Paul Gerard LeDuc

phdthesis

The purpose of the study was to determine the effect of computer viruses on disaster recovery model development. Through a review of the literature and careful thought, the Susceptibilities/Assets/Frequencies and Expected Value Model was developed. The design of this model is unique in that it addresses the threat of computer viruses to organizational computing resources. The model consists of two concrrent processes. These processes are the management process and the prevention recovery process. The S.A.F.E. Model is inended to function as a tool that guides and organization through the systematic assessment of areas that are essential to the development of viral recovery strategies within the organization. Computer viruses are a dynamic threat. The S.A.F.E. Model represents an attempt to outline a process that can be utilized to develop prevention and recovery strategies to cope with this threat.

LeDuc

December 1991

California State University, Fresno

1900-01-01

List of Figures..............................ix 1. Introduction...............................1 Definition of the Problem......4 Statement of the Problem....6 Need for the Study.................6 2. Review of Related Literature....................................8 The Psychology of Disaster Recovery..............8 The Need for a Disaster Recovery Plan...................12 The Disaster Recovery Plan.....................................13 The Disaster Recovery Planning Process.............16 Disaster Recovery and Time....................................37 Critical Factors to Recovery Planning Success............38 Benefits of Disaster Recovery Planning...........43 Computer Virus Defined....43 Rogue Programs Classified...........................47 Virus Symptoms and Destructive Actions...........51 Growth and Spread of Computer Viruses............53 Reasons for the Creation of a Virus............................66 The Media.............................68 Legal Considerations.........69 Prevention of a Viral Infection..............................71 Recovery from a Viral Infection..............................76 Recovery Teams..................80 Clean Rooms.......................81 3. S.A.F.E. Model Development...........................83 Organize Plan Develop- ment Team........................83 Definition of Disaster..........85 Conduction of a S.A.F.E. Analysis..............................86 Prioritize/Classify Systems for Protection.....................88 Deifinition of Plan Assump- tions and Limitations.......89 Definition of Plan Objectives..........................89 Design System Backup Procedures.........90 Design Clean Room Procedures........................91 Design Verification Procedures........................92 Design Identification Procedures........................92 Design Isolation Procedures........................93 Design Media Inspection Procedures........................93 Design Restoration Procedures........................94 Design Access Controls....94 Design Computer Usage Policies...............................95 Design Disk Control Policies...............................95 Design Communications Policies...............................96 Design System Monitoring Procedures........................97 Raise Management Awareness.........................97 Secure Management Support...............................97 Obtain Necessary Resources.........................98 Involve Management in Recovery Capacity Development.....................98 4. Objectives, Conclusions, and Recommendations......100 Objectives...........................100 Conclusions.......................101 Recommendations...........102 Works Cited..............................104 Appendices A. Flowchart of Disaster Plan Preparation...............109 B. Capacities and Vulner- abilities Analysis Matrix....111 C. Viral Insertion...................113 D. Overlapping Security Measures............................115

S.A.F.E. Model, disaster recovery, computer virus

English

A hard-copy of this is in REC 216