Copyright © Information Today, Inc.
|Clifford the Big Red Dog|
Computer Education Teacher • Lanesborough (Massachusetts) School System
In my town, when the electricity unexpectedly goes off, it may remain off for a while, or worse, it may go on and off several times before it either stays off or returns to a normal state. Needless to say, when this happens, we go to "Plan B" in my computer lab. My contingency management plan — my "Plan B" — consists of reading one of my Clifford the Big Red Dog books to the class. (Clifford the Big Red Dog is a series of children's books about the adventures of a dog that is the size of a two-story house. The series is published by Scholastic Inc.) Even if the power comes back on, we usually finish whatever story I am reading—the children really like reading about "Clifford." As far as a contingency management plans go, this is a cool one. And hey, it sounds better to say, "I initiated my contingency management plan," as opposed to saying, "Reading Clifford the Big Red Dog is my backup during a power outage."
We all have "contingency management plans" in case this lesson or that new lesson does not work smoothly and you need to close out and go a different route. But dealing with contingencies in technology is a bit more problematic—too many things can be adversely impacted, and the recovery process can be more complex than simply pulling out a Clifford book and reading to the class. In talking about a contingency management plan, two most obvious issues come to mind: a. what to do during a power outage, and b. the need to back up mission-critical computers (e.g., computers containing payroll information, attendance records, personnel data). What may not be so obvious is the need for a contingency management plan to deal with other issues that may adversely impact computers.
Far too many school systems do not have contingency management plans much beyond reading Clifford books to the children if the power goes off in the computer room or library media center. But this is an action that the computer education teacher or library-media specialist implements out of the necessity to do something with a whole class of children when one's main lesson plan is not workable. I am also fairly confident that far too many school systems, even while realizing mission-critical computer systems should be regularly backed up, do not perform any backups. Even in a best-case scenario, I believe that most school systems perform backup operations far too infrequently and to a point that if there were a need to restore the system from the backup media, such a restoration would contain data so far out-of-date as to render the backup effort virtually useless.
An informal straw poll of 23 school administrators in Massachusetts indicates that my two previous statements are probably true. My informal survey also indicated that most school systems do not have any contingency management plan at all—"We deal with things such as this as they happen"!
It's almost not to be believed that many school systems know they should back up the data on mission-critical computer systems and yet do not!!
Given all this, let's think about what would be contained in a contingency management plan. After all, if such a plan is going to exist, it will only occur if the computer education teacher or the library-media specialist takes the initiative.
Certainly we could agree that mission-critical computers should have regularly scheduled backups performed on them—at least every week. Certainly we could agree that a mission-critical computer label should be applied to the business manager's computer and computers that contain other important data such as attendance, student discipline records, student/staff health and emergency information, and such. But even if this were the only item on a contingency management plan, even if you religiously back up the mission-critical computers, your efforts will be a quiet success. Your efforts will not go unnoticed, but they will not be fully appreciated until there is a need to restore some critical data.
But, sooner or later, this question will also arise: "Are there computer systems in classrooms that should be categorized as mission-critical?" This is important, as it will determine which computers will be included in the backup regime and which will not. It could, if teacher's computers are excluded, set a tone that the educational material on those computers are not critical to the mission of a school—hmmm...interesting thought huh!
So, I'll leave it up to you to define what a mission-computer system is.
Several incidents in recent years have caused me to evolve my contingency management plan beyond having Clifford the Big Red Dog books on hand. These vignettes may assist you in forming a contingency management plan of your own.
A few years ago our administrative assistant, who was responsible for the payroll warrant and other such budgetary items, retired. A replacement was hired, but she left for another job shortly after. So the superintendent went to a temp agency and secured the services of, what turned out to be, an excellent accountant. The temp, let's call her "Audrey," was very knowledgeable in regard to business matters and was a whiz when it came to using Microsoft Excel. She set up templates for entering payroll and expenditure data into spreadsheets. We did not have any of these before. Audrey was very dynamic and had quite a few terrific ideas. As it turned out Audrey was pursuing her bachelor's degree in business management. Several months went by and she was making suggestions regarding a wide range of operating procedures and policies; her suggestions were actually quite good. But after a few more months, her reasonable "suggestions" soon became demands. Eventually Audrey became quite adamant that "her way" be adopted. The superintendent was not amused, to say the least. Even though there were only a few instances in which the superintendent disagreed with her proposals, Audrey took any rejection personally. As a result, Audrey became more and more difficult to work with. She saw everyone as an adversary and she did not hide her feelings.
Finally the day came when it was time for Audrey to seek other employment. The superintendent was going to notify Audrey that she was terminated. But he had a concern that Audrey would be very angry and would damage or destroy the data that was contained on the computers. He asked me what we should do in order to insure the security of our mission-critical data. I suggested that we back up the data on Audrey's computer every night. The superintendent waited a few days, so we had four backup disks—one from each evening's venture. Needless to say, when Audrey left she was a very disgruntled employee. But we had those backup disks, so we were confident that even if she destroyed data, we could easily restore it. Well, we were partly right. After the superintendent notified Audrey she was terminated, she went back to her computer and activated a password. We did not consider this eventuality.
