Chapter 03 Contingency Strategies for IR/DR/BC

Principles of Incident Response and Disaster Recovery, 2nd Edition

Chapter 03 Contingency Strategies for

IR/DR/BC

Objectives

• Discuss the relationships between the overall use of contingency planning and the subordinate elements of incident response, business resumption, disaster recovery, and business continuity planning

• Describe the techniques used for data and application backup and recovery

• Explain the strategies employed for resumption of critical business processes at alternate and recovered sites

Principles of Incident Response and Disaster Recovery, 2nd Edition 2

Introduction

• Contingency planning (CP) – Preparing for the unexpected – Keeping the business alive

• Incident response (IR) process – Detecting, evaluating, and reacting to an incident – Keeping business functioning if physical plant

destroyed or unavailable • Business resumption plan

– Used when IR process cannot contain and resolve an incident

Principles of Incident Response and Disaster Recovery, 2nd Edition 3

Introduction (cont’d.)

• Business resumption plan (BR plan) elements – Disaster recovery plan (DR plan)

• Lists and describes efforts to resume normal operations at primary business places

– Business continuity plan (BC plan) • Steps for implementing critical business functions until

normal operations resume at primary site • Primary site

– Location(s) where organization executes its functions

Principles of Incident Response and Disaster Recovery, 2nd Edition 4

Introduction (cont’d.)

• BRP, DRP and BCP – Distinct place, role, timing, and planning requirements

Principles of Incident Response and Disaster Recovery, 2nd Edition 5

Principles of Incident Response and Disaster Recovery, 2nd Edition 6

Introduction (cont’d.)

• Organizations require: – Reliable method of restoring information and

reestablishing all operations • Five key procedural mechanisms

– Delayed protection – Real-time protection – Server recovery – Application recovery – Site recovery

Principles of Incident Response and Disaster Recovery, 2nd Edition 7

Data and Application Resumption

• Data backup: recovery from an incident – Snap-shot of data from a specific point in time

• Data considered volatile and subject to change – Online backup, disk backup, and tape backup

• Archive: recovery from threat to on-site backups – Long-term document or data file storage

• Usually for legal or regulatory purposes • Data backup policy

– Data files and critical system: daily – Nonessential files: weekly

Principles of Incident Response and Disaster Recovery, 2nd Edition 8

Data and Application Resumption (cont’d.)

• Retention schedule – Guides replacement frequency and storage duration – May be dictated by law

• Routine critical data – Retain one or two most recent daily backup copies – Retain at least one off-site copy

• Full backups of entire systems – Store at least one copy in a secure location

• NIST backup and recovery strategies – Alternatives should be considered

Principles of Incident Response and Disaster Recovery, 2nd Edition 9

Data and Application Resumption (cont’d.)

Principles of Incident Response and Disaster Recovery, 2nd Edition 10

Online Backups and the Cloud

• Online backup to third-party data storage vendor – Referred to as data storage “in the cloud” – Commonly associated with leasing resources

• Raises security challenges • Descriptions

– Software as a Service (SaaS) – Platform as a Service (PaaS) – Infrastructure as a Service (IaaS)

• Cloud deployment – Public cloud, community cloud, private cloud

Principles of Incident Response and Disaster Recovery, 2nd Edition 11

Disk to Disk to Other: Delayed Protection

• Organizations create massive arrays – Independent, large-capacity drives

• Store information at least temporarily • Example: home users

– Add external USB-mounted SATA 1–2 terabyte drives • Advantages

– Precludes time-consuming nature of tape backup – Avoids tape costs and implementation challenges

• At the individual-user level – Allows quick and easy recovery

Principles of Incident Response and Disaster Recovery, 2nd Edition 12

Disk to Disk to Tape

• Solves problem with massively connected storage area networks – Lack of redundancy if both online and backup

versions fail • Uses secondary disk series to avoid the need to

take the primary set offline for duplication • Reduces resource usage on the primary systems • Disk-to-disk initial copies

– Can be made efficiently and simultaneously with other system processes

Principles of Incident Response and Disaster Recovery, 2nd Edition 13

Disk to Disk to Cloud

• Also called disk-to-disk-to-online • Aggregate all local backups to a central repository

– Then back up repository to an online vendor • Benefits

– Reduced risk of corruption to the confidentiality, integrity, availability of stored online data

