We are reviewing our BCP/DR plans and one of the questions is where are the documents stored? If we are managing a Cyber event and we have lost access to our file storage systems where should the BCP and DR plans and procedures be stored? My initial thoughts are to have a disconnected storage location. For example if I am a Microsoft shop then SharePoint might not be the best place and could look at other locations like Dropbox, Google Docs. What about setting up separate non-domain accounts to connect into the data stores? Any thoughts or advice on what others have done is appreciated.
Many companies maintain a DR tenant for this purpose. With no relationship to your production tenant, there is no reason for a DR tenant to be compromised through compromise of the production tenant.
Does anyone currently use Athena Security, a company that offers software for security portal management? I’d love to get feedback from anyone who has experience with their platform.
Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.29%
No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.45%
No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.20%
I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).5%
Many companies maintain a DR tenant for this purpose. With no relationship to your production tenant, there is no reason for a DR tenant to be compromised through compromise of the production tenant.