Information Systems Security Assurance Management - Article Example

Information Systems Security Assurance Management Summary:As the title suggests, the paper presents a case of study of disaster management and recovery by Municipal Solutions, a company that is engaged in providing information systems and solutions to municipalities in the United States. Based in Cleveland, Ohio, the company, through hard work and dedication managed to become a leader in providing software solutions exclusively to municipal corporation in the US as well as Canada. The firm was headed by its founder Paul Teitelbaum, an industrial engineer, previously employed with Pricewaterhouse Coopers.

Teitelbaum is described as a visionary and a team man, who was congenial and loved to give credit to others where it was due. The disaster that occurred was a major fire that completely destroyed the company’s servers including the entire software code of the programs made for their clients. Moreover, MSS also hosted a few of the programs of their smaller clients on their own servers.The news of the fire was relayed to Brian Elkin, who was in charge of research and development. Teitelbaum was out of town at the moment, so Elkin rushed to Andrew Katula (senior software engineer).

It was the practice of the company to take backups of the software regularly. Katula was in the practice of doing so every evening after business, and Elkin was reveilved that he done so the previous evening also. The authors state that had this not been done, the company’s business would have come to a stop and might even result in closure. When Teitelbaum returned he provided a free reign to his employees to purchase new hardware immediately. MSS’s telephone company, Verizon was asked to forward all calls to a new number.

He contacted a friend for temporary office space and within four days had a functioning office with all the required hardware and infrastructure. Only the small clients who had servers with MSS were affected to a certain extent. The hardware vendors went out of their way to get the equipment for MSS. Most of the other clients did not even know about the fire at the company premises. Servers and other equipments are now protected by sensors that switch on cooling fans if the temperature exceeds a certain limit.

Backup is being done everyday as before. Review:It can be seen that the best disaster management practice was taking daily backups. Otherwise the company would have suffered irreversible damage. The fact that MSS did not have a proper fire safety system in the first place is not a good practice in disaster management. but the recovery aspect was handled very well by Teitelbaum and his team. The fact that he gave free hand in purchasing the hardware and other requirement is testimony to the fact.

On the whole the disaster management and recovery in this case was handled efficiently with only minimum of disruption of its own business and those of its customersWith regard to the paper, it is felt that the authors has gone into too much detain with regard to the company’s history and background. It does not have any apparent relation with disaster management and recovery. The diagram showing hierarchy does not add much to the usefulness of the paper. The authors could have just mentioned about Elkin and Katual instead of showing them in the hierarchal structure.

In spite of going into so much detail about the company’s background and history, the authors seem to have omitted the period within which MSS started operations in its renovated office. This could have provided a picture of how quickly the company restored operations in its own premises. But otherwise the paper is well-laid out with clear headings. The language used is also clear and concise and personal statements made by Teitelbaum makes the article more intimate and readable. Diagrams and photographs showing the server infrastructure is also very good.

Personal experience:My personal experience with regard to disaster management and recovery is limited. But inadequate power protection in an organization where I worked was damaged to a power surge. The firm had five computers (networked) and was engaged in the business of advertising. It was a small firm with limited number of clients doing assignments for clients within the city limits. It can be seen that the firm did not have a prevention strategy. But the hard disks could be saved and the full data was recovered after two days.

The firm had minor problems, but after the incident proper power protection equipment was installed and the employee in charge of IT was asked to take backups of data every day. It can be concluded that every organization should have preventive measures along with a strategy for management and recovery from a disaster. The current environment has the potential to bring about disasters in many forms and firms should be equipped to prevent or if not to handle and manage them.