How many times in recent months, or in recent memory, have you read reports about Web sites being compromised and hosted data lost or corrupted? All too many and all too often. Most of us assume that infiltration and destruction will happen to someone else, not us. As the online world embraces a new outlook of security first, you may be left behind as the most vulnerable Web site in your Internet neighborhood.
I teach several security related classes and one point I discuss is that security is not a final goal or endpoint; it is a process. Making your IT environment impenetrable and invincible is not part of the process; that is an impossible proposition. Rather, your goal is to make your IT environment harder to access than your neighbor's. Just think about it, if you have a house with a three-foot white picket fence while everyone else on the block has eight-foot wire fencing with three strands of barbed wire, where do you think an intruder is going to have the most success?
So, the race to remain secure is very much a "keeping up with the Joneses" kind of endeavor. But one thing you must not overlook is the real possibility that even with your best efforts, your "secured" system may be compromised. What are you going to do if your entire online resource repository is destroyed or altered beyond repair? Well, if you are prepared, it's just a matter of restoration from backup.
What I am proposing is nothing new. It's a basic IT administration and
Don't assume it will never happen to you. Assume it will, and establish a recovery plan to handle the catastrophe so that the worst thing you lose is a little face while keeping your job, customer base or organization intact.
About the author James Michael Stewart is a partner and researcher for Itinfopros, a technology-focused writing and training organization.
For more information, visit these resources:
- Ask the Expert: Protecting a Web server from external attack
- Web Security Tip: The importance of backups for Web security
- Best Web Links: Data Protection
This was first published in September 2003