chapter 8: disaster management guide to computer network security

Chapter 8: Disaster Chapter 8: Disaster ManagementManagement

Guide to Computer Network Security

Kizza - Guide to Computer Network SecuriKizza - Guide to Computer Network Securityty

22

A disaster is a sudden misfortune, a A disaster is a sudden misfortune, a catastrophe that affects society. catastrophe that affects society. It is the effect of a hazardous event It is the effect of a hazardous event caused by either man or nature. caused by either man or nature. Natural disasters are those caused Natural disasters are those caused by the forces of nature like by the forces of nature like hurricanes, tornados and tsunamis.hurricanes, tornados and tsunamis.Disasters, natural or man-made, may Disasters, natural or man-made, may cause great devastation to society cause great devastation to society and the environment. and the environment. The effects of a disaster may be The effects of a disaster may be short lived, or long lasting. short lived, or long lasting.


33

Categories of DisastersCategories of DisastersNatural Disasters – due to forces of nature. Natural Disasters – due to forces of nature. – TsunamiTsunami– TornadosTornados– Hurricanes ( same as Tsunami)Hurricanes ( same as Tsunami)– Cyclone (same as Tsunami) Cyclone (same as Tsunami) – Flood Flood – Snowstorm Snowstorm – LandslidesLandslides– Drought Drought – Earthquake Earthquake – Electrical storms Electrical storms – Snowslides Snowslides


44

Human – caused Disasters Human – caused Disasters – TerrorismTerrorism– SabotageSabotage– TheftTheft– VirusesViruses– WormsWorms– Hostile codeHostile code– War War – Theft Theft – Arson Arson – Loss of Loss of

Power supply (both electric and gas). This can result in a Power supply (both electric and gas). This can result in a large number of related failures like cooling system, large number of related failures like cooling system, machines, etc. machines, etc. communications linkscommunications linksDataData

– Cyber crime (many types).Cyber crime (many types).


55

Disaster PreventionDisaster Prevention

Disaster prevention is a proactive process Disaster prevention is a proactive process consisting of a set of control strategies to consisting of a set of control strategies to ensure that a disaster does not happen. ensure that a disaster does not happen.

The elements of an effective Disaster The elements of an effective Disaster Prevention are the early detection of Prevention are the early detection of abnormal conditions and notification of abnormal conditions and notification of persons capable of dealing with the persons capable of dealing with the pending crisis. pending crisis.

By detecting and treating minor problems By detecting and treating minor problems early, major problems can be avoided.early, major problems can be avoided.


66

Through intelligent monitoring devices, the Through intelligent monitoring devices, the process of disaster prevention can be improved. process of disaster prevention can be improved. Monitoring devices come in a variety of types Monitoring devices come in a variety of types including: including: – Temperature Temperature – Humidity Humidity – Water Water – Smoke / Fire Smoke / Fire – Air-Flow Air-Flow – AC Power Quality AC Power Quality – UPS AC / Battery Mode UPS AC / Battery Mode – Personnel Access Security Personnel Access Security – Halon Triggering State Halon Triggering State – State of in-place Security/Alarm Systems State of in-place Security/Alarm Systems – Hidden Conditions undetectable by Security Personnel Hidden Conditions undetectable by Security Personnel

In Air-Conditioning Ducts In Air-Conditioning Ducts Under Raised Floors Under Raised Floors Inside Computer ChassisInside Computer Chassis


77

The choice of action taken may bee The choice of action taken may bee predetermined by the system manager and is predetermined by the system manager and is selected from a long list that includes: selected from a long list that includes: – Activating local or remote alarms indicators like sirens, Activating local or remote alarms indicators like sirens,

bells, light signals, and synthesized voice. bells, light signals, and synthesized voice. – Taking over control of the affected resource to isolate it, Taking over control of the affected resource to isolate it,

cut it off from the supply line, or maintain the declining cut it off from the supply line, or maintain the declining supply line. The supply line may be power, water, fuel supply line. The supply line may be power, water, fuel and a number of other things. and a number of other things.

– Interfacing with existing or cutting off from existing Interfacing with existing or cutting off from existing security system as dictated by the event. security system as dictated by the event.

– Sending a signal to designated personnel including: Sending a signal to designated personnel including: System Users System Users Site Managers Site Managers Security Personnel Security Personnel Maintenance Personnel Maintenance Personnel Service Bureaus and Alarm Co. Central Offices Service Bureaus and Alarm Co. Central Offices Authorities at Remote Sites Authorities at Remote Sites

– Gracefully degrading the system by terminating normal Gracefully degrading the system by terminating normal operations, closing and protecting data files, and operations, closing and protecting data files, and disconnecting AC Power from protected equipment.disconnecting AC Power from protected equipment.


