Prudent Retaliation to Failure

¶ … Policy Creation It is critical for organizations to develop and readily have available an incident response policy to address their various business and information technology needs. There are a couple of pivotal factors to account for in such a policy. These include various aspects of creating and maintaining an incident response team, business continuity planning, and a disaster recovery processes.

Perhaps one of the most encouraging facets of engendering such a plan is that there are myriad developments within the IT space that can help to facilitate many of the components of these three aspects of this policy. Specifically, there are a number of options involving Cloud computing and data replication, as well as remote Software Oriented Architecture and services delivered through the cloud that can help to make such a policy effective if it ever requires implementation.

The utilization of cloud computing and its many services, in addition to prudent data replication, should enable an incident response policy that propagates business continuity for Gem Infosys. Perhaps the most vital part of this policy is the disaster recovery process that the utilization of certain cloud services can certainly assist with and, in many cases, actually ensure. There are a number of cloud services that provide the sort of infrastructure that can handily backup the physical infrastructure that Gem Infosys utilizes.

That infrastructure involves only 10 PCs, a single firewall, a pair of web servers, three file servers, a Windows Active Directory and a broadband connection to the internet. A software as a service offering such as Zetta DataProtect can singlehandedly "offer data backups and disaster recovery for a multitude of files, databases, and entire servers" (Harper, 2014), let alone for the rather modest IT infrastructure and its accordant data that Gem Infosys deploys.

In this regard, one of the most salient aspects of this policy is to subscribe to Zetta DataProtect's service which enables organizations to continuously replicate data to the Cloud regardless of appliances. Thus, in the event that there is a firewall breach or some other attack on its physical infrastructure (including its servers), it will have a backup copy of its data in the cloud. In terms of planning for business continuity, it is essential for Gem Infosys to subscribe to additional Cloud services.

One of the most viable aspects of doing so is that such subscriptions and services can only be utilized in instances in which they are necessary -- such as during times of failure or even when conducting maintenance. Due to the cloud service model, companies only pay for services when they are used. Thus, the company should chooses to leverage additional platform as a service options and software oriented architecture that provides the same sort of software that it utilizes via its Windows 2008 Active Directory.

Doing so will enable it to continue doing business from wherever it can establish internet locations -- including via mobile technologies, in some instance. Thus, the company will have continuity in the event of failures and during periods of downtime due to routine maintenance to its physical infrastructure.

However, it is necessary for the company to maximize the aforementioned cloud options -- the deployment of Zetta DataProtect and subscription services to additional platform as a service and software as a service options -- by replicating data to the cloud via a master/slave asynchronous replication model. This model writes data to a master database prior to replicating it to slave databases -- such as that found with Zetta DataProtect.

It replicates faster and has greater availability than other models and, in the event of failure, will continue trying to replicate data (Harper, 2014). Once failure is over, it then only replicates data updates -- as opposed to entire copies of data. The final component of this incident response policy is the formulation and designation of an incident response team. What is critical to remember about this part o the policy is that that team should involve personnel both internal and external to the enterprise.

Internally, the team should involve various information technology personnel such as database administrators, database architects, and various system administrators who are responsible for ensuring that the replication process of data to Zetta DataProtect is continuous -- at least prior to the event of failure. Additionally, it is necessary to involve personnel with Zetta.net in the incident-response team, who can ensure that the replication process is working prior to failure and that data is still available afterwards. These latter personnel can confirm that whatever disaster produced system failure with the.