Re: [PEN-TEST] Disaster Recovery

[Gregor Binder <gbinder () sysfive com>]

Tony Tony on Tue, Nov 14, 2000 at 04:01:36AM +0000:

Tony,

> Does anyone know of a list serve that specializes in discussions related to
> Disaster Recovery of mainframe/client-server systems. Seems like when we
> think of IT security, disaster recovery is just not the current hot topic.

As far as recovering data goes, you might be happy with the lists that
are provided at http://www.backupcentral.com/

> In my current job, I am a firewall administrator and also head up a team for
> the deployment of intrusion detection and penetration security tools.  I am
> still baffled that no one in IT seems to care much about disaster recovery.

DR is an extensive topic though, and I don't think that defining the
complete set of procedures - or even initiating this - should be the
sole responsibility of IT. It has to come from management, otherwise
you probably wont have the necessary support and/or budget to do it.

And of course, they will have to tell you what the maximum disaster to
recover from would be, what level of service they expect within what
timeframe after a given disaster, and all that.

You might want to try to submit a business case to your management
(make sure it doesn't look like you are just trying to get your hands
on more fancy toys :)), and if they don't care, you will probably want
to look for another job since they obviously don't take their business
serious enough. ;)

Regards,
  Gregor.

--
Gregor Binder  <gbinder () sysfive com>  http://www.sysfive.com/~gbinder/
sysfive.com GmbH             UNIX. Networking. Security. Applications.
Gaertnerstrasse 125b, 20253 Hamburg, Germany       TEL +49-40-63647482