AWARDS & RECOGNITION
2002 Awards: Security & Business Continuity
WINNER:
North Carolina
Business Continuity and Recovery Services
 |
|
L to R: Julean Self (Business Continuity Planner), Janice Hunter (Business Continuity Analyst), Dean Jones (Business Continuity Administrator), George Bakolia (State Chief Information Officer), and Ann Garrett (Chief Security Officer) |
Tornadoes. Hurricanes. Fires. Human error. Software failure. Any number of threats can strike a state and its government agencies. In the last three years alone, North Carolina has been hit with Hurricane Floyd, tornadoes, and extraordinary snow storms. A single event can jeopardize the state's information technology resources, which, in turn, can hamper the delivery of critical services to the state's citizens and government agencies.
The North Carolina Office of Information Technology Services (ITS) supports the technology infrastructure needs for most of the state's public sector, including all executive branch agencies and participating non-executive public sector entities, on a cost share basis. ITS supports multiple, large, statewide business applications for health and human services, revenue, transportation, prison and corrections enterprises, financial accounting, and unemployment insurance benefits. ITS operates around the clock, every day of the year, using two large IBM enterprise servers operating in a 64-bit operating environment, multiple distributed systems including mid-range processors, and both the UNIX and Microsoft environments. Because government relies heavily on information technology for its critical operations, the availability of information technology must be assured.
| “I
am proud that our state is being recognized as a national leader for
our Security & Business Continuity Program. Information Technology
Services has developed a superior plan that enables us to react quickly
and effectively should an emergency or disaster occur. All citizens
of North Carolina should be pleased that the National Association
of State Chief Information Officers has honored ITS with its 2002
award.” Governor Mike Easley, State of North Carolina |
Recognizing the need for continuous service, ITS established a business continuity program. The program has three full-time employees who work with ITS and its customers to develop realistic plans for recovery of the systems in case a catastrophe destroys either accessibility to the application or the application itself.
The ITS Business Continuity Plan (BCP) has as its highest priority the protection of people. The second focus is data backup, with all records being copied and stored at a remote off-site facility. The third element is the provision of alternate locations, complete with compatible computers and telephones, and up-to-date contact numbers for employees, contractors and customers.
Emergency systems are tested. Several times a year ITS conducts "hot site" drills at emergency locations where information technology systems are recovered on a remote basis. The tests ensure that critical applications, from criminal history records to radioactive waste repositories, can be brought on line within 24 hours.
The plan is inherently flexible, able to respond to diverse situations.
For example, a software failure earlier this year activated two plans
simultaneously: 1) ITS called the software vendor to the site; and, 2)
ITS loaded critical tapes onto trucks for transport to a hot site. Had
the vendor not been able to fix the problem, the hot site would have been
prepared to operate systems remotely. The ITS business recovery services
contractor also provides mobile data centers based in 18-wheel trucks,
should such a backup be necessary.
Contact Information: Ann Garrett, Chief Security Officer, 4101 Mail
Service Center, Raleigh, North Carolina 27699-4101, (919) 981-5310, Fax:
(919) 981-5043, ann.garrett@ncmail.net
SECOND PLACE:
Washington
Transact
Washington
THIRD PLACE:
Virginia
Virginia
Security Awareness Training (VASAT) enterprise service
OTHER NOMINATIONS:
Click on the link to download program submission.
Florida
Enterprise
Information Security
Missouri
Missouri
IT Advisory Board State Security Committee
Nevada
Security
Policies and Standards
