Preservation Section Disaster Planning Presentation (SAA 2010)

1,854 views
1,769 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,854
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
35
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Preservation Section Disaster Planning Presentation (SAA 2010)

  1. 1. Beyond Backups<br />Lance Stuchell<br />Lessons Learned From Disaster Planning for a Digital Archive<br />2010 SAA Preservation Section Meeting<br />
  2. 2. Overview<br />This slideshow was originally presented at the<br />2010 SAA Preservation Section<br />on Friday, August 13th 2010<br />(some slides have been added for clarity)<br />This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. <br />
  3. 3. Disaster Planning Case Study<br /> Overview of ICPSR<br />Campus of the University of Michigan<br />An archive of digital social science research data<br />Preserves over 500,000 files of research data<br />Disaster planning process formalized in 2007<br />Gained new urgency after 2008 power outage<br /> Lessons learned<br />The disaster planning process<br />Incorporating digital asset protection<br />
  4. 4. "By failing to prepare you are preparing to fail." <br />-Benjamin Franklin<br />
  5. 5. The Planning Process<br />
  6. 6. “What Could Happen” Approach<br />Drawings by Rebecca Goldman<br />
  7. 7. Core Functions Approach<br /> Identify core functions of organization<br />Safety of employees and guests <br />Basic financial procedures (payroll)<br />Access to collections<br />Preservation of digital assets <br /> Determine allowable downtime<br /> Risk management does play a role<br /> Identify other planning mandates<br />
  8. 8. Benefits of Functions Approach<br /> Helps frame entire disaster planning process <br />Identifies and prioritizes functions of organization<br /> Allocation of resources<br />Resources can be used to protect and recover most important functions <br />Prioritize and allocate time and funding <br /> Helps define and identify disasters<br />Events that threaten core functions are “disasters”<br />Less likely to miss the “small” events <br />
  9. 9. Core Functions at ICPSR<br />Initial Core Function Identification and Allowable Downtime<br />
  10. 10. Core Functions at ICPSR<br /> Web access identified as vital core function<br />Allowable downtime is minimal <br /> Led to development of webserver backup<br />Server is backed up in the cloud <br />Switches over in event of a primary outage <br />Facilitates continuity of web delivered content <br /> Resources allocated to recover this function <br />
  11. 11. Access During a Disaster<br />2008 Power Outage (before backup)<br />Power Outage<br />OAIS Function Model<br />
  12. 12. Access During a Disaster<br />2009 Power Outage (after backup)<br />Power Outage<br />Amazon Cloud<br />Access<br />DIP<br />OAIS Function Model<br />
  13. 13. “The Plan”<br />
  14. 14. Planning Components <br />“Ultimately, an organization would use a suite of plans to properly prepare response, recovery, and continuity activities for disruptions affecting the organization’s IT systems, business processes, and the facility.”<br />From NIST Contingency Planning Guide for Information Technology Systems, pg.7.<br />
  15. 15. Advantages of the Planning Suite<br /> Implementation at appropriate levels<br />Administration approves and guides overall policy<br />Finance manages emergency funds or agreements<br />IT handles technical recovery plans<br /> Improves the updating process <br />By the people who have ownership of the process<br />Can be scheduled at different times <br /> Plans are shareable and modular <br />
  16. 16. First Steps at ICPSR<br />Crisis Communication <br />Plan<br />Disaster Training<br />Plan<br />Disaster Planning<br />Policy<br />
  17. 17. First Steps at ICPSR<br /> Initial policies and plans guided process<br /> Disaster Planning Policy<br />Created standing disaster planning committee <br />Identified stakeholders and subordinate plans<br /> Disaster Training Plan<br />Identified process for promulgating awareness <br /> Crisis Communication Plan<br />Identified communication process which will be utilized during and after a disaster <br />
  18. 18.
  19. 19. Digital Asset Protection<br />
  20. 20. Physical Asset Protection<br />
