"Disaster Recovery Planning", Jon William Toigo, 2003, 0-13-046282-9,
%A Jon William Toigo www.drplanning.org
%C One Lake St., Upper Saddle River, NJ 07458
%I Prentice Hall
%O U$54.99/C$85.99 +1-201-236-7139 fax: +1-201-236-7131
%P 482 p.
%T "Disaster Recovery Planning"
Toigo's first edition outshone almost all later DRP (Disaster Recovery
Planning) and BCP (Business Continuity Planning) works. This edition
vastly expands the resources and thinking on the topic. In the
preface, Toigo examines the question of whether people will see this
new edition as simply an exercise in opportunistic marketing, using
the events of September 11, 2001 to promote a fresh work. He
concludes that changes in technology do justify another edition. In
addition, the new pieces giving post-9/11 perspectives from various
parties (generally vendors) do provide some additional insights. The
leading foreword, a first-hand account of the evacuation of one of the
World Trade Center towers, offers interesting observations such as the
fact that the tens of thousands of people using the exit stairwells
created potential problems with respect to condensation on the stairs
and walls of the structure.
Chapter one, an introduction to the topic, is no longer as incisive as
it once was. However, there are still striking items, such as the
mention of the Bank of New York information technology outage (lasting
twenty seven hours) which led to a requirement to borrow twenty two
billion dollars, cascading into destablization of the federal reserve
fund and interest rate fluctuations. The advice is still practical,
pointing out legislation that may indirectly support disaster recovery
planning (although there is no mention of the widely used Americans
with Disabilities Act), a detailed assessment of the uselessness of
disaster recovery certifications and related groups, and suggestions
for dealing with political realities. Various perspectives and
disputes over risk are reviewed in chapter two, although the material
becomes a bit disjointed when it ends with policy development. There
is an excellent overview of fire protection and power problems, but
the rest of the facility management material in chapter three is quite
limited. A detailed examination of the options, products, and vendors
related to data recovery (well beyond the usual discussion of full,
incremental, and differential backups) is given in chapter four.
Chapter five deals with strategies for the recovery of centralized
systems. This is the standard view of disaster recovery, but Toigo
offers good, quality advice. Recovering decentralized systems is
analysed in chapter six, although most of the solutions seem to rely
on recentralising. End-user requirements, touching on remote
computing, virtual private networks, and so forth, are discussed in
chapter seven. Examination of network recovery, in chapter eight, is
useful, although many solutions (such as wireless LANs) are not
perused for problems (such as security), while, at the same time, they
are not pushed far enough (groups in many locations are now planning
city-wide wireless networks which should be available in the event of
the collapse of major telecommunications carriers). Emergency
decision making, in chapter nine, concentrates on teams, functions,
and flowcharts. References and resources for recovery management,
mostly in the US, are in chapter ten. There is an odd inclusion of a
story about vendor versus reseller infighting in the plan maintenance
material in chapter eleven. The book concludes in chapter twelve.
While the later edition is sometimes too verbose, this work is
definitely worthwhile for anyone in the security or disaster recovery
planning field. Even if you have the first edition, continuity and
recovery professionals will probably find that this latest work has
fresh insights that justify its purchase.
copyright Robert M. Slade, 2003 BKDIREPL.RVW 20031105
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
All reports are in. Life is now officially unfair.