The Effects of Computer Viruses on Disaster Recovery Model Development
Abstract
The purpose of the study was to determine the effect of computer viruses on disaster recovery model development. Through a review of the literature and careful thought, the Susceptibilities/Assets/Frequencies and Expected Value Model was developed. The design of this model is unique in that it addresses the threat of computer viruses to organizational computing resources. The model consists of two concrrent processes. These processes are the management process and the prevention recovery process. The S.A.F.E. Model is inended to function as a tool that guides and organization through the systematic assessment of areas that are essential to the development of viral recovery strategies within the organization. Computer viruses are a dynamic threat. The S.A.F.E. Model represents an attempt to outline a process that can be utilized to develop prevention and recovery strategies to cope with this threat.
School
California State University, Fresno
Publication Date
1900-01-01
Contents
List of Figures..............................ix
1. Introduction...............................1
Definition of the Problem......4
Statement of the Problem....6
Need for the Study.................6
2. Review of Related
Literature....................................8
The Psychology of
Disaster Recovery..............8
The Need for a Disaster
Recovery Plan...................12
The Disaster Recovery
Plan.....................................13
The Disaster Recovery
Planning Process.............16
Disaster Recovery and
Time....................................37
Critical Factors to Recovery
Planning Success............38
Benefits of Disaster
Recovery Planning...........43
Computer Virus Defined....43
Rogue Programs
Classified...........................47
Virus Symptoms and
Destructive Actions...........51
Growth and Spread of
Computer Viruses............53
Reasons for the Creation
of a Virus............................66
The Media.............................68
Legal Considerations.........69
Prevention of a Viral
Infection..............................71
Recovery from a Viral
Infection..............................76
Recovery Teams..................80
Clean Rooms.......................81
3. S.A.F.E. Model
Development...........................83
Organize Plan Develop-
ment Team........................83
Definition of Disaster..........85
Conduction of a S.A.F.E.
Analysis..............................86
Prioritize/Classify Systems
for Protection.....................88
Deifinition of Plan Assump-
tions and Limitations.......89
Definition of Plan
Objectives..........................89
Design System Backup
Procedures.........90
Design Clean Room
Procedures........................91
Design Verification
Procedures........................92
Design Identification
Procedures........................92
Design Isolation
Procedures........................93
Design Media Inspection
Procedures........................93
Design Restoration
Procedures........................94
Design Access Controls....94
Design Computer Usage
Policies...............................95
Design Disk Control
Policies...............................95
Design Communications
Policies...............................96
Design System Monitoring
Procedures........................97
Raise Management
Awareness.........................97
Secure Management
Support...............................97
Obtain Necessary
Resources.........................98
Involve Management in
Recovery Capacity
Development.....................98
4. Objectives, Conclusions,
and Recommendations......100
Objectives...........................100
Conclusions.......................101
Recommendations...........102
Works Cited..............................104
Appendices
A. Flowchart of Disaster
Plan Preparation...............109
B. Capacities and Vulner-
abilities Analysis Matrix....111
C. Viral Insertion...................113
D. Overlapping Security
Measures............................115
Keywords
S.A.F.E. Model, disaster recovery, computer virus
Location
A hard-copy of this is in REC 216