+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
School ICT Policies Thread, Disaster recovery - loss of key personnel in School Administration; I'm currently drafting our disaster recovery plan. One of the major failing points we have is loss of key personnel ...
  1. #1
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Disaster recovery - loss of key personnel

    I'm currently drafting our disaster recovery plan. One of the major failing points we have is loss of key personnel - ie, wtf do people do if anything unfortunate were to happen to both the network manager and network technician, how could a nominated "trusted person" be given elevated privileges to the network while they sort out replacement staff.. that kinda thing.

    I was thinking perhaps putting a password in the safe, but this seems crazy and irresponsible. I would like something more robust, like when they need multiple authority to launch nuclear missiles :P

  2. #2

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,498
    Thank Post
    1,488
    Thanked 1,049 Times in 918 Posts
    Rep Power
    301

    Re: Disaster recovery - loss of key personnel

    Its passwords in safe, never all travel together in the same vehicle say to a conference or INSET program, different carrages on Trains to BETT etc etc.

    Or just hope it never happens and if it does oh well never mind you won't be around to be cursed or worry about it

  3. #3

    Join Date
    Jan 2007
    Posts
    423
    Thank Post
    7
    Thanked 30 Times in 26 Posts
    Rep Power
    21

    Re: Disaster recovery - loss of key personnel

    Never really considered this - with physical server access you can usually use a tool or two to change a domain admin logon password, and from there, you should be able to work back and break you way into SQL etc.

  4. #4
    Midget's Avatar
    Join Date
    Oct 2006
    Location
    In a Server Room cutting through a forest of Cat5e
    Posts
    1,298
    Thank Post
    5
    Thanked 59 Times in 49 Posts
    Rep Power
    39

    Re: Disaster recovery - loss of key personnel

    yes, but are any of your teachers or admin staff able to do that?

  5. #5
    eean's Avatar
    Join Date
    May 2006
    Location
    Kuala Lumpur
    Posts
    559
    Thank Post
    65
    Thanked 52 Times in 37 Posts
    Rep Power
    29

    Re: Disaster recovery - loss of key personnel

    There must be a local company you could use that would be able to come in and hack in to the network for you, should this extreme event happen. If you found a suitable company now you could put it in the plan.

    Alternatively, how about give the passwords to an off-site approved person e.g. the chair of governers. If you only gave them the domain recovery password, they would need local access to the servers for them to be any good.

  6. #6
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118

    Re: Disaster recovery - loss of key personnel

    At a guess there is someone who provides professional legal services to the LEA or the school who could be entrusted with a document that held the necessary information "in the event of..."

  7. #7

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,922
    Thank Post
    1,332
    Thanked 1,773 Times in 1,100 Posts
    Blog Entries
    19
    Rep Power
    593

    Re: Disaster recovery - loss of key personnel

    Usernames and passwords in a sealed and signed envelope that is laminated (and then signed again with a permanent marker) in the safe ...

    This also contains contact details of 3 'possible' people that could come in and maintain the school system without having to have a complete walkthrough everything.

    None of these three work in education at this time or are exactly local, but they are CRB checked and will not screw excessive amounts of money out of the school.

    Eventually I would like to keep this arrangement but with other local schools, the problem is getting key people at those schools to sig declarations to say that our data would be respected. This is one of the reasons we do not use other schools to store our off-site backups at the moment.

    Personally ... I trust the staff in the other local schools ... I just don't trust the politics in the town.

  8. #8
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: Disaster recovery - loss of key personnel

    Thanks guys.

    All points considered then, I am thinking of handing a "get back in" password to a good lad/friend who has been working voluntarily here for the past year helping out with the IT stuff. He is now off to Uni but would still be contactable/be able to handover passwords in the event of an emergency. He is CRB checked and (IMO) is a safe/neutral person to be entrusted with it.

    I think this is a good craik?

  9. #9

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,777
    Thank Post
    865
    Thanked 1,664 Times in 1,449 Posts
    Blog Entries
    11
    Rep Power
    442

    Re: Disaster recovery - loss of key personnel

    do you have a CLC or another school you can hand the password over to?

  10. #10
    nicholab's Avatar
    Join Date
    Nov 2006
    Location
    Birmingham
    Posts
    1,453
    Thank Post
    4
    Thanked 97 Times in 93 Posts
    Blog Entries
    1
    Rep Power
    50

    Re: Disaster recovery - loss of key personnel

    Does VM ware not support virtual staff members for disaster recovery. Or can't you keep a backup up member of staff on standby in the rack?

  11. #11

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    18

    Re: Disaster recovery - loss of key personnel

    Quote Originally Posted by TeddyKGB
    Thanks guys.

    All points considered then, I am thinking of handing a "get back in" password to a good lad/friend who has been working voluntarily here for the past year helping out with the IT stuff. He is now off to Uni but would still be contactable/be able to handover passwords in the event of an emergency. He is CRB checked and (IMO) is a safe/neutral person to be entrusted with it.

    I think this is a good craik?
    Would you hand the master key of the school building to a member of the PTA who was 'a good bloke'.

    I think it has to be somebody with some sort of fiduciary contractual relationship to the school.

    The safety of the school's data can't be dependant on the strength of a friendship or goodwill of a volunteer.

  12. #12
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: Disaster recovery - loss of key personnel

    Aye, this is true. But the same could be said about giving same details to a faceless company with rogue employees :?

  13. #13
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,738
    Thank Post
    894
    Thanked 414 Times in 348 Posts
    Blog Entries
    12
    Rep Power
    85

    Re: Disaster recovery - loss of key personnel

    Was just looking at this myself while writing a "systems bible" for our disaster recovery plan. Basically its a password protected document with instructions on every part of the network and how it runs. I direct the reader to my user area where they can find all they need to run the network.

  14. #14
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: Disaster recovery - loss of key personnel

    They're a bit easy to crack those document passwords..

    But think about this..

    How do you safely ensure the person you intend gets the password to your bible? (Couldn't resist sorry)

  15. #15

    Join Date
    Jan 2007
    Location
    Durham, UK
    Posts
    328
    Thank Post
    33
    Thanked 17 Times in 12 Posts
    Rep Power
    20

    Re: Disaster recovery - loss of key personnel

    Just a suggestion, but you could use something like this and then stick some documentation so only they can get to the data and passwords?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Disaster Recovery Policy
    By pat_k in forum School ICT Policies
    Replies: 2
    Last Post: 7th October 2007, 11:50 PM
  2. disaster recovery plan
    By in forum Wireless Networks
    Replies: 5
    Last Post: 15th June 2007, 09:13 AM
  3. Disaster recovery with virtualisation
    By sidewinder in forum Windows
    Replies: 6
    Last Post: 30th April 2007, 01:28 PM
  4. Disaster recovery
    By Chrispy in forum How do you do....it?
    Replies: 5
    Last Post: 23rd May 2006, 11:33 AM
  5. disaster recovery documentation
    By russdev in forum School ICT Policies
    Replies: 16
    Last Post: 20th March 2006, 11:29 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •