Development of a Disaster Recovery and Business Continuity Plan: The Devil is in the Details

About the Program

Category: County Resiliency (Best in Category)

Year: 2023

In March 2020, Durham County Government was the victim of a crippling ransomware attack. The economic impact to Durham County of the downtime and recovery was monumental and showed the need to significantly strengthen the County’s ability to quickly recover critical technology systems and have associated business continuity protocols. The County has successfully architected a managed Disaster Recovery solution through partnerships with multiple vendors to establish a “geographically-distant” secondary data center that is beyond a 60-mile radius of the primary data center in Durham, N.C., and address the backup modernization through a cloud solution. The milestone of architecting and planning this effort is significant because the “devil is in the details.” This portion of the project included the complex integration and collaboration to establish a clear set of requirements that were vetted and approved by the County’s leadership. These requirements drove the specifications of the secondary data center, hardware, networking “connectivity”, software, backup modernization, and the managed disaster recovery services provided by a vendor. The scope of a well-planned project also included IT Disaster Recovery Planning (ITDRP) to be executed upon occurrence of a disaster or malware attack. The end of the Fiscal year 2023 (June) is targeted as the go-live delivery date.