Week 3 Topic 1

[Pongthep Miankaew]

If you are going to develop a disaster recovery plan for your organization’s information system, in your personal opinion, what procedures should be included in the plan, what technology (backup, replicate, or any other technology) is suitable for your organinzation regarding budget, system scale or size, and people?

[Zarni Lynn Kyaw]

Catastrophes occur on a regular basis, yet their timing, location, and severity are all up to chance. Having a plan ready for getting back to normal once a calamity has occurred is the best course of action. When a crisis strikes, it may have an immediate impact on the ability of my organization to provide our services. Having a solid disaster recovery plan in place for each component and activity in my organization is crucial if we are to keep catastrophe-related losses to a minimum.

The first step in developing a disaster recovery strategy is to identify the factors that might lead to a disruption in operations, assess the severity of those consequences, and prioritize mitigating those risks. The final products are a structured risk assessment, a disaster recovery plan that accounts for all potential recovery mechanisms, and a Disaster Recovery Committee charged with practicing, implementing, and improving the disaster recovery plan.

When an emergency situation arises, operation activities are temporarily halted and replaced by contingency procedures outlined in a disaster recovery plan.

1) Structured risk assessment

We will develop a risk assessment form with categories like External risks, Natural disasters, Human caused risks, Civil issues, Suppliers and ranked them according to likelihood, impact and restoration time.

2) Disaster recovery plan

In the disaster recovery plan we have to determine the effects of disasters. Assuming that the potential for catastrophes has been evaluated, and that the most serious risks will be protected against, the next stage is to identify and catalog the potential consequences of each potential disaster. We will list the disaster affected entities, set downtime tolerance limit, cost of downtime and interdependencies. This will give us clear picture to effectively implement the disaster recovery plan. After the implementation we need to evaluate the plan.

3) Disaster Recovery Committee

We have to setup a recovery committee with people from executive team, finance, IT, HR and logistics & Admin directors included in the team. This committee will be responsible for
● Creating and maintaining the disaster recovery plan
● Detecting and announcing disaster events within the company
● Activating the disaster recovery plan
● Executing the disaster recovery plan
● Monitoring the disaster situation continuously and returning operations to normal at the earliest feasible time
● Restoring normal operations and shutting down disaster recovery operations
● Maintaining a high level of disaster preparedness requires regular drills to test the plan’s effectiveness and the incorporation of feedback gained from real catastrophe situations.

These steps are suitable for my organization regarding budget, system scale or size, and people because during COVID-19 lockdown, a similar plan is developed and put to use to great effect with minimal downtime and interruption.

[ABDILLAH FARKHAN]

I’ve been joining a branch office that does not manage a domain controller for any type of information system belonging to the Ministry of Health; hence, we are not assigned to data center maintenance. A strict policy does not allow branch offices to erect their own servers and web applications, but we’ve been given authority to set up networking types that suit our business nature. Though we are local accounts; however, we deliver the business continuity of health ministerial provided for local context.

As the database management is centrally serviced by the main office, here where we are quite focused on the network and the computers to ensure the operational process cannot be disrupted by two potential catastrophes: flood and fire. In a nutshell, if a disaster hits my office, it would not affect information system and application significantly because the server for applications, databases, files, and website are installed in the main office located in different geographical region. But once the disaster attacks the main office of the Ministry of Health, the information system would be shut down.

The network disaster recovery planning (network DRP) may be suitable for my bureau, purposing to preserve all the essential data and provide a minimal recovery time after the network goes offline so office’s business processes can be restored within the shortest period. This network DRP should be orchestrated from the stage to constitute a disaster recovery team, analysis of existing network structure, prioritize most critical operations, construct NDRP document, and test the plan.

The DRP for my office setting would be not as complex as data center recovery plan, but DRP for simple local area network (LAN) scale mostly pertaining to main infrastructure and equipment components. This makes a dilemma when deciding which technology for backup is suited to our setting because the magnitude of catastrophe impact has also influenced the answer. Communicating with the networking vendor to do some device replacement may be much less expensive, but it does not effective for a disaster with a huge dramatic physical impact such as fire combustion and hurricanes.

