As important as having a disaster recovery plan is, taking measures to prevent a disaster or to mitigate its effects beforehand is even more important. This portion of the plan reviews the various threats that can lead to a disaster, where our vulnerabilities are, and the steps we should take to minimize our risk. The threats covered here are both natural and human-created:
Loss of internal infrastructure
In the event of the main offices being unavailable users would be able to log in and work from home where appropriate. These arrangements will need to be confirmed so we ensure the resources such as connectivity arrangements for all staff is available. Since we use the Atlasin server and AWS with adjacent SAL. U-turn. plans are available to offices in nearby regions.
Insider leak (code, developers switched to a new job)
SSH-access management. We use teleport to work with access. Personalized server accounts, account management. We use a single entry point operated by a company. Authentication happens through corporate email. Monitoring basic configurations on servers We use automated reversal tools (docker Kubernetes), configurations always go through a review and get to the server only as part of the deployment process.
Loss of key personnel
All information is recorded electronically. Work is in accordance with internal standards and processes. A mandatory knowledge transfer process is foreseen. The company always has a reserve for each of the positions so that the work does not stop.
External and internal attacks on infrastructure
Using updated software from reliable vendors. Tracking the vulnerability of the software used. The configuration of network interfaces where everything is closed by default and only what we know and use is open. SSL protection and modified ports for connection management (SSH) work only on a key basis. Traffic monitoring Internal threat prediction system based on public information analysis.
For internal documentation and communications, we use cloud services (Google Drive, Docs and Sheets, Slack). Every employee has a personal Google Account with two-factor authentication and these accounts use like login to other corporative cloud services. Also, the overwhelming majority of our staff use laptops which allows them to work anywhere in the world.
Computer crime is becoming more of a threat as systems become more complex and access is more highly distributed. All systems have security products installed to protect against unauthorized entry.
All systems are protected by passwords. All users are required to change their passwords on a regular basis. All systems should log invalid attempts to access data, and the system administrator reviews these logs on a regular basis. All systems are backed up on a periodic basis. Physical security of the data storage area for backups is implemented. Standards have been established on the number of backup cycles to retain and the length of their retention. Policies and procedures are strictly enforced when violations are detected. Operators are regularly told the importance of keeping their passwords secret.
Unfavorable political situation
Confirmation of a force majeure event in the CCI (chamber of commerce and industry). Organizing the movement of subcontractors to a safer place; Organizing property savings and moving it to a safer place.
Terrorist Actions/ Sabotage/Vandalism
Terroristic action and sabotage are a potential risk under the circumstances on all the offices in big cities. To prevent such occurrence Computools has a safety system in place whereby each office will permit entry on verification of code and due care is taken to provide adequate security.
All critical services are located on cloud servers. Plans have been developed to launch work from offices in nearby regions.
None of the offices are on the ground floor, thus the risk due to flood is very much limited.
Cyclones and High Winds
The offices are located in Ukraine. Very severe cyclones can only have a marginal impact on operations. Due care and preventive measures appropriate are carried out. Protective plastic covers are available and also operators are trained how to properly cover the types of equipment.
The threat of an earthquake is low but should not be ignored. Buildings in our area are built to earthquake-resistant standards so we could expect the least damage from the predicted quake. An earthquake has the potential for being the most disruptive for this disaster recovery plan. Restoration of computing and networking facilities following a bad earthquake could be very difficult and require an extended period of time due to the need to do large-scale building repairs.
The preventative measures for an earthquake can be similar to those of a Cyclone. Even if the building survives, earthquakes can interrupt power and other utilities for an extended period of time.
Infectious Disease Outbreaks
Routine physical examinations and vaccinations. Paid sick leave. And going to work after permission from the doctor. The ability to work remotely over a secure backup connection using an encrypted VPN by providing access through IP configured corporate technology.
The threat of fire in office premises is real and poses a high risk. The building is filled with electrical devices and connections that could overheat or short out and cause a fire. The computers within the facility also pose a target for arson from anyone wishing to disrupt Computools operations.
The Building is equipped with a fire alarm system. Hand-held fire extinguishers are placed in visible locations throughout the building. All staff are trained in the use of fire extinguishers.