ICT Damage Assessment and Recovery Plan after Cyclone Heta in Niue Islands



Similar documents
COURCE TITLE DURATION CompTIA A+ Certification 40 H.

Item Minimum Required Recommended Notes

Karen Winter Service Manager Schools and Traded Services

Updated: April Copyright DBA Software Inc. All rights reserved. 2 Getting Started Guide

Windows 2003 Server Installation Guide

Information Technology Policy

Audit4 Installation Requirements

Course overview. CompTIA A+ Certification (Exam ) Official Study Guide (G188eng verdraft)

BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT

Page 1 of 5

MATATIELE LOCAL MUNICIPALITY DISASTER RECOVERY PLAN

ICT Disaster Recovery Plan

Advanced Diploma In Hardware, Networking & Server Configuration

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Montgomery College Course Designator/Course Number: CS 110 Course Title: Computer Literacy

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET

ICT Category Sub Category Description Architecture and Design

Ovation Security Center Data Sheet

CSG Windows Support Policy

DISASTER RECOVERY PLAN

5115B: Installing, Configuring, and Troubleshooting Windows Vista

Updated: May Copyright DBA Software Inc. All rights reserved. 2 Getting Started Guide

MSP Service Matrix. Servers

Local-Area Network -LAN

IT Networking and Security

IT Onsite Service Contract Proposal. For. <<Customer>> Ltd

POLICY NAME IT DISASTER RECOVERY POLICY AND PLAN POLICY NUMBER POLICY FILE REFERENCE 3/3/6 DATE OF ADOPTION REVIEW OR AMENDMENT DATES

University Systems Desktop Support Service Level Commitment

ICT THEORY 4 MAIN AREAS

Information Technology Security Procedures

Table of Contents. 2 Getting Started Guide

Updating the International Standard Classification of Occupations (ISCO) Draft ISCO-08 Group Definitions: Occupations in ICT

Resource Ordering and Status System. User Business Resumption Plan

HARDWARE AND SOFTWARE REQUIREMENTS

Small Business Server Part 1

Networking Basics. A guide for businesses with up to 75 computers

Computer Repair Technology

ecotton System Configuration White Paper

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Network Documentation Checklist

Get Connected! How to Configure Your Computer for MITnet. Red Hat Enterprise Linux Mac OS X Windows XP Professional, Vista

801.11n Wireless Broadband Router

Linexcom Sdn Bhd. ict Group of Companies ver1.2

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Disaster Recovery Plan (Business Continuity) Template

4ITP10: IT Maintenance Plan (RO)

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists

Client Hardware and Infrastructure Suggested Best Practices


CAMAvision v18.5.x System Specification Guide 7/23/2014

Ovation Security Center Data Sheet

Introduction to. Computer Networking

EXECUTIVE SUMMARY Audit of information and communications technology governance and security management in MINUSTAH

APPENDIX A WORK PROCESS SCHEDULE AND RELATED INSTRUCTION OUTLINE. Computer Support Specialist (Existing Title: Help Desk Technician)

Priority Pro v17: Hardware and Supporting Systems

802.11n Wireless Broadband Router WNRT-625

Implementing Security Education at a Small Community College

Request for Expressions of Interest IT System Consultant

EUCIP - IT Administrator. Module 2 Operating Systems. Version 2.0

FBLA Computer Problem Solving aligned with Common Core FBLA: Computer Problem Solving RST RST

L2F Case Study Overview

If anything is damaged or missing, contact your dealer.

