Security Management Strategies for the CIOAccess "Disaster recovery and contingency planning security considerations"
This article is part of the December 2010 issue of Inside the Data Accountability and Trust Act and what it means for security
In a disaster, all focus is -- naturally -- on getting critical business processes back up and running. Whether the disaster is natural or manmade, it's all about recovering business operations as fast as possible, getting employees back to work, and avoiding costly downtime. In this scenario, information security is often far down on the list of considerations, experts say. But companies that overlook data protection provisions in their disaster recovery/business continuity plans risk winding up with a double whammy: a security breach on top of a recovery situation. Imagine having to issue breach notification letters in the midst of recovering from a hurricane or other disaster. After all, compliance requirements aren't lifted in an emergency. "You need to get folks access to the data if they need it, but you also need to prevent unauthorized access," says Ed Moyle, a manager with CTG's information security solutions practice and a founding partner of consultancy SecurityCurve. "That's where a lot of organizations fall down." Disaster recovery/business ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Disaster recovery and contingency planning security considerations
Security must be included in disaster recovery planning to ensure sensitive data is protected.
-
Customized malware programs require new response, experts say
Cybercriminals are taking advantage of poorly deployed security software with customized malware designed to infiltrate systems and steal data without being detected.
-
Disaster recovery and contingency planning security considerations
-
-
Understanding the Data Accountability and Trust Act
by Richard E. Mackey, Jr., Contributor
The Data Accountability and Trust Act, if passed into law, would create a national standard for privacy and data protection.
-
Vendor risk management and the CISO
by Eric Holmquist
The CISO has a key role in reducing the risk of sharing sensitive corporate data with third parties.
-
Understanding the Data Accountability and Trust Act
by Richard E. Mackey, Jr., Contributor
-
Columns
-
Cloud computing technology: Don't get left behind
Cloud computing presents a lot of security issues but security professionals need to accept the challenge.
-
Career advantages of security professional certifications and advanced degrees
by Lee Kushner and Mike Murray
Choose wisely when pursuing industry certifications and advanced degrees to gain the best competitive advantage.
-
Internet privacy laws will get attention in the next Congress
by Judith Harris, Christopher Cwalina, and Amy Mushahwar
In the 112th Congress, enterprises can expect a heavy focus on Internet privacy issues on Capitol Hill.
-
Cloud computing technology: Don't get left behind
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...