Dec 26 2023
Data Center

How to Ensure Continuity of Operations During Emergencies

States are responsible for essential services and critical data. Resilience is a necessity, even in a crisis.

Citizens count on state and local governments to maintain essential digital services and properly handle a plethora of sensitive data. Major disruptions to government operations can have a major impact on public life. As a result, agencies must be diligent in their preparation against threats by devising sound processes, procedures and governance policies.

But even the best-prepared organizations can’t stop natural disasters or a wide-scale public infrastructure collapse. Agencies must ensure the continuity of operations even in these situations. This means proper data security, data management and geographical redundancy with system backups in multiple locations. 

What may be less apparent is that organizations also need clear mandates that assign budgets and staff, a well-trained workforce to monitor and operate on these mandates, security logging and compliance, and proper computing and storage.

Click the banner to learn how state and local agencies can optimize their data centers.

Set Clear Mandates on Applications

How do you ensure continuity even in a crisis? Have a clear mandate on what the application’s goal is and the satisfaction and availability levels for end users: the citizens. From there, your organization should have standing orders for when decision-makers may not be available. For example, when there’s a mass blackout and agencies can’t reach the mayor, what services should they keep up, and what are top priorities? With standing orders and a sense of what the most critical applications are, available decision-makers will know what to do.

Looking ahead to such scenarios will prepare governments for the unexpected and leave them with the means to pay for essential systems on the fly. Part of the standing orders should indicate the supply of money: Access this card, spend up to this amount for these applications, save the receipts.

Agencies should also set a clear decision-making chain so that when the top decision-makers are indeed unavailable, the rest of the agency knows exactly who to call next. They also need to officially convey service level agreements to development and operations teams so every new application that’s designed will live by those standards. These are the type of governance and business conversations that can be easily forgotten, but they are essential. Agencies must strengthen security logging and compliance to ensure they fulfill the goals of these procedures.

LEARN MORE: How to increase ransomware recovery after an attack.

An Informed Approach to Disaster Response and Redundancy

Agencies must make sure that data and applications are available in multiple locations. They should also conduct studies on their regions to see what natural disasters they’re susceptible to, how intense they’re likely to be and how frequently they might occur. Find out whether you’ll lose power for 90 minutes or for nine days, and prepare accordingly. For example, if an ice storm is the most likely natural disaster where you are, generators must use diesel fuel with anti-gel additives so it doesn’t freeze in cold temperatures.

As for being geographically diverse, if you have a contract with an offsite data center, make sure you have guaranteed access to reserved capacity. This means that there will be a certain level of storage available to your organization, no matter what. Your applications should also be written and tested for failover and failback to provide further protection against system failures.

Set Up Employees for Success

Your employees need management access to all data centers and redundant pathways so that if the internet goes down where they are, they have a backup such as cellular to continue to manage data centers.

Additionally, keep track of where your employees are working from. Some remote employees may move without necessarily telling their employers, which creates risk. If everyone ends up in the same city and it’s hit with a natural disaster, there may no longer be someone in a secondary location who can take action. You no longer need to provide office space at an alternate location as you would have in the past, but the risks still apply.

EXPLORE: Navigating multicloud complexity with cloud implementation services.

Embrace Cloud Solutions

With the cloud, you don’t have to worry about physical infrastructure, generators or network redundancies. The cloud can take somewhere around 60 percent to 75 percent of the workload off your staff’s plate, and you can keep copies of data in multiple places hundreds of miles away from each other.

That said, cloud is not a cure-all, and organizations still must deploy in multiple regions in the cloud. You can’t assume that you’re safe just because you’re in the cloud. Cloud providers can help with this, as they provide multiple sources of everything. If hardware fails, they’ll move you transparently to new hardware. If power fails, they’ll switch to another provider, and they will bring in about a dozen internet service providers if one of them fails.

This article is part of StateTech’s CITizen blog series. Please join the discussion on X (formerly Twitter).


Jacob Wackerhausen/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.