DSX-HSCS Hot Swap Comm Server

QHR Accuro EMR IT Hardware Requirements

13 Courses Quick Guide

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

JOB DESCRIPTION CONTRACTUAL POSITION

s y s t e m r e q u i r e m e n t s

Upon completion of this chapter, you will able to answer the following questions:

Chapter 1 Installing the Gateway

Week Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration

SAMPLE ELECTRONIC DISCOVERY INTERROGATORIES AND REQUESTS FOR PRODUCTION

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Office of Information Technology Addendum to Managed Workstation Service Level Agreement

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

Guardian365. Managed IT Support Services Suite

Network Client. Troubleshooting Guide FREQUENTLY ASKED QUESTIONS

Computer Hardware and Software:

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

Appendix A: Installation, upgrade, and migration checklists

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows

Local Area Networks: Software and Support Systems

Installing, Configuring and Administering Microsoft Windows

Computer Hardware, Network and Software Recommendations

Fully Managed IT Support. Proactive Maintenance. Disaster Recovery. Remote Support. Service Desk. Call Centre. Fully Managed Services Guide July 2007

Transcription:

ICT Damage Assessment and Recovery Plan after Cyclone Heta in Niue Islands Background Tropical Cyclone Heta (5 January 2004) left behind severe physical damage in Niue, especially in the coastal areas of the capital city of Alofi where most of the government department buildings are located. The strong winds, rain and tidal waves destroyed some of the government buildings including the National Hospital, Justice Department and part of the Fale Fono; and most of the government buildings suffered severe damage by salt water. In the area of Information & Communication Technology (ICT), the damage was enormous. The Satellite Antennae and associated interface equipment were totally damaged and beyond repair, which resulted in the failure of international communication directly after the cyclone. Urgent recovery of the fundamental ICT infrastructure was granted top priority by the Government of Niue. International communications (voice and data) have already been restored by the installation of one satellite dish provided by New Caledonia (the other has not been used/unpacked as of yet). Most of the workstations and databases in the government departments were severely damaged. The Information Systems Office (ISO) of the Department of Administrative Services reported that approximately 25% of all government computers had failed and another 25% of them will fail in the near future. Thus, over 50% of all government computers have or will fail in the short term from the crystallization of salt and corrosion from water caused by cyclone Heta. Replacement of damaged PCs and related IT equipment is urgently needed and an inevitable task for the full recovery of the Government of Niue. Damage of the government s IT equipment has led to the serious problem of retrieval of the government s sensitive and insensitive data. Since the year 2002, an International UNV Specialist has developed several databases for individual government departments upon request, and most of these were damaged along with the PCs. The ISO has currently tried to retrieve (salvage) the data from the hard drives of the damaged computers but there is no guarantee that it can retrieve all of them. Whereas in the short term, replacement of damaged IT equipment is the urgent requirement for the recovery of the daily activities and services of the Government of Niue, the Cyclone Heta incident has revealed a vulnerability of the government s IT system in terms of the security management of its databases. This recovery plan will thus propose, as a mid- to long-term recovery plan, government wide Local Area Networking and centralization of critical data along with a formal backup and disaster recovery plan to be established in order to protect all the government s sensitive and insensitive data 2

from the risk caused by natural disasters such as cyclones, tsunamis and earthquakes, as well as man-made or natural fires. This report is a product of the joint team efforts by the ISO Manager, ISO staff members and UNDP ICT consultant. The UNDP ICT consultant visited Niue from 16 th to 19 th January 2004, about two weeks after the cyclone together with an UNDP Samoa cyclone assessment mission in order to assess the ICT situation and discuss with government officials, including ISO staff members, needs and future recovery plans. Also to assess the planned government ISP establishment, the ICT consultant had visited Niue earlier in December 2003. The present ICT recovery plan consists of a short-term recovery phase and a mid- to longer-term recovery phase. For the ICT sector, in the short-term recovery phase, we propose the replacement of damaged IT equipment and application of latest OS with proper licensing system(s) (inventory list is attached in Annex 2). In the mid- to longer-term recovery phase, we propose the development of a Local Area Networking system and a new database management system (inventory list is attached in Annex 2). Estimated cost for the short-term recovery totals US$539,450 and for the mid/long term totals US$191,000 with grand total of US$ 731,950. Recommendations 1. Short-Term Recovery Plan: Immediate Replacement of Damaged PCs and Related Equipment. Replacement of damaged PC and related equipment is an urgent task for the Government of Niue to fully resume its daily operations and administrative services. Pre-Heta, there were a total of 300 PC workstations in the entire government department system. 130 PCs have already failed and 100 PCs will fail within 1 to 20 weeks due to the crystallization of salt and corrosion from salt water forced onto the island by cyclone Heta. The following are the hardware and software required to be purchased immediately (for more detail, see Annex 2): Hardware: Item Number Amount (US$) 1 PC Workstations 230 253,000 2 Memories for PC Workstations 7 800 3 Laptop PC 1 2,000 4 UPS 203 67,500 5 INK Jet Printer 46 13,800 6 Laser Printer 44 66,000 7 Image Scanner 9 1,800 8 Digital camera 6 1,200 9 Tablet style input device 1 1,000 10 Digital white board 1 2,000 11 Video projector 1 4,000 3

