info 410chapters 5-6 1 info 410chapters 5-6 1 it infrastructure chapters 5 & 6 info 410 glenn...
TRANSCRIPT
INFO 410 Chapters 5-61 INFO 410 Chapters 5-61
IT InfrastructureChapters 5 & 6
INFO 410
Glenn Booker
Images are from the text author’s slides
INFO 410 Chapters 5-62
Five competitive forces
Before diving into the second module, we’ll examine the five competitive forces that shape strategy (case study 1-1)– Technology can influence or drive all of them– Our overall goal is to be profitable (yay capitalism!)
The most obvious competitive force is your competitors in the industry– Most don’t look beyond that
INFO 410 Chapters 5-63
Five competitive forces
Customers can play you against your rivals, lowering prices
Suppliers can limit your profits by charging high prices
Threat of new rivals can increase capacity, and increase the investment needed to play
Substitute products can steal customers
INFO 410 Chapters 5-64
The big picture
So we need to consider all five major forces in a given industry to produce a good strategy
A common approach is to position yourself where forces are weakest– Paccar sells custom trucks to owner-operators– MP3s created a substitute for buying music CDs;
Apple filled the void with iTunes
INFO 410 Chapters 5-65
Tricks to win
Limit supplier power via standardized parts Expand services so it’s harder for customers
to leave Invest in products different from your rivals,
to avoid price wars Invest in R&D to scare off new rivals Make products very available, to offset subs
INFO 410 Chapters 5-66
Strength of forces drives profit
When competitive forces are all strong (airlines, textiles) there is little profit
Conversely, weak competition leads to high profits (soda, software, toiletries)
Profitability, measured by ROIC (return on invested capital) is typically 10-20%– Airlines and mail order about 5%– Soda and software are over 35%
INFO 410 Chapters 5-67
Strength of forces drives profit
Short term profits are affected by many things (weather, industry cycles) but long term performance is dominated by these five forces
The strongest competitive force(s) determines how profitable an industry can be
Hence it/they are key factors in choosing the best strategy
INFO 410 Chapters 5-68
Threat of new rivals
New players add capacity to produce products, and pressure to lower prices
Especially if they are established firms in other areas– Pepsi bottled water– Microsoft Web browsers– Apple music distribution
INFO 410 Chapters 5-69
Threat of new rivals
To avoid this threat, existing producers must hold down prices, and/or invest in new products to keep customers loyal (Starbucks)
Notice it’s the threat of rivals, not actual new rivals, that limits profitability
Barriers to entry help keep out new competition
INFO 410 Chapters 5-610
Barriers to entry
Supply-side economies of scale– It’s cheaper to make lots of stuff than a little– Every aspect of the value chain, even marketing
and research, benefit from large scale operations
Demand-side benefits of scale– Larger companies attract more customers– “No one ever got fired for buying IBM”– eBay has more auctions, so more people use it
INFO 410 Chapters 5-611
Barriers to entry
Customer switching costs– Changing vendors may mean changing product
specs, retraining staff, adapting processes, etc.– ERP systems have huge switching costs!
Capital requirements– Make it expensive to compete with you– Facility costs, provide credit to customers,
inventory costs, start-up costs, ads, R&D, etc.
INFO 410 Chapters 5-612
Barriers to entry
Incumbent advantages– Not just for politicians!– May have cost or quality advantages over rivals,
proprietary technology, best sources, best locations, known brand identity
– Counter by placing self away from rivals (Wal-Mart)
Unequal access to distribution channels– Limited shelf space, available distributors
INFO 410 Chapters 5-613
Barriers to entry
Government policies– Government can limit or forbid new entrants in an
industry (e.g. radio, liquor, taxi, airlines)– Government can also encourage new entrants –
subsidies, grants, 8(a) programs, etc.