– Users can back up their data to a central location – Most providers use an encryption process – Can easily access data from Internet – Can automate the cloud backup process

Principles of Incident Response and Disaster Recovery, 2nd Edition 14

Types of Backup

• Full: complete system backup • Differential: files changed or added since full backup • Incremental: archive files modified since last backup

– Requires less space and time than differential • Copy: set of specified files • Daily: only files modified on that day • All on-site and off-site storage must be secured

– Fireproof safes or filing cabinets to store tapes – Encryption to protect online or cloud data storage

Principles of Incident Response and Disaster Recovery, 2nd Edition 15

Tape Backups and Recovery: General Strategies

• Traditional: cost-effective for large data quantities – Digital audio tapes (DATs), quarter-inch cartridge

(QIC) drives, 8-mm tape, digital linear tape (DLT) • Tape-based backup and recovery process

– Schedule backup coupled with storage arrangement – Six-tape rotation method: media used in rotation – Grandparent/Parent/Child method: retains four full

weekly (Friday) backups and adds a full monthly backup

• Drawbacks: equipment cost and time

Principles of Incident Response and Disaster Recovery, 2nd Edition 16

Tape Backups and Recovery: General Strategies (cont’d.)

Principles of Incident Response and Disaster Recovery, 2nd Edition 17

Redundancy-Based Backup and Recovery Using RAID

• Redundant array of independent drives (RAID) – Uses multiple hard drives to store information – Provides operational redundancy by spreading out

data and using checksums – RAID implementations

• Failure Resistant Disk Systems (FRDSs) • Failure Tolerant Disk Systems (FTDSs) • Disaster Tolerant Disk Systems (DTDSs)

– Does not address need for off-site storage

Principles of Incident Response and Disaster Recovery, 2nd Edition 18

Principles of Incident Response and Disaster Recovery, 2nd Edition 19

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 0 – Not a form of redundant storage – Creates one larger logical volume across several

available hard disk drives – Disk striping

• Data segments written in turn to each disk drive in the array

– Disk striping without parity • Occurs when multiple drives combined in order to gain

large capacity without data redundancy – Increased risk: losing data from a single drive failure

Principles of Incident Response and Disaster Recovery, 2nd Edition 20

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 1 – Disk mirroring

• Uses twin drives in a computer system • Computer records data to both drives simultaneously • Provides a backup if the primary drive fails • Expensive and inefficient media use • Same drive controller manages both drives

– Disk duplexing • Each drive has its own controller • Can create mirrors and splits disk pairs to create

highly available copies of critical system drives Principles of Incident Response and Disaster Recovery, 2nd Edition 21

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 2 – Specialized form of disk striping with parity – Uses the Hamming code

• Specialized parity coding mechanism – Stores stripes of data on multiple data drives – Stores corresponding redundant error correction on

separate error-correcting drives – Allows data reconstruction

• If some data or redundant parity information lost – No commercial implementations

• Not widely used Principles of Incident Response and Disaster Recovery, 2nd Edition 22

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Levels 3 and 4 – RAID 3 uses byte-level striping of data – RAID 4 uses block-level striping of data – Data segments stored on dedicated data drives – Parity information stored on a separate drive – One large volume used for data – Parity drive operates independently

• Provides error recovery

Principles of Incident Response and Disaster Recovery, 2nd Edition 23

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 5 – Balances safety and redundancy

• Against costs of acquiring and operating systems – Similar to RAID 3 and 4 striping data across drives

• Difference: no dedicated parity drive – Data segments interleaved with parity data

• Written across all drives in the set – RAID 5 drives can be hot swapped

• Replaced without taking entire system down

Principles of Incident Response and Disaster Recovery, 2nd Edition 24

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 6 – Combination of RAID 1 and RAID 5

• Block-level striping with double-distributed parity • Systems recover from two simultaneous drive failures

• RAID Level 7 (proprietary) – Array works as a single virtual drive – May run special software over RAID 5 hardware

• RAID Level 0+1 – RAID 0 for performance; RAID 1 for fault tolerance – Striping, then mirroring

Principles of Incident Response and Disaster Recovery, 2nd Edition 25

Redundancy-Based Backup and Recovery Using RAID (cont’d.)