It was no surprise that Audrey refused to tell us what the password was. But we felt safe, as we had a current backup of all the data from her computer. All that needed to be done was to reformat the hard drive, reinstall Windows, reinstall the application files, and restored all the data. This only took a few hours. It would have taken many weeks if we had not backed up the data (e.g., payroll data, correspondence, staff information).
We overcame this terrorist attack in fairly short order. But the lesson we learned was to back up mission-critical computers on a regular schedule—we did not do this before Audrey became an obvious problem. I suppose that we though the computers would run forever and we would never have a disgruntled employee who might contemplate damaging computer data.
So, we needed to hire yet another administrative assistant to handle the budget. We hired the town accountant—the folks at town hall were not so pleased, but we were. Audrey's replacement is working out just fine. And...we now perform regular backup operations on all administrative computers on a regular basis. We also insist that if a computer has a password, that password must be put into a logbook that is kept in the safe at town hall.
The school year ended, we had no other significant issues. But during the summer months we came to realize that we had a mission-critical computer that was password protected, and the secretary did not tell anyone what it was. As fate would have it, she was given a 1-month leave to drive to Florida and take a well-deserved vacation. However, we needed to access her computer to obtain some Special Education material and, much to our dismay, we ran smack-dab into the password prompt!! Well, in this case we did not have a disgruntled employee; we just had an employee who was out of touch while she drove to Florida. This was actually more problematic than was the situation with Audrey. We finally contacted the secretary and she gave us the password. So now we check regularly to insure that passwords are recorded.
After a number of small incidents and the two major incidents I have mentioned here, it became obvious that we needed to have a systematic review of our circumstances for the purpose of developing a formalized strategy to: a. provide for continuous data gathering and processing operations, and, b. control risks that have the potential to significantly disrupt those operations. Given this mandate we developed several action areas to explore:
Threat analysis. Conjure up as many threat scenarios as possible and evolve protocols to address them (e.g., disgruntled employee with computer access, hacker, stolen computer system, disk drive crash, installing new software on a mission-critical machine).
Business impact analysis. Theorize what impact a threat would have on our school system if it were successful and then evolve alternative procedures to minimize the impact.
Identification of the most appropriate preventative and response actions. This action may fold into the previous two items, but a well-defined discussion of how to implement preventative and response actions should be done (e.g., who should have an uninterruptable power supply on their computer, how will teachers and staff react to being asked to tell us the passwords to their systems—will they perceive this as the administration not trusting them?). This action area should result in formalized statements/policy (e.g., all computers containing personal information, student attendance, and payroll data will be backed up weekly and immediately after all major data-gathering incidents).
Implementation of preventive action plan. After the contingency management plan is set in place it is important that all scheduled maintenance protocols/policy be performed religiously. It is also important that a trained individual who does not have other duties that would preempt them from implementing various aspects of the plan conduct the policy and protocols in a efficient and timely manner.
Reviews of existing emergency and recovery plans. It is critical that there be regular reviews of all parts of the contingency management plan.
It is also important to check the integrity of the backup process to insure that what you think is being backed up is actually being recorded. It would be catastrophic to attempt to restore damaged files from backup media only to find that the media itself is faulty and the data not stored. It is important to conduct dry runs from time to time—restore the backed up data to a non-mission-critical computer system to insure it will function properly.
It may be difficult to convince
the administration to implement a contingency management plan. While they
would certainly agree that a contingency management plan is needed, this
idea of a contingency management plan may be a new concept to them. The
difficulty will be in identifying someone whose job it is to perform this
task. Today, there does seem to be a trend by state Departments of Education
away from just mandating that student-to-computers ratios be lowered
and toward the reality that school systems need an electronic janitor and
they need a technology integration person. But until school systems fund
these positions it will be difficult to implement a contingency management
plan, other than you becoming the chief cook and bottle washer, unless
you have the vision and can provide the needed leadership necessary to
get this done. You can do it. Good luck.
Here are some Web sites with relevant information:
The Virginia Community
This Web page is an excellent
sample master document. Also of interest on the Virginal Community College,
as well as http://www.so.cc.va.us/its/models/disasmod.htm.
This is "a not-for-profit
corporation working in the public interest. It addresses issues of critical
national importance, combining systems engineering and information technology
to develop innovative solutions that make a difference." Even though some
of the material in these Web pages addresses Y2K issues, the planning and
policy approaches readily apply to contingencies beyond Y2K. Their contingency
management plan may be viewed at http://www.mitre.org/technology/y2k/docs/CONTINGENCY_PLAN.html.
Also of interest at the MITRE Web site are http://www.mitre.org/technology/y2k/docs/CONTINGENCY_GUIDELINES.html
Longwood College in Farmwood,
|Dr. Rob Reilly is the computer education teacher at the Lanesborough Elementary School in Lanesborough, Massachusetts. He is also a Visiting Scientist at the MIT Media Lab in Cambridge, Massachusetts, where he is conducting NSF funded research in the area of affective computing. Communications to the author should be sent to Dr. Reilly at e-mail: email@example.com. His Web site is http://www.media.mit.edu/~reilly.|
Information Today Home Page
Copyright © 2001, Information
Today Inc. All rights reserved.