We are all aware of some aspects of physical protection in the form of fire alarms, burglar alarms, locks on doors, CCTV, etc. Technical protection can be split by hardware and software; with RAID drives to provide redundancy for disk drives, dual power supplies, clustered machines; with software protection including firewalls, anti-virus software, and ensuring the security aspects of any operating system are used correctly.
Prevention will always be more cost-effective than the creation of a full Business Continuity environment. However, regardless of the effectiveness of preventative measures, a Disaster Recovery site is usually required. There are many ways in which this can be provided, ranging from having a duplicate set of premises well away from the main premises (most expensive), through to having a reciprocal arrangement with a ‘friendly’ company to provide a certain amount of space in the case of a disaster.
Larger organizations tend to be spread across multiple sites and therefore may be able to make use of some space in a remote site to create a disaster site. A similar approach may be taken with regard to IT. For example, rather than having a set of computers set up and waiting on a remote site for a disaster to happen, it is more cost effective to have a test machine placed off-site which could be used for production systems in the case of a disaster at the main premises.
Whatever your situation; whatever size your organisation, you need a Business Continuity plan. Don’t employ consultants to write it for you, though. It’s your plan and it is unique to your organisation. So, do employ experienced consultants to help and guide you in creating it.
Infosecurity Europe is Europe's largest and most important information security event. Now in its 8th year, the show features Europe's most comprehensive FREE education programme, and over 200 exhibitors at the Grand Hall at Olympia from 29th April - 1st May 2003. www.infosec.co.uk
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.