• RAID Level 1+0 – RAID 0 for performance; RAID 1 for fault tolerance – Mirroring, then striping

• RAID Level 5+1 – Raid 5 used for robustness

• Adds a separate data parity drive not found in RAID 5 – Also known RAID 53

Principles of Incident Response and Disaster Recovery, 2nd Edition 26

Principles of Incident Response and Disaster Recovery, 2nd Edition 27

Database Backups

• Considerations – May or may not back up using operating system

utilities – May or may interrupt database use – Must properly safeguard database

• Special journal file requirements: run-unit journals or after-image journals

– Applications to protect databases in near real time • Legacy backup applications (lock and copy) • Online backup applications (to online vendor) • Continuous database protection (near real time)

Principles of Incident Response and Disaster Recovery, 2nd Edition 28

Application Backups

• Applications using file systems and databases – Some may invalidate customary backup and recovery – Include application support and development team

members • In the planning process, and in training, testing, and

rehearsal activities • Advances in cloud computing

– Example: an organization leasing SaaS • Using applications on someone else’s systems • Service agreement should include recovery

contingencies Principles of Incident Response and Disaster Recovery, 2nd Edition 29

Backup and Recovery Plans

• Backups must successfully restore systems – To an operational state

• Backup and recovery settings – Provide with complete recovery plans

• Periodically – Develop plans – Test plan – Rehearse plans

Principles of Incident Response and Disaster Recovery, 2nd Edition 30

Backup and Recovery Plans (cont’d.)

• Developing backup and recovery plans – How and when will backups be created? – Who will be responsible for creation of the backups? – How and when will backups be verified so that they

are known to be correct and reliable? – Who is responsible for the verification of the backup? – Where will backups be stored and for how long? – How often will the backup plan be tested? – When will the plan be reviewed and revised? – How often will the plan be rehearsed, and who will

take part in the rehearsal? Principles of Incident Response and Disaster Recovery, 2nd Edition 31

Real-Time Protection, Server Recovery, and Application Recovery

• Mirroring – Provides real-time protection and data backup – Duplicates server data using multiple volumes – RAID level 1 achieved with software or hardware

• Can write to drives located on other systems – Can be extended to vaulting and journaling

• Hot, warm, and cold servers – Hot server provides services to support operations – Warm server provides services if primary busy/down – Cold server used for administrator’s test platform

Principles of Incident Response and Disaster Recovery, 2nd Edition 32

Real-Time Protection, Server Recovery, and Application Recovery

(cont’d.) • Bare metal recovery technologies

– Replace failed operating systems and services – Reboot affected system from CD-ROM or other

remote drive – Quickly restore operating system

• Providing images backed up from known stable state – Linux and UNIX versions abound – Windows just developing stand-alone bootable CD

• Windows 7 can create a system repair disk • Windows systems can use setup disk to facilitate

recovery and restoration Principles of Incident Response and Disaster Recovery, 2nd Edition 33

Real-Time Protection, Server Recovery, and Application Recovery

(cont’d.) • Application recovery or clustering plus replication

– Software replication provides increased protection against data loss

– Clustering services and application recovery • Similar to hot, warm, and cold redundant server model

– Common to install applications on multiple servers – Application recovery software

• Detects primary application server failure • Activates secondary application server

– Vaulting and journaling • Dramatically increase protection

Principles of Incident Response and Disaster Recovery, 2nd Edition 34

Electronic Vaulting

• Bulk transfer of data in batches to an off-site facility – Via leased lines or data communications services

• Primary selection criteria – Service costs, bandwidth, stored data security,

recovery, and continuity – Data transfer without affecting other operations

• Scale purchases according to needs • Vendor managed solutions use software agent

– Initiate full backup; continuously copies data – Data accessed via Web interface or software

Principles of Incident Response and Disaster Recovery, 2nd Edition 35

Principles of Incident Response and Disaster Recovery, 2nd Edition 36

Remote Journaling

• Transfers live transactions to an off-site facility • Only transactions transferred (not archived data) • Transfer performed online; much closer to real time • Involves online activities on a systems level

– Data written to two locations simultaneously – Can be performed asynchronously

• Facilitates key transaction recovery in near real time • Journaling may be enabled for an object

