Go to Source
Wed, 10/30/2019 – 15:13
In 2013, just months after I started working as CIO of Bridgeport School District in Connecticut, my biggest fear about the job became reality: The district firewall was attacked.
The firewall did what it was supposed to do — it didn’t let the attack in — but then it failed. This happened the day before a new firewall was scheduled to be installed.
Other K–12 IT professionals likely know this fear. School districts collect gobs of data, much of which is required by law. Every state has laws about data retention. For schools and districts, losing data without the means to recover it is a major issue. And schools are easy targets for cyberattacks because of persistent struggles with resources, particularly IT staffing and funds.
That’s also why, from day one of my time as a CIO, I worried about what could get me in the most trouble on the job. Losing all of the district’s data and having a major disaster topped the list. But I acted on that fear, asking questions about data recovery that helped guide me through developing a disaster recovery plan for the district.
What sort of backup system is already in place?
I talked with the outgoing IT director about any existing recovery systems and previous related discussions. I discussed with my team the previous efforts to develop a plan. The district was a CDW•G customer, so I worked with an account manager to access the district’s potential data security threats and develop a recovery plan.
What happens if there is an issue with one of our servers? Where would we locate recovered data?
Working with the CDW account manager, we chose a Barracuda backup system and backed up everything on multiple servers. If there was a problem with one server, or if data disappeared from one of the backup servers, we still could recover it. It didn’t take long to set this up.
As I said, it didn’t take long before we had to test our solution to this question. When the old firewall failed, some of the district’s old servers failed too. But we were ready. We were able to spin up information on the new server and restore everything on our backup. Most systems were up within a few hours. We were able to restore all of our information.
This illustrates why it’s important to back up data in multiple locations. Think about it: If damaged or compromised files are included in a backup, what safeguards are in place to prevent those files from getting carried over to your backup system? You have to have a completely separate backup of your backup. Always have a recovery point.
Also, think about all of the issues that can cause data problems. Do you have the proper firewall? Do you have anti-virus protection? Are all of those things set up?
Even with those safeguards in place, the work isn’t over.
What is the biggest threat to your system?
Your users. They will click on a phishing email. They will do something they shouldn’t, and you won’t immediately know. That’s why an important aspect of a disaster recovery plan is working to educate your users about best practices. Make sure you train them on what to do to avoid causing data privacy problems.
When issues occur, use them as learning opportunities. Explain what happened, assure your users that it was fixed and that no data was lost because a backup system was in place. Address what can be done to mitigate similar incidents.
Phishing is a huge problem. It’s good to know there are a number of built-in anti-phishing tools from Google and Microsoft. Work with your users on how to avoid phishing emails, including how to recognize them for what they are.
What should be done to try to thwart future attacks?
Once you identify what the attack was, what it was attempting to do, then you can determine what damage, if any, occurred. For example, if the attack successfully targeted passwords, change all passwords.
True disaster recovery is having a recovery plan in place in case disaster hits your data center. Do you have a secondary network connection? Do you have secondary switches and access to the internet to retrieve information?
I developed the disaster recovery system for Bridgeport schools back in 2013. Six years later, CDW has more people who can help with a free threat assessment and a plan to address any vulnerabilities. We have many more options and partners now, and we can tailor a solution to fit your situation. You don’t have to handle these things alone. We can also work with you to train your staff and students about the basics of data protection.
In Bridgeport schools, we implemented a whole disaster recovery system about a month before a major failure. When it happened, we quickly got everything up and running. The timing was very lucky.
Don’t count on luck. Act now and develop a plan, then rest easy knowing you can bounce back when disaster strikes.
This article is part of the “Connect IT: Bridging the Gap Between Education and Technology” series. Please join the discussion on Twitter by using the #ConnectIT hashtag.