It’s a truth universally acknowledged in IT that time-intensive activities like network security, database backups and disaster recovery never receive the appreciation they deserve.
Why should they? If a server goes down but traffic is seamlessly routed to another server with little or no downtime, corporate leadership doesn’t get concerned. Things worked as they were designed to, even though behind the scenes there was a significant amount of work from many individuals to ensure this was so. But none of this work generates a profit.
Of course, when there are no contingency plans, it’s another matter. This past May, the City of Baltimore made headlines when it was revealed that they lost data in a ransomware attack because there were no data backup for many of their files. The files were instead held on staff PCs, which were locked down in the attack. To date, it has cost the city at least $18 million to restore their data. Systems impacted included online bill payments, email, real estate systems and telecommunications.
Obviously, this is a disaster that could have been avoided. No one is even trying to make an excuse for the lack of oversight by the city’s IT management, although it was suggested that perhaps backups were intentionally neglected as a strategy to hide corrupt practices. Leaving that interesting possibility aside, most of us can understand how this could happen. Underfunded city agencies suffer from siloed data held in legacy applications. In fact, a ransomware attack is probably only one of many problems that city workers have to deal with when it comes to their systems.
Orbit helps government entities migrate from Discoverer, Oracle’s now-unsupported reporting solution. Learn how to replace Discoverer in our whitepaper.
Several readers note in the article comments how other government agencies are very likely also at risk. And in fact our own city of Atlanta also lost data in a ransomware attack last year. Hopefully, other cities and agencies are right now working on better security processes and investing in cyberinsurance to cover the inevitable.
Besides true backup and disaster recovery procedures, these organizations need to update their IT to modern systems. That $18 million need to be invested in technology like data warehouses and ERP applications – and not just because of security. Data that is held in spreadsheets on desktops is a red flag. Employees are likely making wrong decisions every day because, without a reporting and analytics platform, they don’t have access to a single, accurate view of their metrics. Hopefully, now that the city of Baltimore has learned the value of data security and backups, they’ll learn this lesson as well.