Of course, new entrants in a field could expect retaliation
INFO 410 Chapters 5-614
Barriers to entry - retaliation
Retaliation is likely, if incumbent players– Have squashed rivals before– Have lots of money– Can cut prices to drive you out of business
Or if industry growth is slow
INFO 410 Chapters 5-615
Power of suppliers
Key suppliers can simply charge more for their products, reducing your profitability
This can include suppliers of labor! Microsoft reduces profitability of PCs by OS
costs
INFO 410 Chapters 5-616
Power of suppliers
Suppliers are powerful if– They are more concentrated than the industry
they supply (1 Microsoft vs. many PC makers)– The supplier doesn’t depend on one industry for
revenue If you only have one customer, you have to take better
care of them!
– There are high switching costs to another supplier Training, location, etc. could contribute
INFO 410 Chapters 5-617
Power of suppliers
Or if– Supplier offers unique products (or at least
different, such as drug products)– There is no substitute for the supplier (airline
pilots)– The supplier could enter the market themselves
(Shuttle selling barebones computers)
INFO 410 Chapters 5-618
Power of buyers
Customers (buyers) can force down prices, demand better quality or service, reducing your profitability through price reductions
Buyer power is similar for consumers and B2B customers
Consumer needs may be harder to pin down
INFO 410 Chapters 5-619
Power of buyers
Buyers have power if– There are few of them, and/or they purchase in
large volume The latter especially if the industry has high fixed costs
(telecom, chemicals, oil drilling)
– Products are standardized (paper clips)– Switching costs are low– The buyers can integrate backward, and make
the product themselves (packaging for sodas)
INFO 410 Chapters 5-620
Power of buyers
Buyers are price sensitive if– The products are a major fraction of its budget
(mortgages)– Buyers earn little profit, or have little cash, or
otherwise need to cut purchasing costs– Buyer’s product quality is little affected by the
items bought (opposite of movie cameras)– Product has little effect on buyer’s other costs
INFO 410 Chapters 5-621
Power of buyers
Intermediate customers (distribution or assembly channels) also gain power when they influence customers’ buying decisions– Consumer electronics or jewelry retailers, or
agriculture equipment distributors– Producers may avoid this through direct channels
to consumers, or exclusive distribution channels (sweeteners, DuPont Stainmaster, bike parts)
INFO 410 Chapters 5-622
Threat of substitutes
A substitute does the same function as a product in a different manner– Videoconference instead of traveling– Email instead of snail mail– Software for travel agents, when people shop
online instead– Only have a cell phone instead of wired phones
INFO 410 Chapters 5-623
Threat of substitutes
Because substitutes may be very different products, they’re easy to overlook– Used vs new products, or do-it-yourself vs.
purchased could also be factors
High threat of substitutes lowers profitability Industries often need to distance themselves
from well known substitutes
INFO 410 Chapters 5-624
Threat of substitutes
Threat of substitutes is high if– There is good price-performance compared to the
industry product (Skype vs long distance calls, Netflix vs YouTube)
– Switching cost to substitute is low (generic drugs)
Hence need to monitor other industries for new substitutes (e.g. plastic for car parts instead of metal)
INFO 410 Chapters 5-625
Competitive rivalry
Rivalry among competitors in an industry is very familiar– Sales, new products, ad campaigns, service
improvements
Rivalry limits profitability Rivalry has dimensions of intensity and the
basis upon which it depends
INFO 410 Chapters 5-626
Competitive rivalry
Intensity of rivalry is high when– There are many competitors, or they are the
same size & power– Industry growth is slow, makes for fight over
market share– Exit barriers are high, hence stuck in industry– Rivals are striving for leadership– Rivals can’t read each others’ strategies well
INFO 410 Chapters 5-627
Competitive rivalry
Rivalry is worst for profits when it’s on the basis of price alone
