Digital disaster management
Annotations by Tyler Cunningham and Rachel Segall.
Project Definition
The focus of this bibliography is disaster preparedness and response regarding digital materials in various repositories. The bibliography covers the entirety of the topic with attention being paid to disaster plan policies and solutions to issues with planning and preparedness, management of disasters, and responses to disasters. The sources were selected on several criteria, including publishing date (within the last 15 years), institutional variety (whether the repository was a library, archive, or corporation), practicality (is there a greater focus on theory or praxis), and applicability (is the article’s focus relevant to the topic). Overall, the bibliography seeks to provide an overview of the entirety of the topic as well as a focus on the importance of collaborative, cross-disciplinary action in preparing for digital disasters.
Annotations
Al-Badi, H., Ashrafi, R., Al-Majeeni, A.O., & Mayhew, P.J. (2008). IT disaster recovery: Oman and cyclone Gonu lessons learned. Information Management and Computer Security, 17(2), 114-126.
This source offers an analysis of survey-based research completed on the businesse sector in Oman after a major storm hit the country in 2007. The source provides a look at how IT professionals viewed their disaster plans after a real disaster had occurred. In the case of this research, most of the businesses surveyed admitted that they felt they were only partially prepared after the disaster struck. In this sense, the importance of creating a disaster plan that is also tested multiple times is apparent. The authors also speculate the future of such research on disaster plans by suggesting a collaborative effort between the Oman government and both private and public sectors through an off-site, government run National Disaster Recovery center. The authors assert that, in this center, businesses and public institutions would follow specific guidelines for depositing back-ups of their most sensitive or important data, therefore protecting it from disaster. Thinking in these terms, an argument can be made for greater communication and cooperation between governments and businesses on preserving digital materials and data. Resource sharing would be cost effective, and in the case of the Oman businesses interviewed by the authors of the article, critical to creating comprehensive, working, and routinely tested disaster plans to avert further crisis after a disaster.
Breeding, M. (2015). Future trends: Cloud computing and disaster mitigation. In Mallery, M. (Ed.), Technology Disaster Response and Recovery Planning: A LITA Guide (45-69). Chicago: American Library Association.
In this source Breeding discusses the implementation of cloud computing in libraries, and how it affects disaster planning and management. This is a timely subject, with the author stating that the implementation of cloud computing is inevitable. Breeding discusses the relative merits of different types of cloud services including storage, software applications, and backup. This guide to services is of great use to any professional looking to adopt cloud services for their own library. In addition, Breeding covers how to design fault-tolerant systems, the idea being that these systems can endure a degree of abuse without needing to be completely reset. These highly resistant systems can also continue to function, albeit in a degraded state, in the event of a failure. Once again, this is practical guidance that could be of great use to a professional looking to implement a cloud system. The key is that cloud computing represents a great shift in how librarians manage data. It is an inevitability that as the cloud becomes more common, librarians will have less direct control of their data infrastructure. It is important to learn as much about this new system now in order to prepare and ensure that the transition is as smooth as possible.
Breeding, M. (2012). From disaster recovery to digital preservation. Computers in Libraries, 32(4), 22-25. Retrieved from https://librarytechnology.org/document/16821
This article is important in that it bridges the gap between digital disaster management and preservation. These ideas are inherently linked; while disaster management focuses on recovery in the immediate aftermath of an event, preservation focuses on building infrastructure that will stand up to the test of time. The author discusses long term preservation for media including books, periodicals, e-books, as well as digitized special collections. The distinction between disaster management and preservation is important: it drives home the point that a digital repository must understand both disaster management and preservation in order to continually function. From a more utilitarian perspective, the article is also useful because it discusses different types of media and their digitization/preservation issues.
