The most vital agencies in the world utilize Continuity of Operations (COOP) systems and sites in order to safeguard the stability of their operations in case of a website crash and network disaster. It is assumed that businesses and agencies do not rely on uploading their data to their main domain site only and do not have just a single backup of information. In most cases high level organizations have an entire COOP protocol that includes a mirror site. COOP plans have become such a vital component of client service. Protected the established lines of communication between agencies and organizations is also a COOP function. COOP’s concentration is on reestablishing an organization’s tasks at a prearranged and programmed site. The execution of alternative utilities allows engineers and technicians to work on restoring regular company processes. COOP plans are vital to all organizations, corporations, and public agencies. According to a 2004 publication by Homeland Security “It is the policy of the United States to have in place a comprehensive and effective program to ensure continuity of essential Federal functions under all circumstances.
As a baseline of preparedness for the full range of potential emergencies, all Federal agencies shall have in place a viable COOP capability which ensures the performance of their essential functions during any emergency or situation that may disrupt normal operations” (Federal Executive Branch Continuity of Operations, COOP”). The federal government and private industry both have many recommendations for establishing a COOP plan.
Threats by internet attackers can come from hostile governments, terrorist agencies, internet joyriders, or hackers. They can disable and corrupt a web site overnight. Emergency power outages are another source of danger. A severe and prolonged outage can be caused by technology malfunctions, environmental calamities, human errors, or natural disasters. Any of these occurrences can leave an organization, and the people who rely on the organization, technologically paralyzed. In the case of the United States government's report, COOP plans and mirror sites are recommended, and often mandatory, because there is a real fear that terrorists, military strikes, or sabotage could render essential web sites non-functioning and may be the point of first strike in case of a military or weapons attack (Federal Executive Branch Continuity of Operations, COOP”). In cases such as these it is vital that key military personnel from ground troops all the way to the President of the United States have uninterrupted access in order to ensure the operations and communications of important government operations.
FEMA is a good example of a vital agency that established a COOP site at the behest of the Executive Branch of the Federal Government. FEMA’s COOP task force was charged with developing guidelines for all federal government agencies to use in order to ensure continuous operations in case of national emergencies. COOP plans were developed for both intra and inter agency situations. A group of engineers is charged with maintaining COOP competence and access by coordinating point of contact procedures across the federal government (“Federal Executive Branch Continuity of Operations, COOP”).
Businesses that seek to create COOP plans and sites are urged to utilize and refine the basics as set forth in FEMA’s the national emergency standards. The first component companies need to address in COOP development is to ensure that emergency utilities can cover a variety of outage situations. Foremost is to safeguard continuous functioning of the company’s basic operations. After that is accomplished, defensive strategies and system archives need to be inspected. Company assets may be the target of a hostile web site invasion and therefore require an exceptionally well-planned and maintained system of defense.
COOP aims to diminish and alleviate interruptions to normal operating procedures. In the case of an agency such as FEMA or a company that specializes in medical information continuous access to data could mean saving lives. For any organization, decreasing loss of life as well minimizing the destruction and damages done to data is the basic goal of a well-organized COOP system. Accomplishing an efficient and methodical reclamation of data after an emergency facilitates the preservation of internal as well as external services (“Federal Executive Branch Continuity of Operations, COOP”). Internal services include the maintenance of information that deals with “specific operational aspects of an organization” (Haag, Cummings, and McCubbrey 9). External functions include the reliability of the information that is provided to the “environment surrounding the organization” (Haag, Cummings, and McCubbrey 9). For example, the authors of Management Information Systems for the Information Age, discuss how a bank is expected to set interest rates on its accounts. The engineers of bank’s mirror site and COOP plan need to ensure that the internal information, that is the information about the number of clients or potential clients who will buy in to an account based on an offered rate, is judged against the external information banks rely upon, that is the rates other banks offer. Additional external information may include the rates the bank can expect to receive for the investment on the secondary market. Misjudging either of these situations or not providing the network with good high quality information could result in a huge financial misstep (Haag, Cummings, and McCubbrey 10). In the case of a FEMA disaster the misstep could result in the loss of life, not just the loss of money and credibility (Federal Executive Branch Continuity of Operations, COOP”). Things to study when planning COOP is how and by who COOP will be monitored and updated after it is in place. There should be some sense of urgency involved in maintaining all aspects of COOP including the mirror site. A general guideline is to ensure that the mirror site is up and running no later than twelve hours after the main site goes down or is compromised. Ideally, the response would be much quicker, but twelve hours is the maximum postponement. Personnel should be in place and prepared to sustain the mirror site as the main site for up to thirty days depending on the situation. Again, the sooner regular operations recommence the better. Because it is necessary for the mirror site to continue to be used by internal and external personnel all intra and inter organizational needs must be checked and repaired.