12 CAT 5E Cable(500m box) 6 2,200 13 RJ45 plug(100 packs) 5 150 14 Multimeter 2 500 15 CAT 5 Cable Tester 2 200 16 Ethernet Switch 21 3,700 17 Climping tool 2 200 Total 420,050 Software: Item Number Amount (US$) 1 Antivirus Software 249 24,900 2 MS Office 231 92,400 3 Clean Slate(up to 100 PCs) 1 600 4 MAP INFO 1 1,500 Total 119,400 Total Cost for the Short-Term Recovery: US$ 539,450 2. Mid- to longer-term Recovery Plan: Enhance the Government s Local Area Network to Protect the Data from Natural Disasters The extensive damage caused by the cyclone Heta incident has revealed a vulnerability of the government s IT system in terms of data backup and disaster recovery. A government wide Local Area Network and centralization of data need to be established in order to protect all the government s sensitive and insensitive data from the future risk of disaster, both natural and otherwise. Network / Database Situation before Cyclone Heta Niue was in the early stages of development of an e-government programme prior to the disaster. A few Local Area Networks (LANs) existed already in some government departments - most involving a small number of computers connected peer-to-peer. There has been no inclusion of domain controllers, or primary fileserver functions at this stage of the governments networking development. Most of the PC workstations in the government have been stand-alone. Each individual PC workstation has to dialup to the Internet. Since the number of telephone lines and modem bank at Internet Service Provider (ISP) are limited, even at their busiest times, disengagement to the Internet has been frequent. 4

Since the year 2002, an UNV / UNITeS Training Specialist has developed databases for some of the departments upon their request. For example, the UNV has developed databases for the Payroll department (payroll report and tax certificate report), Niue National Hospital (outpatient visit records, outpatient registration), Office of External Affairs (donor database), and Department of National Training and Development (student information database). All the databases were created on the individual machines of the requested parties hence it is difficult to share the data whether they are located within the existing peer-to-peer LAN or dialup connection. Also, a uniform data management policy is currently being developed by ISO but not fully implemented. Current Situation and Lessons Learned from Cyclone Heta Disaster The existing data management policy that was administered by the ISO was largely underutilized therefore, the main urgent task of the ISO staff members has been the salvation of the government s data. They have taken the hard disks out of the individual damaged PCs and manually cleaned the hard disks in order to retrieve the data. There is no guarantee that they will be able to retrieve all the data and it is likely that some of the hard disks are also physically damaged. At the same time there is a high possibility that the data might not be retrievable even if data salvation is successfully completed because of the lack of Standard Naming Conversion and Directory Trees. It is inevitable that other natural disasters will affect Niue in the future and therefore the physical damage of IT hardware might be unavoidable and other factors such as construction of cyclone proof government building or relocation of the buildings may need to be considered if this type of risk is to be reduced. A lesson learned from Cyclone Heta is that critical data could be better safe guarded and a system be put in place in order to protect the data from disaster, both natural and otherwise. Two specific solutions we propose that would mitigate any further risk are as follow: 1. Continue and expedite the installation of Client/server Local Area Networking with file/database server; 2. Implement a full ITC disaster recovery plan, which will cover IT and Communications. The ISO is currently working on establishing a file database server as a central point in each government office in order to save the information. A file/database server will be set up as a central point in each government office in order to save the information. A file/database server will reduce the risk of salvation of the data from individual workstations in case of their physical damages. With a file/database server, the data backup for the office data does not need to be done in each individual workstation but only the file/database server. The security of the data will be easily ensured if the backup mediums (CDs/tapes/HDDs) are in their safekeeping. Regular backup of file/database servers should be in operation systematically and ISO staff members should be trained in its usage and should understand the meaning and importance of the data backup. 5

