Developing an incident response plan would be challenging if you started from scratch. That’s why this incident response plan template from techtarget.com is so handy.

It’s a 36-page Microsoft Word document and you can download it here.

Here’s an excerpt:

1.6 Recovery objectives

This incident management plan has been developed to meet the following objectives:

  1. Provide an organized and consolidated approach to managing initial response and recovery activities following an unplanned incident or business interruption, avoiding confusion and reducing exposure to error.
  2. Provide prompt and appropriate response to unplanned incidents, thereby reducing the impacts resulting from short-term business interruptions.
  3. Notify appropriate management, operational staff and their families, customers, and public sector organizations of the incident.
  4. Recover essential business operations in a timely manner, increasing the ability of the company to recover from a damaging loss at LOCATION.

Make sure your Incident Response Policy references a good Incident Response Plan. Use the template from techtarget.com as a good starting point.

Image source: W J (Bill) Harrison

{ 7 comments }

windows 7 hardening guideIf you’re looking for a detailed, definitive guide to hardening Windows 7, you can’t beat this security guide from Microsoft. It’s called the Threats and Countermeasures Guide: Security Settings in Windows 7 and Windows Server 2008 R2 and you can download it here.

It’s a massive 387 pages long and it includes specific descriptions and recommendations for every Windows 7 security setting. Here’s an example:

Accounts: Guest account status
This policy setting enables or disables the Guest account.

Possible values:

  • Enabled
  • Disabled
  • Not Defined

Vulnerability
The default Guest account allows unauthenticated network users to log on as Guest with no password. These unauthorized users could access any resources that are accessible to the Guest account over the network. This capability means that any shared folders with permissions that allow access to the Guest account, the Guests group, or the Everyone group are accessible over the network, which could lead to the exposure or corruption of data.

Countermeasure
Disable the Accounts: Guest account status policy setting so that the built-in Guest account cannot be used.

Potential impact
All network users must be authenticated before they can access shared resources. If you disable the Guest account and the Network Access: Sharing and Security Model option is set to Guest Only, network logons fail, such as those performed by the Microsoft Network Server (SMB Service). This policy setting should have little impact on most organizations because Disabled is the default setting.

If you’re developing your own Windows 7 Hardening Guide or Windows 7 Hardening Standard, use this document as your reference and you won’t go wrong.

{ 5 comments }

sample information security policy template

A very nice sample information security policy template can be found on the freedownload.is site here.

Here’s a sample of the policy template which is fifteen pages long:

II. SCOPE

A. The scope of information security includes the protection of the confidentiality, integrity and availability of information.
B. The framework for managing information security in this policy applies to all ORGANIZATION XYZ entities and workers, and other Involved Persons and all Involved Systems throughout ORGANIZATION XYZ as defined below in INFORMATION SECURITY DEFINITIONS.
C. This policy and all standards apply to all protected health information and other classes of protected information in any form as defined below in INFORMATION CLASSIFICATION.

If you need help getting started with your own Information Security Policy, this sample infosec policy template is a great starting point.

Image source: CarbonNYC

{ 1 comment }

You do not have to be a business master to understand that being in a scenario when you require Exchange recovery is far from a great thing. Microsoft Exchange, by its very nature, is a superb communications tool, and is actually a huge efficiency booster for companies of all sizes. Because of this, it is a extremely essential product to its end users. For this reason, when something catastrophic occurs, having the right tools is paramount. Because of its significance, there genuinely is no room for errors. This is actually a crucial understanding that any IT manager really should understand from the very beginning.

Understanding Where To Start With Tools

As part of the Microsoft Exchange platform, there are many built-in tools that can be employed when difficulty occurs. Recognizing these tools is why Exchange training has developed into such a big business within the playing field of IT. So ensuring you’re well versed with regards to exchange recovery tools is key to your administrative knowledgebase in the event you manage an exchange server. [click to continue…]

{ 0 comments }

What is your plan in case of a Mac data recovery emergency? Are you ready for your Mac hard disk to crash? Basic fact is that it’s unavoidable. As mechanical devices, hard drives do fail. And when your hard drive failure is catastrophic, no data recovery software is going to retrieve your data.

