Disaster at troubleshooting the company will risk operating with

Disaster
Recovery Options

Secondary webhost locations: companies will
commonly rely on a single location to host their back-up information, and
although unlikely, is at risk of a natural disaster or terrorist attack which
impacts that single webhost. For this reason, it is suggested that websites
have multiple locations of backup recovery to rely on, so that if a disaster effects
one location it will have very small impact on the website if at the same time
they were attacked.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Efficient employment system: as much as the company, website and back-up
systems are vulnerable attack, so are the employees that work for a company. A
highly skilled employee who contributes considerably to a team can be
killed/unable to work in a moment’s notice, for this reason it is necessary for
the company to have an efficient employment system which is capable of
instantly filling the missing link’s place. If a company didn’t have this kind
of procedure in place, they risk running at a less than optimal rate, and if
the employee that is lost is an expert at troubleshooting the company will risk
operating with unresolved bugs.

Back-up systems: an obvious must-have for a company which is at
risk of disaster recovery. A company must make regular back-ups, the more
frequent the better, as the longer the time period between each back up, the
more data lost if the company faces a disaster they must recover from. A hot
site is also a tool which can benefit a company facing a disaster, as they can
use it as a temporary back-up server to instantly swap to if the initial site
goes down; this means that there is hardly any downtime.

Whole system replacement: an absolute disaster which means that all
currently used data is destroyed, accommodation lost, telecommunications lost
and essentially all valuable data has been lost. This essentially leaves a
company starting from the beginning, or having to rely on secure back up which
holds critical mission-information. From this point on recovery will be in the
form of building from the ground up, notifying current users of the issue and
providing a deadline for the sites replenishment. In this time the company will
need to find new accommodation for their website, employees would have to work
from home as people replenish the lost buildings. Mirror software would have to
be restored as to keep up the mainframe of the site. The reconstruction of the
original building will probably take a year or more, employees would stay at
home or at a new temporary office whilst this construction is underway.

Updating
of security procedures

Passwords: although passwords act as a strong wall in between a hacker and system
access, they require to be updated regularly to be of any use. By having
constant weekly updates of employee’s passwords, there will be hardly any time
in which a hacker can decrypt and use a password to gain access. This
additionally means that if a password is seized, it will become redundant in
the next few days, meaning that hackers will have to act within a limited time
period, making them easier to catch. There are issues present however, as if a
company enforces too strict a password rotation, people will begin to write
down their passwords in obvious places, mostly commonly on a sticky note
nearby. This makes gaining the passwords an extremely simple job which can be
done in no time at all.

Other: although the most common security procedure that needs to be updated is
passwords, it is crucial that a company performs constant procedural check-ups
on their security systems. Commonly, virus protection and other such software
will be updated by its manufacturer many times a month, and will therefore need
to be updated for each of these as to make sure that the security is working at
its optimum standard. To simplify this process, many of these software
companies offer an automatic update service, which will install any updates
immediately on to the machine; this will then pose an issue of making sure all
staff members comply with these updates however, as many will delay as to not
lose any progress, or through irritation of not wanting to wait for an update.

Scheduling
of security audits

Security audits are evaluations
of a company’s system security. These will commonly be made by well-known
security companies that will test how well your company’s security is
conforming under a certain criteria. Routine scheduling of security audits is
important, as the audits can show you where your security is lacking, and also
offer alternatives/improvements to any outdated or faulty equipment. Monthly is
suggested, but the procedure is commonly expensive, so this should be the
absolute minimum of time between each audits.

Codes
of conduct – email and internet usage policies

            There must be
a strict email and internet usage policy set in place to restrict the ability
for employees to accidentally bring about malicious damage on any of the
computers. Employees should be instructed to:

–         
Not click any malicious link

–         
Ignore any page advertisements

–         
Never disable adblocker

–         
When faced with a red flagged website, employees should contact a superior
for further permission to access if entirely necessary

–         
Emails within the junk category should be deleted procedurally, malicious
emails should be flagged for warning

–         
The internet should be accessed and used responsibly, without any intent
of procrastination or wasting time, search safely and don’t attempt to install
any malicious content. If something has been downloaded to the machine
immediately delete it unless it is a scheduled update.

Budget
Setting

A budget will need to
be put in place as to regulate and keep track of how much money the company is
spending on certain areas compared to others. By setting a certain budget it
allows for much better management of capital and resources that the company
own. It also allows comparison between previous budgets and payments to be
made, as to make sure there is no additional fees that have been added to previous
deals. A budget will be required to pay for software updates, upkeep of a backup
system and continuity of any contracts owned.