Keys to COOP Planning in Government
By Stacey McDaniel
The U.S. government, is not only the largest consumer of information technology in the world (with a FY06 IT budget exceeding $63 billion), but is the single largest holder of the nation's most sensitive medical, financial, and law enforcement-related data. As you might imagine, an attack of any sort - digital or physical - directed at a key federal agency's IT center, would have dramatic consequences for government operations, and by extension, the U.S. and global economy.
Recognizing today's volatile IT threat landscape and the potential for corrupting national security, federal and state agencies are actively developing risk mitigation plans against information loss, including the establishment of archiving and recovery procedures, redundant storage systems, and parallel communication links. This process is known collectively as "continuity of operations" (COOP) planning.
A resilient infrastructure
In recent years, there has been an increased emphasis on information sharing across agencies at state and federal levels, with the intention of better serving citizens and streamlining government operations as well as facilitating interoperability during times of crisis. This multi-level collaboration necessitates a COOP plan that addresses information sharing and security at the same time.
An agency's COOP plan should outline an overall risk management program to respond to unplanned and adverse situations that may destroy, damage, degrade, delay access to, or compromise IT systems data or computer-processing capabilities so that critical operations may continue. The COOP plan should address operational recovery issues, from arrangements for a limited backup capability, to relocation to a different, and perhaps to a geographically distant facility in the event of a total failure affecting a wide area. In order to do that, a COOP plan needs to incorporate resilience at four levels:
1. Network: This includes having redundant access technologies, as well as automatic backup and recovery options to deal with network failures, and network security to ensure integrity of data. Network resilience is key, because it enables the next three factors.
2. Application: Application security (antivirus, intrusion protection, and authentication) is very important, as is having Web-based application portals in place that allow users to have access to an application or data on another server should the original server be rendered inoperable.
3. Communication: Plans for rapid restoration and repair of the telecommunications infrastructure should be made; and in the meantime, secure communications networks should be available to connect agencies, law enforcement, emergency response, and the public. These networks could potentially be used for text-based messages, voice over IP communication, and email.
4. Workforce: Have secure telecommuting options in place for all or as many employees as possible in case the main centers of work are physically damaged and work needs to be conducted off-site for an extended period of time.
Backup, Recovery, and Replication
The only way to ensure that critical data is not lost is by enlisting backup, recovery, and replication measures. Luckily, advances in technology no longer force IT administrators to choose between fast backups and quick recovery. Current backup and recovery measures protect, restore, and recover computer systems with non-intrusive, real-time backups and rapid disaster recovery on workstations and servers. Systems can be restored anytime, from anywhere, to virtually any device - an ideal solution to incorporate into any COOP plan.
Bond-trading company Cantor Fitzgerald's primary data center was lost in the 9/11 attacks on the World Trade Center. However, because the company was replicating all of its data to a secondary data center in New Jersey, all network-based services to customers were brought back online within 47 hours. At the time, that recovery speed was remarkable. Now, five years later, replication systems are able to reduce the downtime of data centers to mere seconds. The key is to find a way to replicate data reliably, efficiently, and consistently to remote locations over any IP network for maximum continuity.
Other considerations
As mentioned earlier, a COOP plan should enable information to be secure and available - even in times of disaster. In addition to backup, recovery, and replication, there are other actions that can be accomplished behind the scenes to improve security and help build a resilient infrastructure. This includes establishing a multilayered security solution that provides end-to-end security and is capable of assessing threats, monitoring controls, "shielding" individual applications, and protecting desktops. This protection at all layers of the organization - from gateway to client to internal network - should include antivirus, intrusion detection, and firewall technologies. Also, any time a remote connection to the network is established, a Virtual Private Network (VPN) must be deployed to create a secure tunnel into the network. A VPN also allows IT administrators to apply security policies and configuration information, and check the quality of the remote connection.
Conclusion
The U.S. government's IT systems hold such a wealth of vital electronic data that building COOP plans has become an important initiative across all levels of government. A COOP plan must take into account secure information sharing while keeping data intact and communication lines open in the event of a disaster. While this is a weighty responsibility, important new technologies can help assist in this effort, creating a resilient environment that ensures the data remains safe.
Stacey McDaniel has been writing about high-tech issues for more than six years.
