Month: November 2003

It also contradicts the way security is usually addressed. While there is much to recommend with regards to automating portions of the patch process, there are also compelling reasons to support manual intervention as a component of the work flow.

Too many have been burned by server farms going dark with a collective “blue screen of death” after applying a buggy service pack and are, quite reasonably, skittish about automatically slapping the latest patches on their production servers. Many release vulnerability warnings concurrently with the patch fixes, escalating the urgency of the patch cycle.
The result is that the industry is between a rock and a hard place on the patch issue.

Case in point: Six months before SQL Slammer hit companies such as Bank of America and Washington Mutual and brought portions of their automatic teller machine networks to their knees, Microsoft had released a vulnerability warning and a patch.

First and foremost, it means taking preventative measures that surround and support the patch management efforts. For patch management, services and tools that fit into the overall system and network management solution–not just that stay siloed in security–work more effectively.

Part of the reason the industry is in reactive mode so much of the time is that security is not seen as critical to the overall business profitability. Part of being proactive is knowing when something doesn’t need to get done and when a patch requires immediate attention. Sometimes reacting after the fact is essential, none of us are soothsayers, and even the most well protected and patched systems may ultimately be attacked.

So be ready with a plan for when that happens; the ability to recover from a critical failure is a part of the overall security posture. The truth is that patching and protecting proactively will reduce vulnerability, but being prepared for the inevitable reactive patching and recovery is essential as well.

More info: [url=http://news.com.com/2010-7355-5107678.html?tag=nefd_gutspro]http://news.com.com/2010-7355-5107678.html?tag=nefd_gutspro[/url]

To secure the appropriate space, you’ll need to work closely with the people who are responsible for facilities management in your organization. As long as the locations are well outside the line-of-sight horizon, you can shore up these facilities with extra power and air conditioning, allowing them to find new life as backup data centers.

Or look for new facilities that your company has acquired as a result of mergers or takeovers to house the data centers for DR operations. In many cases, you can find floor space already configured to run data operations, since the acquired company most likely has data centers for its operations that won’t be necessary after the merger is complete.

You can also obtain dedicated space in a colocation facility, along with space to house vital employees during an emergency. The downside is that your company may share this reserve space with multiple companies, operating under the idea that only one of the companies will fail over at any give time.

If the first two options aren’t viable, consider working with another company to share data center space so that both organizations have a location for failover.

No matter how you secure space to house your DR failover, it’s a necessary step in your business continuity planning process.

More info: [url=http://techupdate.zdnet.com/techupdate/stories/main/Address_proper_facilities_in_your_disaster_recovery_plan.html?tag=tu.scblog.6673]http://techupdate.zdnet.com/techupdate/stories/main/Address_proper_facilities_in_your_disaster_recovery_plan.html?tag=tu.scblog.6673[/url]