Home > Articles > Security > Network Security

  • Print
  • + Share This
From the author of

Implementation

This last step tests the written plans:

  • Frequency. Should plans be tested weekly, monthly, quarterly, or annually? How are new employees handled?

  • Cost. What's the cost of testing? If it costs $1 million to test the plan, it could obviate testing because the cost matches or exceeds the cost of the security breach or disaster scenario. Does redundant equipment work?

    On manned space missions, NASA ran three computers to assure that no failures compromised the mission. Two computers processed the same inputs and produced the same output. One output was switched through to its destination and the other was discarded. The third computer ran constant diagnostics. In the event that one of the prime computers failed, the output of the remaining prime computer was sent to the destination, and the computer running the diagnostics was brought online to become the second prime computer receiving live data. The failed computer was immediately repaired and then assigned to running diagnostics.

    Network diagnostics should be run all night long to tell you when you arrive in the morning that the network is still working just as it did all the previous day.

  • Impact. Does running a test affect normal enterprise operations? Is it important to determine the impact on normal operations when running the test?

  • Assessment. Did everything work as planned? What were the results of the test? Are planning adjustments needed to improve response?

Without implementation, any security and disaster strategy is not truly effective in providing the enterprise the ability to overcome the effects of a real security breach or disaster event.

  • + Share This
  • 🔖 Save To Your Account