PFSC takes disaster prevention and recovery very seriously, and has partnered with the best vendors in the business to keep critical operations running: SunGard, Iron Mountain, Hewlett Packard, Cisco, 3Com, CheckPoint, McAfee, Computer Associates and others.

 

• Backup operations – All data and system information is backed up nightly to both disk and tape utilizing SAN replication and traditional tape backup respectively. Disk to disk backup/replication occurs nightly between our Portland office and our remote backup site in Philadelphia at SunGard. PFSC has two tape "library" units, equipped with robotic arms and optical scanners, which read the tape label and mount or dismount up to 30 tapes in the 4 tape drives. The system is capable of backing up data without having a human operator change tapes. Tape backups are shipped offsite to Iron Mountain for secure vaulting.

 

• Diesel generator – PFSC has an integrated diesel generator capable of powering the data center and PFSC’s offices in case of a power outage. The generator is tested each week. It is capable of operating for up to 30 hours without refueling and can be refueled without interruption.

 

• Air Conditioning – PFSC has a large Liebert air conditioner for the computer room. In the event this A/C unit fails, PFSC has an additional 3-ton Trane unit and a 1-ton mobile unit that can be put in service.

 

• Battery backup – Each equipment rack in the computer room has battery backup to last at least 30 minutes. This provides plenty of time to power the equipment without interruption until the generator starts. The generator starts automatically when it detects that power has been out for more than 15 seconds.

 

• Redundant system configuration – All critical hardware is configured with redundant components. This typically includes redundant power supplies, disks configured with RAID-5, etc. Key equipment is configured for hot fail over.

 

• Spare parts inventory – PFSC keeps its own inventory of spare hardware parts on-site to speed any repairs needed.

 

• Maintenance – All server and network hardware are on active maintenance agreements. PFSC uses Hewlett-Packard for server maintenance and Cisco and 3Com for network hardware maintenance.

 

• Virus protection – PFSC uses the McAfees Active Virus Defense product suite to protect PCs and servers from harmful viruses.

 

• Firewall protection – PFSC uses Checkpoint’s Firewall-1 product to protect both our external (DMZ) network as well as our internal network from Internet threats. Web servers are updated regularly with security fixes from vendors.

 

• Change Control Process – Many business "disasters" are caused by poorly planned and executed changes to internal systems, many more so than are caused by natural events (earthquake, fire, etc.). To minimize the risk of this ever happening to PFSC, a formal change control process was implemented in 1998. Each change to PFSC’s production systems must go through this process. For each change, the possible risk is assessed, the implementation steps are documented, and, most important, a backout plan is provided in case something should go wrong. All changes are approved by the PFSC Change Review Board.

 

• Physical Security – To reduce the possibility of an unauthorized person gaining access to the data center, PFSC has installed physical and electronic locks to the general facility and separately to the data center. To gain access to PFSC’s offices during the off-hours, you must use two different electronic access cards – one to enter the building and a separate one to gain access to PFSC’s offices. Only a handful of staff have this privilege granted on their access cards. Janitorial staff do not have access to the data center. All entry and exit points to PFSC’s offices are monitored by security cameras that record activity 7 days a week, 24 hours a day.

 

• Disaster Recovery – In the event of a full site disaster, PFSC will use SunGard’s facility to recover. The backup tapes will be shipped from secure storage to the recovery facility and will be loaded. This has been tested at SunGard. PFSC has a fully redundant connection to the Internet at the SunGard facility. Selected critical servers are configured "hot" – waiting at the facility to go-live and data is copied electronically daily, to allow for a faster recovery. All critical PFSC staff carry cell phones to better coordinate emergency response. 

 

• Plan – No disaster recovery strategy is complete without a robust plan that is tested and updated annually. PFSC has designated a business continuity officer to oversee maintenance and testing of our comprehensive plan and strategy in the event of a business interruption.