SANS InfoSec Reading Room - Disaster Recovery

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 17 papers as of Feb 10, 2010

Business Continuity On A Stick

By: Patrick Kral (posted on August 7, 2008)

Preparing For A Disaster: Determining the Essential Functions That Should Be Up First

By: L. Barry Lyons IV, CISSP (posted on October 4, 2007)

Business Continuity Planning Concept of Operations

By: CurtisM Keliiaa (posted on July 19, 2006)

BCP Command Structure Business Continuity Planning (BCP) is a program that assesses the existing operations, risks, and customer relationships of an organization for the development of organizational preparedness.

Beyond Buy-In: The Case for Executive Level Involvement in Developing a Business Continuity Plan

By: Anne Humphrey (posted on May 17, 2005)

The development of a robust business continuity plan is an essential activity for any organization. Too often companies limit executive level participation to approval and funding roles.

Computer Security Considerations in Disaster Recovery Planning

By: Douglas Velliquette (posted on January 17, 2005)

The successful implementation of a disaster recovery plan is contingent upon the effectiveness of its design. This paper focuses on specific computer security considerations to be included in disaster planning and recovery strategies.

The Virtual Machine: A Tool for Business Continuity Planning

By: Moe Calvez (posted on August 15, 2004)

Disaster recovery, or business continuity planning, is an ever-increasing issue for IT personnel. Why? Well, try to name a company that is beyond dependence on computer and internet technology to maintain a viable business. O.K., besides the Benedictine monks who make that great liqueur or Amish farmers.

Disaster Recovery: Survivability &; Security

By: Linda Ridgway (posted on December 13, 2003)

This paper discusses the Disaster Recovery Plan (DRP) and addresses the need to incorporate physical surroundings, data, key personnel, and the organization as an individual entity as well as where the coordination of the Business Continuity Plan (BCP) and DRP coordinator belongs within the organization.

The Oversight of Physical Security and Contingency Planning

By: Andy Krupa (posted on October 31, 2003)

This paper addresses the importance of physical security in relation to the protection of data systems and sensitive information including the topics of access control, basic physical security practices, and the importance of contingency planning.

Recovering From Disaster: Implementing Disaster Recovery Plans Following Terrorism

By: Scott Hannig (posted on October 31, 2003)

The purpose of this paper is to examine three aspects of disaster recovery, which were found to be the most challenging for many of the companies affected by the 911 attacks: accessing the needed software and technology, staying connected with employees and customers, and the loss of valuable personnel.

Introduction to Business Continuity Planning

By: Gan Chee-Syong (posted on October 31, 2003)

The purpose of this document is to give an overview of what is Business Continuity Planning and provide some guidance and resources for beginner.

Systems Survivability

By: Douglas Lancaster (posted on October 31, 2003)

The goal of this paper is to introduce the concept of systems survivability, and explore methods in which this broad concept can be utilized.

Requirements for the Design of a Secure Data Center

By: Christopher Nye (posted on October 31, 2003)

This paper covers some of the key elements to be taken into consideration when designing and building a secure data center.

Business Resumption Planning: A Progressive Approach

By: Wayne Freeman (posted on October 31, 2003)

The purpose of this paper is to provide a basic roadmap for those endeavoring to implement a Business Resumption Plan (BRP) within their organizations.

Disaster Recovery Plan Testing: Cycle the Plan, Plan the Cycle

By: Guy Krocker (posted on October 31, 2003)

This paper takes an in-depth look at the Disaster Recovery Plan (DRP) testing process.

Disaster Recovery Plan Strategies and Processes

By: Bryan C. Martin (posted on October 31, 2003)

This paper discusses the development, maintenance and testing of the Disaster Recovery Plan, as well as addressing employee education and management procedures to insure provable recovery capability.

Business Continuity Planning In Difficult Economic Times

By: Suzanne Widup (posted on October 31, 2003)

The primary objective of this paper is to enable an organization to survive a disaster and to reestablish normal business operations.

The Disaster Recovery Plan

By: Chad Bahan (posted on October 31, 2003)

This paper provides a discussion on business continuity and disaster recovery plans, which are critical components used to ensure that systems essential to the operation of the organization are available when needed.