Disaster plans are a very important part of designing a security plan. Disasters come in several types. There are physical disasters like earthquakes, tornados, hurricanes, and floods. Then you have non-physical such as data breaches and system failures. In order for us to complete our security plan we need to create a disaster plan to help us should an unfortunate event occur. The first step in creating a disaster plan is to conduct a business impact analysis (BIA). To conduct a BIA, we must first start by figuring out all the systems and applications we use and where each of them reside.(searchhealthit.techtarget.com) Then once we know what we have we take that information and then determine each one impact to the company should it go down and since we are a healthcare organization we have to include
…show more content…
Then next we need to look at what vulnerabilities affect each one and come up with a plan to fix those vulnerabilities and implement that plan. (searchhealthit.techtarget.com) The next step is to look into backup programs and think about how and where we will store those backups. There are many programs available and the way I would work backups is to use a combination of disk-based backup and tape backups. You may be thinking why would we use two and two will be expensive. So, I will explain my reasoning behind this route. The tape backup is not enough on its own. The tape backups are one time backups so if you perform a backup at 10 you have 23 hours before another backup will occur. Should a disaster occur during that 23 hours everything new added after the 10pm backup will be lost.(searchhealthit.techtarget.com) Disk-based backups are continuous backups meaning they are always backing up all the new data. The
Then next we need to look at what vulnerabilities affect each one and come up with a plan to fix those vulnerabilities and implement that plan. (searchhealthit.techtarget.com) The next step is to look into backup programs and think about how and where we will store those backups. There are many programs available and the way I would work backups is to use a combination of disk-based backup and tape backups. You may be thinking why would we use two and two will be expensive. So, I will explain my reasoning behind this route. The tape backup is not enough on its own. The tape backups are one time backups so if you perform a backup at 10 you have 23 hours before another backup will occur. Should a disaster occur during that 23 hours everything new added after the 10pm backup will be lost.(searchhealthit.techtarget.com) Disk-based backups are continuous backups meaning they are always backing up all the new data. The