Disaster Recovery Plan for CyberTech Solutions

a) Identification of Critical IT Systems

CyberTech Solutions relies on different critical IT systems to keep the business running. Once a
disaster occurs, such systems would need to be restored first so that there is little disruption to
normal operations. The critical systems for CyberTech Solutions are as follows:

 Customer Database: Contains critical data regarding customers, personal information,

transaction history, and supporting information.
 Email Servers: These are critical to ensure internal communication, interaction with clients,
and operational continuance.
 Cloud Services and Applications: Cloud-based project management applications, CRM
systems, and collaboration platforms.
 Web Servers: These host the corporate website and deliver services to external clients.
 File Servers: Critical business documents, financial records, and employee data are stored on
file servers.

b) Recovery Objectives

For all critical systems, CyberTech Solutions will define an RPO and RTO. These will be used to help
guide the restoration process and ensure that services are restored to meet business needs.

 Customer Database

RPO: 1 hour - This would mean data must be recoverable from the last backup taken within the
previous hour.

RTO: 2 hours - The database must be fully restored and operational within 2 hours of a disaster.

 Email Servers

RPO: 4 hours: This means that data has to be recoverable from backups created within the last 4
hours.

RTO: 1 hour: Email services shall be restored within 1 hour to avoid disrupting communications.

 Cloud Services and Applications

RPO: 2 hours: Cloud services data must be recoverable from backups taken within the last 2 hours.

RTO: 4 hours: Cloud services shall be restored within 4 hours to reduce downtime and disruption to
business activities.

 Web Servers

RPO: 12 hours (Web server data must be recoverable from the last backup within the past 12 hours).

RTO: 6 hours (Restore web servers within 6 hours to minimize loss of client-facing services.

 File Servers

RPO: 1 day: Data should be recoverable from daily backups.

RTO: 24 hours: File servers should be restored within 24 hours in order to maintain access to critical
business files.

c) Data Backup Strategy

A proper backup strategy ensures that critical data is well protected and can be recovered in case of
a disaster. CyberTech Solutions will follow the subsequent backup strategy:

Backup Frequency:

Customer Database: Incremental backups every hour, with full backups weekly for minimal data loss.

Email Servers: Daily backups, with hourly snapshots taken during peak activity times to prevent data
loss during high-traffic periods.

Cloud Services and Applications: Backups will be managed by the cloud provider with daily external
backups to prevent any potential loss of critical cloud-based data.

Web Servers: Daily backups of website data, with weekly full backups.

File Servers: Daily backups, with weekly full backups to ensure comprehensive coverage of business-
critical files.

Backup Locations:

On-Site Storage: Locally, backups will be maintained in a high-capacity Network Attached Storage
device. The quick recovery is anticipated when a local disaster occurs.

Off-Site Storage: Remote cloud-based backup services like AWS, Google Cloud will be used to house
secondary information copies in case the on-site systems are destroyed and data has to be retrieved.

Encryption of Backups: All backup data shall be encrypted using AES-256 encryption to avoid
unauthorized access and ensure the security of data during recovery.

Backup Monitoring:

Regular monitoring shall be performed for the integrity of backups. Automated alerts of any backup
failure shall notify the IT team for immediate remedial action.

d) Disaster Recovery Site

The firm will recover the site from a disaster by using a Hot Site provided by CyberTech Solutions. A
hot site is an exact duplication of an entire live site that provides the fastest switch-over to back up
any failed operation.

Features of Hot Site:

The hot site will be configured with redundant hardware, software, and network infrastructure to
support the continuity of operations. It will replicate critical systems such as the customer database,
email servers, and file servers. The hot site will be geographically separated from the primary site to
avoid being affected by local disasters (e.g., natural disasters, power outages).

Hot Site Activation:

The hot site recovery team will initiate the failover process in the event of a disaster. The necessary
systems will be brought online at the hot site and the critical services restored. Traffic will be
rerouted to the hot site to ensure business operations continue uninterrupted.

Hot Site Testing:

The hot site will be subjected to regular failover tests to ensure that it can support the recovery load.
These tests shall be done quarterly to validate the readiness and performance of the systems.

e) Recovery Plan Process

The steps in the recovery process are as follows:

Detection and Declaration of Disaster:

The IT department shall monitor the occurrence of a disaster, such as cyber-attacks or natural
disasters, and declare this as a disaster. The disaster recovery team shall be activated immediately.

System Failover:

The most critical systems will be relocated to the hot site to ensure restoration of the most important
operations first.

Data Restoration:

Systems will be restored to state using backup data from both cloud and local systems to bring
systems back to the most recent state according to the RPO.

System Testing:

Systems, once restored, will undergo extensive testing to ensure data integrity and functionality of all
services.

Communication

The customers and stakeholders will be informed of the disaster and the time the resolution is
expected. Updates on the recovery process will be provided periodically.