Reviewing pandemic plans has just become job #1

With the Influenza A hitting over 60 countries, IT managers need to step up contingency planning. One CIO shares his organization's experience and plans.

As of June 1, the Influenza A, also known as H1N1, has infected over 17,000 worldwide and caused 115 deaths.
This most recent flu outbreak is of the same variety as that responsible for an estimated 40 to 50 million deaths worldwide in 1918. Although health officials have yet to determine a number of facts, including the origin of the disease and its virulence, the outbreak should spur renewed conversations regarding contingency plans in the event that the current outbreak turns into something more serious.
Many organizations have developed contingency plans based around concerns regarding the bird flu, so there is probably already at least a framework in place, if not a full plan.
A contingency plan put into motion for a pandemic is likely to be different from many other business continuity-type plans. For example, if headquarters is wiped out by a tornado, setting up operations at an alternate site makes a lot of sense. However, when it comes to something that, quite frankly, scares people away from the office, such as a virulent disease, the path isn't always as clear.
In cases like this, in order to maintain operations, the organization would need to maintain at least a skeleton staff and significantly enhance remote worker capabilities for those that need to work but that, for whatever reason, can't or won't make it to the office.
At Westminster College, we do have campus plans for what to do in the event of a pandemic or significant public health emergency. However, for the kind of campus we are--very traditional with no online classes and all courses taught on site--we don't maintain regular significant remote access capabilities so our normal operations don't include what we'd need in the event of, well, an event.
With the news continuing to come out regarding the spread of confirmed cases of H1N1, my staff and I are taking a few relatively minor steps in preparation for a possible problem:
  • First, we're verifying our VPN services to make sure that we have enough licenses and capacity for increased volume. We don't currently have many VPN users. Again, we're a very traditional, very residential campus, with VPN used primarily by those that travel on college business.
  • We're also going to prep a couple of additional servers as terminal servers. Through this and VPN, users will be able to continue to easily run their normal applications from anywhere.
  • A part of a campus-wide plan calls for staff that will stay on site for long periods of time in the event of a pandemic. Given that my staff has endured a lot of turnover since the campus pandemic plan was developed, we'll have conversations regarding this point.
  • We will verify with our service providers, including Internet and electrical service providers, our points of contact in the event of a pandemic. Although we have this information in our campus pandemic plan, periodic review is essential to keep the information current.
At this point, we won't go overboard in preparing for what could turn out to be a whole lot of nothing. Even if the whole thing fizzles out right now--and I hope it does--it's a valuable reminder that we need to stay vigilant with regard to our disaster and pandemic planning and make sure that we're ready for whatever comes our way.
Scott Lowe has spent 15 years in the IT world and is currently the chief information officer for Westminster College in Fulton, Missouri. Scott is also a regular contributor to TechRepublic and has authored one book, Home Networking: The Missing Manual (O’Reilly) and coauthored the Microsoft Exchange Server 2007 Administrator's Companion (MS Press).