Security Watch

Keeping Track of patches and hacks in the IT security world.

California's State IT Cooks Up a Safety Hatch

All the craziness with the Feds pushing California's government domain off the continental shelf earlier this week makes you wonder what sort of disaster recovery they've got. They sure need it, between earthquakes, wildfires and the GSA's profoundly unhelpful helpfulness in shutting off the domain to try to trip up a hacker doing porno redirects off a Marin County site. I'm referring to it as Hurricane Fed. Talk about an unnatural disaster.

Jim Hanacek, acting deputy director for the state Department of Technology Services Policy and Planning Division—they're the ones who came to the rescue and slapped the state's Internet presence back together—told me that his department, at least, does have arrangements with IBM for "some emergency things" when a disaster hits a given data center site. They've got variable mirroring capabilities, but with reduced speed they can basically continue operations. Redundancy varies depending on a given system's criticality, of course.

They've got a more ambitious plan for the future, though. Right now, the department has two data centers, one in Sacramento and another in Rancho Cordoba, with some level of redundancy between the two. Sometime around 2010 or 2011, when their lease is up on their downtown Sacramento facility, they're planning on shifting to a new area in a different disaster region, such as San Joaquin Valley. They'll be putting in remote management technology so that most of the staff can still live in Sacramento, with a minimum of 50 employees at the new site (they now employ about 800).

That way, if there's an earthquake in Sacramento, they can immediately switch to, say, Fresno. If there's a plague in Fresno, they can automatically switch to Sacramento.

And if the Federal government decides to "help" again, they can all run screaming to jump into the Pacific.