REVIEW: "Disaster Recovery Planning", Jon William Toigo

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jan 5, 2004.

  1. BKDIREPL.RVW 20031105

    "Disaster Recovery Planning", Jon William Toigo, 2003, 0-13-046282-9,
    %A Jon William Toigo
    %C One Lake St., Upper Saddle River, NJ 07458
    %D 2003
    %G 0-13-046282-9
    %I Prentice Hall
    %O U$54.99/C$85.99 +1-201-236-7139 fax: +1-201-236-7131
    %P 482 p.
    %T "Disaster Recovery Planning"

    Toigo's first edition outshone almost all later DRP (Disaster Recovery
    Planning) and BCP (Business Continuity Planning) works. This edition
    vastly expands the resources and thinking on the topic. In the
    preface, Toigo examines the question of whether people will see this
    new edition as simply an exercise in opportunistic marketing, using
    the events of September 11, 2001 to promote a fresh work. He
    concludes that changes in technology do justify another edition. In
    addition, the new pieces giving post-9/11 perspectives from various
    parties (generally vendors) do provide some additional insights. The
    leading foreword, a first-hand account of the evacuation of one of the
    World Trade Center towers, offers interesting observations such as the
    fact that the tens of thousands of people using the exit stairwells
    created potential problems with respect to condensation on the stairs
    and walls of the structure.

    Chapter one, an introduction to the topic, is no longer as incisive as
    it once was. However, there are still striking items, such as the
    mention of the Bank of New York information technology outage (lasting
    twenty seven hours) which led to a requirement to borrow twenty two
    billion dollars, cascading into destablization of the federal reserve
    fund and interest rate fluctuations. The advice is still practical,
    pointing out legislation that may indirectly support disaster recovery
    planning (although there is no mention of the widely used Americans
    with Disabilities Act), a detailed assessment of the uselessness of
    disaster recovery certifications and related groups, and suggestions
    for dealing with political realities. Various perspectives and
    disputes over risk are reviewed in chapter two, although the material
    becomes a bit disjointed when it ends with policy development. There
    is an excellent overview of fire protection and power problems, but
    the rest of the facility management material in chapter three is quite
    limited. A detailed examination of the options, products, and vendors
    related to data recovery (well beyond the usual discussion of full,
    incremental, and differential backups) is given in chapter four.

    Chapter five deals with strategies for the recovery of centralized
    systems. This is the standard view of disaster recovery, but Toigo
    offers good, quality advice. Recovering decentralized systems is
    analysed in chapter six, although most of the solutions seem to rely
    on recentralising. End-user requirements, touching on remote
    computing, virtual private networks, and so forth, are discussed in
    chapter seven. Examination of network recovery, in chapter eight, is
    useful, although many solutions (such as wireless LANs) are not
    perused for problems (such as security), while, at the same time, they
    are not pushed far enough (groups in many locations are now planning
    city-wide wireless networks which should be available in the event of
    the collapse of major telecommunications carriers). Emergency
    decision making, in chapter nine, concentrates on teams, functions,
    and flowcharts. References and resources for recovery management,
    mostly in the US, are in chapter ten. There is an odd inclusion of a
    story about vendor versus reseller infighting in the plan maintenance
    material in chapter eleven. The book concludes in chapter twelve.

    While the later edition is sometimes too verbose, this work is
    definitely worthwhile for anyone in the security or disaster recovery
    planning field. Even if you have the first edition, continuity and
    recovery professionals will probably find that this latest work has
    fresh insights that justify its purchase.

    copyright Robert M. Slade, 2003 BKDIREPL.RVW 20031105


    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Jan 5, 2004
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Writer R5
    Nov 27, 2003
  2. Mike McGee
    Mike McGee
    Dec 8, 2003
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Cryptography and E-Commerce", Jon C. Graff

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 28, 2003, in forum: Computer Security
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 28, 2003
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Network Security Essentials", William Stallings

    Rob Slade, doting grandpa of Ryan and Trevor, Apr 28, 2004, in forum: Computer Security
    Bruce Barnett
    May 18, 2004
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Zero Day Threat", Byron Acohido/Jon Swartz

    Rob Slade, doting grandpa of Ryan and Trevor, Jun 8, 2009, in forum: Computer Security
    Rob Slade, doting grandpa of Ryan and Trevor
    Jun 8, 2009

Share This Page