Biomedical Engineering Reference
In-Depth Information
Appendix F Systems and
Communications Security During
Recovery and Repair
C. WARREN AXELROD
During disasters, when all information systems
and communications staff are focused on system
recovery and repair, computer and communications
facilities and information and network resources
are critically vulnerable
. Security procedures are
often ignored, and security controls are often not
in place. This chapter presents guidelines for the
data security administrator, who must ensure that
security and integrity of data and facilities are not
further compromised during the recovery and repair
of systems and communications networks.
Many organizations assign resources to primary
security controls and contingency planning, but
few plan beyond the initial recovery process.
As information technology (IT) systems become
larger, more dispersed, and increasingly linked
together over local area and wide area networks
(LANs and WANs) and such public networks
as the Internet, they become not only more
critical to organizations but also more vulner-
able to abuse. The occurrences of abuse and
disaster are becoming more frequent and are having
greater impact as system size, distribution, and
interconnections increase. As a result, secondary
backup measures and further protection during the
recovery process are becoming more critical as
well as more complex. Yet, data security during
system backup and disaster recovery is not usually
addressed by most corporate contingency plans.
Computer systems and communications
networks are most vulnerable to breaches in
security during backup and disaster recovery
activities, in particular. In addition, standard
backup measures, such as creating multiple copies
of data, programs, passwords, encryption keys,
and procedures, and storing these copies at a
second location, expose systems to even greater
risk of information leaks and security breaches.
Security systems traditionally focus on control-
ling access to secured facilities, computer soft-
ware, data, and communications networks. Very
little attention is paid to recovering, repairing, and
preventing further damage to the security system
itself. In some circumstances, fixing a damaged
security system first, thereby preventing continuing
damage, may be more important than recovering
systems and data that remain vulnerable to further
damage. After all, restoring a system and network
makes little sense when the source of the initial
breach is still active. However, circumstances do
exist in which the systems and networks are so
critical that they must be restored as quickly as
possible despite the risk of subsequent breaches.
In this chapter, both the backup of security
systems and security procedures during backup and
recovery are discussed.
Security and Recovery Basics
Computers and communications networks can be
protected by applying the following six basic secu-
rity functions: avoidance, deterrence, prevention,
detection, recovery, and correction. The first three
375
