Skip to main content
Add as a preferred source on Google

Uh-Oh What Should We Do?

  • By Dave LeClair
  • 05/01/15

The amount of data that today’s school districts generate is increasing exponentially and so is the need to protect it. School business officials and IT professionals should approach data protection with a documented disaster recovery (DR) plan that ensures the organization’s readiness for any kind of disaster, downtime or outage and its ability to get things back on track quickly if something goes wrong.

Here are some tips to help you develop an ironclad data recovery strategy.

1. Determine recovery time objectives and recovery point objectives. The recovery time objective (RTO) is the maximum amount of time your district can afford to be without its data and systems. The recovery point objective (RPO) is the maximum amount of data that you can afford to lose without severe consequences.

Visualize a time line. The RPO is the point at which all your data have been backed up and are secure. Disaster strikes, and the system crashes. The data created between the RPO and the disaster will likely be lost, as they were not backed up. The RTO is the point in the future when the organization will be up and running again, so the gap between the disaster and the RTO is the time during which the system isn’t functioning.

Those metrics serve as the foundation on which your DR plan is built. Every strategy you put in place should help you meet your RTO and RPO goals. Everyone within your organization should agree on which applications, functions, and data are critical, and what the loss of each could mean in terms of financial costs, brand damage, and regulatory compliance.

2. Secure a backup copy of your data off-site. Store a copy of your data off-site every day to ensure the data and applications remain accessible and you can continue to operate regardless what occurs.

Don’t confuse backup data with archived data. Backup data include critical applications, information, files, and systems currently in use that are backed up and replicated on a secondary site, such as a physical location or a public or private cloud. Automated systems back up data according to your RPOs and move the data off-site.

Archived data are collected and retained for longer periods to meet regulatory and compliance requirements and to provide rollback should your backups become corrupted. If your DR facility fails or becomes corrupted, you have the ability to rebuild your systems using your archived data. If your archived data are lost, they may be lost permanently.

Most educational institutions should have a backup window of at least once per working day for all critical data. Other important best practices to consider include providing at least one additional level of backup to cover a failure of the primary backup medium and auditing backup media at least once every six months.

3. Encrypt your replicated and archived data. Throughout the replication and archiving processes, company data are transferred across your wide area network, so it’s important to ensure they are encrypted in flight and at rest. A military-grade Advanced Encryption Standard with 256-bit keys is preferable, but you should encrypt to the highest level possible to prevent data breaches and other malicious activity — a common cause of downtime.

Look beyond IT

Data recovery should be an integral component of your organization’s DR plan, but it’s also important to look beyond IT to ensure true business continuity.

Examine all business and educational functions, identify those that are critical to maintaining business continuity, and develop a DR strategy for each. Determine the steps required to get those essential departments and employees online and communicating with each other, and make sure they can quickly and easily access the systems and servers they need to keep the establishment running. Communication and training are key here. Everyone who has a role in the DR process must be made aware of the plan and trained on their specific responsibilities. Consider cross-training personnel, so someone can always pick up a task in the event the primary person for that task cannot fulfill his or her responsibilities.

Don’t take disaster recovery lightly. Create a comprehensive, institution-wide plan, familiarize all the appropriate parties with it, and test it continuously to ensure flawless execution. That is the key to true recovery.

— Excerpted from the April 2015 issue of School Business Affairs magazine, published by the Association of School Business Officials International. asboint.org

This article originally appeared in the issue of .

About the Author

Dave LeClair is vice president of Product Marketing at Unitrends, a data protection and disaster recovery provider based in Burlington, Mass.

Featured

  • North Texas School District Completes Third New Elementary School

    The Denton Independent School District in Dallas, Texas, recently finished construction on its third prototype design elementary school, Reeves Elementary, according to a news release.

  • UNT Dallas Holds Ribbon-Cutting Ceremony for $100M STEM Building

    The University of North Texas at Dallas in Dallas, Texas, recently celebrated the opening of its new, $100-million STEM Building, according to local news. The ceremony on Dec. 2 preceded the first day of classes in the facility on Jan. 12, 2026.

  • Wisconsin District Breaks Ground on New Elementary School

    The School District of La Crosse in La Crosse, Wis., recently broke ground on a new elementary school that will consolidate the students and staff of two existing schools, according to local news. Funding for the school comes from a $53-million referendum approved in 2024.

  • Ohio State University Opens 26-Story Hospital

    The Ohio State University Wexner Medical Center recently opened in Columbus, Ohio, standing 26 stories and covering 1.9 million square feet, according to a university news release. The project marks ten years of effort and is the university’s largest single-facility construction project ever.