12

Security and Disaster Recovery

image

Dealing with IT security and disaster recovery is analogous to going to the dentist’s office. We do not typically want to deal with the whole experience, but we know it is a necessary part of good personal healthcare and hygiene. This chapter is not meant to be a technical discussion about information security and disaster recovery protection, but rather a description of a series of practical best practices you can implement to secure the privacy and integrity of the data your firm retains. We cover IT security and disaster recovery together because many of the pieces you need to implement overlap both initiatives because they protect against intentional and accidental data loss or destruction. It is important to understand the components required to implement a comprehensive data protection model, such as hardware devices, software applications, policies and procedures, and personnel training. The latter two are arguably the pieces that have the greatest impact on whether you achieve success or failure in this endeavor.

In order to develop an effective IT security model in your firm, you have to assess the risk of exposure to each of the vulnerabilities listed in figure 12-1. This is much easier said than done. The key is to implement best practice, mainstream protections that will push you above the negligence stage. This will put your firm in ...

Get 10 Steps to a Digital Practice in the Cloud, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.