– Operating system creates record of object’s behavior – Stored in a journal receiver

Principles of Incident Response and Disaster Recovery, 2nd Edition 37

Principles of Incident Response and Disaster Recovery, 2nd Edition 38

Database Shadowing

• Combines e-vaulting with RJ – Writes multiple database copies simultaneously in two

separate locations • Used with multiple databases on a single drive in a

single system or with databases in remote locations, across a public or private carrier

• Generally used for immediate data recovery • Works well for read-only functions

– Data warehousing and mining, batch reporting cycles, complex SQL queries, local online access at the shadow site, load balancing

Principles of Incident Response and Disaster Recovery, 2nd Edition 39

Principles of Incident Response and Disaster Recovery, 2nd Edition 40

Database Shadowing (cont’d.)

• Database replication – Backup of multiple copies of the database for

recovery purposes – Three types

• Snapshot replication • Merger replication • Transaction replication

• E-vaulting, RJ, and database shadowing – Quickly becoming functions of various backup

applications rather than services unto themselves • Organizations increasingly focus on availability

Principles of Incident Response and Disaster Recovery, 2nd Edition 41

Network-Attached Storage and Storage Area Networks

• NAS uses single device or server attached to a network with common communications methods to provides online storage environment – Good for general file sharing or data backup use

• SANs uses fiber-channel direct connections between systems needing additional storage and storage devices themselves – Good for high-speed and higher-security solutions

Principles of Incident Response and Disaster Recovery, 2nd Edition 42

Principles of Incident Response and Disaster Recovery, 2nd Edition 43

Network-Attached Storage and Storage Area Networks (cont’d.)

Principles of Incident Response and Disaster Recovery, 2nd Edition 44

Virtualization

• Development and deployment of virtual rather than physical systems and services implementations

• “Virtual machine” – Virtualized environment operating in or on a host

platform • Host platform (host machine)

– Physical server (and operating system) • Virtualization application and all virtual machines run

on it

Principles of Incident Response and Disaster Recovery, 2nd Edition 45

Virtualization (cont’d.)

• Virtual machine (guest) – Hosted operating system or platform running on the

host machine • Hypervisor or virtual machine monitor

– Specialized software that enables the virtual machine to operate on the host platform

• Types – Hardware-level virtualization – Operating system-level virtualization – Application-level virtualization

Principles of Incident Response and Disaster Recovery, 2nd Edition 46

Virtualization (cont’d.)

• Three applications dominate virtualization market – Microsoft’s Virtual Server – VMware’s VMware Server – Oracle VM VirtualBox

• Virtualization is important to contingency planning – Allows easily and accurate entire system backup – Can create snapshot backups, load into a new host

running the same virtualization application – No need to purchase and set up multiple pieces of

hardware

Principles of Incident Response and Disaster Recovery, 2nd Edition 47

Site Resumption Strategies

• Items requiring alternate processing capability – Disaster recovery plan implemented because primary

site temporarily unavailable – Business continuity strategy to institute operations at

an alternate site • Contingency management planning team (CPMT)

– Chooses strategy often based on cost – Exclusive control options

• Hot sites, warm sites, and cold sites – Popular shared-use options

• Timeshare, service bureaus, and mutual agreements Principles of Incident Response and Disaster Recovery, 2nd Edition 48

Exclusive Site Resumption Strategies

Principles of Incident Response and Disaster Recovery, 2nd Edition 49

Hot Sites

• Fully configured computer facilities with all services, communications links, and physical plant operations – Can establish operations at a moment’s notice

• Can be staffed around the clock to transfer control almost instantaneously – Requires e-vaulting, RJ, or data shadowing

• Disadvantages: most expensive alternative – Must provide maintenance for all systems, equipment

• Ultimate hot site: mirrored site identical to primary site

Principles of Incident Response and Disaster Recovery, 2nd Edition 50

Warm Sites

• Provide similar services and options as a hot site – Software applications not included, installed, or

configured – Frequently includes computing equipment and

peripherals with servers; no client workstations – Has connections to facilitate quick data recovery

• Some advantages of a hot site, but at a lower cost • May require hours, perhaps days for full functionality • Customized costs

– Range upward of several thousand dollars per month

Principles of Incident Response and Disaster Recovery, 2nd Edition 51

Cold Sites

• Provide only rudimentary services and facilities – No computer hardware or peripherals provided