Price rivalry is common when– Products or services can’t be told apart– Fixed costs are high– Capacity need to grow in leaps to be efficient– Product is perishable! (produce, or hotel rooms)
INFO 410 Chapters 5-628
Competitive rivalry
Competitive rivalry can have other basis– Features, support, delivery speed, brand image– These are less likely to affect price, since they
help differentiate products
If you compete on the same basis as your rivals, might be fighting over the same customers; instead of winning new ones via differentiation, a positive sum game
INFO 410 Chapters 5-629
Other factors
The five competitive forces are key to developing a good strategy
But there are other factors to consider– Industry growth rate– Technology and innovation– Government – Complementary products and services
INFO 410 Chapters 5-630
Industry growth rate
Fast-growing industries often have little rivalry, but gives suppliers a lot of power
Low barriers to entry will guarantee a lot of competitors– PCs have been very low in profit for that reason
Substitutes might still exist
INFO 410 Chapters 5-631
Technology and innovation
Technology alone will rarely make an industry attractive
New technology attracts a lot of interest, and hence rivals
Low tech, price insensitive industries are often the most profitable
INFO 410 Chapters 5-632
Government
Government involvement could be good or bad
Look at how they affect the five forces– Patents create barriers to entry, for example– Unions often raise supplier power– Lenient bankruptcy rules favor excess capacity
and more rivalry
Consider different levels of government too
INFO 410 Chapters 5-633
Complementary products
Some product go well together, like hardware and software!
Complements can affect demand for a product; see how they affect the five forces
Can affect barriers to entry (app development), threat of substitutes (hydrogen cars, iTunes), rivalry (pro or con)
INFO 410 Chapters 5-634
Changes over time
Everything so far has been at one moment in time; now consider how these factors can change over time
New entries can arise from a patent expiring– Limited retail freezer space can limit new products– Large scale retailers create barriers for small
competitors
INFO 410 Chapters 5-635
Changes over time
Consolidation of appliance retailers have limited the power of their suppliers
Travel agents have little power over their commissions, due to online sales
Technology often shifts price/performance (microwaves) or creates new substitutes (flash drives instead of small hard drives)
INFO 410 Chapters 5-636
Changes over time
Rivalries often intensify over time, as industry growth slows
Rivals become more alike as products become similar, consumer taste settles down– Some areas avoid this, e.g. casino catering to
different populations
Mergers, acquisitions, and technology can alter rivalries, create customer backlash
INFO 410 Chapters 5-637
Strategy implications
All of these forces and factors should play into creating a good business strategy– Where do you stand relative to buyers, suppliers,
new entrants, rivals, and substitutes?– What changes in these forces can be anticipated?– Can you change the industry structure?
Your strategy should defend against the strong forces, and exploit the weak ones
INFO 410 Chapters 5-638
Positioning the company
Also consider the entry and unpopular exit options – is this a good time to enter or leave a market? Or industry?
Are there changes in the industry of which you can take advantage?– Often such changes can create prime
opportunities, if you can spot them
INFO 410 Chapters 5-639
Reshape industry structure
This can be done by redividing profitability; changing the forces which affect the current industry’s profitability
Find which forces are key limits on profits, and do something to release them!
INFO 410 Chapters 5-640
Reshape industry structure
Or expand the profit pool; increase overall demand for the products– Find new buyers– Make channels become more competitive– Coordinate with suppliers– Improve quality standards, etc.
INFO 410 Chapters 5-641
Play in the right sandbox
Make sure you have clear industry boundaries
Sounds basic, but each industry typically needs its own strategy– Identify product or services scope, and
geographic scope of each industry
Huge mistakes can result otherwise!– Miss major markets, product needs, etc.