Cervone, H. F. (2006). Disaster recovery and continuity planning for digital library systems. OCLC Systems & Services: International Digital Library Perspectives, 22(3), 173-178. doi: 10.1108/10650750610686234
Cervone’s article goes beyond the traditional purview of disaster planning in libraries. Instead of focusing only on disaster recovery planning, he brings in aspects of business continuity planning as well. This includes conducting a business impact and risk analysis survey. This information ensures that the library’s most vital functions can be identified ahead of time, ensuring a faster recovery. He also emphasizes the importance of a prioritization scheme. Once again, this allows the library to give attention to its most important functions in the event of a disaster. In discussing these processes Cervone reveals strategies that have often been neglected, namely those used in the private sector. This is vital, given that digital resources are a relatively new addition to the library and therefore strategy concerning them is not yet concrete.
Cheng, K. (2005). Surviving hacker attacks proves that every cloud has a silver lining. Computers in Libraries, 25(3), 6-8, 52-56. Retrieved from http://www.infotoday.com/cilmag/mar05/cheng.shtml
Cheng’s article focuses on his experience dealing with hackers while working as the head of a library’s information technology department. Perhaps most importantly, this article is a reminder that disasters are not confined only to natural phenomena. Be it a flood or a hack, both have the potential to destroy digital assets. His experience also demonstrates that it is possible to prepare for this kind of event, namely by creating backups, working closely with IT, and learning the signs of a hacker incursion. Professionals in the field can use Cheng’s experience to prepare before disaster strikes.
Chow, W.S. & Ha, W.O. (2009). Determinants of the critical success factor of disaster recovery planning for information systems. Information Management and Computer Security, 17(3), 248-275.
This source provides an in-depth analysis of different critical success factors (CSFs) regarding the creation of a disaster recovery plan (DRP). The source uses a quantitative approach to determine ten core success factors that lead to well-formed DRPs and involvement from both upper management and employees directly involved in implementing the plans should disaster strike. The CSFs include DRP documentation for all employees involved in disaster recovery, testing the DRP, training, policy and goals, maintenance of the DRP (updating the plan), minimum IS processing requirement (i.e. how long the IS can be down before adverse effects occur), commitment to the DRP by top management, external back up and processing sites, and on-site backup. Pinpointing these CSFs, when creating a disaster plan, is helpful to both researchers and those looking to create plans because it provides in-depth analysis of items that are considered by professionals to be the most important to the disaster plans. This source also provides a strong basis for conducting further research on the development, implementation, and overall attitude towards DRPs by providing multiple facets of the DRP development with which one can formulate survey questions and assessments of current DRP plans.
Clareson, T. F. R. (2015). Digital disaster recovery and resources in the wake of Superstorm Sandy. In Mallery, M. (Ed.), Technology Disaster Response and Recovery Planning: A LITA Guide (89-97). Chicago: American Library Association.
This source shows the concrete reality of disaster preparedness and management. Clareson discusses the centralized agencies that leapt into action following Superstorm Sandy and the advantages of collaboration. These agencies include the local Metropolitan New York Library Council as well as national agencies including the American Institute for Conservation of Historic and Artistic Works and Heritage Preservation. These organizations provided a central hub to connect afflicted institutions with the assistance they needed, both long distance and in person. The chapter also discusses the responses of three separate repositories in the storm’s immediate aftermath. These accounts are confirmation of much of the theory discussed in the other sections of this bibliography. The importance of formulating a disaster plan, responding in a timely manner, and communicating with experts throughout the profession are all demonstrated. Here, theory becomes practice and professionals who have never experienced disaster firsthand can examine how on-the-ground operations should function.
Decman, M. & Vintar, M. (2013). A possible solution for digital preservation of e-government: A centralised repository within a cloud computing framework. Aslib Proceedings: New Information Perspectives, 65(4), 406-424.
