So You Survived the Disaster. Did Your Company? - Virus and Hacker (Page 3 of 5 )
Virus Protection
While most companies have virus scanners in place, few truly stay on top of keeping their virus signature files updated. Few really stay on top of the CERT (Computer Emergency Response Team), something easily done by going to www.cert.org.
A truly robust virus policy includes not only making sure that a scanner is on every computer that attaches to your local area network (no matter how that attachment happens), but also includes checking for new virus signature files from your virus protection vendor daily. It also includes a daily scan of the newsgroups on the subject of viruses and keeping up to date with the CERT advisories.
To tie this item together with the one above, this means having a specific virus scan, with your virus software, performed on your reciprocal partners’ computers. It also means trying this process in with your total disaster restoration plan.
Hacker Protection
This is a tricky one. Most companies have some sort of firewall to protect themselves from hackers that are coming from outside the company. The only problem is that there are now so many different types of attacks that merely putting a firewall in place is no longer enough. Additionally, most unauthorized accesses to you systems will not come from outside your company, it will be unauthorized access from your employees.
Entire books have been written on this subject, so I’m not going to go into it here in great depth. But even supposing you are keeping up on the latest security measures, you still need to ensure that you are keeping up with the CERT advisories (www.cert.org), monitoring alt.2600 (and it’s sub newsgroups) and that you are a part of the user groups for all of your hardware mission critical software. This will ensure that you stay on top of any new security holes being exploited.
Having Enough Protection
There is a final problem with most companies. The above three policies are virtually always created independently of one another. The plans exist, but they are separate plans, with documentation in separate places, and often with separate people overseeing each item.
Think of it this way: you have a backup and restoration policy to prevent the loss of your company’s data. You also have a virus policy to prevent the loss or corruption of your company’s data. And you have Hacker policies to prevent the loss (and unauthorized use) of your company’s data.
Anyone see a pattern here?
All three of them are created to prevent the loss, corruption, or improper use of your data, so they should be created together, and managed together. In short, they should be part of a unified “Business Continuity” document. Essentially, this document explains, in minute detail, all of the processes in the event of a disaster. In this case, disaster means anything that prevents you from getting at whatever data that is needed, when it is needed: a virus hits even one computer on your network, an accidental file deletion, a hacker breaks through your security system, a hurricane causes the collapse of every building in your campus, or anything else that prevents you from doing business exactly when it needs to be done.
Getting something comprehensive like this setup can be time-intensive. However, once it is in place much of the maintenance can be automated. That only leaves a little necessary hand-holding to keep the reciprocal agreement I had talked about earlier in tact. If done properly, this can be an enjoyable break from the daily grind. I would like to say now that a specialist in this area should oversee the creation of the systems and processes. If this specialist knows what they are doing, they will have created the following document as the final deliverable when work is completed.
Next: The Business Continuity Table of Contents >>
More Administration Articles
More By Danny Wall
