As anyone who has ever experienced network downtime will know, it is amazing how crippling an ICT system failure is to a school, and how far reaching the consequences can be. Not only does an outage create classroom and administrative operational chaos, it can also have serious consequences for the school’s reputation, particularly where there is loss of critical data such as pupils’ coursework, or a breach of security around confidential pupil data.
Whilst many schools I talk to tend to associate ICT downtime with large events such as fires or floods, the reality is that the majority of ICT downtime has much more mundane causes which can include hardware failures, loss of power, cyber security breaches (such as ransomware attacks) and software failures. And in many cases the downtime is considerable, with the EMC Global Data Protection Index 2016 study showing that the average length of unplanned downtime was 22 hours. Indeed the situation seems to be worsening this year, with ICT downtime caused by ransomware attacks in particular often running into a week or more.
And while many of us can work around a short system outage, when such outages are extending into days or even weeks there can be a serious impact on the school’s operations and reputation. As such, it is critical that the senior leadership team have a thorough understanding of their risk management processes and contingency procedures around network resilience, backups and disaster recovery.
So is it enough to have a disaster recovery plan? Sadly I fear not. I’m sure BA had a disaster recovery plan, but how well did it work when it was used in anger? For many schools, I find the disaster recovery plan that was put together some years ago and has sat in the fireproof safe ever since, without testing or updating. My experience is that this document needs to be constantly evolving, as our use of technology in education has moved on apace, and what was an acceptable recovery plan a couple of years ago may now be totally inadequate. In addition, our systems are constantly changing, with software updates and security fixes being installed on a regular basis, all of which can impact on the technical success of a recovery.
In order to ensure ongoing relevance, I always recommend that schools continually re-assess and test their plans around resilience, backup and disaster recovery, against the operational needs of their school and their changing use of technology. Some points to consider would include:-
- How long could you afford for each of your various ICT systems to be down for?
- How much data and email, if any, could you afford to lose?
- When did you last try a test restore of your data or email? Did it work?
- Have you tried a test of your full disaster recovery plan lately? Did it work? How long did it take? How much data was lost? Did the results demonstrate that recovery times and data loss met your school’s current operational requirements as defined above?
- Do your backup and disaster recovery plans meet your forthcoming GDPR compliance obligations?
- Where are your backups held? Would an incident like a fire or a ransomware attack wipe out your backups as well as your live systems?
- In the event of a major disaster, what hardware would you restore your backups on to?
- How would your school operate in the period whilst the systems were down?
- How would you communicate details of an outage with parents, staff, pupils and the public to minimise the reputational damage to your school?
No comments:
Post a Comment