The recent stormy weather on the east coast of the USA should serve as a warning to all potential and cloud users. The storm knocked out Google and some other providers for a time, and some of these were facilities used by government. In response the USACM, the US ACM Public Policy Council has published some guidance for US federal agencies but also a blog post extending this to state and local government. The post is entitled, slightly confusingly in my opinion, “USACM Makes Recommendations On Continuity of E-Government“.
There are two issues here in my opinion:
1. Web services and supporting applications – is there a joined-up business continuity plan between your web offering and the applications that may feed into it or from it?
2. If you have entered the cloud, is your cloud service replicated with more than one provider or does your provider ensure that it is replicated onto differing technology, on a different network, in a different area?
Local government web sites are different to central or federal in that they present multiple service opportunities to the citizen. Each one of these needs to be reviewed in terms of risk and resilience. If you put all your eggs into one Google, Amazon or other basket, is there the provision for a cut over to another location or network in the event of a disaster?
It may be that the risk is worth taking if it’s a less important application, but the business case needs to be considered from the citizens’ standpoint. Are the citizens likely to be financially challenged, as occurred when HSBC had problems in May 2012?