Friday, November 20, 2009

Disaster Recovery Gets Personal


By Nicholas Takacs, CISSP CSSLP MSIA

With all of the focus on disaster recovery and business continuity in the last decade, coupled with an amazing growth of information assurance, we still get back to the common issue of people. How do we train them to act in secure and responsible manner? My mantra when doing any type of seminar or educational event is to focus on building knowledge that can be taken home and applied to the audience members' personal lives. Why? Because that's one of the easiest ways to develop good habits, similar in many ways to all of the other "good habits" we should have. Of course, you're probably thinking to yourself that good habits should start at home, much like parents should do for their kids. Unfortunately, with the rapidly changing pace of technology, it would be near impossible for any family to keep up with all of the critical changes, and know which ones were important enough to embed in their daily activities.

There's also a much bigger gap between protecting the real world versus protecting the electronic world. Consider this... what would you do if you woke up at 3am tomorrow morning and saw flames in your house... you would gather up the kids, pets, and get out of the house as fast as possible. Now, what would you do if your computer's hard drive "died" (super-techie term) containing financial information, documentation, pictures, and other personal information? Do you have a plan? Would you know what to do, other than calling a chain-geek squad member?

I wanted to take a moment to remind everyone that as important as security and disaster recovery planning is to your organization, it's just as important, if not more important for your personal life. With the costs of consumer technology coming down rapidly (a 1TB removable hard disk costs less than $100), making regular backups of critical data and information should be as routine as taking out the garbage or paying your bills. There's really no excuse... even consider Windows provides built-in backup software (not that I'm a proponent of it, but it's there, and it works as a basic solution). I confess though that I did forget to do a backup off of my netbook a few weeks back, and of course, Murphy's Law of Magnetic Disks kicked in, and I lost a bunch of information. Thankfully, I was able to recover most of it, but the time I spent going through that process could have been averted with a simple 10 minute automated backup. Shame on me as a professional for not knowing better. Take my example as a lesson learned. Make sure you have disaster recovery plans in place for your personal data and information. Disk is cheap... make a copy!

While I focused primarily on personal information protection, I want to be clear that having disaster recovery plans for your family is important for all aspects of your life. Human life comes first above all else... I firmly believe that after my wife and kids are safe, I'll make sure my pets are safe, then I'll worry about all the rest. I'd trade all the photos, videos, etc. any day if it meant the difference between life and death. I hope you can take something out of this short article and apply it to your home life. It will ultimately benefit you, your family, and believe it or not, your organization too.

Last Week’s Quiz Question
Who was Harold "Doc" Martin? in the history of Norwich University?

Answer: The first African American student admitted to Norwich U in 1916, where he majored in electrical engineering.

The winner is Sherryl Fraser. Congratulations Sherryl.

Below is a list of past winners. Remember that the person with the most wins at the end of the program gets a prize so awesome that we haven’t even conceived of it yet.

Matt Bambrick (2)
Andrey N. Ahernyaev (2)
Dianne Tarpy
Sam Moore
Autumn Crossett
Gil Varney, Jr.
Glen Calvo
Thomas Reardon
Sherryl Fraser

This Week’s Quiz Question
In 1992, Vermont’s capital city of Montpelier was inundated by flood waters in mid-winter. What caused the flood, and what is the name of the river?

The winner receives an original copy of the very first information security textbook, published in 1964, entitled: “Protecting your data center from intrusion and malicious attack: Understanding the tensile strength of steel and concrete.”

Send your entries to jorlando@norwich.edu

1 comment:

  1. It is really a challenge when it comes to the disaster recovery of electronic stuff. Many thinks that creating backup is a complete disaster recovery process, However it is a wrong concept. Making the things insured is the complete disaster recovery process.
    disaster recovery plan orlando

    ReplyDelete