Re: The role of Information Security in BC

[Matthew Gracie <graciem () CANISIUS EDU>]

Stephen C. Gay wrote:
> I would like to solicit the group's opinion on the following
> question:
>
> What is the role of Information Security in Business Continuity
> implementation?
>
> An important point: - There is no question that InfoSec is a critical
> player in Incident Response, Disaster Recovery, and Business
> Continuity Planning (key word "planning"). The question isn't about
> any of those scenarios, but rather when availability is non-existant,
> critical infrastructures have been disabled, and life safety is at
> the forefront...what is the role of Information Security?
>
> While I think the answer will vary from institution to institution, I
> am very interested in your individual thoughts and plans.

My biggest contribution to our DR/BC plans involved evaluation of the
data flow to our "hot site" to make sure the everything is protected,
checking out how the data is being stored there, and so on. Making sure
that the data is protected _before_ a disaster hits.

Also, if part of your BC plans involved staff and faculty working from
off-site, the proper design and implementation of a VPN network could
come into play.

--
Matt Gracie                         (716) 888-8378
Information Security Administrator  graciem () canisius edu
Canisius College ITS                Buffalo, NY
http://www2.canisius.edu/~graciem/graciem_public_key.gpg