Incident response policy is very important in any organization as they help in advance preparation to respond appropriately when security breaches that are inevitable occurs, or to reduce the down-time when the system fails. If the organization fails to have an incident response policy, there will be high chances of making huge financial losses, slow recovery process, and high risks of collapse (Gordon et al., 2011). In this case, Gem Infosys which is a small company that deals with software has experienced network failures for two days which has made it to stop all its operations. Thus it is necessary for the company to come up with an incident response policy that will help to prevent such occurrences in future. This paper will therefore explain how the company can develop incident response policy to address such problems in future.
Incident response team
Assembling a team that will manage and deal with all the issues related to the network system is the first and most important step in dealing with network problems (Hurtig, 2010). The team ought to consist of different IT personnel who are assigned various responsibilities in the IT department according to their training and experience. The team should be assembled before the incident occurs in order to ensure that they are well prepared to handle it when it occurs (Wilcox & Brown, 2005). Successful response team will monitor all the systems of the organization for network failures and security breaches; promote awareness of how various systems works in the organization and keep updating procedures and systems of the company to ensure chances of network failures are minimal.
Disaster recovery process
The process of recovery after the incident will depend on the magnitude of the system failure or security breach (Hahn & Layne-Farrar, 2006). The incident recovery team will need to first assess the extent of the system in order to know the right disaster recovery method to apply. If the security breach is not much, then it is possible to repair the system while at the same time leaving everything intact. For instance, malware attack can be repaired without affecting other components of the system such as file servers, web severs, PCs among others. On the other hand, security breach of large magnitude may require the incident response team to rebuild the whole network system again. Clean back ups and software for file integrity may help to repair the damage. In addition, system for detecting intrusion may also be used to understand the problem better.
Business continuity planning
The ability of the company to continue operating will depend with the magnitude of the incident and the recovery process employed when the incident occurred. A good incident response policy will help the businesses to continue even after system failures. Continuity plan for the business will involve installation of clean backups, integrity software, and other security measures such as trained personnel, fire walls, and update of the security systems.
Gem Infosys Company needs to adopt this incident response policy in order to recover from the current security breaches and more importantly to prevent this occurrence in future. This policy will require the company to establish a response team that will manage and oversee the security of all the systems. Installing clean back ups and integrity soft wares will help the company to prevent such network failures in future.
Gordon, L., Loeb, M. & Lei, Z., (2011). The impact of information security breaches: Has there been a downward shift in costs? Journal of Computer Security, 19 (1), 33-56.
Hahn, R. & Layne-Farrar, A., (2006). The law and economics of software security. Harvard Journal of Law & Public Policy, 30(1), 283-353.
Hurtig, J., (2010). Crossing Your Fingers Is Not Enough: Preparing Your Response to Information Security Breaches. North Western Financial Review, 195(12), Special section 1-2.
Wilcox, S. & Brown, B., (2005).Responding to Security Incidents -- Sooner or Later Your Systems Will Be Compromised. Journal of Health Care Compliance, 7(2), 41-48.