Business Continuity Plan and Disaster Recovery Plan Analysis Report

Verified

Added on 2020/04/21

AI Summary

This report provides an analysis of a Business Continuity and Disaster Recovery Plan, focusing on the challenges faced by incident handlers when moving data to a cloud environment. It explores issues such as identifying relevant data resources, standardizing event information, and handling customer-specific logging in a multi-tenant infrastructure. The report also addresses the complexities of detecting missing information and intrusion within cloud environments, highlighting the importance of security services and intrusion detection methods. Furthermore, it emphasizes the need for thorough incident analysis, including the determination of the network and system scope affected by intrusions, and the collection of relevant information to prevent future occurrences. The references provided support the discussion with insights into cloud security, incident handling, and detection approaches.

Running head: BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
Business Continuity Plan and Disaster Recovery Plan
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
The challenges, which the incident handlers face when the data is being moved from
the local servers to the cloud environment, are large in number (Debar, Curry & Feinstein,
2007). Apart from the challenges of creating and maintaining of a cloud environment there
are also the following problems that is being faced by the incident handlers are:
Identifying the relevant data resources: It cannot be directly said which of the files
is to pose a problem related to the incident detection. Especially for the system of SaaS and
PaaS different methodologies needs to be implemented into these paradigms to make the
detection of the paradigms effective (Grobauer & Schreck, 2010).
 Event information standardization: There are no standard developed in the field of
making an existing initiative for the making of a standard event information sharing
protocol. The event handlers should develop a common form of sharing information to
work on the information received from the event generated.
 Logging based on specific customers: The essential characteristics of a cloud for the use
of resource pooling has led to the making of multitenant infrastructure. Thus, the events,
which are being generated by the infrastructures, are mainly in the field of non-customer
specific portions of the main infrastructure, resources from a single customer and
resources collected from several customers. For the provision of access of the customers
to the events the cloud service providers has two goals. There should be viewable for
event information to a single user but the information of other users should not be visible
to others (Christodorescu et al., 2009).
 Detection of missing information: the cloud service providers for the detection of
intrusion must take Security services in accordance to the intrusion detection into
account. The cloud service providers have minimum or no knowledge about the working
of the infrastructure of the cloud. This problem has been found in the IaaS and in PaaS. In
IaaS the intrusion detection is used in the virtual machines without the knowledge of the

2
BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
operating system installed in to it. In PaaS the intrusion detection for the applications
running on the web is analyzed without the knowledge about the application.
After the intrusion detection has occurred, the incident is reported for successful
analysis of the problem. The analysis is done based on the analysis of the security incident at
hand and the scenario that is happening or has already happened. Most of the incidents are for
the verification whether others have changed the website (Kumar, Tyagi & Nayeem, S). The
other method requires a lot of work as the points, which has changes, needs to be analyzed
with the help of specific techniques. The hackers may use high end techniques for the hiding
of their work and activity on the system. For the complete understanding of the security
incident, the scope of the network and system attacked needs to be determined so that the
intrusion can be removed. This helps in the analysis for non-repetition of the mistakes in the
future. It can be said to be of high importance for the removal of the order of volatility of the
intrusion with the collection of the required amount of information on the attack that had
occurred.


3
BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
References
Christodorescu, M., Sailer, R., Schales, D. L., Sgandurra, D., & Zamboni, D. (2009,
November). Cloud security is not (just) virtualization security: a short paper.
In Proceedings of the 2009 ACM workshop on Cloud computing security (pp. 97-
102). ACM.
Debar, H., Curry, D. A., & Feinstein, B. S. (2007). The intrusion detection message exchange
format (IDMEF).
Grobauer, B., & Schreck, T. (2010, October). Towards incident handling in the cloud:
challenges and approaches. In Proceedings of the 2010 ACM workshop on Cloud
computing security workshop (pp. 77-86). ACM.
Kumar, D., Tyagi, A. K., & Nayeem, S. Handling of Incident, Challenges, Risks,
Vulnerability and Implementing Detection approaches inside the Cloud. International
Journal of Computer Technology and Electronics Engineering (IJCTEE) Volume, 2.