[unisog] Risk analysis

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Tue Feb 21 04:54:34 GMT 2006


On Mon, 20 Feb 2006 20:01:35 PST, Peter Van Epp said:

> 	My first reaction to this is that you appear to have (but may not in
> practice) missed the most likely ones. That would be ones like 
> fire/flood/earthquake wiping out your data center, one or more staff with 
> irreplacable knowledge getting hit by a bus, quitting or otherwise becoming 
> unavialable (maybe unlike us you don't have anyone in that catagory :-)),

All of these are indeed more likely than terrorist attack, and are incredibly
resistant to any attempts to apply controls. ;)

I've found all too many sites that worry about terrorist plots and other things
that Bruce Schneier calls "movie plot threats", and don't worry nearly enough
about the fact that they don't pay their senior administrative assistants anywhere
near enough. And it only takes one such assistant misplacing their gruntle to
totally ruin your whole day....

And remember - disaster recovery plans need *real world* testing.  I remember
seeing an article a bit over 20 years ago, a bank basically lost everything at
their Chicago data center when the Chicago River breached a tunnel and flooded
several blocks of subterranean space in downtown Chicago.  Bank had a redundant
data center in Kansas City, and a very expensive leased line between the two to
mirror data every night. The whole nine yards, they did *everything* right.

Until they found themselves sitting at OHare Airport, and discovering that you
can't get 115 one-way tickets from OHare to Kansas City on 2 hours notice
without chartering a plane.  They had all 115 people authorized to OK a plane
ticket for themselves, but nobody authorized to spend to charter a whole plane.

Whoops...

> Backhoe Bill excavating your fibre so you are up just fine but can't connect
> to anyone including your users for a longish period (this is going to look 
> exactly like you are down to your users).

And remember readers - it's almost spring, which is backhoe mating season, when
the backhoes compete with each other to demonstrate digging prowess and attract
a mate... ;)

Trying to provision independent fiper paths can be a challenge - even if you go
with 2 vendors and separate building entrances, it's often a challenge to make
sure the paths don't end up in the same conduit at a bridge/tunnel. And even
more of a challenge to make sure that after you actually *get* redundant paths,
that neither vendor reprovisions to land it in the same conduit 2 years down
the road...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20060220/84770e76/attachment.bin


More information about the unisog mailing list