Therefore, I am interested to catch another option offered in a Software Defined Wide Area Network (SD-WAN) that is more efficient than old-fashioned WAN. The SD-WAN with a stateless firewall enables network routing and distribution based on business regulation. Placed in another branch office closest to the affected office for deployment, it allows communication between two branch offices as well as accessing any type of application. Cost and benefit analysis in the DRP document should reveal the total costs are effective to the total expected rewards of undertaking DS-WAN.

[PREUT ASSAWAWORRARIT]

To develop a disaster recovery plan for the organization’s health information system, the plan will be as following.

1. Identification and analysis of disaster risks/threats
There are many potential risks or treats from unexpected disasters that can lead to system failure. The essential functions of the hospital business include healthcare services, financial services, communicating with the central department, research and development services, teaching services, etc. Each function has different risk attributes. We have to consider the attributes of a risk in every single function, for example, the failure of servers used to provide healthcare service can make higher disaster if it occurs during the working hour than during the night. However, the impact of attacking servers for healthcare services is very high and costly.

2. Classification of risks based on relative weights
The potential risks should be classified into five categories: external risks, facility risks, data system risks, departmental risks, desk-level risk. In the server failure, for instance, the possible external risks include crimes, cyber-attacks, and human errors. The local facility may compromise due to electrical shortage, fire, air-conditioner malfunction leading to overheating of the server system.

3. Building the risk assessment
All potential risks will be listed and scored according to likelihood, impact, and restoration time if risks occur. A rough risk analysis score will be calculated by multiplying the likelihood, impact, and restoration time. The highest score is the greatest risk to the organization.

4. Determining the effects of disasters
Consideration of potential risks will cover four aspects: disaster-affected entities, downtime tolerance limits, cost of downtime, and interdependencies. Cyber-attacks to the servers, for example, can affect many issues. Healthcare personnel cannot gather or enter patient information to the system. Patient information can be stolen and used maliciously. The secret strategic plan is open to the public. In addition, the downtime tolerance limits are very low. The cost of downtime of servers is very high.

5. Evaluation of disaster recovery mechanisms
There are many possible methods for recovering data. Backup should be the main method to prevent system failure after facing disasters. The full backup is the most suitable, as the information of every patient should not be lost, although the cost is very high.

6. Disaster recovery committee
The personnel who will respond to the system failure after disasters must be documented in order to systematically activate and manage disaster recovery.

[Boonyarat Kanjanapongporn]

Pharmacy stores with many branches over the country need to have disaster recovery plan(DRP) for information systems.The DRP have to cover many disaster issues regarding different environment of the stores. Some stores might be located in the mall while some are located in the community. The purpose of DRP is to ensure that the IT system will be protected and have a mitigated effect on the disasters, and the business can perform continually with less interruption. There are steps to develop effective DRP.

First: Identification and Analysis of Disaster Risks/Threats
Risks have to be identified by considering the issues which could damage IT systems and followed by losing opportunities, downtime and increasing of business costs. There are various risks such as flood, fire and power supply which could create disaster to businesses especially if branches are considered.

Second: Classification of Risks Based on Relative Weights
Risks should be classified into groups for better risks prioritizing and management later. The main cause of risks can be used for grouping such as External risks (Natural,Civil), Facility risks(Water, Fire)

Third: Building the Risk Assessment
Different Risks create different level of severity to the business. Therefore, scoring risks based on their level of impact will help to prioritize DRP. The scoring could be weighted from Likelihood, Impact and Restoration time. Risks with high scores might have more chances to create disasters to the business which need high efficiency plans.

Fourth: Determining the Effects of Disasters.
Some risks couldn’t be controlled at the cause such as natural disasters, so, specifying the effects of each of the disasters is important. Information entities which possibly affected and were failed by the disasters will be addressed in the DRP. There are possibly many entities affected in the single disasters which are hard to recover all in the same moment. Therefore, Downtime, cost of downtime and interdependencies can be used to prioritize the recovering order.

