Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Assessment
In the assessment step, the enterprise telecommunications network needs to be examined from the top down, to understand the role it plays in enterprise operations. Each enterprise depends differently on its telecommunications network. At one time, access to the voice telephone network was vital for conducting many enterprise business activities. If the telephone system was out or the telephone network was down, no business was conducted. Further, it was almost impossible to coordinate any recovery because no one could effectively communicate by voice.
Because many people these days have cellular phones as well as office phones, this need is somewhat abated. Further, since cellular phones operate anywhere in the United States as effectively as in their home region, if the cellular network is down in one geographic area (such as Homestead, Florida), traveling to a nearby unaffected area may permit continued voice network communications.
Fortunately, disasters or terrorist actions that have hit the United States have never affected the whole infrastructure to the extent that communications were down for many days. Certainly, some outages (such as those during the 1989 San Francisco earthquake) and terrorist activities (like 9/11) have caused communications restrictions and outages for a limited time in specific geographic areas, but not universally across the U.S. Further, there has been in the production pipeline sufficient computing and telecommunications equipment to replace any lost equipment within days—and certainly to replace entire facilities within weeks.
Telecommunications systems and facilities that enterprises should consider in disaster and security planning include the following:
Voice communications
Internet communications—web sites, email, remote access, vendor contacts, e-commerce, and more
Private enterprise network communications—facility-to-facility communications for data exchange, video conferencing, and other uses
Mobile communications—sales order processing, claims processing, etc.
You must consider how each type of communications supports enterprise activities and the cost to the enterprise in the event that the communications facility is inaccessible. These factors must be considered in a top-down assessment on the use of the enterprise telecommunications network. For example:
A fire wipes out the main telephone company exchange serving your sales and order-entry processing site. No voice communications can get through to the sales and order-entry personnel. A customer calling with a million-dollar order may hang up the dead or fast-busy phone and call a competitor to place the order. As a result, a million-dollar sale is lost. How much would you spend to stop this from happening? What strategy could you follow to stop this from happening?
A denial-of-service attack disrupts your Internet access when you need to place an order for just-in-time parts from your supplier for the production of your key product. This delays ordering and the subsequent arrival of parts, shutting down your production line for several days. What's the cost to the enterprise? Do you lose a customer because your products weren't delivered as expected? How would you detect this potential problem and prevent it?
The director of your organization says, "They opened that email that you told them not to open," which contained the Sircam virus—and it has now infected every PC in the division (see Figure 1). What's the cost of rectifying this mistake? What's the cost if the virus is passed on to your customers or suppliers? How can this disaster be prevented?
){kind=link}
Figure 1 Sircam email.