backups and disaster recovery for nonprofits
TRANSCRIPT
Backups and Disaster Recovery for Non-Profits
Community IT Innovators Webinar Series
February 18, 2016
Webinar Tips
• InteractAsk questions via chatConnect on Twitter
• Focus Avoid multitasking. You may just miss the best part of the presentation
• Webinar Slides & RecordingPowerPoint and recording links will be shared after the webinar
About Community IT
Advancing mission through the effective
use of technology.
• Invested Work exclusively with nonprofit organizations, serving over 900 since 1993.
• Strategic Help our clients make IT decisions that support mission.
• Collaborative Team of over 30 staff who empower you to make informed IT choices.
Matthew [email protected] @meshleman
Steve LongeneckerDirector – Infrastructure [email protected] @CommunityIT
Agenda• Value of Data• Terminology• Elements of a Plan• Our Story
Information= Asset
http://commons.wikimedia.org/wiki/File:Modern_warehouse_with_pallet_rack_storage_system.jpg
Security Playbook
Security Training and Awareness
PatchingBackup
sAntiViru
sPasswo
rds
Predictive Intelligence
Backups
Some Terms• Backups - Protecting Data
– RPO: How frequently data is backed up– RTO: How quickly can data be recovered
• Disaster Recovery – Recover Systems
• Business Continuity – Ability to continue to function after/during a crisis
1 “The State of Global Disaster Recovery Preparedness,” Disaster Recovery Preparedness Council, March 2014
According to a 2014 study, 73% would receive failing grades for disaster readiness.1
Are you part of the
73%?
Financial dataPayroll infoEmail systemsSoftware programsBusiness applicationsConstituent dataHR docs / employee informationAnd more
Orgs Have More Data to Protect Than Ever
Where is that data?
• Laptop?
• Server?
• Cloud?
• Shadow IT?
Defining a DR Plan
Any event that can cause a significant disruption in operational and/or computer processing capabilities for a period of time, which affects the operations of the business.
disaster[dih-zas-ter, -zah-ster]
Key Elements at Risk in a Disaster
• People
• Facilities
• Equipment
• Data
People Facilities Equipment Data
Unavoidable Disasters Happen Everywhere
• 22 droughts
• 20 floods
• 7 freezes
• 70 severe storms
• 34 tropical cyclones
• 12 wildfires
• 13 winter storms
Approximately 200 “Billion dollar” weather events have occurred in the last 30 years!
(CPI-Adjusted)(National Archives & Records Administration in Washington)
Historic Blizzard(s!)February 2015Catastrophic Fire in
BelmontApril 2015
Major Hospital Data Breach – April 2015
Community ITAug 2015
TESTINGTest the plan
regularly, preferably
with automated tools. Make
improvements based on
test results.
GRANULARITY
Think about recovery on
multiple levels – by application, by services,
and for an
entire site.
TIMESPAN
Set a plan for short-,
medium- and long-term
recovery to guide your users every step of the
way in any
circumstance.
SCOPEAddress the
unique recovery
needs of each part of the business; different
departments have different requirements.
SPEEDDefine a
recovery time objective (RTO) and
recovery point objective (RPO) that meets your needs for speedy
recovery.
Every Organization Needs a Plan
Impact of the Cloud- The cloud ≠ backup
- The cloud can easily meet business continuity requirements
- New vocabulary- SLA
- Uptime
- Vendor dependencies
Key Steps in Creating a Disaster Recovery Plan
Establish a planning group
Perform risk assessment and audits
Establish priorities for applications
and networks
Develop recovery strategies
Prepare inventory and documentation
of the planTest the plan
Implement the plan
1 2 3
4 5 6
7
1. Establishing a Planning Group
• Include representatives from each role in the organization, along with their responsibilities
2. Risk Assessment
• Staff Impact
• Constituent Impact
• Lost Revenue
• Lost Data
• Lost Productivity
Assess the impact to each role in the organization
3. Application PrioritizationClassification Description1 Mission Critical
Order/Transaction Processing or Email System
Mission Critical to accomplishing the mission of the organization
Can be performed only by computers No alternative manual processing capability exists Must be restored within 36 hours
2 Critical Payroll
Processing
Critical in accomplishing the work of the organization Primarily performed by computers Can be performed manually for a limited time period Must be restored starting at 36 hours and within 5 day
3 Essential Human Resources
File Server or Marketing Data
Essential in completing the work of the organization Performed by computers Can be performed manually for an extended time period Can be restored as early as 5 days, however it can take
longer4 Non-Critical
Access to historical data
Non-Critical to accomplishing the mission of the organization Can be delayed until damaged site is restored and/or a new
computer system is purchased Can be performed manually
4. Recovery Strategies
How will you recover?– How to communicate with staff?– Where will you resume operation?– Who are your critical resources?
• Are they available?
– What are the critical business processes?
5. Inventory and Documentation
What do you have available and what
do you need
replaced?
Equipment• Computers• Servers• Networks• Phones
Facilities
People
Vendors
Documentation
6. How Do You Know Your Plan Works?
Perform a disaster drill
Are all key elements in place?
Have you performed a
‘disaster drill’?
Does it meet your
expectations?
?
7. Implementation
Verify everyone
understands their role
Ensure the plan includes
anything learned from
the drill
Review the drills and
ensure it meet the expected
results
In Practice
Our PlanService Location Backup Disaster
RecoveryEmail Office 365 3rd party 8 hr RTO –
Vendor99.9% Uptime
Ticketing Datacenter Server Image + data backup
8 hr RTO - Internal
Monitoring Cloud Server Image + data backup
4 hr RTO - Internal
Files Datacenter Server Image + data backup
8 hr RTO - Internal
Accounting Datacenter 3rd party 2 hr RTO - Internal
Call Center Cloud Vendor 99.99% Uptime
Q&A
Upcoming Webinar
Windows 10 for the EnterpriseThursday March 17th
4:00 – 5:00 PM ESTPresenters
Galen Wenger
Provide feedback Short survey after you exit the webinar. Be sure to include any questions that were not answered.
Missed anything? Link to slides & recording will be emailed to you.
Connect with us