INFO 410 Chapters 5-642
Competition and value
The five forces (and lesser factors) identify how competition will affect a business strategy
Key is not only to identify competitive threats, but also possible opportunities
Also helps investors understand a business– Separate short term blips from structural changes
INFO 410 Chapters 5-643
The Business of IT
Understanding IT infrastructure
INFO 410 Chapters 5-644
IT a key capability
IT is now a critical part of how businesses realize their business models
This module is about how IT affects management of a business, affects availability and security, makes new service models possible, and supports project management
INFO 410 Chapters 5-645
IT infrastructure
Cheap computing and universal networks have formed the foundation for levels of information sharing and services never possible before
The challenges its implementation introduces can be huge, however– Reliability, interoperability with legacy systems– Reduced ability to differentiate from competition
INFO 410 Chapters 5-646
Infrastructure constraints
Dangers include basing your infrastructure on a technology which dies
Business needs and technology decisions need to be interwoven– That’s where IS people are critical interfaces!
So what drives technology changes?
INFO 410 Chapters 5-647
Moore’s “Law”
Gordon Moore (later cofounder of Intel) noted in 1965 that computer chip prices stayed about the same, but their speed doubled every 18-24 months– Still true today!
The 60’s and 70’s saw centralized computer architecture – Mainframes, punch cards, ttys, dumb terminals
INFO 410 Chapters 5-648
Computer evolution
The “computer on a chip” concept started roughly in 1971 with the Intel 4004 CPU, leading to the 8088, 286/386/486/Pentium, PII, PIII, P4, etc.
With the introduction of PCs in 1981, computing started to spread from the mainframes throughout an organization– Spreadsheets, databases, CAD, programming
INFO 410 Chapters 5-649
Computer evolution
Then the baby computers started talking to each other – the LAN was born– Led to the client/server architecture– Let the PCs do some of the work!
And the world saw the Internet explode in the early 90’s– WANs, internetworking technologies, open
standards, and of course WWW
INFO 410 Chapters 5-650
Computer evolution
Robert Metcalfe’s Law: “The usefulness of a network increases with the square of the number of users connected to the network”– Metcalfe created Ethernet, founded 3Com
Network capacity grew even faster than Moore’s Law, with cheap powerful CPUs and easy TCP/IP networks– Led to changes in computing infrastructure
INFO 410 Chapters 5-651
Computer evolution
But these changes have been so fast that many organizations are left with fragments from different eras of technology
Internetworking infrastructure consists of – Network(s)– Computer HW and SW (“processing systems”) – Facilities
INFO 410 Chapters 5-652
Network elements
LANs, WANs Routers, switches, … hubs?? Wireless access points Network cards (wireless or not) Firewalls Cache, media, print, or other servers
– If it performs a business function, it’s a processing element; otherwise it’s a network element
INFO 410 Chapters 5-653
Network(s)
Includes links, network hardware, software, policy management and monitoring
Key issues include– Selecting technologies and standards– Selecting and managing partners– Assuring reliability– Maintaining security– Interconnection among networks
INFO 410 Chapters 5-654
Processing system elements
Client devices and systems (PCs, cell phones, cars, refrigerators, etc.)
Servers – general processing, transaction, file, database, Web, and application servers
Enterprise servers (and legacy mainframes) Middleware – often overlooked Network management software Business applications
INFO 410 Chapters 5-655
Processing systems
Includes most servers, clients, phones, and software (custom code, SAP, Oracle, etc.)