This source creates an argument for the use of a centralized cloud system as a means of storage and digital preservation for public administration records. The authors, though they do not explicitly mention disaster planning in their reasoning for this centralized cloud system, heavily discuss various ‘disasters’ in which the centralized cloud system would provide a feasible solution. Specifically, the authors mention incompatible formatting, obsolete formatting, as well as cost as a deterrent to taking measures to ensure digital materials are protected and preserved. In this way, the authors argue that the creation of a centralized, government funded, off-site cloud storage system would solve these issues. The predominant drive of the paper is the cost effectiveness of such a system. The authors mention complications and risks such as cloud blackouts and the prevention of unauthorized use, however, solutions for these risks are not elaborated on. The authors instead emphasize a singular cloud computing system, which would force repositories and agencies to make their digital content accessible on multiple platforms, updated for current software, and the system would decrease the in-house digital storage for individual agencies. While this solution does not necessarily solve every disaster a digital object may encounter, the authors open the discussion of utilizing new technology for preservation as well as cooperative networks between government agencies which can then be easily translated to any type of digital repository.
El-Temtamy, O., Majdalawieh, M., & Pumphrey, L. (2016). Assessing IT disaster recovery plans: The case of publicly listed firms on Abu Dhabi/ UAE security exchange. Information and Computer Security, 24(5), 514-533.
This source discusses disaster recovery plans in business sectors located in the UAE. The authors conducted a survey of multiple public businesses throughout the UAE in order to evaluate their DRP plans and identify any shortcomings in these plans. In this way, the source creates a basic idea of the various considerations one could utilize when creating a disaster plan. The questionnaire sent out by the researchers included items such as threats, risks, and upper management involvement and commitment to disaster recovery and planning. Through this research, one can better understand how management affects the employees and their responses to disaster planning. The research found that high upper management involvement and caring about disaster recovery led to a more in-depth and tested recovery plan. Using these results, one could begin to speculate the kinds of individuals who should be involved in formulating these plans. In addition, the inclusion of a list of top threats in both physical and logical formats provide a basis for creating a disaster plan that meets the top concerns for those involved in creating and developing the DRP. The paper also provides suggestions for creating plans, including assessing the risks and threats to a specific business. In this way, disaster plans can be tailor-made to fit each institution as its needs are assessed or changed.
Fleischer, S.V. & Heppner, M.J. (2009). Disaster planning for libraries and archives: What you need to know and how to do it. Library & Archival Security, 22(2), 125-140.
This source provides a step-by-step guide for disaster plan creation beginning with creating a DRP proposal for a board or upper management, to outlining effective staff training. While the other sources in this bibliography mostly deal with plans that have already been created and how to improve those plans, this source works from the premise that an institution may be attempting to create a plan from scratch. In this way, the authors’ attention to the type of questions a DRP preparer should ask different departments of an institution, as well as how best to present the need for a disaster plan to a board or upper management is an invaluable asset. The source, though applicable across a large area of information centers (the content itself focuses primarily on libraries and archives with physical collections), provides a model that can be applied to the creation of a disaster plan for institutions with primarily digital holdings. Similar steps would be followed by a digital repository to garner funding, implement proper research techniques for the holdings, and use of the same people on the disaster planning team as a more traditional repository. In this sense, the importance of the source to the understanding of disaster planning for digital materials does not lie in its direct mentioning of digital materials, but instead on the authors’ intent to make the creation, implementation, and continued adaption and renewal of a disaster plan easy to understand and follow for any institution in need of one.
Fox, R. (2006). Vandals at the gates. OCLC Systems & Services: International Digital Library Perspectives, 22(4), 249-255. doi: 10.1108/10650750610706961
Fox’s article discusses the importance of properly securing digital assets in the face of increasingly complex threats from hackers. Fox’s message is even truer now than when it was first written. Libraries and their assets are increasingly connected to the internet, through both OPAC systems and cloud computing. While it is certainly possible to recover from hacker incursions, the preferred strategy is to prevent the attack from happening in the first place. The author discusses some of the most common methods hackers use to infiltrate secured systems including phishing, network sniffing, Trojan horses and others. This is a useful resource for professionals looking for an introduction to the topic. He also emphasizes the importance of collaboration across different departments of the library. This collaboration can be as simple as ensuring that the entire staff is aware of the dangers of hacking or as complex as instituting backup policies for each department. Today’s professionals can learn much from Fox’s approach.
