Learn how to address security systems such as biometrics in your DR plan.
By Mike Talon
As the need for corporate security becomes more prevalent on executive management's radar, new security systems are coming into play in the workplace. From tighter firewall systems to better authentication, these systems have become a vital part of corporate information security systems.
As such, you must ensure that your disaster recovery plan properly addresses these systems. One of the more interesting systems you may need to address is biometric identification systems for authentication.
Biometric authentication involves the use of an individually unique trait to determine who can access a particular data system. Typically, this trait is a fingerprint or a retinal scan since readers for these traits are both flexible and readily available. Other possible traits used in biometrics may include--but aren't limited to--earlobes, facial characteristics, signature, and voice recognition systems.
These systems have certain characteristics in common. Primarily, each requires integration with the client device (for example, desktops and laptops). Each also generally requires both hardware and software components to work.
In the corporate arena, these systems tend to require both client-side and server-side software to allow for authentication throughout the enterprise. DR systems for these data systems must take into account each of these components in order to properly move the systems over to the DR facility when necessary.
First of all, make sure that desktops and spare laptops in your DR facility are capable of employing the systems in question. They must meet the specifications for the hardware and software components of the biometric systems you use.
In addition, make sure you have the necessary hardware and software available for installation; either plan to install it at the time of the disaster, or install and configure it ahead of time. Failure to have this ready will mean that biometric-dependent systems will be unavailable to end users until you put the required hardware and software into place for them to authenticate.
You must also make sure that any server-side systems are not only in place, but also preconfigured with the security and authentication information they need to employ the client-side systems. This may require making periodic updates of the security databases or replicating those systems to keep them in sync.
To keep both sets of data up to date, this could also mean manually setting up profiles on both the production and backup systems if the software doesn't allow replication or backup/restore procedures. Check with the vendor of your security systems to ensure that whatever method you choose will work properly. By design, many biometric systems don't easily allow you to load data sets from another server onto the DR device without some recovery methodologies.
If you can reproduce the data systems necessary for the biometric security systems to work, and you've set up the proper client-side systems ahead of time, your security systems will move with the employees when a disaster occurs.
But if you miss any of the pieces of the puzzle, you may find yourself stuck in a situation where all of your other data systems fail over, but no one can access any of the data stored securely on those systems.
Mike Talon is an IT consultant and freelance journalist who has worked for both traditional businesses and dot-com startups.