Management issues include – What’s internally developed vs. outsourced– How to grow, deploy, & modify– Connecting to legacy systems– Problem management– Disaster recovery
INFO 410 Chapters 5-656
Facility elements
Facilities include– Buildings, physical spaces– Network conduits and links– Power– Environmental control systems (temp, humidity)– Security (physical and network)
INFO 410 Chapters 5-657
Facilities
Includes data centers, network ops centers, data closets, managed services
Issues include– Manage internally vs. outsource– Choosing the right facilities model– Reliability, security– Energy efficiency & environmental impact
INFO 410 Chapters 5-658
Internetworking characteristics
Internetworking technologies differ from some other info technologies in several ways– Based on open standards– Operate asynchronously (think datagram network)– Have inherent latency (delivery delays)– Are decentralized (no single point of failure)– Are scalable (lots of pathways help here)
INFO 410 Chapters 5-659
Business implications
On a fast network, all computers can act essentially as one– The network becomes a computer– Sequential events become nearly simultaneous– Huge paradigm shift
Physical location is less important, changing outsourcing, partnerships, industry structure– But increasing complexity, interactions, threats
INFO 410 Chapters 5-660
Real-time infrastructures
The mainframe era used batch computing, often at the end of the day
Real-time (or nearly so) computing has erased those expectations
Other benefits include– Better data, better decisions
Easier synchronization of data sources
INFO 410 Chapters 5-661
Real-time infrastructures
– Better process visibility Instant order status
– Improved process efficiency JIT inventory, faster cycle times, response to market
conditions
– From ‘make and sell’ to ‘sense and respond’ Respond to actual demand, rather than forecasted
demand, e.g. Dell Requires faster transaction and communication systems
INFO 410 Chapters 5-662
Not all good
The faster response time has produced new threats– Wall St panic on 10/19/1987, due largely to
automated stock buying programs causing a chain reaction
– While value can be created faster, so can bad side effects
– Need high availability, fast disaster response, and improved security
INFO 410 Chapters 5-663
New service delivery models
IT can be a service provided by outsourcing, instead of being internally managed– Scarcity of IT people is partly driving this!– The industry is becoming more standardized, and
cost reduction pressure is strong– Where exactly is your Gmail???– Similar to shifts from answering machines to voice
mail, or power as a commodity– Need to manage IT providers and partners well!
INFO 410 Chapters 5-664
Managing legacy systems
Any infrastructure from an older organization probably still has legacy components in it– Often obsolete, proprietary– Also includes legacy organizations, processes,
and cultures!– How do new technologies relate to the legacy
systems? Change the organization, processes, and culture?
INFO 410 Chapters 5-665
Future of internetworking
The technologies we rely on have been refined over the last 30-40 years
Markets want reliable, secure, high speed connectivity– Changes to QoS (quality of service) possible on
the Internet are needed to help meet demand– Availability, authentication, security, bandwidth
guarantees, nonrepudiation are all highly desired
INFO 410 Chapters 5-666
Summary
Internetworking infrastructure includes not only the physical hardware and software, but the processes, organization, and culture that use them
Technology changes are creating faster, more flexible, interoperable global networks, speeding creation of value at the cost of high complexity, uncertainty, and new threats
INFO 410 Chapters 5-667
The Business of IT
Assuring reliable and secure IT services
INFO 410 Chapters 5-668
Reliability of the Internet
The reliability of the Internet is based on its many redundant paths among hosts– Failures at one or more routers are unlikely to
stop a message from getting to its destination
Most organizations don’t have the luxury of that much redundancy!– Key tradeoff is the expense of redundancy, versus
the reliability it can bring
INFO 410 Chapters 5-669
How much can you afford?
Added complexity of redundant systems adds new kinds of possible failures
So it boils down to asking: how much reliability can you afford?– Kind of like ‘how fast do you want your car?’– How expensive is a 15-minute failure of your IT
infrastructure? 12 hours?
How does reliability differ from availability?
INFO 410 Chapters 5-670
Availability
No. of 9’s Data Center AvailabilityDown time /
year
2 Level 1 99% 87.6 hours
3 Level 1 99.9% 8.8 hours
4Level 2 Level
399.99% 53 minutes
5 Level 4 99.999% 5.3 minutes
6 Level 4 99.9999% 31.5 seconds
INFO 410 Chapters 5-671
Timing
The number of failures and their duration each is also important– Many very brief failures may have less impact
than one long one
Timing when failures occur also matters– 3:00 am often not as bad as 10:00 am?