• All communication services must be installed after site occupied

• No quick recovery or data duplication functions • Empty room with standard heating, air conditioning,

and electrical service • Advantages

– Better than nothing; reduced contention for floor space

– Cost: few thousand dollars per month Principles of Incident Response and Disaster Recovery, 2nd Edition 52

Mobile Sites and Other Options

• Rolling mobile sites • Storing resources externally

– Rental storage area containing duplicate or second- generation equipment can be used

– Similar to Prepositioning of Overseas Materiel Configured to Unit Sets (POM-CUS) Cold War sites

• Might arrange with a prefabricated building contractor – Provide immediate, temporary facilities (mobile

offices) on site in the event of a disaster

Principles of Incident Response and Disaster Recovery, 2nd Edition 53

Shared-Site Resumption Strategies

• Time-share – Operates like hot/warm/cold site – Leased in conjunction with a business partner or

sister organization – Provides DR/BC option while reducing overall cost – Disadvantages

• Facility made be needed simultaneously • Need to stock facility with equipment and data from all

involved organizations • Complex negotiating • Party may exit agreement or sublease their options

Principles of Incident Response and Disaster Recovery, 2nd Edition 54

Shared-Site Resumption Strategies (cont’d.)

Principles of Incident Response and Disaster Recovery, 2nd Edition

• Service bureaus – Service agency that provides a service for a fee – Service in the case of DR/CP

• Provision of physical facilities in the event of a disaster – Agencies frequently provide off-site data storage (fee) – Service bureaus contracts

• Specify exactly what the organization needs under what circumstances; guarantees space when needed

– Disadvantages • Expensive option • Must be renegotiated periodically

55

Shared-Site Resumption Strategies (cont’d.)

• Mutual agreements – Contract between two organizations

• Assist the other in the event of a disaster • Obligation to provide necessary facilities, resources,

services until receiving organization recovers – Other agreements provide cost-effective solutions

• Between divisions of the same parent company • Between subordinate and senior organizations • Between business partners

– Memorandum of agreement (MOA) • Defined expectations and capabilities for alternate site

Principles of Incident Response and Disaster Recovery, 2nd Edition 56

Service Agreements

• Contractual documents guaranteeing certain minimum levels of service provided by vendors – Must be reviewed and, in some cases, mandated to

support incident, disaster, and continuity planning – Should contain information on:

• What the provider is promising • How the provider will deliver on those promises • Who will measure delivery and how • What happens if provider fails to deliver as promised • How the SLA will change over time

• Refer to sample at end of chapter Principles of Incident Response and Disaster Recovery, 2nd Edition 57

Definition of Applicable Parties

• Introductory paragraph in any legal document – Serves to identify to whom the document applies

• Contractual legal documents • Long formal names of the parties may be replaced

with abbreviated names – Example: “the Client” “the Vendor” or “the Service

Provider”

Principles of Incident Response and Disaster Recovery, 2nd Edition 58

Services to be Provided by the Vendor

• Vendor or service provider specifies exactly what the client receives in exchange for payment – If not explicitly identified, vendor not required to provide

it • Verbal agreements, compromises, or special

arrangements must be fully documented • Specifies protection and restoration of services if

incident or disaster occurs • May include contingency operations • Refer to Sample Service Agreement at end of chapter

Principles of Incident Response and Disaster Recovery, 2nd Edition 59

Fees and Payments for These Services

• Indicates what vendor receives in exchange for the services rendered

• Most common exchange: financial – May see exchange of services, goods, or other

securities • Contract terms and any special fees specified • Common inclusion: “2/10 net 30”

– Two percent discount if paid within 10 days – Net payment due in 30 days – Usually for shipped goods paid by invoice

Principles of Incident Response and Disaster Recovery, 2nd Edition 60

Statements of Indemnification

• Statements indicating vendor not liable for actions taken by the client

• If vendor incurs financial liability based on use of the vendor’s services – Client responsible for those costs

