Natural disasters such as hurricane’s, earthquakes, and fire can put a school district’s data out of reach. These are obvious reasons to have a solid disaster recovery strategy in place. In the aftermath of Superstorm Sandy that hit the East Coast (NJ, NYC, and Long Island), there were several school districts that were unable to gain access to their systems for days or weeks after the storm had passed. This made it impossible to generate transcripts, pay bills, and in some cases, process payroll.
More Than Just Data Backup
Cybersecurity is also becoming an even bigger risk to schools and the availability of school data. According to the K–12 Cybersecurity Resource Center there have been 443 cybersecurity incidents reported by US K-12 public schools. The issue is so severe that in September 2018 the FBI released a Public Service Announcement, Education Technologies: Data collection and unsecured systems could pose risks to students. The map below shows the scope of the issue.
- Blue Pins – Phishing attacks resulting in the disclosure of personal data
- Purple Pins – Other unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data
- Yellow Pins – Ransomware attacks
- Green Pins – Denial-of-service attacks
- Red Pins – Other cyber incidents resulting in school disruptions and unauthorized disclosures
The attackers are also equal opportunity offenders, attacking districts in all regions, all sizes, community types, and poverty types.
K-12 Educational Obstacles
Unfortunately, lack of funds may cause K-12 institutions to neglect backup and disaster recovery. Historically, disaster recovery meant building a duplicate infrastructure someplace else, generally in another school building, though this gives only minimal protection due to the proximity of the facilities or pay massive amounts of money for a colocation provider to host the environment.
Reduced funding may force schools to stick with outdated forms of backup and recovery. Many schools still use magnetic tape or optical disks to backup their files. Most times, these tapes are stored on-premises or nearby (e.g., at another location within the school district), putting them potentially at risk. K-12 institutions need to find affordable ways to implement disaster recovery so that they can preserve uninterrupted access to education, protect student records, and position students for future success.
Cloud Solutions for K-12
Cloud-based disaster recovery is the ideal way for K-12 institutions to implement disaster recovery. Disaster recovery as a service (DRaaS) allows schools to backup and restore information without needing a second physical location. With DRaaS, schools can instantly fail over to the cloud, giving them uninterrupted access to records and online educational resources. DRaaS is also very affordable for cash-strapped schools. Instead of paying upfront for infrastructure hardware, schools can pay for cloud services at an affordable and predictable monthly rate.
This solution allows district personnel to securely gain access to the data from anywhere so in the event of a disaster, staff members can be in a Starbucks securely accessing the DRaaS servers.
For K-12 IT teams in some districts, picking up the pieces after a ransomware attack can be a heavy load — and, with limited resources, may take longer than administrators would like. With DRaaS, sschool districts could quickly rebuild ransomware-infected endpoints, which would wipe out the ransomware and return the endpoint to a clean state. To help districts, some companies offer Disaster Recovery as a Service as part of their platforms. Microsoft, for example, has DRaaS services incorporated into its Azure cloud platform. CCSI has experience working with K-12 implementing and managing Disaster Recovery Services with Microsoft Azure. Contact us to learn more about our cloud solutions.
Author Bio: Joe Goldberg is the Senior Cloud Program manager at CCSI. Over the past 15+ years, Joe has helped companies to design, build out, and optimize their network and data center infrastructure. As a result of his efforts, major gains in ROI have been realized through virtualization, WAN implementation, core network redesigns, and the adoption of cloud services. Joe is also ITIL certified.