SECURING FIBRE CHANNEL FABRICS - Brocade

Chapter 4: Security Basics for Storage ProfessionalsThe first step is to conduct a business impact analysis (BIA) by systemto determine the impact of a disaster on each system in the company,and not only computer or IT systems. Once the BIA is completed, a planmust be created, which is usually known as the Business Continuity(BC) plan. Part of the BC plan addresses the recovery of data systems,which is usually referred to as the Disaster Recovery (DR) plan.Once the plan has been created, it must be executed or implemented.The DR plan is generally implemented using a combination of proceduresand technology.A DR plan can include the following:• Backups• Replication• Mirrored sites (hot/warm/cold)• Procedures• Computer Security Incident Response Team (CSIRT)Finally, once the plan has been deployed, it must be tested on a regularbasis. Performing a scheduled or planned failover from the primarysite to a secondary site is not for the fainthearted, but it is necessaryto demonstrate that procedures and systems will function properly inthe event of a real disaster.Technological ThreatsThe technological threats to IT assets are created by people and usedby people to exploit vulnerabilities in IT systems. The software used toharm IT systems is called malware and includes:• Viruses • Trojans/Trojan horses• Worms • Zombies• Spyware • Botnets, or bots• Rootkits • SpamBesides malware, there are other technological threats used by the“black hat” community to exploit system vulnerabilities and to learnand perfect the skills necessary to attack systems. There are severalWeb sites and discussion groups for the underground hacking community,from which attack tools can be downloaded. On these sites,information is exchanged among hackers so that they can discovernew vulnerabilities and develop the exploits to abuse thesevulnerabilities.52 Securing Fibre Channel Fabrics