InfoSec News

The reliability of cloud computing services is a big concern for users, especially given a recent string of outages. IT managers should decide what level of risk they can accept.
I am going to stray a little off the beaten path of the ISC today and ask you about personal disaster planning.
I am in the middle of the bald prairie in Western Canada, in the last several months we have experienced a record snowfall, a rapid melt, abnormally high precipitation, widespread flooding, wildfires, and tornadoes. Despite all this my part of the country has gotten off relatively easy. Other parts of Canada and the U.S. have been far less lucky, with significant loss of life on top of devastating property damage. As a matter of a fact, my thoughts and prayers this weekend are with the Internet Storm Centers Deb Hale, who is at this moment living through the flooding in Iowa.
As these events were unfolding, companies all over were dusting off their business continuity and disaster recovery plans and making sure they were adequate to get them through the coming crisis, if it were to occur. Although in my part of the world only minor aspects of most plans were implemented, I wondered about all the people whose basements were flooded, whose farm land was submerged, and whose houses were underwater. Did they have a personal disaster recovery plan?
Given the human tendency to look at the bright side and to downplay risks that cant easily be imagined, most people do not have an adequate personal disaster recovery plan. I am not suggesting that you need to plan for every contingency, but it cannot hurt to go through a couple of the most likely scenarios and see what resources you would need to minimize the impact on your family and put the foundation in place in advance.
The Center for Disease Control Zombie Apocalypse preparedness blog from a month or so ago is an excellent place to start for planning for the immediate aftermath of a disaster, but what about after the immediate crisis is over. Would you have the ability to access the resources necessary to recover from a disaster?
I suggest building a file of important documentation and contact information. Keep one copy in a safe place in your house, a fireproof box perhaps, and a second copy at a friend or relative's place, sufficiently far from your house, so you can access it if your house is seriously damaged or inaccessible for an extended period of time. What sort of information should be in the file?

Insurance Information
Medical Information
Contact list of anyone you will need to be able to contact to tell them you are safe
Contact list of companies and agencies that may be able to help you recover.

Personally I keep the originals in a safe deposit box and scans, in PDF form, on a couple of good quality USB thumb drives as well as on an Internet data storage site. Be sure to throw some money into these files, just in case the problem is widespread enough to put banks and ATMs out of service for a bit.
Would you have enough money to survive and start the rebuilding process?Insurance money, in most cases, will not be immediately forthcoming, and adjustors may not be available for an extended period of time. I recommend setting up a line of credit with your financial institution for at least half of the value of your house and contents. Most institutions do not charge you anything for having a line of credit and not using it, although there may be some fees for establishing the line of credit initially. Be sure your line of credit permits cheques to be written against it and place several of the cheques in your documentation packages.
I think that is a good start, but I am sure you will have many other excellent ideas. What sort of things have you done to aid your personal recovery from a disaster?
Please provide your ideas via comments or through the contact form.
-- Rick Wanner - rwanner at isc dot sans dot org - - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
A 24-year-old Florida man was arrested Thursday on charges that he broke into women's Web mail accounts, looking for explicit photos to post online.
The Internet in Syria was back on Saturday, a day after it was reported that two-thirds of Syrian networks had been cut off from the rest of the world in the wake of civil unrest in the country.
You might have written off Microsoft as clueless about the future of touch computing, but the user interface for desktop Windows 8 changes everything.
While Microsoft's Windows 8 offers 'a lot of good ideas,' says columnist Ryan Faas, it risks confusing users by being too gesture-intensive.
Internet Storm Center Infocon Status