Disaster recovery: Surge strategies also work for IT staff

Share this article:
Max Huang
Max Huang
There has been a great deal of talk in the mainstream media about the pros and cons in surging U.S. troops at various hot spots in the Middle East and elsewhere in order to counter insurgent attacks.

While the reviews may be mixed on their long-term success, the concept has significant merits that warrant IT staffs to consider such a strategy.

The truth is that there has never been a more challenging time to be in charge of protecting an organization's information networks. It's a simple arithmetic issue: In 2010, there will be more threats than there are people to counter them.

This dilemma is exacerbated by the continued rapid expansion of broadband connectivity worldwide, and that means that attacks can come in all shapes, sizes and sophistication. Well-funded organized crime and terrorist organizations have also stepped up their use of cyberwarfare as part of their arsenal, so the threats can more dangerous and farther reaching than ever before.

What's more, the next attack against a company's networks may not even be man-made. Pandemics like the H1N1 virus, as well as natural events like earthquakes, blizzards and wildfires, may prevent folks from getting to the office without notice. That leaves CIOs, CSOs and network administrators in a bind, particularly as IT budgets continue to come under strain with the economy. If you're like most shops, there are barely enough resources to cover the known issues now, let alone the ones that haven't happened yet.

Try not to be all things all the time

So instead of stretching equipment and manpower to counter every threat, organizations may want to consider a surge strategy – allocating resources to combat certain situations as they occur in rapid fashion. If done in concert with a disaster recovery strategy plan, not only could this effectively recover a company from an attack or network shutdown, but also do so effectively and without busting the budget.

Components of such a surge plan may include:

  • Available access points – to add on a temporary basis for employees who cannot get to the office due to some unforeseen disaster, such as a flood, fire or other catastrophic event. Service providers typically offer such capabilities and it may very well come in handy for a variety of circumstances.
  • Additional VPN, Email, UTM filters – to ensure that the increased access points can be tied in to the existing networks without compromising the security integrity in the process. As with implementing more access points on a temporary basis, service providers should be able to offer packaged deals to install more security solutions for limited periods of time when the need arises.
  • Backup systems that can shift on the fly – off-site and off-line server farms that can be shifted to act as the primary network on a moment's notice if something happens to the main line. It is important not just to have the data intact, but also be able to ensure that accessing it is as secure – if not more so – than the original system. That may require getting systems in place for short intervals until the original servers can be put back in operation.

The balance CIOs and CSOs face today is akin to walking a tight rope. Keeping systems operational and secure on budgets that leave little, if any, room for error. So instead of trying to be overstretch equipment and talent, a better idea might be taking the lead of national security agencies and consider a strategy that allows you to surge resources when needed. It may make the difference between keeping operations up in a disaster and losing valuable time and information.


Max Huang is the founder and President of O2Security, Inc. a manufacturer of network security appliances for small- to medium-businesses as well as remote/branch offices, large enterprises and service providers. Max can be reached at max.huang@o2security.com.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Beware of the malware walking dead

Beware of the malware walking dead

This Hallows Eve might be a good time to remind ourselves that zombies can be just as deadly, and I'm referring to recycled tools and techniques from years gone by.

Why the Home Depot attack shouldn't have happened

Why the Home Depot attack shouldn't have happened

Major retailers are falling prey to massive credit card information heists, despite spending millions on cyber security systems.

Next-generation malware: Think like the enemy and avoid the car alarm problem

Next-generation malware: Think like the enemy and avoid ...

When it comes to enterprise security, one rule remains constant - attacks will continue to increase in sophistication and attackers will seek to outmaneuver existing defenses.