Implementing Data Security and Disaster Recovery in IT Companies Through a Process Based Practical Approach

The advancements in information technology have generated data which needsto be protected so that the business can survive. This is due to the fact that data has generated an innate need for protection, security and the estimations pertaining to the loss arising out of data breach. This paper is thus an attempt to design, develop and implement a practical approach for the data security and disaster recovery plan for the organization. The genesis of the paper goes to the industry experience of the author of having implemented data security and disaster recovery processes in IT companies. The methodology followed is a structured approach starting with the macro level operations of the processes and gradually moving down to the micro level controls of the organizational processes for data security and disaster recovery. The limitation of the paper is the fact on the restriction of the page size and this has resulted in covering the essential components of the plan. The contribution of the paper is that it provides a practical approach for implementation. By customizing the parameters and developing the appropriate means and mechanism for the identification of the crucial assets a more sound and robust data security and disaster recovery plan can be developed and maintained.