When your Mac hard disk drive goes kaput (symptoms include lack of access, and a clicking or buzzing sound), you’re going to need help. Professional Mac data recovery help. Finding a quality company isn’t so straightforward, however. Use these hints to shortlist the best:

1. Important Files? – The most crucial point when looking for a Mac data recovery service is figuring out just how valuable your data is. If you just installed new programs, but have backups of critical data, professional recovery is probably unnecessary. Reinstalling your Mac OS on a new hard drive is by far your cheapest action plan, and while your data won’t be back, if your backups are all-encompassing, you won’t need to spend any cash. [click to continue…]

{ 1 comment }

Your Computer’s Not Acknowledging Your Hard Drive – Now What?

If you’ve received a message on your laptop or computer monitor saying “hard drive not recognized“, you will need assistance. This is normally not something you can correct alone unless you happen to be a data recovery professional. You won’t wish to take the chance of sacrificing all your data files by fooling with a hard disk when you do not have that expertise. Unfortunately, your data might have been lost should you get one of such harddrive error messages.

What One Can Attempt To Do

When the hard drive not recognized message appears on your monitor, know that you just might require expert help. But you will find a number of straightforward things it is possible to check first by yourself.

To begin with, investigate all your connections and Universal serial bus plug-ins to ascertain if there’s any form of connectivity problem there, especially whenever you are working with an external hard drive. Should you do have an external hard drive that is giving you a fix hard drive error message, try connecting the drive to a different laptop or computer and find out if it operates there. Some experts suggest trying to reinstate your data by placing the drive inside your fridge freezer and after that rapidly moving the data onto yet another drive, but good luck with this, due to the fact it rarely works. [click to continue…]

{ 0 comments }

Have a RAID server difficulty and need to recover that RAID system as quickly as possible? When seeking RAID data recovery, the choices are very simple. You can choose to go the smart, correct way, and you can choose the hassle and high cost of moving in the wrong direction. The correct way seems like it would be the easy, clear choice, as it slashes general downtime and cuts costs. Still, many people choose the wrong way when they need to recover RAID systems, and it costs not only money, but critical files. This article should help you decide.

How Critical Is Your Lost Data?

When looking to recover RAID arrays in the instance where more than a single drive has failed, the key to how to handle it is in the data itself. Are you using a RAID 0 array because it helps your system perform better when you’re playing Call Of Duty? Better to consider simply rebuilding the RAID array from scratch. RAID repair rarely comes cheap, as it is such a specialized job that many hard drive recovery shops actually do not provide it. So if your machine doesn’t really have anything absolutely key to your life, it may be best to just bite the bullet, purchase some new hard drives and start again. [click to continue…]

{ 1 comment }

The modern day computer is a fantastic piece of equipment, probably one of best tools ever created. Our reliance upon these machines is frightening at times, especially when you think about all of the data stored on them. As consumers, and business owners we keep everything on our computers: our company’s financial records, pictures of our kids, home videos, our personal financial information….the list goes on and on.

One thing many people don’t consider until it’s too late is, “what will I do if my computer ever crashes?” “Am I prepared?”. The fact is, computers fail, more importantly, hard drives fail. There is no question about this, it’s just one of those certain things in life, kind of like death and taxes. There is no way to avert it.

PC and laptop hard disk recovery is a booming profession right now. This is both good and bad for those in need of hard drive data recovery services. The good thing is with the increased competition you are no longer having to pay $5,000 to get a single hard drive recovered. The bad thing is, data recovery is a specialty that not everyone is qualified to perform. [click to continue…]

{ 0 comments }

Self RAID Recovery And When To Get Help

RAID servers use affordable hard drive technologies to supply speed and backup properties, but are not entirely secure. Despite the fact that most businesses don’t have a plan in place for RAID recovery, it really is vital, because by their quite nature, hard drives will inevitably fail. Expert assist is always accessible, but not always […]

Read the full article →

Why A Server Recovery Plan Is A Must For All Organizations

The need for server recovery software and services, from RAID to Oracle to Exchange, has grown markedly in the past five years, owing mainly to the lower costs of server hardware. In the early part of the century, for example, small to mid-sized organizations tended to purchase and use less high end applications, but as […]

Read the full article →