S 6.141 Defining alternate procedures when using the Internet
Initiation responsibility: Supervisor, IT Security Officer, Head of IT
Implementation responsibility: Personnel Department, IT Security Officer
Access to the Internet may fail or be impaired for various reasons. However, the proper functioning of individual Internet services may also be restricted. Safeguards to protect the availability are used frequently and at several levels, but it is still possible that certain Internet services can temporarily not be accessed or used by the users. If the failure of the Internet use cannot be tolerated by the government agency or company, it is important that corresponding alternate procedures are defined. These alternate procedures are used to compensate for the downtimes in such a manner that adverse effects and disruptions of normal business operations are avoided or at least minimised. As part of the contingency planning, a concept should be drawn up detailing how the effects of a failure can be minimised using alternate procedures and which actions need to be taken in case of a failure.
Example: In an organisation, employees book themselves the train tickets required for business trips in the Internet. In order to prevent delays from occurring in the event of a failure of the Internet, there is a telephone hotline for this case, by means of which they can alternatively book their tickets.
When choosing alternate procedures regarding Internet use, a distinction should be made at least between the following scenarios:
- Failures in the area of the organisation's own network
- Failures of the communication connections between the organisation's own network and the IT systems used in the Internet
- Failures of the IT systems used in the Internet itself
Failures in the area of the organisation's own network (scenario 1) are covered in module S 1.3 Business continuity management and the safeguards in the context of contingency planning in the remaining modules of the IT-Grundschutz Catalogues.
The scenarios 2 and 3 can not really be influenced by the organisation itself, as the technical components affected are usually operated by third parties. Using a second, alternative Internet provider and an alternative communication channel, if any, (see also S 6.75 Redundant communication links) provides a certain degree of protection against particular failures in the network area. If, however, larger network areas fail, it may occur that business-critical Internet services cannot be accessed or used.
Therefore, an overview of the Internet services and applications having high availability requirements should be compiled. For these requirements, suitable alternate procedures should then be defined. This overview should be updated regularly.
It is recommended to also take into account alternate procedures that, if possible, can completely dispense with Internet services. Here, telephone- or fax-based communications are frequently fallen back on. However, it should be noted that here, too, interrelations can exist which might restrict the effectiveness of such alternative solutions under certain circumstances. For example, when using Internet telephony, it must be ensured that a failure of the Internet access does not automatically also entail a complete failure of the telephone and fax service. Another example of interrelations (dependencies) is that the call centres of service providers depend also in some cases on the proper functioning of their own Internet servers. In this case, it is no use to call the hotline of the Internet service provider in the event of a failure of the Internet servers of this service provider, because the call centre is then probably not able to work either.
In general, paper-based processing and communication also come into question as alternate procedures. However, such procedures are often excluded, since they result in excessive delays in many cases.
Review questions:
- Is there an overview of the Internet services and applications with high availability requirements?
- Have alternate procedures been defined for business-critical Internet services and applications?