Introduction
Information security is important for the thriving of any organization. In organizations that wholly depend on information systems, security becomes a very important aspect. Issues such as data privacy for their customers are essential as it ensures they can be able to deliver services to their clients. In cases where incidents of malware attacks or network intrusion occur, the organization needs to be prepared to handle the incident. Thus, this may involve the developing of an incident response team, a disaster recovery plan and business recovery planning to ensure that revenue losses are not experienced.
Incident Response Team
The incident response team will be tasked with the responsibility of reacting in a timely manner to any intrusions or malware attacks to Gem Infosys computer network. Furthermore, the incident response team will be charged with the task of investigating and providing reports on any malicious attacks or activities. The incident response team shall consist of the manager of information systems, IT technical personnel and human resource manager. Financial managers will also form part of the team. IT personnel are important to assist in case of very specific subject matter skills. Human resource, legal department and financial managers will be of great use in providing assistance in cases where additional resources are required. According to Whitman, Mattord and Green (2013), additional organizational departments assist in providing coordination of activities in the different aspects of the company’s activities.
The incident response team will meet to discuss the severity of the attack and provide a specific course of action on the procedure to take to address the current situation. Further, they will ascertain the criticality of the attack and what systems have been affected. Additionally, they will establish the nature of the incident whether, it is virus, malware or intrusion attack on the system. The team will then develop the appropriate response to the specific attack.
Disaster Recovery Process
In any organization, having a data recovery plan is essential as it provides a reliable backup or a restore point for the system (Rittinghouse and Ransome, 2011). The disaster recovery plan shall provide an outline for the procedures to be followed for the disaster scenario. This shall include the following set of procedures for each scenario. In case of a disaster, the first thing to be done shall involve the reporting of the incident through the various channels of communication in the organization based on the chain of commands. Secondly, alternative locations for working shall be decided upon by disaster recovery response team. Additionally the disaster plan shall provide a set of procedures for backing up data on a daily basis. To reduce network downtime, the organization shall implement the following options.
- Use management software to monitor the company’s assets.
- Implement server virtualization to reduce system failures.
- Upgrading of security software and networking hardware.
Business Continuity Planning
Business disruption results to financial losses as it eats up on the company’s profits. To ensure the company’s activities are not affected, a business continuity plan will need to be developed. Business continuity planning will involve doing a business impact analysis to ascertain the critical business functions that are important for the company and prioritize them in order of their importance. Further, the impacts of the malware and network attacks shall be determined and analysis done on how the firm can function with the unavailability of certain network systems. Continuity plans shall be developed to mitigate risks and threats and ensure the functioning of the organization. Furthermore, employees shall be trained and made aware of their responsibilities in cases of the incidents that occur.
Conclusion
Communication between several departments is essential in incident response and disaster recovery. Having an incident recovery policy is essential as it ensures that business processes are resumed as soon as possible to ensure that the organization does not incur revenue losses.
References
Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of incident response and disaster recovery. http://books.google.co.ke/books?id=8dmSSHBKn7wC&printsec=frontcover&dq=Principles+of+incident+response+and+disaster+recovery.&hl=en&sa=X&ei=4AWeU9i8EYjb7AaQgIGoBg&redir_esc=y#v=onepage&q=Principles%20of%20incident%20response%20and%20disaster%20recovery.&f=false
Rittinghouse, J. W., & Ransome, J. F. (2011). Business continuity and disaster recovery for infosec managers. Amsterdam: Elsevier Digital Press.
http://books.google.co.ke/books?id=jm2PNUr_w_QC&printsec=frontcover&dq=Business+continuity+and+disaster+recovery+for+infosec+managers&hl=en&sa=X&ei=9AWeU_OCHJDX7AaTpoGYAQ&redir_esc=y#v=onepage&q=Business%20continuity%20and%20disaster%20recovery%20for%20infosec%20managers&f=false