it disaster recovery planfluencycontent2-schoolwebsite.netdna-ssl.com/filecluster/...the purpose of...
TRANSCRIPT
IT Disaster Recovery Plan Page 1 of 8
Learn more… Do more… Be more…
IT Disaster Recovery Plan October 2019
Carole Gibbs 10/1/19 Ratified by Governors
IT Disaster Recovery Plan Page 2 of 8
Learn more… Do more… Be more…
Introduction
The purpose of this document is to set in place strategies to ensure the secure backup and recovery hardware and/or data stored on the school networks. The data to backup includes school management data files and all network user documents. The strategies in place will be robust enough to ensure the recovery of data files and databases in any circumstances. Identified risks are:
Fire or flood
Electrical failure or surge
Lightning strike
Catastrophic hardware (including portable media) or software failure
Virus or malware attack
Accidental damage to or theft of hardware
Accidental file deletion Data can be destroyed by system malfunction or accidental or intentional means. Adequate backups will allow data to be readily recovered as necessary. The ongoing availability of important data is critical to the operation of the school. In order to minimise any potential loss or corruption of this data, individuals responsible for providing and operating administrative applications need to ensure that data is adequately backed up by establishing and following an appropriate system backup procedure.
Site Plan
Statement of Authority and Scope
IT Disaster Recovery Plan Page 3 of 8
Learn more… Do more… Be more…
This plan is intended to detail the accepted good practice in the backing up and restoring of data on the networked computer system.
The ICT Network Managers provide the framework, design and implementation of backup strategies employed by Priestlands School and they are responsible for the operation of these strategies, with the full support of the Senior Leadership Team and the Governing Body.
Backup Procedures
Backup Frequency There is a dedicated backup server located in Robert Hole. All backups are stored on site, except for email which exists only off site and has default backup provision for 14 days retention.
Critical network user and data servers are backed up daily with some non-critical technical servers backed up less frequently.
Servers The main servers are located in the Main Building Hall in a side room which is locked with air conditioning to keep the room cool. The room has a fire door.
Back up servers are held in the Robert Hole building in a server cupboard between H24/H25 which also has a fire door and air conditioning.
Virus Protection
The school purchase virus protection through Microsoft EES (Enrollment for Education Solutions) annual subscription. Updates to Definition files are scheduled several times daily.
Systems
Finance system: PS Financials is held on the server and only the School Business Manager, Finance Staff and the Headteacher have access rights according to their level of approval. PS Financials are able to remote access the Priestlands Employees workstation under the employees control. From there they can connect to and administer the database server. Contact for PS Financials 01733 857051 or email [email protected]
Payroll system: Pegasus Opera is held on the server and only the School Business Manager and HR/Payroll Officer have access rights to the full system. The school has a contract with Enhanced who are based in Poole. They can remote access the system through “letmein” remote access software. Contact for Enhanced 01202 308001. Parent Payment system: Tucasi School Cash Office (SCOpay) is a system which enables parents to make payments on line or alternatively in school. It is held in the cloud, therefore the risk is minimised and limited to cyber-attack. The school has no access to parents debit/credit card details as Worldpay provides the school with payment information but not card information which is not retained. Contact for Tucasi 02380 016564 Biometric Catering: Provided by CRB Cunninghams. There is no routine backup built into the system however historical purchases and money balances are synchronised daily into Tucasi with transactions held in the cloud. Contact for CRB Cunninghams 0333 0143064 Telephone System: Managed through Communications South who installed telephone hardware and incoming telephone lines. The school has an annual maintenance contract. Contact for Communications South on 02392 833933.
