Jun 29 2009   8:19PM GMT

Remember the Lowest Common Denominator

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I recently attended a seminar at a well known southwestern school on building an Incident Response Team. During the discussion about Team membership, management oversight of the Team and related responsibilities, I noticed that the membership of the Team and the Oversight Committee was lacking some critical input.

An area often overlooked, especially when being developed by those in the Information Technology field, is the aspect of physical security. The campus police and the maintenance department were the two members lacking in this particular seminar. When I brought up this issue, it was dismissed with the equivalent of: “Oh, them.”

(They may never be getting into their offices again, or have decent air conditioning. And keys? forget it.)

Considering an “IT event” to be the only worthy event included in the IRT criteria for action is truly shortsighted. Physical events such as a string of burglaries on campus, flooding or water damage can have just as much impact on communications as a network outage. Not to mention the idea that those events would be a great shield for someone intent on attacking the network. If the IRT is unaware of these events, they become ineffective.

Not only that. Bringing physical security to the common IRT table is important for those folks, as well. They may be unaware of events in the IT world that would impact on securing the overall physical environment. Having all parties educate each provides a unified response, and that’s a much better incident response overall.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: