Download presentation
Presentation is loading. Please wait.
Published byChristian Haynes Modified over 8 years ago
1
Charles Greene, CISSP, GSLC
2
Senior Information Security Architect I&AM Team Lead, DR Team Lead Virginia Commonwealth University Bachelor's Degree in Information Systems from Virginia Commonwealth University University of Richmond Master's Degree in Disaster Sciences from the University of Richmond CISSP, GIAC Security Leadership Certification SANS Mentor - MGT-512 Security Leadership Essentials and MGT-432 Information Security for Business Managers SANS Mentor - MGT-512 Security Leadership Essentials and MGT-432 Information Security for Business Managers GIAC Advisory Board
3
How many of your organizations perform annual Disaster Recovery Tests? Information Security How many of you are Information Security Professionals? active part How many Information Security Professionals play an active part in Disaster Recovery Tests? Why? Why Not?
5
Disaster Recovery Test Scenario DR Test Security Vector Identification Other Considerations Open and Interactive Dialogue Thoughts About DR Testing Ultimate Goal of Enhancing DR Test Plans
6
DR ASSIGNMENT Operations System Architects Management Security DR Lead – RTO/RPO Sys Admin – RECOVERY Sec Admin - Security DR RESPONSIBILITIES In this scenario, the DR tasks were assigned to Systems/Network Management. The DR teams were comprised of Systems and Network Administrators and the Security Administrators had no role in DR planning or exercises.
7
What Happened? Planning Focus on Recovery Developed and Reviewed by Systems Administrators Test Planning for RTO/RPO
8
What Happened? Test Execution Going as Planned Ah Ha Moment Vendor Response
9
What Happened? Mitigation Security Realization Identify DR Vectors of Attack Plan Updates
10
Local Switch Infrastructure
11
Who controls the switch configurations? Can you verify the configs? Who has physical access to the switches?
12
Firewall Configurations When is the FW recovered? What does it protect? Is it complete?
13
System Administrator Devices Is there corporate data on the laptop? Will this device connect to the DR network? Create a Device Use Policy
14
VPN Access Does it bypass the Firewall? Identity and Access Management?
15
Server Configurations Timing of the build process might create opportunities Use a protected build DMZ to lessen the risk
16
Recovering Live Data Incident Handling at DR location Logging?
17
Goals for DR Testing Experience Plan Verification
19
Chip Greene, CISSP, GSLC Senior Information Security Architect SANS Mentor (MGT-512, MGT-432) cgreene2@richmond.edu cgreene2@mcvh-vcu.edu
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.