Access your Pro+ Content below.
Disaster recovery and contingency planning security considerations
This article is part of the December 2010 issue of Information Security magazine
In a disaster, all focus is -- naturally -- on getting critical business processes back up and running. Whether the disaster is natural or manmade, it's all about recovering business operations as fast as possible, getting employees back to work, and avoiding costly downtime. In this scenario, information security is often far down on the list of considerations, experts say. But companies that overlook data protection provisions in their disaster recovery/business continuity plans risk winding up with a double whammy: a security breach on top of a recovery situation. Imagine having to issue breach notification letters in the midst of recovering from a hurricane or other disaster. After all, compliance requirements aren't lifted in an emergency. "You need to get folks access to the data if they need it, but you also need to prevent unauthorized access," says Ed Moyle, a manager with CTG's information security solutions practice and a founding partner of consultancy SecurityCurve. "That's where a lot of organizations fall down." ...
Features in this issue
Security must be included in disaster recovery planning to ensure sensitive data is protected.
The Data Accountability and Trust Act, if passed into law, would create a national standard for privacy and data protection.
Cybercriminals are taking advantage of poorly deployed security software with customized malware designed to infiltrate systems and steal data without being detected.
The CISO has a key role in reducing the risk of sharing sensitive corporate data with third parties.
Columns in this issue
Cloud computing presents a lot of security issues but security professionals need to accept the challenge.
Choose wisely when pursuing industry certifications and advanced degrees to gain the best competitive advantage.
In the 112th Congress, enterprises can expect a heavy focus on Internet privacy issues on Capitol Hill.