three security objectives for information and information systems:
- Confidentiality – A loss of confidentiality is the unauthorized disclosure of information.
- Integrity – A loss of integrity is the unauthorized modification or destruction of information.
- Availability – A loss of availability is the disruption of access to or use of information or an information system.
Each of these is evaluated for the level of potential impact on the organization or individuals should there be a breach of security, loss of access, or in this case, a disaster of some sort.
- Low – The loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.
- Moderate - The loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.
- High - The loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
While the availability is the most important security objective for developing your DRP, you need to keep all three objectives in mind during the planning process, as well as during a recovery process, to avoid breaching or compromising either of the other two during a recovery or disaster scenario.
Step Three
Once you have completed the inventory, including security classifications, you are ready to create the DRP. Begin developing the DRP based on the services you need to provide immediately following a disaster. Classify your hardware based on the same structure outlined above, as this will help you triage your equipment, in the event of a disaster. The DRP will help you reassign equipment from less critical services to more critical applications in order to get them up and running sooner, or until you are able to replace affected hardware. Classifying your hardware and equipment will be especially helpful if you plan to use existing low-use or low-priority equipment as your DRP replacements.
Step Four
Once you have a final DRP in place, you will want to test the DRP. Use the testing process to evaluate and further tune your DRP. You will want to update or evaluate the DRP annually to make sure that it stays current. Also, make sure to revisit the DRP as your environment changes.
Helpful Links
UT Emergency Management Policy
UT IT0128 - Contingency Planning
Metro Government Nashville IT Contingency/Disaster Recovery Planning
NIST Computer Security Resource Center - Disaster Recovery Documents Search
NIST CSRC SP 800-60 Vol. 1 Rev. 1