Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lessons Learned from Hurricane Katrina Azim Ashraf Manager – Network Security & Incident Response.

Published byWilliam Briggs Modified over 9 years ago

Similar presentations

Presentation on theme: "Lessons Learned from Hurricane Katrina Azim Ashraf Manager – Network Security & Incident Response."— Presentation transcript:

1 Lessons Learned from Hurricane Katrina Azim Ashraf Manager – Network Security & Incident Response

2 Personal Naiveté Personal Preparations Some sense of excitement Estimation of what may occur Weather Channel – always on A bit of ‘Snow Day’ mentality

3 10/23/2015LOUISIANA STATE UNIVERSITY3 Hurricane Katrina Thursday August 25 Sunday August 28 Tuesday August 23 Saturday August 27 Initial Projected Path

4 Monday, August 29 - Landfall Katrina’s Immediate Effects –Makes landfall 6:10 a.m. –Lower LA Parishes swamped by storm surge; no real word out –Parts of New Orleans flooded, at least one levee over-topped, but city seems to have survived –SE Louisiana devastated by winds/rain –Mississippi seems hardest hit Monday 5pm Meeting at LSUPD Station – LSU is OK –LSU Survived … just a little damage on campus –Data Center Lost power but fail-over to back-up worked perfectly –Everything Looks “Good to Go” for Tuesday clean-up, Wednesday start-up, and Thursday-as-usual –Mood lightened –Power restored to campus ~6:15pm

5 Tuesday 8/30 – Bad gets worse First confirmed reports of a levee failure in New Orleans occur at 1:30AM CDT By mid-day >80% of New Orleans is under water Evacuees en route LSU contacted about expanding routine special evacuee facilities into a broader purpose –Medical Triage (Pete Maravich Assembly Center) –Special Needs Facility (Field House) –First IT needs – Phones, phones and more phones

6 Called to assist IT personnel needed to respond It was not going to be anything like a ‘snow day’

7 First Impressions

8

9

10 LSU – A city within a city Large H. Ed. institutions uniquely positioned to respond Infrastructure, knowledge, manpower, affiliations –PMAC/Field House – Became the largest acute care hospital to date in in U.S. history Over 40,000 (?) patients processed during Hurricanes Katrina and Rita –Established a Hurricane command center Coordinated information for students, and evacuees, as well as directing resources to where they were needed –Faculty, staff, and student volunteers –Housing for responders –Crowd control –Food and laundry services –Long distance charges –Managed volunteers –Received and distributed donations

11 LSU – A city within a city (cont’d) –Tracked patients, volunteers, responders, supplies, etc.. –Provided Web page re-direction (and other IT services) for UNO –Leveraged communications hardware and services to facilitate data or phone support for: Command centers Responders Govt. Agencies Affected Universities Evacuees Etc. –LSU expended over $1M (not reimbursed) Over $100K out of CIO’s budget –LSU Became perhaps the most critical facility in support of disaster relief/response in the State of Louisiana

12 Lessons Learned at LSU Buildings can be rebuilt; hardware can be replaced. Data is the basis of continuity. Knowing what you’ll need to do and having it organized is more important than knowing exactly ‘how’ you’ll do it IT enables everything in the 21 st Century IT Personnel = First Responders Disaster Recovery and Business Continuity Planning is not a luxury Be prepared to be flexible; adapt, improvise, overcome

13 Lessons Learned at LSU (cont’d) Have a good stock of networking equipment, and mobile and desktop computing in the storeroom Have strong relationships with key vendors And most importantly…

14 People are your most key asset Know who does what and have them ‘on reserve’ Expect them to be burdened with other priorities Be prepared to be amazed…

15 Key changes in LSU’s Plan Formal LSU EOC Formal Memoranda of Agreements (MOAs) –State agencies –Private sector diesel fuel from local refinery water from local bottler, etc…. –Secondary suppliers backing up primaries Chancellor requested written plans from all units on campus Full-time generator for PMAC Logistics now pre-planned

16 Traditional Disaster Recovery - You’re down, everything else is fine Do you have a workable DR plan? Do you know where on campus you’ll go? Did you take necessary back-ups and do you have them ready to re-produce production files? What vendors will you need to tap – and for what? How will you quickly re-establish network connectivity? Phone service? Web presence? E- mail? Mission critical information systems?