88

Disaster ResponseDisaster ResponseDisaster response is a set strategies to respond to both the short term and Disaster response is a set strategies to respond to both the short term and long term needs of the affected community. long term needs of the affected community. These strategies involve quick and timely response to the Disaster These strategies involve quick and timely response to the Disaster Prevention System (DPS) signals with directed action. The essential steps Prevention System (DPS) signals with directed action. The essential steps in disaster response include:in disaster response include:– restoring servicesrestoring services– identifying high risk system resources identifying high risk system resources

Five factors govern a quick disaster response. These are:Five factors govern a quick disaster response. These are:– Nature and extent of the destruction or risk in case the disaster occurs. This is Nature and extent of the destruction or risk in case the disaster occurs. This is

based on either prior or a quick assessment of the situation. based on either prior or a quick assessment of the situation. – The environment of the disaster. The environment determines the kind of The environment of the disaster. The environment determines the kind of

response needed. Take a quick inventory of what is in the room or rooms where response needed. Take a quick inventory of what is in the room or rooms where the systems are. Make a note of who the chosen action to meet the needs is the systems are. Make a note of who the chosen action to meet the needs is going to be carried out successfully. going to be carried out successfully.

– Make note of the available resources. The degree and effectiveness of the Make note of the available resources. The degree and effectiveness of the response to the disaster is going to depend on the available resources on the response to the disaster is going to depend on the available resources on the ground that can be used to increase and enhance the success rate of the chosen ground that can be used to increase and enhance the success rate of the chosen response.response.

– Time available to carry out the chosen response action. Time is so important in Time available to carry out the chosen response action. Time is so important in the operation that it determines how much action can be taken and how much the operation that it determines how much action can be taken and how much effort is needed to control the disaster. effort is needed to control the disaster.

– Understanding of the effective policy. Every chosen action takes must fall within Understanding of the effective policy. Every chosen action takes must fall within the jurisdiction of the company policy. the jurisdiction of the company policy.


99

Disaster Recovery Disaster Recovery The value of a good disaster The value of a good disaster recovery plan is its ability to react to recovery plan is its ability to react to the threat shifty and efficiently.the threat shifty and efficiently.

For this to happen, there must be an For this to happen, there must be an informed staff, disaster suppliers, informed staff, disaster suppliers, and planned procedures. and planned procedures.


1010

Planning for a Disaster Recovery Planning for a Disaster Recovery – Disaster recovery planning is a delicate Disaster recovery planning is a delicate

process that must be handled with care. process that must be handled with care. – It involves risk assessment, developing, It involves risk assessment, developing,

documenting, implementing, testing and documenting, implementing, testing and maintaining a disaster recovery planmaintaining a disaster recovery plan

– There must be a Disaster Recovery Committee There must be a Disaster Recovery Committee that should include at least on person from that should include at least on person from management, information technology, record management, information technology, record management, and building maintenance. management, and building maintenance.

– This committee is charged with deciding on the This committee is charged with deciding on the what, how, when and who are needed to what, how, when and who are needed to provide a good solid recovery that your provide a good solid recovery that your company will be proud of. company will be proud of.


1111

– The planning process starts with steps that The planning process starts with steps that identify and document those functions and identify and document those functions and other key elements in the recovery process. other key elements in the recovery process.

– These steps include:These steps include:Identifying and prioritirizing the disaster. Identifying and prioritirizing the disaster. Identifying and prioritizing business-critical systems Identifying and prioritizing business-critical systems and functions. and functions. Identifying business-critical resources and performing Identifying business-critical resources and performing impact analysis,impact analysis,Developing a notification plan,Developing a notification plan,Developing a damage assessment plan,Developing a damage assessment plan,Designating a disaster recovery site,Designating a disaster recovery site,Developing a plan to recover critical functions at the Developing a plan to recover critical functions at the disaster recovery site, anddisaster recovery site, andidentifying and documenting security controls, andidentifying and documenting security controls, andDesignating responsibilities.Designating responsibilities.


1212

Resources for Disaster Planning Resources for Disaster Planning and Recoveryand Recovery

With business disasters becoming With business disasters becoming common, there is going to be a high common, there is going to be a high demand for tools and services from demand for tools and services from vendors to manage disasters. vendors to manage disasters.

These resources fallow into two These resources fallow into two categories:categories:– public agency-based public agency-based – vendor-based resources. vendor-based resources.


1313

Local Disaster ResourcesLocal Disaster ResourcesMany of these disaster recovery resources can Many of these disaster recovery resources can be obtained freely locally:be obtained freely locally:

– PolicePolice– Civil defenseCivil defense– Fire departmentFire department– Ambulatory servicesAmbulatory services

These resources can be obtained on the These resources can be obtained on the business premises:business premises:

– PaperPaper– Fire extinguisherFire extinguisher– Small capacity tapes and disks Small capacity tapes and disks

These resources can be obtained from vendors These resources can be obtained from vendors (online or off):(online or off):

– Specialized Computer equipment Specialized Computer equipment – Specialized software tools like COBRASpecialized software tools like COBRA

chapter 8: disaster management guide to computer network security

Documents