In the book, Information Management Systems, For The Information Age, the authors stress that a “critical characteristic of data, information, and business intelligence is that of quality” (Haag, Cummings, and McCubbrey 8). Therefore, speed of recovery is not enough. Engineers must be poised to provide a high quality mirror site and associated network functions to maintain the company’s “intellectual assets” including the company’s records, data, and regularly provided business-related materials. The data and information that client’s use on a regular basis should be of primary concern, this will relieve anyone who fears that the emergency at hand could damage their own functioning or otherwise inhibit their way of doing business (Haag, Cummings, and McCubbrey 8).
Short-term strategies are not workable as far as sustaining any type of COOP policy. The program that the company develops needs to be long-term. The COOP proposal should incorporate a permanent framework of procedures for the organization to follow; it needs to include assigned positions to execute the most critical tasks as well as outline the organizations COOP aims. Estimates of the financial requirements to fund staff, hardware, and software need to be outlined, and the framework should predict possible complications and personnel fluctuations. The company’s COOP disaster recovery depends on mirror sites and domains to maintain operations in cases of acute disturbances to regular company functions. The development of the mirror site requires extensive research and analysis. COOP mirror sites need to run the most recent data available along with other up-to-date material. Detailed actions should be delineated on the mirror site so that crucial operation procedures required to recover from the consequences of a disastrous system and network outage can commence.
COOP mirrors work to identify and categorize the cause of the catastrophic failure. In order to continue business operations effectively it is necessary to know what caused the disaster to begin with. Was the causation external or internal? That is, was it caused by a local environmental problem such as a natural disaster or was it caused by a terrorist attack executed online? If the cause was local and natural then engineers need to be ready to maintain the mirror site until services are restored and infrastructure repairs can be made. If it was caused by a deliberate attack, engineers need to diagnose the nature of the attack and determine whether the attack was executed as part of a systematic shut down of business operations or not. If the attack is determined to be the beginning of a larger long-term attack then the engineers need to analyze how the attackers entered and shore up any holes left behind. In cases of external attack, assets need to be safeguarded as quickly as possible. The consequences of delayed response to either type of attack can be ruinous and result in the loss of important data, the hijacking of operations and assets, and a complete collapse of client confidence. The key feature of a COOP mirror site is to support company operations for a time period defined by the type of emergency that occurred.
In case of a website and network catastrophe the infrastructure that is in place to launch and maintain the mirror site is vital to the primary goal of repairing the main site and resuming normal operating functions as soon as possible. Internal communication between people at the main facility and between people at distant facilities is essential if repair and resurrection of the primary site is to be completed in a timely manner. Communications with the public, especially with current clients, needs to appear as seamless as possible. Having engineers who quickly and competently upload a mirror site and begin repairs on the main site and network is essential to a company’s continued credibility. Floundering in case of a crisis can irretrievably damage a company’s standing. The COOP and mirror team needs to be divided responsibility-wise so that there are two sections: one working on the repair of internal functions and one working to repair external communications and functions.
Additionally, management needs to appoint one person who is responsible for issuing status statements to the public so that such communications do not become garbled.
