Reality of Data and Application Protection
Business data and applications are crucial for the success of any commercial organisation. Information related to business needs to be protected from system and network disasters.
An ideal scenario for complete data protection is to have the network connected to a back-up facility that will monitor any changes in the data. Each time the data changes, the back-up facility will mirror the changes so that network administrators can just reload the data to the network. However, this type of data protection is very costly that even large scale companies tend to back away from this technique.
However, nowadays data back-up facilities that offer restorations points are used wherein the activity between the data and the back-up facility is done in a certain time and date.
A better technique is to asynchronously stream the information to the data facility. It is just a question of bandwidth and businesses can easily take care of that concern.
The application in the network and users on the other hand, will not have the luxury of this effective streaming technique of data. However the restore point can be easily used for restoring applications in the network. The classic example of this technique is on Windows “restore point” application wherein the configuration of a specific date and time is restored.
IT Continuity Planning
IT continuity planning in a disaster recovery scenario involves reactive as well as proactive management plan and practices put in place in an organization to ensure 100% delivery of IT services. IT continuity is a challenge for network developers. Administrators learn much about continuity through disaster recovery. Although it is quite unfortunate for network developers to encounter such a problem, learning from IT disasters is very crucial as the IT services open up to newer attacks while being susceptible to the old problems.
Network administrators have to carefully document every network problem so that they could review the document in the event of disaster. However, what is more important for network developers is to learn how to prevent network disasters altogether. IT continuity is the target for network administrators.
Network developers and users benefit greatly when IT continuity is fully implemented. If the network is secured from any unseen disasters, IT processes are secured and users will have all the information they need anytime. This in turn will increase productivity. In the end, the business will continue to progress when the support of a strong IT infrastructure.
Before any or after the disaster strikes, a strong IT plan needs to be prepared in order to ensure IT continuity so that the current and future position of the company is secured.
Components for IT Continuity
IT Infrastructure Continuity Design
Designing the infrastructure for IT continuity starts with selecting the right location. Distance from the actual data source should be lessened. Data transmission takes time and physical requirements could greatly prohibit its performance. Environmental risks and unauthorized access should also be considered. Exposures to these types of risks are often missed out but could be disastrous if left unchecked.
As soon as the location is determined, the actual structure has to be considered. If the structure has not been built yet, the size of the structure should be considered. It should be enough for all major and minor components to be integrated. Security of the structure should also be considered.
Communication requirements that could cater WAN, LAN and SAN should also be available. The important component that should be existing is the hi-speed communication as well as routing devices such as switches so that information and data should be properly trafficked.
Lastly, cooling and electrical requirements should be properly designed. Air conditioning should be continuous in the area. To complement this, the electrical supply in the area should be continuous. An independent power source such as UPS should be installed in the network.
IT Related Threat to Business
Network engineers, web and application developers work together to increase the security of the network. Security is done through proper hardware configuration, network applications and other security applications that are installed on every user system. Network and application security companies are constantly researching for new ways to combat the threats that are emerging in different network settings.
However as soon as the remedy is offered to the public, something new definitely comes out on the open as a new attack. Network administrators try as much as they can to improve security while monitoring the different types of attacks made on the network.
Network attacks could take on different forms but some have prevailed even though different upgrades on the network have been made. Any network administrator has to be aware of the following network threats that could either slowly or abruptly cripple the network:
Media Malware – With the onslaught of different video sharing websites. This has also become the haven of hackers in spreading malware to the network and even personal computers. Hackers can now inject a malicious code in the network through the videos that are watched by users. MPEG files and FLV files could be easily injected with malicious codes. Embedding codes that has malicious wares on a website is also on the rise.
Phishing – The act of stealing passwords and personal information from a user used to be done only through email, specifically spam. Even regular users could stay away from this type of attack. A new form of phishing has been developed and done by simply visiting their website. Network developers have to warn their users about visiting websites that do not really provide the necessary information.
Adware – Although it is not necessarily an attack if done legally, it could pose problems to the network in the sense that it will try to monitor the network activities and use this in their advantage. Adware are usually used to know the preference of the users which is short of monitoring their online activities. Even in legal hands, this will be used to bombard the users with different types of spam. Worst if it is used by hackers as it could be used to infiltrate the network.
Bot Attacks – More and more attacks are not actually done in real time by hackers. Instead, hackers create bots to confuse network security and regular users that they are talking to an actual person. Information might be divulged from the user. There are bots that could reply to the email automatically so that it could ask for possible information. Innocent looking offers such as work at home jobs or opportunity to save money will end up requiring users to give out information. Another type of attack by bots is by increasing the chances of DoS (denial of service). Bots could continuously ask for information in a large scale bases that legitimate requests might not have the proper response because the network is too busy processing requests from bots.
Mobile Attacks – The increasing capacity of smart phones today has opened up the possibility of attacking the network right from the mobile device. Wireless connection by the mobile device seemed innocent but the network has virtually opened its doors to the network attacks as hackers are already in the network without any effort at all. On the other hand, computer to mobile phone attacks have also become possible because of the compatibility of the mobile devices with most computers. Through wireless protocols such as WiFi and Bluetooth network hackers could get inside the system if there is limited security in the network.
Identity Theft – Everyday more and more people are becoming the victim of identity theft. If the network would become vulnerable to identity thieves, information might be extracted to the network and thousands of information would be stolen. In a business setting, upper management will be concerned not only for their employees but for their clients as well. Encryption has to be implemented so that hackers will never be able to access the sensitive and important company information.
External Threats – Hackers may be able to attack the whole network and destroy the system but an efficient back-up plan might be able to restore the network in no time. However external threats could physically destroy the network. This will destroy the physical structuring of the network as well as network applications. Nature related threats or unauthorized human intervention could single-handedly destroy the whole network which would require more resources and time for the upper management as well as network administrators.
These are the typical threats that network administrators and upper management have to be aware of. Security policies that would protect the network from these attacks have to be implemented as soon as possible.