Wednesday, October 7, 2009

Poor City Planing and your Disaster Recovery Plans

he Philippine Government finally admitted that poor city planning was the root cause of the recent massive flooding claiming the lives of nearly 300 people near and around the City of Manila.

Growing up in the Philippines, it doesn't take a genius to figure this out. We do not need statistics or blueprints of how the city was designed to scale presented to us to understand this.

You see it and you smell it.

I hate to say the "smell" thing because its very unlikely to come out from a patriotic Filipino guy like me, but it is the truth at least in my experience and opinion. Some part of Metro Manila is so congested that you do not need to open your eyes to know that this area is overpopulated.

You can't blame those people. Healthy conditions are the least priority of people who rarely eat at least twice a day and needs a shelter at night. Celebrities and politicians residing in tall buildings were not spared as well by the flood. There was even a story circulating around of a "dashing" rescue, worthy of a movie, wherein a famous actor rescued an actress in distress from her tall residential building using a speedboat. And not helping the less-privileged neighbors.

In the corporate IT world, I can almost imagine the feeling of helplessness of the people in charge of the Disaster Recovery and Business Continuity Plans (DRP & BCP) for their respective organizations.

These guys, mostly the Senior Network Administrators and Chief Security Officers of the corporate world, spent hundreds of man-hours in designing, testing, and implementing plans to
disaster-proof their business, regardless if its a natural or man-made disaster. The basic and ultimate goal is to survive such events and still continue to do business.

The problem is the actual city where your network infrastructure and organization is physically located. If the city was not designed with security, room for growth, and disaster recovery in mind, your plans get tossed out of the window.

Major City planners of the world should take a page out of secure software developers book: Design with security in mind. And spend less time mitigating risks.

If your city gets flooded to the point that major streets and thoroughfares look like a wild, gushing river, your well-laid plans most likely will take a detour. This detour is where your plans will be actually tested because you do not know whats going to happen next.

However, on major events like this, disaster recovery and business continuity plans should be tossed out of the window for the time being and self-preservation and helping other lives should be the number one priority.

After securing the lives of people working for your organization, go out and help out. Events like this happen for a reason and it makes organizations and cities plan and prepare better for the future.

Lessons learned is always the last phase of such events. Take detailed notes, recall how the event escalated, and learn from your mistakes.

1 comment:

  1. i've read a book about 3 years ago wherein the author was actually the consultant of a number of victims (business/companies) of the 9/11 attack who made it back into operation after just about a month or so, recovering most if not all of their precious data and using them once again after a horrifying experience for any man or organization.


A playground for network security enthusiasts, innovators and early adoptors

Welcome to my blog, this is me thinking out loud about Voice over IP security (VoIP), managing and optimizing converged networks, Metasploit Framework, Cloud Computing, general security and privacy concerns, grappling adventures, and tuning my MKIV VW Jetta.

All inputs, feedbacks and violent reactions are welcome.

Packet Boy Perseus
Helping spread a positive image why we hack things.

About Me

I am an InfoSec Innovator, a Blue Ocean Seafarer and a Paul Graham Pupil.