IT Disaster Recovery Plan Page 4 of 8
Learn more… Do more… Be more…
CCTV System: Managed through Premier Fire & Security. CCTV is held on a multiple DVR Controllers in the Site Office and is stored for a maximum of two weeks. Contact for Premier 01794 339999 SIMS: Managed through Capita. Information is locally hosted on school servers. Support is with Hampshire through an IT SLA Contact Hampshire CC IT Help Desk on 01962 847007 Servers: Medhurst are the installers of the core servers and backup solutions including warranty. The school has a support SLA for third party technical support. Contact for Medhurst 01489 56300 or email [email protected] Wireless Network: Supplied by switchshop – no support contract in place Contact for Switchshop 01438 831870 Groupcall: Operated and supported by Groupcall using data extracted from SIMS Contact for Groupcall 020 8506 6100; https://support.groupcall.com/; [email protected]
Risks/Actions to be taken
Issue Considerations Actions/Contacts
Cable damage either overhead or underground
Coach House is fibre optic cabled to Gurney Dixon therefore if network switch hardware failure occurs in Gurney Dixon, both buildings are affected
Gurney Dixon Network cabinet is linked to the Main Building Network Cabinet with fibre optic cable routed through the Robert Hole building. Both cables merge around the external wall of the Technology Block to the Main Building – In the event of damage affecting the cable, the connection to Technology/Robert Hole/Gurney Dixon and Coach House would be lost.
Contact Clear Electrical Services (David Williams) 07867972078 or 01489 807277 Zurich (if claim is required) 0800 028 0336 Policy KSC 242045-9173
Loss of electrical power
UPS are battery units that deliver 240 volts of electricity and are attached to the Servers, Controllers and Network Cabinets They are intended to:
provide constant protection from damaging changes in the electrical supply
provide sufficient ‘run-time’ to keep hardware running during a momentary loss of power in order to provide enough time to manually shut down
The batteries in the UPS units have a finite life cycle (2-3 years), and these should be routinely replaced.
There are 2 mains electrical power supplies on to the Priestlands Site. These are the responsibility of the SE Power Distribution. The school has various electrical distribution boards within the site
Contact Wings for local problem on 01962 847778 or out of hours 0870 242220 Contact SE Power Distribution on 0800 072 7282 or call 105
IT Disaster Recovery Plan Page 5 of 8
Learn more… Do more… Be more…
Issue Considerations Actions/Contacts
Loss of internet Email:
total loss of access to email Finance:
Tucasi Schools Cash Office will not be operational
Online SCOPay payments will not synchronise to the Kitchen
PSFinancials – Purchase Orders cannot be emailed
Payroll – Payslips cannot be emailed
Contact Hampshire IT Help Desk (HPSN2.1) Site Reference 1771 on 01962 847007
Fire Main Building and Robert Hole which house core server and back- up server
Contact as required: (See numbers above) Hampshire IT Help desk 01962 847007
Zurich Insurance 0800 028 0336 Policy KSC 242045-9173
Wings Property Services on 01962 847778 or out of hours 0870 242220
Medhurst IT support on 01489 56300
Switchshop on 01438 831870
Communications South on 02392 833933
Flood Main Building – at risk due to blocked drains – potential flood Robert hole – low risk as on first floor
Zurich Insurance 0800 028 0336 Policy KSC 242045-9173
Wings Property Services on 01962 847778 or out of hours 0870 242220
Medhurst IT support on 01489 56300
Lightning Damage to CCTV, wifi and network infrastucture Zurich Insurance 0800 028 0336 Policy KSC 242045-9173
Wings Property Services on 01962 847778 or out of hours 0870 242220
Medhurst IT support on 01489 56300
Premier Fire Security for CCTV and fire panel damage on
01794 339 999
IT Disaster Recovery Plan Page 6 of 8
Learn more… Do more… Be more…
Issue Considerations Actions/Contacts
Cyber attack Viruses, trojans, worms and ransomware, can work their way through the network, destroying, deleting, or encrypting files and data. The source of these attacks could be from the Internet, internal machines becoming compromised or users acting maliciously.
If a server is attacked, it could be brought offline and would require rebuilding
If a Virtual Machine is attacked it can recovered from the latest backup on the Backup Server
If the Backup Server is attacked, the backup data may still be available,
if the backup data is attacked, it will be rendered useless.
Antivirus software is installed on some servers and virtual machines and all client workstations. All servers will be complete within the next 12 months Hampshire IT Help desk 01962 847007
Medhurst IT support on 01489 56300
Communication Registers
Take paper copies
Photocopying
Photocopiers are located in Nichols (2), Robert Hole (1), Science (1) and Main Building (3) for off line printing
Printing One admin machine in the front office will be
connected directly to a printer for off line printing. This is replicated in Robert Hole Maths Office
Phones Contact the Communications South and ask
them to redirect to an emergency mobile number.