Frank, R. D. (2012). Disaster planning and trustworthy digital repositories (Master’s thesis). Retrieved from https://deepblue.lib.umich.edu/handle/2027.42/137664?show=full
This source discusses how certain digital repositories are implementing disaster plans and what their core motivation is for doing so. The author’s study reveals that for many the primary motivation is certification as a Trustworthy Repository, rather than an innate desire for disaster preparedness. The author also discusses the difficulties associated with implementing these plans (which can provide perspective for repositories currently grappling with the same obstacles) and the lack of transparency that is stifling cooperation between repositories. This source is especially useful in that it presents a perspective that allows professionals to see the issues from a different angle. Is preparedness really the goal or is it simply institutional recognition? By asking this difficult question the digital curator can gain insight into the process and begin to think more seriously about how their own institution is navigating this issue.
Hunter, G.S. (2003). Security and disaster planning. In his Developing and maintaining practical archives (pp. 181-206). New York: Neal-Schuman.
This source provides an in-depth how-to guide for both creating a disaster plan as well as what to do when disaster occurs. The chapter also touches on various types of security breaches. Though it differentiates between security and disaster, the terms are interchangeable when discussing digital data, as security breaches can lead to disaster such as stolen or deleted data. Hunter recommends, as do many sources about disaster planning, creating both on-site and off-site back up storage. While the chapter deals with both the physical records as well as digital records, the recommendations and considerations are nearly the same. In this context, the source requires the reader to not only think of the individual data or records, but to also contemplate the physical environment it is kept in and how to react when disaster strikes the environment.
Kahn, M. B. (2004). Disaster response planning for hardware and physical storage media. In Protecting Your Library’s Digital Sources: The Essential Guide to Planning and Preservation (33-36). Chicago: American Library Association.
Despite its age, Kahn’s chapter provides a useful framework for hardware care in the aftermath of a disaster. Her basics for handling hardware and assessing damage still hold true today. Her discussion of insurance is particularly useful in that it provides a general overview of a subject that is seldom covered elsewhere. The author also discusses the specifics for handling types of physical media, ensuring that the well-meaning professional does not inadvertently harm material that has survived a disaster. While these media are less common in today’s libraries, it cannot be denied that they are still in use and that Kahn’s instructions will prove useful in the event of a disaster.
Manaf, Z.A., & Ismail, A. (2010). Malaysian cultural heritage at risk? A case study of digitisation projects. Library Review, 59(2), 107-116.
This source focuses its argument around the problem of an increased push to digitize cultural heritage pieces in Malaysia. The source heavily asserts that the obvious benefits of digitizing cultural heritage are overshadowing the risks involved in doing so. Digital materials are at risk for loss and inaccessibility and, as the authors note, the three institutions they interviewed about their preservation plans lacked a substantial disaster recovery plan. The authors also note the lack of collaboration either through a government agency or between institutions in correcting the absence of a disaster plan. In this, the source highlights a common theme not only in cultural heritage repositories, but across multiple sectors that create and store digital materials and data: risk management and disaster planning is woefully neglected or even nonexistent. The source urges readers, through description of the importance of cultural heritage, to put forth more serious effort and thought into creating feasible disaster and risk plans. The article follows a common theme seen through much of the literature regarding disaster plans: there is not enough of these plans in place, those that are in place are often not updated or tested as frequently as they should be, and that the easiest and best way to fill in the gaps is to promote collaboration among institutions and repositories.
Matthews, G. (2005). Disaster management: Sharing experience, working together across the sector. Journal of Librarianship and Information Science, 39(2), 63-74.
