NRIC SUPPORTS ‘BEST PRACTICES’ FOR NETWORK RECOVERY

NRIC Chmn. Richard Notebaert, who also is Qwest chmn., called for a show of hands and concluded that most of the NRIC members present supported the package, which was developed by several committees of its members. Members have until March 28 to vote formally on the package, which includes more than 200 best practices, some of which already are being used in the industry. NRIC, an advisory committee to the FCC, is composed of a cross-section of the communications industry -- wireless, wireline, satellite, cable and Internet providers.

The package presented Fri. varied from an earlier set discussed at NRIC’s Dec. 6 meeting (CD Dec 9 p1) and approved 2 weeks later. Those best practices were aimed at avoiding terrorist attacks on networks by plugging vulnerabilities. The set discussed Fri. would be used if networks actually were attacked. In both cases, use of the best practices would be voluntary, a condition that the telecom industry strongly supported in lieu of regulatory requirements. Notebaert said the first package was approved unanimously by NRIC members, which showed the industry was “committed” to network reliability and reinforced its call for voluntary action. The FCC said that if the new best practices were approved, the next step would be an education campaign to ensure widespread industry adoption of the measures.

Carriers understandably want to focus on prevention, which is a more positive concept and cheaper, but recovery is a “necessary evil” that has to be faced, said Cable & Wireless Chief Security Officer Bill Hancock, chmn. of NRIC’s cybersecurity focus group. “Current infrastructure is built on a ’total trust’ model, which makes security very complex and difficult,” he warned. The world has changed, so efforts have to be made to plan for future architecture that’s less “trusting” and more compatible with security measures, Hancock said.

NRIC’s best practices offer guidance that few companies could develop on their own because the package reflected input from “the best minds” of many companies, said Karl Rauscher, chmn. of the physical security focus group and dir.-network reliability at Lucent’s Bell Labs.

Examples of the best practices suggested by NRIC’s committees: (1) Set up a workable transportation plan to get needed employees to the site of an outage. (2) Be aware that information that seemed to require the deployment of emergency resources could be “a terrorist or criminal diversion.” (3) Change all system passwords “and examine the relationships with hosts for signs of compromise.” (4) Determine ahead of time what the effects of contamination on network electronics would be. (5) Isolate systems that posed an immediate threat to critical business functions, for example removing an Ethernet cable or phone line or using firewalls and routers to isolate such threatened areas.

The disaster recovery/business continuity focus group offered an outline for helping companies continue their operations during an attack. Among its recommendations: (1) Establish an emergency remote operations center. (2) Conduct practice drills. (3) Secure alternative power sources. (4) Enter into “mutual aid agreements” with other companies that could help in the restoration process. (5) Set aside spare hardware to avoid delays in getting shipments from suppliers.

Like the earlier proposals, Fri.’s recommendations also included pitches for more funding and involvement by various govt. organizations. Rauscher’s group, for example, urged the Bush Administration to use the National Coordinating Center for Telecommunications (NCC) and the Telecom Information Sharing & Analysis Center (Telecom-ISAC) as focal points in supporting restoration efforts.