Planning: Keeping the Big Picture in Mind
It's an unfortunate truism of IT life that there is a strong correlation between purse strings being loosened for security spending and the immediacy of the most recent security incident.Its an unfortunate truism of IT life that there is a strong correlation between purse strings being loosened for security spending and the immediacy of the most recent security incident. Theres nothing like a good hacking or virus infection to make senior management budget a bit more for preventative efforts. Similarly, our obvious greater awareness of the suddenness with which a terrorist can wipe out our entire technical operation has put senior management throughout the world in arguably its most receptive state ever to hear about the wisdom of sound business continuity planning. However, as more attention is paid to being able to rebound from a disaster that would have been unimaginable before Sept. 11, its important to keep in mind that business continuity planning runs a wide spectrum of disasters, and we should resist the current urge to focus solely on total site destruction. For example, a good business continuity plan should account for virus scenarios that could leave much of your organization without PC or network use for days. Know what steps youll take, for instance, immediately after a virus infestation becomes apparent and what youll do to cleanse the organization in the viruss wake, update virus signature files companywide and allow employees to get back to work.
Likewise, intrusion response should be a part of all business continuity plans. The first few minutes and hours after an intrusion occurs are pivotal, and youll need a road map that tells you how to preserve evidence and when to take systems offline.