17 Broader Disaster Recovery - You (and everyone around) you are down Are your off-sites conveniently (and perhaps tragically) close? Do you have arrangements to get key services restored at a distance –Web, E-mail, Financial/HR, Student Information, CMS Hot-sites may be too expensive – but can you find suitable raised floor/HVAC/power to ‘re-build’ Can you support your administration “in exile?” –Internet access, computers, cell phones, e-mail, IM Is your ‘life-boat’ plan portable over larger distances? Can you grab your key people? Can you care for them?

18 One Possible Tool In The Arsenal: Data Center Lifeboat Situation: What if we had very short notice (4-8 hours) notice of the need to abandon our data center/campus and set-up elsewhere (>50miles away) Goal #1: Re-establish some critical subset of services Goal #2: Support the re-establishment of some subset of university administration

19 Lifeboat Key things to recover: –Payroll/Financial Data –Web presence Splash/priority information screens As much content as possible –E-mail service for faculty/staff/students –Portal interface –Student Information Systems –HR, Procurement Systems –CMS –What else? Budgets ($25K, $50K, $100K) Key things to address –Off-site storage of critical back- ups –Ability to ‘grab and go’ key data and hardware –List of key hardware needed later from vendors –Disaster Supplies Crate What would we put into an 8x12 truck for rapid evac? –Equipment for a mobile or relocated university command post Laptops, radios, phones, etc. –Identify Key IT personnel Who does what w/back-up “Scoop ‘em up” –Where might you go?

20 Survivor Disaster Recovery You’re the last ones standing Dealing with unimaginable demands –Start imagining it Do you have a stock of equipment to set up a large support operation in short-order? –Networking gear, computers, cables, supplies, telephone service Value of a flexible and capable staff Consider how you’ll do all this on top of your normal jobs, as campus life resumes and student enrollment increases How ready is your campus administration to take on the role of disaster response center? –Facilities, public safety/police, communications, academic affairs –Is the CEO (Chancellor, or President) prepared?

21 Final Thoughts Imagine the questions first so that you can find the answers Next time, you may not be watching it on CNN – you may be living it Do the right thing Now is the time to think, plan, and take action – later it will be too late

22 Final Thoughts Data is the basis of continuity Have a flexible plan People are your most key asset Do the right thing because in the end its really all about…

23 Service

24 Credits The staff of LSU ITS who helped make the relief effort a success. Brian Voss (CIO) – ‘In the Wake of Katrina’ Brian Nichols (CISO) – ‘At Katrina’s Edge’ Frank O’Quinn (DR) – ‘Weathering the Storm’ Sheri Thompson, Jim Zietz, and others - photographs John Borne – excerpts from Master’s Thesis Margo Jolet, LSU Office of Public Affairs - ‘LSU in the Eye of The Storm’

25

26 Lessons Learned from Hurricane Katrina Azim Ashraf Manager – Network Security & Incident Response

Download ppt "Lessons Learned from Hurricane Katrina Azim Ashraf Manager – Network Security & Incident Response."

Similar presentations

DISASTER RECOVERY AND CONTINUITY OF GOVERNMENT NASACT Middle Management Conference Robbie Robinson April 10, 2006.

DISASTER RECOVERY AND CONTINUITY OF GOVERNMENT NASACT Middle Management Conference Robbie Robinson April 10, 2006.
9/11 - Respond and Recover: A Case Study Joy Heath-Porter Sidley Austin Brown & Wood LLP LawNet 2002 August 21, 2002.

9/11 - Respond and Recover: A Case Study Joy Heath-Porter Sidley Austin Brown & Wood LLP LawNet 2002 August 21, 2002.
Hurricane Sandy. Sandy was the second-largest Atlantic storm on record Storm surge reached over 13 feet in coastal areas of New York and New Jersey The.