Fifth: Evaluation of Disaster Recovery Mechanisms
This process is to evaluate the available recovery methods. From previous, there could be many entities impacted from disasters, there can be many methods prepared to recover the system. One technology, which is important and suites businesses with many branches, is the domains controller. With different IT background knowledge of working staff over the country, this might be more convenient to centralized and managed information system by the IT professionals from the center. Active directory, User Authorization and Security policy could be applied symmetrically to different settings. In case of disasters, losing data might be one of the worst cases but with the domains controller, the important data will save in the central database and is possible to recover as soon as entities are ready. The cost might be high to set up the controller and also IT staff have to be provided during the opening hours of drugstores. However, without centralized system there might be cost of sending IT professionals nationwide or loss of opportunities because of waiting for the recovery.
Other mechanisms such as Redundancy for hardware could be applied for the facilities destroyed.
Overall, Recovery mechanisms should cover effects from disasters which are determined previously.

Last: Disaster Recovery Committee.
Groups of people should be delegated as Disaster recovery committees. Role and responsibility should be identified for periodical plan management and application of DRP practically.

[Kawin Wongthamarin]

As for a regional hospital in Thailand, a disaster recovery plan (DRP) for an information system is extremely important. If I am going to develop a DRP for this hospital, I would follow these steps as follows.

1. Identification and Analysis of Disaster Risks/Threats
Naturally, in regional hospitals, all departments are fully operational on weekdays, while on holidays only specific departments such as the emergency room or in-patient unit are open. In addition to the above information, risk attributes such as impact, predictability, and advance warning are also an important part of disaster risk and impact analysis. The risk factors that are likely to be found in Thailand that will affect the hospital system include the high flood or fires that cause information system damage, attacks by computer viruses, physical attacks on server rooms, power outages, communication network failure, etc.

2. Classification of Risks Based on Relative Weights
After identifying various risk factors, they were categorized into different classes to accurately prioritize them. For example, facility risks (power outages, fires), External risks (floods, viruses, physical attacks), data system risks, departmental risks, and desk-level risks.

3. Building the Risk Assessment
After categorization, each risk is scored by using likelihood, impact, and restoration time. In order to be able to correctly prioritize which factors are of high priority so that planning can be made in the first place.

4. Determining the Effects of Disasters.
In order to properly plan the restoration, the affected areas of the disaster must be clearly defined. Each disaster may affect many sectors, for example, a fire may cause damage to communication networks, data storage systems, computer desks, or even a power outage. Moreover, it should also determine the cost of downtime, downtime tolerance limits, and interdependencies.

5. Evaluation of disaster recovery mechanisms
After listing affected entities, The selection of a recovery mechanism is at this stage. for the case of information systems, there are much technology that aids the recovery process. For example, DR-Site (cold, warm, hot), tape backup, and replication. From my point of view, for regional hospitals, patient information is essential and very important in making treatment decisions, so even with a relatively high budget, choosing a warm DR-site or a hot DR-site is also a good choice.

6. Disaster recovery committee
Finally, representatives from all stakeholders were set up to supervise the DRP and practice continuously for maximum efficiency jointly.

[Boonyarat Kanjanapongporn]

Thank you for sharing. Your idea is interesting,and DR site hot&warm would be benefit for unpredicted disasters.

[Kansiri Apinantanakul]

In my opinion, the activity that should be included in the Disaster Recovery Plan should be aligned with the Disaster Recovery Phase including
1) Activation phase – disaster effects are assessed and announced
2) Execution phase – recover procedures are executed
3) Reconstitution phase – the situation gradually turned back to normal

Activation phase:
The activities related in activation phase included notification procedure (phone, email, other), damage assessment and activation planning step (list of system that need to be restored, determination of time to be used) which may be performed by disaster recovering committee.

Execution phase:
This step is the 2nd step. Once the recovery plan was established. The execution would be performed by specific team

Reconstitution phase:
This phase is the last one. The activities that involved in this phase are monitoring for reoccupation and shut down the contingency plan.

In term of technology to be used, I would prefer the replicate since my organization is very big (my team is about 70 persons) and the data point were generated in every minute since we conducted clinical research. The quality and completeness of data even in the catastrophic situation is the key to ensure the quality of the research.

[Tanyawat Saisongcroh]

What procedures should be included in the plan? What technology is suitable?

In my opinion, a disaster recovery plan for organization’s information system should include following elements;
(1) Creation of a disaster recovery team/committee including team member, contact information and roles, reporting hierarchy
(2) Proper identification and assessment of disaster/risk including list of disaster affected entity, list of prioritized services
(3) Sourcing of different applications, resources, and documents including essential vendor/partner contact information, power options, data backups
(4) Clear information of backup and off-site data storage location
(5) Testing and maintenance of the disaster recovery plan

In healthcare environment, for hospital running 24/7 services with essential data that need protection, backup is the main technology to be used.

