Helping Companies Prepare for the Unthinkable -- Advice From Satel.Business Editors/High-Tech Writers SALT LAKE CITY--(BUSINESS WIRE)--Sept. 13, 2001 In the wake of this week's tragic events, many companies are assessing their level of preparedness in the face of disaster Satel Inc., a leader in information security with a legacy of helping companies worldwide prepare for worst-case scenarios, Thursday offers an expert's look at the process of keeping businesses running during times of crisis. The fundamental ingredient in a safe information technology (IT) infrastructure is the policy, technology, and practices that surround data security. Based on its years of experience with some of the region's most complex IT installations and leveraging its unique expertise in the intricacies of IT security, Satel encourages companies of all sizes to assess vulnerabilities, plan contingencies, and execute appropriate security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security to ensure that disasters like Tuesday's terrorist attacks or more commonplace threats such as computer viruses and hackers don't cripple business activities. "After the initial horror of this tragedy and the grieving over the loss of thousands of lives finally passes, the reality of providing continuing employment for survivors and serving the customers of the dozens of destroyed companies will gradually creep to the forefront," said Roger Blohm, director, managed services An umbrella term for third-party monitoring and maintaining of computers, networks and software. The actual equipment may be inhouse or at the third-party's facilities, but the "managed" implies an ongoing effort; for example, making sure the equipment is running at a certain quality at Satel. "For the well-being of everyone involved, it's critical that companies get back to business as usual as quickly as possible. How quickly that happens is directly tied to the planning those companies did weeks, months, and even years before. The lessons being learned in New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of and Washington D.C. can apply equally to every business in Utah, whether it's a small shop or a multinational corporation multinational corporation, business enterprise with manufacturing, sales, or service subsidiaries in one or more foreign countries, also known as a transnational or international corporation. These corporations originated early in the 20th cent. ." Step One: Assessment An accurate assessment of a company's day-to-day business activities is the necessary first step in an adequate contingency plan A plan involving suitable backups, immediate actions and longer term measures for responding to computer emergencies such as attacks or accidental disasters. Contingency plans are part of business resumption planning. . Satel encourages organizations of all sizes to accurately examine their reliance on computer resources and the security of those resources. Companies must determine which resources (data and applications) are most critical to vital business activities. Based on this hierarchy of resources, companies should assign acceptable standby timeframes to each. For example, a payroll system would not necessarily need to be back online until the next pay period. On the other hand, for financial institutions, transaction records and applications demand immediate restoration. Step Two: Select and Implement Solutions Once this hierarchy and its related standby intervals are determined, companies can logically select and implement appropriate security solutions. Solutions range from a variety of data and application backup and recovery strategies to quick-turnaround sources for computer hardware. Depending on how mission-critical a particular set of data and applications is, options include: -- Hot standby -- creating an exact duplicate of data and applications that is updated in real-time and automatically takes over if the primary system fails. -- Cold standby -- creating an exact duplicate of data and applications that is updated periodically and can be activated within a relatively short timeframe (typically a matter of hours) -- Site diversification -- keeping backup resources or running standby systems at sites geographically separated from primary activities. -- Outsourcing -- turning data and application hosting, management, security, backup, and recovery over to a managed service provider (MSP (1) (Management Service Provider or Managed Service Provider) An organization that manages a customer's computer systems and networks which are either located on the customer's premises or at a third-party datacenter. ) that provides a level of security, expertise, and redundancy typically missing in most organizations. -- Backup -- ranging from weekly data backup stored in the company safe to real-time, entire-system backups stored at off-site data storage facilities. The solutions a company uses will be determined by the relative impact that a loss of data or applications will have on business. For example, an e-commerce company would require a fully redundant hot standby A hardware device that is connected to the computer or computer complex and remains powered on. It is ready to take over immediately if the primary unit fails. A hot standby may refer to a complete computer system; for example, a standby server, or a component in a computer such as a of its Web site and applications, while a restaurant would require only a nightly data backup stored off-site. Step Three: Incident Response Plan Finally, companies must determine how they will react in the event of unforeseen and unfortunate circumstances. While the response to situations such as the recent terrorist attacks, fire, or a natural disaster are fairly clear-cut -- rebuild systems and get data and applications running as soon as possible -- many other very real threats require more complex response plans. For situations such as computer viruses, hacker attacks, or computer mischief initiated by disgruntled dis·grun·tle tr.v. dis·grun·tled, dis·grun·tling, dis·grun·tles To make discontented. [dis- + gruntle, to grumble (from Middle English gruntelen; see employees, appropriate response often demands continuing operations continuing operations Parts of a business that are expected to be maintained as an ongoing segment of an overall business operation. Income and losses from continuing operations are reported separately if any segments have been discontinued during the while reversing damages, investigating causes, communicating with customers, and even launching investigations and legal recourse. Obviously, incident response can involve much more than simply restoring data. "Not every business needs in-depth planning and detailed incident response plans," said Blohm. "But for those that can't continue to function without mission-critical data and applications, any security and contingency investment made on the front end will be paid back many times if a tragedy does happen." About Satel Inc. Founded in 1994, Satel Inc. is a security solutions provider that specializes in designing and implementing information security solutions. As skilled and knowledgeable architects of security design, training, and risk assessment, Satel is quickly becoming a recognized leader for providing cutting-edge security solutions for enterprises of all sizes. Satel's products and services are ideally tailored to the banking, legal, technology, and medical markets. The company's core competencies include security consulting services, managed security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the , hardened Internet access See how to access the Internet. , secure co-location and hosting, and IT network design and architecture services. With unparalleled expertise in harnessing the power of security technology and a customized approach to client problem solving problem solving Process involved in finding a solution to a problem. Many animals routinely solve problems of locomotion, food finding, and shelter through trial and error. , Satel makes identifying, understanding, and managing security risks possible and affordable. Some organizations that have benefited from Satel's expertise include Salt Lake Organizing Committee, Caspian Sea Caspian Sea (kăs`pēən), Lat. Mare Caspium or Mare Hyrcanium, salt lake, c.144,000 sq mi (373,000 sq km), between Europe and Asia; the largest lake in the world. Pipeline Consortium, Fluor, Chevron, Texaco, Salt Lake City Corp., Williams, Packard Bell See Packard Bell NEC. , Bluepoint blue·point also blue point n. A small oyster (Crassotrea virginica) found chiefly in coastal waters of the eastern United States and usually eaten raw. Technologies, Cerberian, The Heart Center, Amirsys, and NIVO NIVO Netwerk en Informatie voor Vrouwelijke Ondernemers (Dutch) . |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion