Disaster Recovery is the discussion topic for episode 1 of the No BS INFOSEC podcast. My guest, and also co-host, is my wife Cathy Sullivan who works as an IT project manager in a large technology company. In this episode we discuss disaster recovery and how it’s relied on too much as the core of an information security program when it comes to detection and prevention of malware and intrusions.
We also cover how disaster recovery involves training, documentation, and investing in the right areas of a disaster recovery program. Before you implement a disaster recovery program make sure you understand the big picture when it comes to internal versus external disasters. There’s a distinct difference between the two scenarios.
Disaster Recovery Window
One of the biggest issues with recovering from a disaster is failure to understand the time it will take to recover from the disaster. It’s important to plan for this and take into account all needed personnel and assets. It’s also important to properly communicate what the recovery program entails and how long it take to the executive team. The executive team has a 1000 mile view of IT operations and a lot of times things get lost in translation leading to incorrect perceptions of what recovering from a disaster look like.
Documentation was also a hot topic in this discussion. We covered how important up to date and correct documentation is for recovering from a disaster. Documenting a systems configuration, dependencies, and support information is critical for this process. We arrived at the conclusion that proper documentation includes vendor documentation as well as documentation prepared by the IT department application owner.
Episode One Notes
This was our first episode of the podcast and we are still working on refining our flow and format. Right now the plan is to have INFOSEC news, and a topic for discussion. I’m presently seeking out guests for the podcast. If you are interested in being a guest on the show, please submit your desired subject matter and a short bio using the contact form.