[SIPPAPAS WANGSRI]

According to CISCO Disaster Recovery Plan Best Practices, they have proposed three core components that should be included in the disaster recovery plan which are,
(1) Identify and classify the threats/risks that may lead to disasters
(2) Define the resources and processes that ensure business continuity during the disaster
(3) Define the reconstitution mechanism to get the business back to normal from the disaster recovery state, after the effects of the disaster are mitigated

In healthcare settings in Thailand, for example, we have a strong health care system which is able to provide almost sufficient care to the majority of people comparing to many countries. Unfortunately, a disaster is one of the risks which may lead to a devastating data loss yet potentially preventable. There are various types of disasters depending on the area whether it might be flooding, fire (caused by lightning strikes, short electrical circuits, heat, etc.), accidental damage, earthquake, and so on. After certain risks have been estimated and evaluated, we have to determine the risk by using a risk assessment matrix. Then we must identify stakeholders and related committees in case the situation occurs.

Most hospitals in Thailand, they tend to keep all the data locally in the centralised database located in their very own hospitals. If anything happens, be a flood or fire, even they have a back up or replica in place, it would not be of much help. The problem is that there are rules clearly stated that a government data must not be kept on the third-party cloud. In this case, I suggest that each hospital should have another backup elsewhere which is not located in the same region or risky location. It could be a data centre of the MOPH or anywhere. However, the cost of maintaining a centralised database for such amount of healthcare data is very high, but the safety of the invaluable data is worth the price.

[Siriphak Pongthai]

According to CISCO disaster recovery plan, procedures that I will include in the plan for my organization are:

1. Identification and analysis of disaster risks/threats: Power outage is one of the most critical risk that can be occurred in my setting (pharmacy storage for products that must be controlled temperature). However, system treats can be occurred if organization system is vulnerable and there is a gap for hacker. This will definitely effect the whole operation of organization.

2. Classification of risks based on relative weights: The risks mentioned in (1) can be classified into facility risks and data system risks.

3. Building the risk assessment: It is always good to have an assessment for risks. To prioritize the likelihood and impact that could happen. By having the risk that has highest score, it must be first concern.

4. Evaluation of disaster recovery mechanisms: After risks have been identified and assessed, we can evaluate suitable methods for recovery plan. For example, if temperature excursion occurred which it directly effect stability of the products. We should evaluate for products’ quarantine time, and recovery time in which how long the sponsor will allow them to be used again.

5. Disaster recovery committee: I think it is good to have disaster recovery committee in place. The roles and responsibilities for each of committee should be clearly defined for making it easier and smooth if the disaster happened.

[Tanatorn Tilkanont]

(Please accept my apologies for the delayed response.)

A disaster recovery plan is very important to the overall business continuity of the organization. It protects the organization from a negative event or other major disruption of information systems.

First, we are going to start with the identification and analysis of disaster risks or threats. While identifying, we categorized the risks into different classes. Then, we will assess and score the major risks in terms of likelihood and impact. This also includes identifying which systems and data are critical to the organization’s operations. It will help to prioritize the recovery efforts and ensure that we restored the most important systems and data first.

The risk for my organization could be power supply cuts and unexpected computer downtime that need to be addressed by a disaster recovery plan.

The disaster recovery plan will include a detailed backup and recovery strategy that shows how the organization will protect its critical systems and data in the event of a disaster as fast as possible since the organization/hospital works 24 hours a day. This may include using backup and replication technologies to create copies of data and systems that can be later restored quickly in the event of a disaster. I would consider using cloud-based disaster recovery solutions, which can provide off-site storage for backups and replication of critical systems and data.

Once we have a recovery plan, we will establish a procedure that should be simple and clear for recovering from a disaster. Communicating plans with stakeholders, such as healthcare providers, patients, or partners, will be included in the plan.

The plan will be tested periodically to ensure its effectiveness and that all stakeholders are familiar with their roles and responsibilities during the event of a disaster. During testing, we might identify a gap or weakness that should be updated in the plan.

[Author]

Posts