• Failure to include such statements – May result in additional legal fees from both parties as

vendor sues to recoup its losses

Principles of Incident Response and Disaster Recovery, 2nd Edition 61

Nondisclosure Agreements and Intellectual Property Assurances

• Covers information confidentiality from everyone unless court mandated

• Vendors certify document validity – Provides information as required

• Client and vendor must formalize expectations – Regarding protection of confidentiality of the services

and business information to be shared • Laws permit provider to view clients’ system

contents in routine business conduct and maintenance

Principles of Incident Response and Disaster Recovery, 2nd Edition 62

Noncompetitive Agreements (Covenant Not to Compete)

• Not essential to a service agreement • Customary client agreements

– Not to use the vendor’s services to compete directly with the vendor

– Not to use vendor information to gain a better deal with another vendor

Principles of Incident Response and Disaster Recovery, 2nd Edition 63

Chapter Summary

• CP: prepare for the unexpected, keep business alive • Business resumption (BR) elements: DR, BC plans

– Components come into play at specific times – Five key procedural mechanisms

• Delayed protection, real-time protection, server recovery, application recovery, and site recovery

• Backup plan is essential – Types: full, differential, and incremental – Determine how long data should be stored

• RAID systems overcome tape backup limitations

Principles of Incident Response and Disaster Recovery, 2nd Edition 64

Chapter Summary (cont’d.)

• Cloud backups ensure data availability for quick restoration – Software as a Service (SaaS), Platform as a Service

(PaaS), and Infrastructure as a Service (IaaS) • Databases require special considerations when

planning backup and recovery procedures • Must restore system to operational state • Server support features

– Mirroring and duplication of server data storage with RAID techniques

Principles of Incident Response and Disaster Recovery, 2nd Edition 65

Chapter Summary (cont’d.)

• Methods of transferring data off-site – Electronic vaulting (e-vaulting), remote journaling, and

database shadowing • Business resumption strategies

– Hot sites, warm sites, cold sites, time-share, service bureaus, and mutual agreements

• Service agreements – Contractual documents guaranteeing certain

minimum service levels provided by vendors

Principles of Incident Response and Disaster Recovery, 2nd Edition 66

  • Principles of Incident Response and Disaster Recovery, 2nd Edition
  • Objectives
  • Introduction
  • Introduction (cont’d.)
  • Introduction (cont’d.)
  • Slide Number 6
  • Introduction (cont’d.)
  • Data and Application Resumption
  • Data and Application Resumption (cont’d.)
  • Data and Application Resumption (cont’d.)
  • Online Backups and the Cloud
  • Disk to Disk to Other: Delayed Protection
  • Disk to Disk to Tape
  • Disk to Disk to Cloud
  • Types of Backup
  • Tape Backups and Recovery: General Strategies
  • Tape Backups and Recovery: General Strategies (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID
  • Slide Number 19
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Redundancy-Based Backup and Recovery Using RAID (cont’d.)
  • Slide Number 27
  • Database Backups
  • Application Backups
  • Backup and Recovery Plans
  • Backup and Recovery Plans (cont’d.)
  • Real-Time Protection, Server Recovery, and Application Recovery
  • Real-Time Protection, Server Recovery, and Application Recovery (cont’d.)
  • Real-Time Protection, Server Recovery, and Application Recovery (cont’d.)
  • Electronic Vaulting
  • Slide Number 36
  • Remote Journaling
  • Slide Number 38
  • Database Shadowing
  • Slide Number 40
  • Database Shadowing (cont’d.)
  • Network-Attached Storage and Storage Area Networks
  • Slide Number 43
  • Network-Attached Storage and Storage Area Networks (cont’d.)
  • Virtualization
  • Virtualization (cont’d.)
  • Virtualization (cont’d.)
  • Site Resumption Strategies
  • Exclusive Site Resumption Strategies
  • Hot Sites
  • Warm Sites
  • Cold Sites
  • Mobile Sites and Other Options
  • Shared-Site Resumption Strategies
  • Shared-Site Resumption Strategies (cont’d.)
  • Shared-Site Resumption Strategies (cont’d.)
  • Service Agreements
  • Definition of Applicable Parties
  • Services to be Provided by the Vendor
  • Fees and Payments for These Services
  • Statements of Indemnification
  • Nondisclosure Agreements and Intellectual Property Assurances
  • Noncompetitive Agreements (Covenant Not to Compete)
  • Chapter Summary
  • Chapter Summary (cont’d.)
  • Chapter Summary (cont’d.)