Learn about the importance of a business continuity plan (BCP) and its relationship to other data loss prevention policies.
- Security Plans are those documents that describe how you will security your environment. There are many types of Security Plans that make up your overall Security Policy. Each plan is written for a specific purpose that tells you how you are to execute in case of a emergency, incident, catastrophic event or just in day-to-day operations. There can be many plans that make up your Data Loss Prevention strategy. You need to ensure that data is authentic, available and accessible.
You need to ensure that your data has integrity, is secure and has confidentiality. Today we will look at five of those plans to ensure your data meets all of those criteria. The first one we will look at is your Business Continuity Plan or BCP. A Business Continuity Plan is a document used to help a company or organization continue to keep critical business functions operating during and after a disruption. This is your umbrella so to speak of all your data loss prevention plans.
All the other plans are a subset of your BCP which is a subset of your overall Security Policy for your company or organization. For example, everyone prepares for a fire. People in the heartland prepare for tornadoes. People on the south coast prepare for hurricanes, and people in California prepare for earthquakes. If a server goes down, it really doesn't matter if it was malware, an intruder or a hardware or software failure, your BCP needs to ensure plans are in place to get the server operational again as soon as possible.
The scope of the BCP is to provide the total view of the organization. The IT systems, facilities and personnel. It is not intended to keep all elements operational, only those are essential or mission critical. Non-mission critical elements that do not need to continue to operate during a crisis or outage are not addressed in your BCP. About a month ago, I woke up at 3:00 a.m. without any water.
So, I immediately went to the grocery grocery store and got eight gallons of distilled water that I was going to use to flush the toilets, and a case of 12 ounce drinking water bottles so we would have water to drink. Luckily the water was back on at 7 a.m., however now I have the distilled water and drinking water on hand for when it happens again. My electricity and gas were fine. So, the only thing I needed to keep my house operating was water. That is what I was focusing on. Just the critical needs.
This is very much the same way your BCP should operate. Focusing and keeping operational only those critical functions to sustain your business until operations are back online. Next up, let's look at Disaster Recovery.
This course was created and produced by Mentor Source, Inc. We are honored to host this training in our library.
- Disaster recovery
- Backup plans
- Information risks
- Off-site storage
- Restore procedures