Could you survive the IT apocalypse?

Davey Winder

160036448Mention doomsday to the average Joe and they will probably conjure up a religiously inspired image of the world coming to an end.

Seen through the eyes of the average IT manager, however, the doomsday picture is far more likely to be one of Distributed Denial of Service attacks, data breaches and catastrophic interruptions to the business. These doomsday scenarios are not the stuff of Hollywood screenwriters, they are very real indeed. That said, while they may fulfill the dictionary definition of being 'a time or event of crisis or great danger' none have to be the end of days as far as your organisation is concerned.

The IT apocalypse can be avoided just as long as you have a plan.

There will inevitably be some apathy towards addressing high-impact but low likelihood incidents, and far more energy thrown into low impact and high likelihood ones. The trick for the IT security and management teams is to ensure that the business continuity message is correctly communicated.

Applying the KISS (Keep It Simple Stupid) approach to business continuity is generally a good thing, even if this may sound impossible when tasked with unlikely and extreme scenarios. Yet that's precisely how you should be thinking, and addressing the unthinkable doesn't have to be complex.

Business continuity isn't just about backups, it's about planning ahead and being able to survive an IT apocalypse. It's also about keeping it real. Take doomsday scenario number one: a hacktivist group, or even an unscrupulous competitor, launches a Distributed Denial of Service (DDoS) attack against your servers and takes your online presence down for days on end.

_____________________________________________

"There will inevitably be some apathy towards addressing high-impact but low likelihood incidents, and far more energy thrown into low impact and high likelihood ones. The trick for the IT security and management teams is to ensure that the business continuity message is correctly communicated."
_____________________________________________

The likes of Microsoft and Sony were on the wrong end of such attacks at the end of 2014 when the so-called Lizard Squad hacking collective fired their LizardStresser DDoS booter tool at the PlayStation Network and Xbox Live servers. These mega-corporations were able to survive, despite days of disruption, but could you?

DDoS Armageddon is not inevitable, however, even for organisations at the smaller end of the business spectrum. Business continuity where DDoS attacks are concerned is best served by mitigation planning, including the use of services which can divert attack traffic away from your servers. The cloud has made these services affordable and responsive, and many host providers will have such mitigation options available. For the best defence you need to be alert to changes in traffic patterns, so active monitoring and analysis should certainly be at the heart of your plan.

Although not as obvious a contender for the doomsday scenario label, a data breach should be considered a potential end of days IT event. Why so? Simply because of the likely impact upon the business in terms of reputational damage, loss of client trust and the potential for some very heavy fines from regulatory bodies under certain circumstances. Preventing a breach is largely a matter of applying the kind of security best practise that has been written about many times at LOGICnow but containment and post-attack mitigation should also be essential parts of your business continuity planning.

Once again monitoring and logging become important cogs in your mitigation machine; spotting when a breach is occurring so as to be able to pull the plug is an obvious advantage, gathering evidence for a forensic investigation in order to prevent repeat breaches perhaps less so. The discovery, logging and ultimate blocking of suspicious activity will prevent a breach from becoming an apocalyptic event while honest and timely disclosure of the breach (to customers, partners and regulatory bodies) and your response to it will prevent your business from going down the tubes.

Ultimately, if you want to be in a position to survive a doomsday scenario event then you need to have planned for it.

Here are our top five IT apocalypse survival tips:

1. In order to plan for it you need to think about it, so analyse what your business would need to do in order to keep working for various events. Be truly objective about what systems and processes are really business critical.

2. The resulting plan should allow for your circumstances. The smaller business may do better to adopt a 'bare bones' keeping the business going at a reduced capacity during the clean-up approach whereas the larger enterprise will probably look to a 'business as usual' conclusion. Ensure your continuity analysis does the math as to whether implementing the latter would be just as damaging (in terms of cost) as doing nothing at all.

3. Whatever plans you decide upon, you need to ensure they will work when the “smelly stuff” hits the fan; which means practise. A good general rule of thumb is to act out a different scenario each quarter, in the same fashion as a fire drill, and see where the practical problems occur. Making mistakes and finding flaws is what that drill is about, and you will appreciate them if the worst ever does happen.

4. Perhaps the most important part of any business continuity plan is ensuring that everyone in your organisation knows what role they have to play as part of it. The document is not top secret, and knowledge truly is power when it comes to getting through a doomsday disaster.

5. And finally, update your plans so that they can keep pace with business growth and technological changes. This really isn't rocket science, is it?

–––––––––––––––––––––––––––––––––––––––––––––––

Want to know more about security? Then check out the videos serious by our security lead, Ian Trump…