Planned system outages don’t ‘count’
INFO 410 Chapters 5-672
Calculating availability
For systems that all need to be running at once (serial), multiply their individual availabilities– System avail = [component avail]– So a system of five serial components, each with
98% availability, will have a system availability of System avail = 0.98*0.98*0.98*0.98*0.98 = 90.4%
– Adding more components hurts overall availability
INFO 410 Chapters 5-673
Calculating availability
If components are in parallel (any of the redundant components could perform the function), then multiply the failure rates of the components to get the system failure rate– Failure rate = 1 – Availability rate
So five components in parallel would have a failure rate of (1 - 0.98)^5 = 3.2E-09 for an availability of 1 - 3.2E-9 = 99.99999968%
INFO 410 Chapters 5-674
High availability facilities
A typical high availability data center should have many features– Uninterruptible power supply
Major equipment should have multiple power supplies, powered by separate circuits
A UPS is ready to take over if main power source fails UPS might be a diesel generator for sustained outages
– Physical security to restrict access to the equipment
INFO 410 Chapters 5-675
High availability facilities
– Extreme facilities might be protected from blast or other attacks
Weighing visitors, biometric identification, etc. could be used
– Climate control and fire suppression– Network connectivity to two or more backbone
Internet providers Might have redundant NOCs
INFO 410 Chapters 5-676
High availability facilities
– Help desk incident response procedures– N+1 or N+N redundancy
N+1 means at least one redundant system standing by; typically good for up to 3 9’s of availability
N+N means double the number of systems normally needed, needed for 4 or more 9’s of availability
– See earlier availability chart for Level 1 to 4 Data Center classifications
A single component can have redundant features, even if the entire component isn’t duplicated
INFO 410 Chapters 5-677
Malicious threats
It’s no secret that there are many threats to network security, from casual bored hackers to well organized spies and terrorists
Threats can be loosely grouped into three categories– External attacks– Intrusion– Viruses and worms
INFO 410 Chapters 5-678
External attacks
External attacks hurt a site or degrade its services, without getting access inside it– Denial of service attacks (DoS) typically flood web
servers with TCP SYN messages, until they crash– Distributed DoS (DDoS) attacks do the same
thing from many computers at once– IP spoofing might be used to mask the true
source of these attacks
INFO 410 Chapters 5-679
External attacks
DoS attacks are easy to do – script kiddies And are hard to defend against Slow DoS attacks can look like normal traffic
INFO 410 Chapters 5-680
Intrusion
Intrusion attacks gain access inside your network– Guess or obtain user names and passwords
(maybe via packet sniffing, or clever social engineering)
– Back doors left by developers– Port scanning to look for open entries to servers
INFO 410 Chapters 5-681
Intrusion
Once inside the network, hackers might– Download, alter, or delete data (SSN, CC numbers)
– Deface web sites– Posing as a user, send malicious messages– Leave software to perform DDoS later, or time
bombs to delete data
Proving what they did is often very hard Can produce tough PR issues!
INFO 410 Chapters 5-682
Viruses and worms
Viruses and worms are self-replicating programs– Viruses need help to spread, worms don’t
Both are often incorporated into other attacks, e.g. set up a DDoS attack
INFO 410 Chapters 5-683
Defensive measures
Many types of defenses are often used– Security policies– Firewalls– Authentication– Encryption– Patching and change management– Intrusion detection and network monitoring
INFO 410 Chapters 5-684
Security policies
Security policies are needed to define– How passwords are managed– Who has accounts on the network?– What security is needed on network computers?– What services are running in the network?– What can users download?– How are these policies enforced?
INFO 410 Chapters 5-685
Firewalls
Firewalls can be hardware- and/or software-based methods to control network access– Can people access the network from outside?– Most firewalls filter packets to look for attacks,
illegal applications, IP spoofing, etc.– Can’t stop internal traffic, most viruses, or
bypassing the network (wireless, flash drives)– They also provide good traffic monitoring points
INFO 410 Chapters 5-686
Authentication
Authentication proves you are who you claim to be – could be applied to hosts or users– Could be as basic as ‘user name and password’,
or involve certificate authorities, biometrics, etc.– How tough are passwords? Change them how
often? Can you reuse them?
