Don't overlook critical network infrastructure systems

Do you have a solid plan in place for if and when you experience a security breach? Does that plan include important contact information, and have you and your co-workers walked through the plan together? This step-by-step guide will help you to set an action plan in place.

Most network administrators and IT governance committees (if you're lucky enough to have support for one) include servers and applications within their response plans. That's fine and dandy, but you cannot overlook supporting network infrastructure systems and other critical systems that would cause just as many problems during and after a security breach. Be sure to consider the following systems for the scope of your incident response plan:

  • Firewall(s)
  • Router(s)
  • T1 CSU/DSU systems
  • DSL routers
  • Ethernet switches
  • Wireless access points and bridges
  • Phone switches
  • VoIP call managers and related systems
  • Laptops, PDAs, smart phones and mobile drives (that undoubtedly contain sensitive information)
  • critical workstations belonging to groups such as IT, HR and executives
  • VPN or Terminal Services servers

These systems are often compromised, leading to a breach, so make sure you're looking beyond your Windows domain controllers and IIS Web servers. And don't forget about any Linux, NetWare and midrange/mainframe systems.

Plan for a security breach, step by step

  Step 1: Define what "breach" means to your business
  Step 2: Don't overlook critical systems
  Step 3: Know who to contact and have that information available
  Step 4: Develop a simple yet methodical set of response steps
  Step 5: Get input from others affected by a security breach
  Step 6: Keep your momentum going

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well asThe Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at [email protected]>.

Read more on IT risk management