\f\fDATA RECOVERY PLAN In this case study SSC company data handling based on Paper work .This concept is very costly as we seen in the graph paper data handling cost is rise and it is harm full some time data may be lost not recover so that It is important to remember this latter element; if you place waste containers outside the organization, for example, then they are outside the physical security of the organization Data. COST OF HANDLING OF PAPER PROJECT 75 NUMBER OF EMPLOYEE Hidden Cost Hr Per Rate 10 75 10 150 10 225 10 300 10 375 10 450 10 525 10 600 10 675 10 750 10 825 10 900 10 975 10 1050 Total Hour 28 Cost Monthly 4853.33 208 3 5338.66 7 5872.53 3 6459.78 7 7105.76 5 7816.34 2 8597.97 6 9457.77 4 10403.5 5 11443.9 1 12588.3 13847.1 3 15231.8 4 16755.0 2 Monthly Increment 5338.667 5872.533 6459.787 7105.765 7816.342 8597.976 9457.774 10403.55 11443.91 12588.3 13847.13 15231.84 16755.02 18430.53 TotalCo st 5413.66 7 6022.53 3 6684.78 7 7405.76 5 8191.34 2 9047.97 6 9982.77 4 11003.5 5 12118.9 1 13338.3 14672.1 3 16131.8 4 17730.0 2 19480.5 3 10 1125 10 1200 10 1275 10 1350 10 1425 10 1500 10 1575 10 1650 10 1725 10 1800 10 1875 10 1950 10 2025 10 2100 10 2175 10 2250 10 2325 10 2400 10 2475 10 2550 10 2625 10 2700 18430.5 3 20273.5 8 22300.9 4 24531.0 3 26984.1 3 29682.5 5 32650.8 35915.8 8 39507.4 7 43458.2 1 47804.0 4 52584.4 4 57842.8 8 63627.1 7 69989.8 9 76988.8 8 84687.7 7 93156.5 4 102472. 2 112719. 4 123991. 4 136390. 5 20273.58 22300.94 24531.03 26984.13 29682.55 32650.8 35915.88 39507.47 43458.21 47804.04 52584.44 57842.88 63627.17 69989.89 76988.88 84687.77 93156.54 102472.2 112719.4 123991.4 136390.5 150029.5 21398.5 8 23500.9 4 25806.0 3 28334.1 3 31107.5 5 34150.8 37490.8 8 41157.4 7 45183.2 1 49604.0 4 54459.4 4 59792.8 8 65652.1 7 72089.8 9 79163.8 8 86937.7 7 95481.5 4 104872. 2 115194. 4 126541. 4 139015. 5 152729. 5 1 0 100000 2 COST OF HANDLING OF PAPER PROJECT 200000 By recording incidents, it is possible to identify patterns and possibly preempt further attacks. These attacks include: Policies, procedures, and awareness. The written rules that we develop to manage all areas of security, and the education program that we put in place to help ensure that staff members know, understand, and implement these rules. Our business informationaccount details, and so on. When you consider threats, you must include hard copy materials in our data security planning. The programs run by our users. We propose data recovery plan as earlier we store the data is paper base now for given scenario it is better and cost effective plan is paperless and now our organization working is computer based so cost is low due to the there is low cost of data recovery due to computerized The servers and client computers used within our organization Help ensure that you protect users against direct attacks on these computers by defining strict guidelines on what software to use on business computers and how to manage security devices, such as user IDs and passwords. It may a local, wireless, or wide area network (WAN). The internal network has become less \"internal\" over the last few years, with home and mobile working gaining in popularity. So, we must make sure that users understand what they must do to work securely in all networked environments the contact point between our internal networks and external networks, such as the Internet or networks that belong to our business partners, perhaps as part of an extranet. attacks often attempt to breach the perimeter to launch attacks on our data, applications, and hosts through our internal network. Recommendation As our recommendation is computer based data storage there is a plan in order to ensure the compliance with rules and regulation. (1) ORGANIZATION audit plan related to ORGANIZATION policies and procedures plus disclosure logs need to reviews periodically. (2) In the SSC organization compliance most important part is Risk assessment. There is a need to check security plan and performing security Risk assessment timely. (3) In employee training session should also be included in plan as it will increase the employee's knowledge about rules, regulations and importance of this issue. (4) We must review client agreement plan and audit accordingly ORGANIZATION security plan We should follow these instruction when we organization is migrate paper work to paper less or computer based data storage 1 Don't ever give your passwords away to anyone. 2 Don't reuse your passwords when going online for business or personal matters. Use different passwords and rotate your personal passwords so they are not the same as your business passwords. 3 Don't have confidential conversations in public settings. 4 Shred sensitive information before throwing it in the recycle bin. Shredded material is recycled. 5 If you find CD's or Thumb Drives, do not place them into your computer to see what is on them - Turn them into your security group. 6 Show caution when opening email attachments. 7 Don't respond to or forward unsolicited email advertisements, chain letters, and hoaxes. 8 Password-protect your personal email account. 9 Log out of sensitive programs when you walk away from your computer. 10 You can also be Phished in real-time by strangers visiting a organization, standing by a side entrance of a building, hanging out in a public space like coffee shop. Avoid talking about confidential business in public. 