Uh-Oh What Should We Do?

  • By Dave LeClair
  • 05/01/15

The amount of data that today’s school districts generate is increasing exponentially and so is the need to protect it. School business officials and IT professionals should approach data protection with a documented disaster recovery (DR) plan that ensures the organization’s readiness for any kind of disaster, downtime or outage and its ability to get things back on track quickly if something goes wrong.

Here are some tips to help you develop an ironclad data recovery strategy.

1. Determine recovery time objectives and recovery point objectives. The recovery time objective (RTO) is the maximum amount of time your district can afford to be without its data and systems. The recovery point objective (RPO) is the maximum amount of data that you can afford to lose without severe consequences.

Visualize a time line. The RPO is the point at which all your data have been backed up and are secure. Disaster strikes, and the system crashes. The data created between the RPO and the disaster will likely be lost, as they were not backed up. The RTO is the point in the future when the organization will be up and running again, so the gap between the disaster and the RTO is the time during which the system isn’t functioning.

Those metrics serve as the foundation on which your DR plan is built. Every strategy you put in place should help you meet your RTO and RPO goals. Everyone within your organization should agree on which applications, functions, and data are critical, and what the loss of each could mean in terms of financial costs, brand damage, and regulatory compliance.

2. Secure a backup copy of your data off-site. Store a copy of your data off-site every day to ensure the data and applications remain accessible and you can continue to operate regardless what occurs.

Don’t confuse backup data with archived data. Backup data include critical applications, information, files, and systems currently in use that are backed up and replicated on a secondary site, such as a physical location or a public or private cloud. Automated systems back up data according to your RPOs and move the data off-site.

Archived data are collected and retained for longer periods to meet regulatory and compliance requirements and to provide rollback should your backups become corrupted. If your DR facility fails or becomes corrupted, you have the ability to rebuild your systems using your archived data. If your archived data are lost, they may be lost permanently.

Most educational institutions should have a backup window of at least once per working day for all critical data. Other important best practices to consider include providing at least one additional level of backup to cover a failure of the primary backup medium and auditing backup media at least once every six months.

3. Encrypt your replicated and archived data. Throughout the replication and archiving processes, company data are transferred across your wide area network, so it’s important to ensure they are encrypted in flight and at rest. A military-grade Advanced Encryption Standard with 256-bit keys is preferable, but you should encrypt to the highest level possible to prevent data breaches and other malicious activity — a common cause of downtime.

Look beyond IT

Data recovery should be an integral component of your organization’s DR plan, but it’s also important to look beyond IT to ensure true business continuity.

Examine all business and educational functions, identify those that are critical to maintaining business continuity, and develop a DR strategy for each. Determine the steps required to get those essential departments and employees online and communicating with each other, and make sure they can quickly and easily access the systems and servers they need to keep the establishment running. Communication and training are key here. Everyone who has a role in the DR process must be made aware of the plan and trained on their specific responsibilities. Consider cross-training personnel, so someone can always pick up a task in the event the primary person for that task cannot fulfill his or her responsibilities.

Don’t take disaster recovery lightly. Create a comprehensive, institution-wide plan, familiarize all the appropriate parties with it, and test it continuously to ensure flawless execution. That is the key to true recovery.

— Excerpted from the April 2015 issue of School Business Affairs magazine, published by the Association of School Business Officials International. asboint.org

This article originally appeared in the issue of .

About the Author

Dave LeClair is vice president of Product Marketing at Unitrends, a data protection and disaster recovery provider based in Burlington, Mass.

Featured

  • Three U.S. Universities Install Acre Security Access Control Platform

    Cloud-native physical and digital security solutions company Acre Security recently announced that it has deployed its access control platform at three major universities in the U.S., according to a news release. Acre partnered with Atrium Campus to provide coverage for more than 69,000 students at the University of Virginia (UVA), George Mason University, and Rockhurst University.

  • Photo courtesy of Spiezle Architectural Group, Inc.

    West Melbourne School for Science Completes Expansion Project

    The West Melbourne School for Science, which serves students grades PreK–6 in West Melbourne, Fla., recently completed a 12,450-square-foot elementary school expansion, according to a news release.

  • How One School Reimagined Learning Spaces—and What Others Can Learn

    When Collegedale Academy, a PreK–8 school outside Chattanooga, Tenn., needed a new elementary building, we faced the choice that many school leaders eventually confront: repair an aging facility or reimagine what learning spaces could be. Our historic elementary school held decades of memories for families, including some who had once walked its halls as children themselves. But years of wear and the need for costly repairs made it clear that investing in the old building would only patch the problems rather than solve them.

  • Elevating Campus Maintenance: How Power Wash Drones are Transforming Educational Facilities

    As today’s campuses grow larger and more architecturally complex, keeping exteriors clean, safe, and inviting has never been tougher. Facilities leaders are under constant pressure to stretch budgets, meet safety standards, and support sustainability goals—all while tackling the stubborn challenge of exterior cleaning.