WEBVTT

00:00.000 --> 00:02.309
>> After we've
initiated the project,

00:02.309 --> 00:04.740
we've done our business
impact analysis,

00:04.740 --> 00:08.310
identified recovery strategies,
and written the plan,

00:08.310 --> 00:10.890
the next thing we have
to do is test it.

00:10.890 --> 00:13.320
What we're checking
here is accuracy and

00:13.320 --> 00:14.850
completeness of the plan itself

00:14.850 --> 00:16.455
to figure out if it's practical,

00:16.455 --> 00:19.320
if it will work, and if
we thought of everything.

00:19.320 --> 00:20.955
When we talk about testing,

00:20.955 --> 00:22.575
we're evaluating the plan.

00:22.575 --> 00:24.915
When you conduct
exercises and drills,

00:24.915 --> 00:26.955
you're focusing on
employee response.

00:26.955 --> 00:29.280
But here, we're
looking at the plan.

00:29.280 --> 00:31.310
We need to maintain this plan by

00:31.310 --> 00:32.810
revisiting and testing it at

00:32.810 --> 00:36.500
least once per year or in
the event of a major change.

00:36.500 --> 00:38.750
We want to keep up the
plan to date and we're

00:38.750 --> 00:40.910
capable of managing a disaster.

00:40.910 --> 00:42.920
Senior management
must sign off on

00:42.920 --> 00:44.660
the results of the
test because they are

00:44.660 --> 00:46.400
ultimately responsible
for ensuring

00:46.400 --> 00:48.545
the safety and
well-being of our staff,

00:48.545 --> 00:52.100
as well as protecting the
assets of our organization.

00:52.100 --> 00:54.525
There are different
types of tests.

00:54.525 --> 00:56.205
Starting with the
checklist test,

00:56.205 --> 00:58.695
very basic. This is paper-based.

00:58.695 --> 01:00.560
We create a checklist
and pass it out to

01:00.560 --> 01:02.120
department managers and ask

01:02.120 --> 01:03.500
if we've thought of everything.

01:03.500 --> 01:06.125
They check us or let us
know what we forgot.

01:06.125 --> 01:08.000
We don't get a lot
of information from

01:08.000 --> 01:10.715
a checklist test but
it's a place to start.

01:10.715 --> 01:13.070
The next step is to bring
the managers and with

01:13.070 --> 01:15.350
the checklist for
their discussion.

01:15.350 --> 01:17.150
This gives us a better
understanding of

01:17.150 --> 01:18.560
inter dependencies and how

01:18.560 --> 01:21.070
things work as a part
of the big plan.

01:21.070 --> 01:23.495
It's still a paper-based test,

01:23.495 --> 01:25.805
but this is called
a tabletop test.

01:25.805 --> 01:28.415
It can also be called a
structured walk-through,

01:28.415 --> 01:30.500
where we actually
do get up and go

01:30.500 --> 01:32.845
through the motions is
our simulation test.

01:32.845 --> 01:34.800
In a simulation test,

01:34.800 --> 01:37.755
we go through things like can
we get to the HVAC system?

01:37.755 --> 01:39.480
Do we have keys
to the generator?

01:39.480 --> 01:42.605
Are the doors unlocked as they
should be for evacuation?

01:42.605 --> 01:44.510
We're moving through the
phases of the plan to

01:44.510 --> 01:47.320
get a better idea of
whether it will work.

01:47.320 --> 01:50.250
We then may go to
a parallel plan.

01:50.250 --> 01:52.955
Not all organizations
go through this test.

01:52.955 --> 01:55.160
We'll set aside a certain
amount of processing

01:55.160 --> 01:57.820
to take place at the
offsite facility.

01:57.820 --> 02:00.785
The majority will happen
at our primary facility,

02:00.785 --> 02:03.080
but we're doing a live
test and a parallel.

02:03.080 --> 02:04.970
In our full interruption test,

02:04.970 --> 02:06.830
we shut down our main
facility and bring

02:06.830 --> 02:09.155
up operations at the
offsite facility.

02:09.155 --> 02:11.705
This is by far the
most risky test.

02:11.705 --> 02:14.150
Often we perform these
tests in sequence,

02:14.150 --> 02:17.075
starting with the checklists
to tabletop to simulation.

02:17.075 --> 02:18.470
We may or may not go to

02:18.470 --> 02:20.495
parallel and full
interruption tests

02:20.495 --> 02:22.045
because they are risky.

02:22.045 --> 02:23.865
Once the plan has been tested,

02:23.865 --> 02:25.440
it's our job to maintain it.

02:25.440 --> 02:27.800
Again, we come back
once a year or in

02:27.800 --> 02:30.920
the event of a major change
to keep it up to date.

02:32.870 --> 02:35.690
Our key takeaways
from this module.

02:35.690 --> 02:38.120
We talked a lot about network
corporations which are

02:38.120 --> 02:39.830
the day-to-day things
we have to do to

02:39.830 --> 02:41.965
keep up the networking
up and running.

02:41.965 --> 02:45.050
We have to maintain network
diagrams and documents that

02:45.050 --> 02:46.820
we know where the
various elements

02:46.820 --> 02:48.980
are and how they're configured.

02:48.980 --> 02:51.740
We discussed policies
and best practice,

02:51.740 --> 02:54.050
everything from changing
configuration management

02:54.050 --> 02:56.015
to separation of duties.

02:56.015 --> 02:57.770
Policies have to be set up to

02:57.770 --> 02:59.000
date and we have to make sure

02:59.000 --> 03:00.200
they're providing
the administrative

03:00.200 --> 03:02.440
control they're set to provide.

03:02.440 --> 03:05.610
Scanning, monitoring,
and patching.

03:05.610 --> 03:08.710
This is the maintenance and
evaluation of our network.

03:08.710 --> 03:10.905
Are systems performing
as they should?

03:10.905 --> 03:13.140
Do we have rogue
systems on the network?

03:13.140 --> 03:15.605
Are we operating and save
this out of the norm?

03:15.605 --> 03:17.855
Are we in compliance
with our baselines?

03:17.855 --> 03:19.460
We should get all
this information

03:19.460 --> 03:21.175
from monitoring and scanning.

03:21.175 --> 03:22.804
When it comes to patching,

03:22.804 --> 03:24.860
we know vendors frequently
release updates to

03:24.860 --> 03:27.500
their operating systems
to their applications.

03:27.500 --> 03:29.330
We need to make sure
we're patched because

03:29.330 --> 03:31.405
that will help us
secure systems.

03:31.405 --> 03:33.455
We then moved in the
fault management

03:33.455 --> 03:34.939
and discuss redundancy,

03:34.939 --> 03:38.225
data backups, clusters,
and web servers.

03:38.225 --> 03:40.235
When we implement
fault management,

03:40.235 --> 03:42.065
it does have to
be all-inclusive.

03:42.065 --> 03:43.490
It doesn't do me any good to

03:43.490 --> 03:45.280
backup my data if
the server fails

03:45.280 --> 03:46.760
so we want to be
thoughtful about

03:46.760 --> 03:48.985
what we implement
redundancy with.

03:48.985 --> 03:51.020
Then we moved in discussing what

03:51.020 --> 03:52.925
happens when you have disasters.

03:52.925 --> 03:56.255
These are notable sizable
reductions in operations.

03:56.255 --> 03:58.220
We need disaster
recovery plan to

03:58.220 --> 04:00.610
respond to the immediacy
of a disaster.

04:00.610 --> 04:03.290
The business continuity
plan allows us to

04:03.290 --> 04:07.110
continue operations long
after the disaster.