Re: [PEN-TEST] Disaster Recovery

[Robert.Hall () ALLFIRST COM]

Tony,
John Walsh from our Information Security group has forwarded your concern to me
and asked that I provide you with my perspective on the issue. There probably is
no simple solution to this growing concern. Just like you I grew up in a
mainframe environment and when I started Contingency Planning here at Allfirst
Bank back in 1984 our focus was on recovering the mainframe and several critical
midrange platforms. As our whole distributed environment has grown over the past
5 years we have also struggled with getting our arms around the whole integrated
testing issue. I would be happy to discuss the issues with you. There are many
things that need to be in place to ensure that adequate backup exists and this
typically equates to how much money a company wants to spend to address this
issue. You now have my EMail address and my direct telephone number is
(410)545-2623.

Thanks,
Bob Hall




jpw
---------------------- Forwarded by John P Walsh/NOTES on 11/14/2000 12:33 PM
---------------------------




Tony Tony <tony572000 () HOTMAIL COM> on 11/13/2000 11:01:36 PM

Please respond to Penetration Testers <PEN-TEST () SECURITYFOCUS COM>



 To:      PEN-TEST () SECURITYFOCUS COM

 cc:      (bcc: John P Walsh/NOTES)



 Subject: [PEN-TEST] Disaster Recovery









Members

Does anyone know of a list serve that specializes in discussions related to
Disaster Recovery of mainframe/client-server systems. Seems like when we
think of IT security, disaster recovery is just not the current hot topic.
However, with the rapid deployment of national computer applications that
integrate with multiple data centers,  extranets, ISP's, VPN's, etc..how do
you plan for disaster recovery??  To me, this is just as big of a computer
security risk, as someone breaking into your computer systems. Has it become
to complex?  Are we just playing down the issue?  In the old days with
mainframe computers it was pretty straight forward..however today..different
story.

In my current job, I am a firewall administrator and also head up a team for
the deployment of intrusion detection and penetration security tools.  I am
still baffled that no one in IT seems to care much about disaster recovery.
Maybe, I am just not hanging out with the right types of IT folks.  However,
I have worked for a number of companies and disaster recovery, just does not
seem to be an important issue when you think about computer security.

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.