September 27, 2018

DR Documentation and Password Storage – WST

An often-overlooked part of Disaster Recovery (DR) is network documentation.  Not just plans and procedures, but good ol’ fashioned diagrams, server lists with IP addresses, critical logon credentials, etc.  When you have to put everything together and get it running somewhere else, these are essential.  Also, commonly overlooked is where this should be stored.  Having the documentation and secure password database on the server that just crashed doesn’t help much; it needs to be available in the event that all systems are down.  Connectivity to DR sites or the internet cannot be assumed either.  Here are some general suggestions:

  • Have an offline copy of your documentation available.  This can be as simple as an encrypted drive with a recent copy of your docs and password vault that is available offsite or hard copies kept in a secure location.
  • Have a batch job or procedure to regularly update this documentation at least weekly, or more often if the environment is very dynamic.  Information that is a year old will not be much help in an emergency.
  • Don’t forget security.  Password storage should always be encrypted properly with a strong password.  This should also be separate from the DR plan documentation itself.  Not all BCP/DR team members need access to passwords and other sensitive IT information, however, more than one should as a measure of redundancy.
  • Make sure you have the executables to install any software needed to view your documentation stored with the information itself.  You need to be able to read the files and may not be able to download the software in a DR situation.

Past Weekly Security Tips – WST