Hurricane Sandy. Sandy was the second-largest Atlantic storm on record Storm surge reached over 13 feet in coastal areas of New York and New Jersey The.
Presented at the 2006 CLEAR Annual Conference September 14-16 Alexandria, Virginia Disaster Preparedness II: Planning for the Future By Deidre Gish-Panjada.

Presented at the 2006 CLEAR Annual Conference September Alexandria, Virginia Disaster Preparedness II: Planning for the Future By Deidre Gish-Panjada.
HOW DISASTER ORGANIZATIONS FIT TOGETHER IN MY COMMUNITY JUNE 13, 2013 Connecting Disaster Resources with Disaster Needs.

HOW DISASTER ORGANIZATIONS FIT TOGETHER IN MY COMMUNITY JUNE 13, 2013 Connecting Disaster Resources with Disaster Needs.
Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,

Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,
Amatuer Radio Emergency Services Our role in the Joplin Disaster.

Amatuer Radio Emergency Services Our role in the Joplin Disaster.
Business EOC Governor’s Office of Homeland Security & Emergency Preparedness.

Business EOC Governor’s Office of Homeland Security & Emergency Preparedness.
Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, 2003. This work is the intellectual property of the author.

Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, This work is the intellectual property of the author.
Emergency Preparedness Program Nursing Services Orientation April 2010.

Emergency Preparedness Program Nursing Services Orientation April 2010.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.

Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
Emergency Preparedness

Emergency Preparedness
DTCC Green DTCC’s Response to Super Storm Sandy Cecilia Humphrey Americas’ Representative, DTCC ACSDA General Assembly, April 2013 Antigua, Guatemala Special.

DTCC Green DTCC’s Response to Super Storm Sandy Cecilia Humphrey Americas’ Representative, DTCC ACSDA General Assembly, April 2013 Antigua, Guatemala Special.
Business Continuity Planning In a Post-Katrina Environment May 2006 Brian D. Voss Chief Information Officer Enterprise 2006—The EDUCAUSE Enterprise Technology.

Business Continuity Planning In a Post-Katrina Environment May 2006 Brian D. Voss Chief Information Officer Enterprise 2006—The EDUCAUSE Enterprise Technology.
Public Librarians’ Response to Hurricanes: Lessons, Issues and Strategies Rebecca Hamilton State Librarian State Library of Louisiana.

Public Librarians’ Response to Hurricanes: Lessons, Issues and Strategies Rebecca Hamilton State Librarian State Library of Louisiana.
Public Librarians’ Response to Hurricanes: Lessons, Issues and Strategies Rebecca Hamilton State Librarian State Library of Louisiana.

Public Librarians’ Response to Hurricanes: Lessons, Issues and Strategies Rebecca Hamilton State Librarian State Library of Louisiana.
Pace University Rebounding from the World Trade Center Disaster Copyright Barbara Cunningham, 2001. This work is the intellectual property of the author.

Pace University Rebounding from the World Trade Center Disaster Copyright Barbara Cunningham, This work is the intellectual property of the author.
MODULE 3. MANAGING EMERGENCY RESPONSE Dick Evans.

MODULE 3. MANAGING EMERGENCY RESPONSE Dick Evans.
Practical Steps to Hurricane Loss Management Rick Osorio, Director of Insurance Diocese of St. Petersburg.

Practical Steps to Hurricane Loss Management Rick Osorio, Director of Insurance Diocese of St. Petersburg.
Disaster Scenario Exercise for Organizational Planning Major Hurricane w/ Coastal and Inland Flooding & Tornadoes FEMA 2010 EXERCISE EXERCISE EXERCISE.

Disaster Scenario Exercise for Organizational Planning Major Hurricane w/ Coastal and Inland Flooding & Tornadoes FEMA 2010 EXERCISE EXERCISE EXERCISE.

Similar presentations

Ads by Google