This source outlines the role of creating connected regional and national networks that work together on disaster planning. These networks share resources, provide training, disseminate information, and create standardizations for disaster plans. In looking at disaster plan creation, creating bonds and networks with other institutions would create a diverse, more effective wealth of information regarding implementation and creation of disaster plans. In this way, the source provides aspects of a UK based network called REDS that provides aid to cultural heritage institutions for the creation and implementation of disaster plans. The source also speculates on using this framework to apply to other areas, regions, and even across disciplines to effectively create more disaster plans. Primarily, the source’s greatest asset comes from its emphasis on cooperation between institutions to ensure proper disaster planning is conducted. The sharing of resources, people, and time would even the playing field between large institutions and small independent ones. Through the eyes of preserving cultural heritage, granting smaller institutions access to the same resources as larger institutions is invaluable. Therefore, the source’s assessment of REDS and the way it lays out the goals, duties, and expectations of both the REDS participating institutions as well as the individuals involved, creates a solid framework for considering the creation of a repository network in areas outside the UK.
Onyeneke, C.O. (2017). Impact of disaster on access to records of National Archives of South East, Nigeria. Collection Building, 36(2), 63-68.
This source provides details of risk and disaster assessment at the National Archives in South East Nigeria. The author’s purpose was to pinpoint the most common disasters to affect the archive, how often these disasters occur, how the disasters affect access to records, and how the archive deals with the disaster, and the what disaster plans are in place. The source strongly asserts that disaster planning should be more than just a written policy. In this way, the author mimics sentiments seen throughout the literature regarding disaster planning: it is not just good enough to have a plan in place. This plan must be tested and updated regularly, as well as when the needs of the institution or repository change. The article provides an everyday view of smaller scaled disasters, such as power outages, that can cause major problems for records and data access. In this sense, disaster plans should not only include major issues such as fire or security breaches, but also more simplistic issues. The institution must be trained and prepared for any kind of disaster.
Schmidt, G. (2010). Web 2.0 for disaster response and recovery. Journal of Web Librarianship, 4(4), 413-426. doi: 10.1080/19322909.2010.511038
The other sources cited in this bibliography focus on the new challenges associated with the increasingly digital character of library collections. However, these characteristics can also be a boon in disaster management. Schmidt attributes infrastructure failure as one the greatest obstacles for disaster recovery. However, through the use of cloud computing it is possible to create an alternate platform to coordinate recovery operations. While a simple strategy, it is useful and practical. Communication is paramount, as is having access to pre-disaster documentation. By taking advantage of these cloud services, professionals will be better prepared to begin the long road to recovery. This source details the method of such an approach.
Yoon, C. & Kim, H. (2013). Understanding computer security behavioral intention in the workplace: An empirical study of Korean firms. Information Technology and People, 26(4), 401-419.
This source focuses not on creating a disaster plan, but instead on employee attitudes towards internet and computer security in the workplace. Specifically, the focus is even more centered on crises such as data theft and security breaches, and not natural disasters. When formulating and attempting to implement disaster plans, understanding employees and their attitudes towards security and protecting data not only from natural disasters, but also malicious individuals is incredibly important to the disaster planning policies of digital repositories. In this sense, the research in this study showed that moral obligation was a key factor in raising awareness and concern for security among employees. When attempting to rally employees around creating a disaster plan or even ensuring that employees will follow through on the disaster plan and the requirements for testing it, it is important to understand how employees view the importance of an action. Simply, if a person does not view something as inherently important or necessary, they are likely not to complete the task or put the proper amount of care into doing it. In this way, this study provides a basis for assessing employee attitudes and, if needed, changing managerial verbiage or involvement in the process to effect proper creation and adherence to disaster and risk management.
Zaveri, P. (2015). Digital disaster management in libraries in India. Library Hi Tech, 33(2), 230-244. doi: 10.1108/LHT-09-2014-0090
Zaveri’s article focuses on libraries in India and their state of disaster preparedness, which he describes as lacking. This work is especially useful to libraries that are still in the process of transitioning from print to digital resources as well as those in developing countries (one of the limiting factors Zaveri describes is poor infrastructure). The article is also useful in light of the need for greater collaboration between professionals. It is already widely accepted that collaboration is a must between libraries bound together by national borders and it is only a matter of time until this collaboration becomes international. By better understanding the realities of libraries in other countries, the profession as a whole can work better together.
