Policies

To implement a system or data safeguard strategy, planners must first develop a policy — or standard operating procedure — that explains why the safeguard should be established and how it will be implemented. The planners should then get approval for this policy from management.

In the process of putting together a disaster recovery plan for a community college’s central computing operations, one recovery planner discovered that numerous departments had isolated themselves from the networks supported by the information technology group. These departments believed that the servers were always crashing, which had been a cause for concern in years past, and they chose to separate themselves from the servers for what they considered to be safer conditions. These departments, which included accounting, processed everything locally on hard drives with no backups whatsoever. Needless to say, a fire or similar disaster in the accounting department would severely disrupt, if not suspend, the college’s operations.

The recovery planner addressed this problem with a fundamental method of distributed system security: distribute the responsibility of data integrity along the channels of distributed system capability. A college policy statement on data integrity was developed and issued to this effect. The policy outlined end-user security responsibilities, as well as those of the department administrators.

Establish Recovery Capability

Based on departmental input and a company’s established priorities, the information technology department must design an intermediate system configuration that is adequately sized to permit the company’s recovery immediately following the disaster. Initially, this configuration, whether it is local, at an alternate company site, or at a hot site, must sustain the highest-priority applications yet be adaptable to addressing other priorities. These added needs will arise depending on how long it takes to reoccupy the company’s facilities and fully restore all operations to normal. For example, planners must decide that the key client/server applications are critical to company operations, whereas office automation tools are not.

Restore Full Operational Access

The information technology department’s plan should also address the move back from an alternate site and the resources that will be required to restore and resume full operations. Depending on the size of the enterprise and the plausible disaster, this could include a huge number of end-user workstations. At the very least, this step is as complex as a company’s move to a new location.

PLANNING FOR THE DISTRIBUTED ENVIRONMENT

First and foremost, planners in a distributed environment must define the scope of their project. Determining the extent of recovery is the first step. For example, will the plan focus on just the servers or on the entire enterprise’s systems and data? The scope of recovery, the departmental and company priorities, and recovery plan funding will delimit the planner’s options. The following discussion outlines the basics of recovery planning regardless of budget considerations.

Protecting the LAN

Computer rooms are built to provide both special environmental conditions and security control. Environmental conditions include air conditioning, fire-rated walls, dry sprinkler systems, special fire abatement systems (e.g., Halon, FM-200), raised flooring, cable chase-ways, equipment racking, equipment bracing, power conditioning, and continuous power (UPS) systems. Control includes a variety of factors: access, external security, and internal security. All these aspects of protection are built-in benefits of the computer room. Today, however, company facilities are distributed and open; servers and network equipment can be found on desktops in open areas, on carts with wheels, and in communications closets that are unlocked or have no conditioned power. Just about anything and everything important to the company is on these servers or accessible through them.