After that, can control access to data, network resources based on identity
INFO 410 Chapters 5-687
Encryption
Encryption provides confidentiality of data– Even if intercepted, can’t easily be read– Protect your keys!!!
Encryption can be symmetric or public key– Often both are used to provide authentication and
confidentiality
Digital signatures also prove authentication– Message digests provide integrity check
INFO 410 Chapters 5-688
Patching and change management
Known weaknesses in apps or OS’s can be patched – if you USE the patches!– Keeping current is tedious– Patches might cause side effects in other apps
Change management needs to know what patches are installed, what apps should be running, and what files should be on production systems
INFO 410 Chapters 5-689
Intrusion detection
Intrusion detection systems look at packet contents to look for attack patterns; or look for weird patterns of traffic behavior
Could also include hardware and software monitoring to look for unusual configurations (e.g. a NIC in promiscuous mode) or suspicious behavior
INFO 410 Chapters 5-690
Security management framework
Security affects the design of a network, and requires policies and procedures to keep it safer
Some basic principles of good security management include– Make security decisions; don’t ignore the issue!– Realize that security threats change and evolve;
don’t expect anything to be static
INFO 410 Chapters 5-691
Security management framework
– Consistent change management is critical– Educate users what not to click on, how to keep
passwords secure, why procedures are in place Great ignored procedures are worthless!
– Use layered security Consider host, network, and application levels of
security, and prioritize measures
INFO 410 Chapters 5-692
Risk management
Risk management for availability and security is critical
Can’t avoid all risks, so need to estimate the probability of risks occurring, and how severe the impact (consequences) of each risk is– Obviously, low probability and low impact risks are
minor threats; and high probability and high impact risks are critical ones to address
INFO 410 Chapters 5-693
Risk management
But the other combinations (low probability, high impact, or high probability, low impact) are harder to assess– E.g. we often pay for insurance against unlikely
but rare events, like severe illness or death Can define expected loss=probability*impact
– But intangible losses are hard to quantify– New technologies may add new risks (complexity,
instability)
INFO 410 Chapters 5-694
Incident management
All infrastructures experience incidents, so it’s important to plan for them– What could be typical incidents affecting
availability and/or security?
Plan for actions to be taken before, during, and after an incident
INFO 410 Chapters 5-695
Actions before an incident
Design the infrastructure for recoverability and failure tolerance
Follow your own procedures, especially for change management and data backup
Document procedures and configurations carefully
INFO 410 Chapters 5-696
Actions before an incident
Have crisis management procedures– How do you diagnose problems?– Who is available to help?
Practice incident response– Do you have current contact information for key
people?– What outside resources are available to help?
INFO 410 Chapters 5-697
Actions during an incident
Beyond the apparent technical issues, there are many other factors in a crisis– Emotional responses (confusion, denial, panic)– Wishful thinking– Political maneuvering, avoiding responsibility– Leaping to conclusions, ignoring unwanted
evidence
INFO 410 Chapters 5-698
Actions during an incident
Public relations issues can also be overwhelming– Reluctant to admit how serious the problem is
(FEMA in NO?)– Major decisions are risky, and you have to make
confident decisions even if data is never complete
INFO 410 Chapters 5-699
Actions after an incident
After an incident, may have to rebuild part of the infrastructure, or even everything– This is why you had good CM!
Processes might have to be changed to accommodate the new infrastructure
Document lessons learned from this incident, to help reliving it in the future!– What caused it? How can you prevent it?
INFO 410 Chapters 5-6100
Actions after an incident
May also need to explain to customers and other stakeholders what happened, and what your actions have been – Again can be a PR issue to show your steps to
secure your infrastructure are sound and thorough
INFO 410 Chapters 5-6101
Summary
Availability for IT infrastructures– How to calculate availability with serial or parallel
components– Features needed for high availability facilities
Security threats and defenses Security management framework Risk and incident management