Continued installation of a government-wide LAN will also solve the current Internet connectivity problem. It will also strengthen the security of workstations from viruses and various Internet attacks. Local Area Network Design Consideration should be given by government to the following recommendations for the possible design of the LAN: (1) A file/database server will be equipped in each government department. (2) CAT5 Ethernet network cabling is used to access to the server as well as 100Base-TX Fast Ethernet switch to provide fast and secure network access. (3) The cabling will be constructed under the de facto standard called Structured cabling system. The structured cabling system supports multiple voice, data, video and multimedia systems regardless of their manufacturer. Required equipment for Mid- to longer-term recovery Item Number Amount (US$) 1 PC Workstation 2 2,200 2 Workgroup Server 15 97,500 3 UPS 15 12,400 4 UPS External Battery 1 1,000 5 Ethernet Switch 1 200 6 Satellite 1 33,000 7 Cisco 2600 with 16 ports modem 2 30,000 module 8 Network Cabling 14,700 Total 191,000 Total Cost for the Mid/Long Term Recovery: US$ 191,000 Required materials such as length of cables, outlet concentrators, number of cabinets and etc needs further investigation. Role of Information Systems Office (ISO) Currently ISO has a capacity of hardware maintenance. They are planning to have the capacity of an Internet Service Provider (ISP). UNDP Samoa has been supporting this government initiative since last year. At the end of December 2003, together with the UNDP ICT consultant, ISO finalized the equipment and configuration and it is ready to procure. ISO should have an additional capacity in Local Area Network management. 6

Capacity Building of ISO Average 10 working days are required to setup LAN in 21 departments (42 weeks out of 52 weeks/year). One instructor should be recruited in order to build the capacity of ISO staff members in this matter. The instructor will work with a dedicated ISO staff member to conduct on-the-job training to the ISO staff members, while he/she will take an initiative to setup the LAN and the new Internet connection. The instructor will cover: 1. Initial hardware (workstations, servers) software (antivirus, security apliance, etc.) configuration 2. Testing the system 3. Instruct users how to use the new system 4. Instruct designated IT responsible officials how to take backup. (Each department needs to designate one or two officials who will operate backup). 5. Instruct ISO staff how to recover, restore data from media 6. Instruct trouble shooting of LAN and new Internet connectivity. 7. Create documents of the setup for each department. 7

Annex 1. SUMMARY: RECOMMENDATIONS OF ICT DAMAGE ASSESSMENT REPORT AND RECOVERY PLAN Short Term Mid / Long Term Issue Recovery of the Niue Government s daily ICT operations and connectivity Enhance security of the government s information and communication system Immediate Responses Replace all damage hardware and software computer equipment Cabinet approved plan Longer-term Actions Strategic Intervention Cost (US$) N/A - Proper software license observed 539,450 1. Policies, Plans and protocol 2. Infrastructure - Full implementation of data/communication policies - Development of disaster plan - Procurement of equipment for LAN and ISP - Establishment of a government-wide Local Area Network - Development of database/file servers - Set up government owned ISP 191,000 3. Capacity Building - Recruit additional numbers of ISO staff - Capacity building of ISO staff members for operating new system and government ISP by a technical advisor 32,000 - Training of government officials for operating new system Total 762,450 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information