11 If you receive telephone calls looking for someone or asking for organization or personal information about you or other employee and retail clients[3], be very cautious. Unless you can confirm their identity, be safe and don't share the information. DATA RECOVERY PLAN In this case study SSC company data handling based on Paper work .This concept is very costly as we seen in the graph paper data handling cost is rise and it is harm full some time data may be lost not recover so that It is important to remember this latter element; if you place waste containers outside the organization, for example, then they are outside the physical security of the organization Data. COST OF HANDLING OF PAPER PROJECT 75 NUMBER OF EMPLOYEE Hidden Cost Hr Per Rate 10 75 10 150 10 225 10 300 10 375 10 450 10 525 10 600 10 675 10 750 10 825 10 900 10 975 10 1050 Total Hour 28 Cost Monthly 4853.33 208 3 5338.66 7 5872.53 3 6459.78 7 7105.76 5 7816.34 2 8597.97 6 9457.77 4 10403.5 5 11443.9 1 12588.3 13847.1 3 15231.8 4 16755.0 2 Monthly Increment 5338.667 5872.533 6459.787 7105.765 7816.342 8597.976 9457.774 10403.55 11443.91 12588.3 13847.13 15231.84 16755.02 18430.53 TotalCo st 5413.66 7 6022.53 3 6684.78 7 7405.76 5 8191.34 2 9047.97 6 9982.77 4 11003.5 5 12118.9 1 13338.3 14672.1 3 16131.8 4 17730.0 2 19480.5 3 10 1125 10 1200 10 1275 10 1350 10 1425 10 1500 10 1575 10 1650 10 1725 10 1800 10 1875 10 1950 10 2025 10 2100 10 2175 10 2250 10 2325 10 2400 10 2475 10 2550 10 2625 10 2700 18430.5 3 20273.5 8 22300.9 4 24531.0 3 26984.1 3 29682.5 5 32650.8 35915.8 8 39507.4 7 43458.2 1 47804.0 4 52584.4 4 57842.8 8 63627.1 7 69989.8 9 76988.8 8 84687.7 7 93156.5 4 102472. 2 112719. 4 123991. 4 136390. 5 20273.58 22300.94 24531.03 26984.13 29682.55 32650.8 35915.88 39507.47 43458.21 47804.04 52584.44 57842.88 63627.17 69989.89 76988.88 84687.77 93156.54 102472.2 112719.4 123991.4 136390.5 150029.5 21398.5 8 23500.9 4 25806.0 3 28334.1 3 31107.5 5 34150.8 37490.8 8 41157.4 7 45183.2 1 49604.0 4 54459.4 4 59792.8 8 65652.1 7 72089.8 9 79163.8 8 86937.7 7 95481.5 4 104872. 2 115194. 4 126541. 4 139015. 5 152729. 5 1 0 100000 2 COST OF HANDLING OF PAPER PROJECT 200000 By recording incidents, it is possible to identify patterns and possibly preempt further attacks. These attacks include: Policies, procedures, and awareness. The written rules that we develop to manage all areas of security, and the education program that we put in place to help ensure that staff members know, understand, and implement these rules. Our business informationaccount details, and so on. When you consider threats, you must include hard copy materials in our data security planning. The programs run by our users. We propose data recovery plan as earlier we store the data is paper base now for given scenario it is better and cost effective plan is paperless and now our organization working is computer based so cost is low due to the there is low cost of data recovery due to computerized The servers and client computers used within our organization Help ensure that you protect users against direct attacks on these computers by defining strict guidelines on what software to use on business computers and how to manage security devices, such as user IDs and passwords. It may a local, wireless, or wide area network (WAN). The internal network has become less \"internal\" over the last few years, with home and mobile working gaining in popularity. So, we must make sure that users understand what they must do to work securely in all networked environments the contact point between our internal networks and external networks, such as the Internet or networks that belong to our business partners, perhaps as part of an extranet. attacks often attempt to breach the perimeter to launch attacks on our data, applications, and hosts through our internal network. Recommendation As our recommendation is computer based data storage there is a plan in order to ensure the compliance with rules and regulation. (1) ORGANIZATION audit plan related to ORGANIZATION policies and procedures plus disclosure logs need to reviews periodically. (2) In the SSC organization compliance most important part is Risk assessment. There is a need to check security plan and performing security Risk assessment timely. (3) In employee training session should also be included in plan as it will increase the employee's knowledge about rules, regulations and importance of this issue. (4) We must review client agreement plan and audit accordingly ORGANIZATION security plan We should follow these instruction when we organization is migrate paper work to paper less or computer based data storage 1 Don't ever give your passwords away to anyone. 2 Don't reuse your passwords when going online for business or personal matters. Use different passwords and rotate your personal passwords so they are not the same as your business passwords. 3 Don't have confidential conversations in public settings. 4 Shred sensitive information before throwing it in the recycle bin. Shredded material is recycled. 5 If you find CD's or Thumb Drives, do not place them into your computer to see what is on them - Turn them into your security group. 6 Show caution when opening email attachments. 7 Don't respond to or forward unsolicited email advertisements, chain letters, and hoaxes. 8 Password-protect your personal email account. 9 Log out of sensitive programs when you walk away from your computer. 10 You can also be Phished in real-time by strangers visiting a organization, standing by a side entrance of a building, hanging out in a public space like coffee shop. Avoid talking about confidential business in public. 11 If you receive telephone calls looking for someone or asking for organization or personal information about you or other employee and retail clients[3], be very cautious. Unless you can confirm their identity, be safe and don't share the information