“There are always going to be challenges raised by owning and using legacy technology.”
Downtime creates a stressful environment for everyone involved, from the team trying to resolve the problem to everyone else struggling to work around it, writes Sascha Giese, Head Geek, SolarWinds.
While the use of secure backups can help avoid this hassle, if these aren’t in place—or if they don’t work in the event of a network failure or cyberattack—organisations can find themselves unable to resolve this issue in a timely manner.
The Ministry of Justice (MoJ) is one such organisation that faced this exact challenge at the start of this year, and will now be seeking solutions to ensure that downtime of this scale doesn’t happen again.
MoJ Employees Left Without Justice
In January, the MoJ suffered communication failures when its computer network crashed unexpectedly. Although the department was quick to confirm that this was not a result of a cyberattack, it caused widespread disruption throughout the MoJ and led to employees being unable to share information or send any emails, as well as being unable to access a wireless connection onsite.
Though this is a difficult situation for any organisation to resolve, there was an added complication for the MoJ.
As the MoJ deals with very sensitive data and events and much of the scheduled court proceedings could not take place—jurors couldn’t register for court and barristers couldn’t record their attendance, which directly links to their compensation.
The backups that should have helped alleviate this disruption also failed, resulting in the further costly delay of employees having to pull information from the system manually.
Downtime Goes Up As BudgetsGo Down
Budgets within the UK’s central government are a seemingly endless dilemma, particularly in relation to its IT systems—to update them and thereby save money in the long-term, IT teams require bigger budgets in the short-term. But though the government is aware of this and has stated that legacy IT needs to be given priority in the next spending review, it isn’t always possible for the money to go into new technologies when there are other existing areas that require increased funding as well.
The biggest difficulty that the MoJ faced during its unscheduled downtime was the sensitivity and critical nature of the data that was inaccessible while the networks were down. The MoJ deals with the nation’s court and prison systems, and is responsible for bringing criminals to justice. Therefore, when the IT that supports this work becomes unavailable, this directly affects the lives of thousands of people.
Prevention is Always Better Than Cure
System failures are a given in today’s digital world. No matter how much effort an organisation puts into ensuring its networks remain up and running 24/7, there will inevitably be times where this isn’t possible and something fails. Though unhelpful, this does not need to cause the level of disruption that the MoJ experienced earlier this year.
With backups in place, IT teams can often quickly restore all of the organisation’s data to enable employees to carry on with their working day.
However, these backups need to be put in place now—if they aren’t already—to prevent system failures from having such an impact again. They also need to be tested. Organisations should plan tests where they intentionally break something in a controlled environment to ensure the restoration process works in case of emergency. The more real-world this scenario, the more resilient the backup will be when it is really needed.
When it comes to backups, the cloud is an increasingly attractive option for central government. The Cloud First policy has been encouraging UK departments to consider cloud services wherever possible since 2013, but as the risk of cyberattacks continues to rise year after year, those that have yet to adopt the cloud should consider the benefits it can bring. If the MoJ had its data backed up to the cloud, for example, the recovery process could have been much quicker and would have helped trials continue as normal, leading to less of a backlog.
Additionally, the human element is not only crucial in recovering from a system failure, but also in helping to prevent them from occurring in the first place. Well-trained government employees will respond better should a crisis occur—which in turn will help to provide a better service to the general public relying on the service. And although a simple network failure cannot always be prevented, employees can be the first line of defence should cyberattacks attempt to breach the IT system’s own defences.
There are always going to be challenges raised by owning and using legacy technology, whether it’s the IT systems for the UK Central Government or in any other organisation of the public sector. The key to keeping systems going, despite this risk, is to make the risk as small as possible, through implementing the necessary technology—such as backups—and training that can primarily stop cyberthreats in their tracks, but also reduce the negative impact of a potential network failure. Every organisation will face these issues; what is important is how well they cope with them.