The response is a reaction after something is done to disturb security or something constituting a reply or a reaction to safe data/information.
Response Techniques : (i) Backups (ii) Incident Response team (iii) Computer Forensics
Backups:
Data backups are an essential element of good storage security and overall business resilience, but they're often the source of many security woes. In fact, a significant percentage of security breaches can be attributed to the mismanagement of data backups. Many storage professionals responsible for backups believe that the mere existence of a process for replicating sensitive data is all that's needed to keep the organization secure.
Data/Information backup services provide companies the protection they need to keep all of their data secure. With these services in place, businesses can confidently access, review, and safeguard their data – and their customers' data – from both accidental and malicious data loss events.
Incident Response Team
Too often information security incident response plans, disaster recovery and business continuity plans are not aligned with the overall corporate crisis management process. Now, more than ever, an organisation must be able to quickly respond to a security breach, both from a tactical response and via a strategic corporate message. It is essential to have response team in any organisation for above purposes.
Similar efforts go into building, managing, exercising and maintaining both security incident response plans and overall corporate crisis management plans. The struggles organizations encounter, while developing these plans, also tend to be similar. Building awareness, understanding roles and responsibilities, allocating time and resources (financial and human), can all be impediments to sound response plans.
There are two types of security Incident response teams (IRTs) within an organization, a strategic team and a tactical team. The strategic team focuses on the overall direction of top management of organisation. It is notified by the tactical team about every incident and determines whether executive management needs to be notified. If the incident impacts a large percentage of the organisation (e.g., a distributed denial of service attack), the strategic team will be notified and the head of that team will alert the executives.
Computer Forensics
Although it is most often associated with the investigation of a wide variety of computer crime, computer forensics may also be used in civil proceedings. The discipline involves similar techniques and principles to data recovery, but with additional guidelines and practices designed to create a legal audit trail. Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Evidence from computer forensics investigations is usually subjected to the same guidelines and practices of other digital evidence.
0 comments:
Post a Comment