Internet to access email
Many staff have smartphones and so are able to access their email using their mobile data contract which would not be affected by the school losing connection.
Backup plan for communicating with staff
Start of day / end of day staff briefings
Email still sent from mobile devices
Duty students
Paging system if phones are working
Backup plan for communicating with students Via tutors during registration Paging system if phones working
Front office to print off weekly IT Network Managers to ensure both machines are set up Communications South on 02392 833933
IT Disaster Recovery Plan Page 7 of 8
Learn more… Do more… Be more…
Glossary
Backup Server
The server on which the backups reside. Backup software in use is called VEEAM. Located in Robert Hole, top floor, Cupboard between H24 and H25. Air conditioned See also Failover, Replication
Controller A hardware device dedicated to controlling one thing. For instance the WiFI and Telephone systems each have a dedicated controller. CCTV is shared amongst several controllers, each responsible for recording a percentage of the Cameras.
Core Switch
The central switch, to which all other Edge switches are connected. It is responsible for ‘routing’ the entirety of the data flowing over the network.
Edge Switch A switch located around the site, serving a dedicated area, normally a building. It will be connected back to the Core switch, normally via fibre optic cable. There are likely to be multiple edge switches, connected together in the one cabinet to increase the capacity of that cabinet.
Host
A physical hardware server/machine, responsible for ‘hosting’ the Virtual Machines/Virtual Servers which perform the server functions. There are 3 Hosts in the Server Core, and 1 Host for the Backup Server
Failover Related to the Backup Server, a production VM can fail over to the Replication/Backup VM
Fibre Optic cable The cable used for connecting building together. All cable from outlying building is routed towards the Server Core.
Host A physical, core server/machine, that are the hardware on which the Virtual Machines (VMs) run. There are multiple Hosts connected in a Cluster. The cluster allows failure of one or more Hosts to be tolerated, with the surviving Hosts adopting the VMs that the failed Host was controlling.
HyperV
Microsoft HyperV is the Operating System used on the Core Servers/Hosts, for the management of the Virtual Servers
Network Cabinet A metal cabinet screwed to the wall, or freestanding, in which the network switches are located
Replication A type of Backup: “When you replicate a VM, Veeam Backup & Replication creates an exact copy of the VM in the native HyperV format on a spare host, and maintains this copy in sync with the original VM. Replication provides the best recovery time objective (RTO) values, as you actually have a copy of your VM in a ready-to-start state.” “If a production VM goes down, you can immediately fail over to a VM replica, giving users access to the services and applications they need with minimum disruption while you resolve the issue.”
SAN (Storage Area Network)
One device, that contains all the disc storage for the network. It is connected to the Hosts.
Server A machine that serves something. Could be a Physical or Virtual Machine.
IT Disaster Recovery Plan Page 8 of 8
Learn more… Do more… Be more…
Generally considered to be an important ‘machine’, used in the day to day running of the School
Server Core
The room in which the Core Servers, and other core hardware is located. Our Server Core is located off the Main Hall in Main Building. Ground Floor. Air Conditioned.
Switch A network device, located in a cabinet, into which every computers network cable in that area is routed. Multiple switches may be grouped to increase capacity. See Edge Switch and Core Switch
UPS - Uninterruptable Power Supply
These are batteries, which deliver 240 volts output, for a limited amount of time (roughly 5 to 30 minutes, depending on the specification of both the UPS, and the devices plugged in to them). Their intention is to ‘smooth out’ rapid spikes or dips in the mains electricity thereby protecting the delicate circuitry of the attached devices, and to provide 240 volt power for brief outages of the mains supply. In the event of a sustained loss of mains power they give you minutes of time to either manually shut down gracefully all important computers, or automated and pre-configured UPS monitoring software may perform this function on the attached devices.
VEEAM
The software used for Backups. Installed on the Backup Server.
Virtual Machines Virtual Servers (VMs)
A VM is the server that you actually use (eg File Server, Print Server, SIMS etc). Multiple Virtual Machines run on a physical machine called a Host. We use Microsoft HyperV technology.