In the case of FEMA, that organization schedules regular testing of its system and holds on-going training for the engineers and others who are responsible for maintaining COOP capabilities. This is considered necessary to establishing and refining the skills of the personnel responsible for implementing their COOP strategies and policies in case of emergency. By conducting on-going exercises and drills key personnel continually update contingency personnel about the critical tasks they may need to take charge of in case of a disaster. Furthermore, testing the system assists COOP managers in determining whether the plan needs updating and alerts them as to any potential problems within the system. By keeping COOP strategies, guidelines, and restoration techniques current the COOP team will be ready to deal with an emergency. A testing regime will guarantee that mechanisms and processes are in place and ready to be activated to restore operations to something resembling regular as soon as possible. Individual staff members as well the entire COOP team need to be trained thoroughly so that they can step in when needed to guarantee that information, both external and internal, is transmitted to the proper sources. It is vital that all COOP personnel be at the ready in order to implement COOP strategies and maintain critical website functions (“Federal Executive Branch Continuity of Operations, COOP”).
In the case of businesses, the importance of hiring and retaining “technology-literate knowledge” workers cannot be over-stressed. Those trained personnel whose expertise includes the finesse aspects of applying the appropriate technological fix at the correct time are key. Personnel who know how to execute a COOP plan are going to be the people a company turns to when framing emergency measures and buying the required technology to safeguard the company’s assets and data in case of attack. There are many different types of commercial software and ad hoc developed software to choose from when devising a comprehensive COOP strategy. The best type of software will be the one that is appropriate to the company’s business functions and the one that gets the company reconnected, externally and internally, as quickly as possible (Haag, Cummings, and McCubbrey 13).
Technology-literate knowledge workers will also be the ones the staff turns to in the case of an emergency because they are the best judges of when to launch the mirror site and institute COOP strategies. One of the most important aspects of COOP is having key personnel who do not panic or recklessly launch COOP restoration procedures in frantic attempts to handle emergency outages (Haag, Cummings, and McCubbrey 13). COOP processes should not be entered into lightly; they need to be executed by knowledgeable engineers and other personnel in order to stabilize a situation, not as a stopgap measure that results in an exacerbation of the original problem. One of the worst things a company can do in the case of a crisis is appear shortsighted and amateurish to its clients.
In conclusion, today corporations and government agencies have COOP strategies and the associated mirror sites operating in order to ensure that they continue operating if a major web site crash or network disaster occurs. Such a collapse could be the result of enemy action, natural disasters, or other unforeseen circumstances. Because companies and agencies worldwide need to have the ability to respond to emergency induced outages, response measures and teams take a variety of forms. One of the first tasks in case of catastrophe is to maintain operations. However, before catastrophe strikes it is important that a company have a structured response in place. Moreover, organizations should have taken measures to protect their system and data as much as possible beforehand. COOP aims to diminish and alleviate interruptions to normal operating procedures. FEMA is good example of an organization that plays a role in mitigating the impact of disasters; it is therefore vital that their operations continue. That is the reason this report has relied on FEMA’s well-thought out and much tested COOP strategies.
Internal and external systems need to be repaired and operational as quickly as possible. One of the most effective ways of ensuring the success of a COOP plan is to have key personnel trained and in a constant state of readiness. As a part of regular procedures, COOP strategies need to be tested and the staff exercised in implementing those strategies. Twelve hours is the maximum time recommended to restore the regular website and network operations to normal after a collapse. That is why long term planning is required to prepare for emergency shut down and restoration. A company’s COOP team must work to upload mirror sites and domains while it repairs the main site and investigates the cause of the disaster. By having an infrastructure in place that is able to assume the various responsibilities required to survive the emergency as well as recover and protect data organizations can not only save money and credibility, but also in the case of organizations such as FEMA they can save lives. Most of the responsibility for effective COOP strategies lies with trained and technology-literate personnel who can respond to the outages and properly execute the technological repairs needed in a timely manner.
Federal Executive Branch Continuity of Operations (COOP). Washington D.C: U.S. Dept. of Homeland Security, Federal Emergency Management Agency, Directives Management System, 2004. Print.
Haag, Stephen, Maeve Cummings, and Donald J. McCubbrey. Management Information Systems for the Information Age. Boston: McGraw-Hill, 2004. Print.