  21. 21. Research for Guidance<br /> Archive and library community<br />Guidance and importance of managed backups<br />Stresses continued access and public services <br /> Government and educational communities <br />Digital content as organizational assets<br />Guidance on the incorporation of IT<br />Sharing results, high-level polices and procedures <br /> Private and for-profit sector<br />Often based on legal requirements<br />Very difficult to find details and examples <br />
  22. 22.
  23. 23. Planning Components<br />Crisis Communication Plan<br />Business Continuity <br />Plan (BCP)<br />Business Recovery <br />Plan (BRP)<br />Cyber Incident Response Plan<br />Continuity of Operations Plan<br />(COOP)<br />Disaster Recovery Plan (DRP)<br />Occupant Emergency Plan (OEP) <br />IT Contingency<br />Plan<br />From NIST Contingency Planning Guide for Information Technology Systems, pg. 10.<br />
  24. 24. Digital Centered Components<br />Crisis Communication Plan<br />Business Continuity <br />Plan (BCP)<br />Business Recovery <br />Plan (BRP)<br />Cyber Incident Response Plan<br />Continuity of Operations Plan<br />(COOP)<br />Disaster Recovery Plan (DRP)<br />Occupant Emergency Plan (OEP) <br />IT Contingency<br />Plan<br />From NIST Contingency Planning Guide for Information Technology Systems, pg. 10.<br />
  25. 25. Plans for Digital Assets <br /> IT Contingency Plan <br />Provide procedures and capabilities for recovering a major application or general support system<br />Addresses IT interruptions <br />At ICPSR: CNS (IT) is currently documenting and sharing specific system recovery procedures <br />At ICPSR: Many plans already existed, but needed further documentation and sharing <br />From NIST Contingency Planning Guide for Information Technology Systems, pg. 10.<br />
  26. 26. Plans for Digital Assets <br /> Cyber Incident Response Plan <br />Provide strategies to detect, respond to, and limit consequences of malicious cyber incident <br />Focuses on information security responses to incidents affecting systems and/or networks<br />At ICPSR: Existing plan incorporated into suite <br />From NIST Contingency Planning Guide for Information Technology Systems, pg. 10.<br />
  27. 27. Plans for Digital Assets<br /> Disaster Recovery Plan (DRP) <br />Provide detailed procedures to facilitate recovery of capabilities at an alternate site<br />Limited to major disruptions with long-tem effects<br />At ICPSR: Web Continuity Plan (cloud backup)<br />At ICPSR: Archival backups stored at different locations and documenting recovery procedures<br />From NIST Contingency Planning Guide for Information Technology Systems, pg. 10.<br />
  28. 28. Implementation and Maintenance<br /> Standing Disaster Planning Committee<br />Headed by Assistant Director for Administration <br /> Web Continuity Plan <br />Tested in controlled environment several times<br />Provided access to content during 1 power outage in May 2009<br /> To Do List<br />Have a tabletop exercise centered around IT assets<br />Get a better hold of in-house digital assets <br />
  29. 29. Promulgate Results<br />From http://www.icpsr.umich.edu/icpsrweb/ICPSR/curation/disaster/index.jsp<br />
  30. 30. Takeaways<br /> Disaster Planning Process<br />Core functions provide framework for process<br />Disaster plan is composed of a suite of plans, procedures, and policies<br /> Planning for digital assets <br />Some plans are suited to cover digital content<br />Recommend using NIST Guide for guidance <br />Archive community needs more accessible guidance on planning for digital asset protection <br />
  31. 31. Acknowledgements <br /><ul><li> Nancy McGovern, Digital Preservation Officer, ICPSR
  32. 32. Content for this presentation was initially developed for the </li></ul> Digital Preservation Management Workshops<br />http://www.icpsr.umich.edu/dpm/workshops/fiveday.html<br /><ul><li> Rebecca Hatcher and the SAA Preservation Section
  33. 33. Slides 1 and 32: “and you thought you had computer problems” </li></ul>by mandyxclearhttp://www.flickr.com/photos/mandyxclear/3461234232/<br /><ul><li> Slide 4: “Benjamin Franklin - 270/365, 6/24/10” by vpickeringhttp://www.flickr.com/photos/vpickering/4783819450/
  34. 34. Slide 5: “ServerBurn2” by Topato</li></ul>http://www.flickr.com/photos/roadhunter/68017721/<br /><ul><li> Slide 6: Drawings by Rebecca Goldman</li></ul>http://derangementanddescription.wordpress.com/2010/08/12/dangers-and-<br />derangers/<br /><ul><li> Slide 19: “Motherboard flame” by Alfo23http://www.flickr.com/photos/alfo23/1809728501/</li></li></ul><li>Questions?<br />Please contact Lance Stuchell<br />lstuch@umich.edu<br />

×