As a grants manager, you likely interact with your grants management software on a daily basis. It helps you get your work done, right? Well, while the software's suitability to simplifying your daily work is very important, it shouldn't be the only thing you think about when using your grants management system. Spending a little time considering the security, stability and sustainability of your grants management platform is well worth the time spent!
I get it; sometimes talking to technical people about this type of thing can be intimidating. Don't worry - I've put together a few simple questions you can ask your IT department or grants management vendor, to help you make sure you have your bases covered:
- Is the system monitored for failures?
While it's not always possible to prevent failures, knowing about them as early as possible allows for faster remediation. This can be greatly augmented by system monitoring. If monitoring tools are being used properly, disk space, CPU utilization and memory usage – all things that can impact performance – can be monitored to stay within thresholds and send alerts to the right people if they exceed them. External monitoring services can be employed to periodically check the system for critical usage patterns and, again, send alerts if there are any issues. This may allow your IT department (or vendor) to fix an issue before you ever realize the issue is occurring.
One way you can be sure you have the right system monitoring is by checking over time if your IT department (or vendor) is aware of a problem before you are. Well-monitored software should not have an outage without the IT department knowing about it first!
- What happens if we have a data problem we need to fix? Is there a way to restore data from a few hours ago? A month ago?
Since your grants data is critical, backups should be taken frequently, which will enable you to restore a recent copy of data if something goes wrong. In addition, your IT department or vendor should be able to provide you information on how long backups are kept. This will let you know how old the data you can restore is. Let's say you don't find an issue until a month later; will the data be available to restore from a month ago?
An easy way to ensure this process happens is to ask to work with your IT department to plan a "fire drill"-type test where some data is restored to a temporary location. I'd suggest trying with both recent data and some very old data.
- What happens if the computer the software is running on fails? Do we have a documented disaster recovery plan?
A disaster in this context usually means the physical computer resources or software has some sort of major issue that prevent it from operating the grants management software from its current location. This can range from a faulty computer part to a meteor strike or other natural disaster. The IT department or vendor can mitigate the computer failure by utilizing the cloud, virtualization and/or fault-tolerant hardware. Other mitigation techniques involve housing additional computers in physically separated. In the case of a disaster, it's best to have a specific written plan to follow and train to it.
An easy way to validate the plan is to ask to see the copy of the disaster recovery plan in writing. While this doesn't guarantee it will be the plan used during the disaster, it at least means some thinking has gone into what to do in the case of a disaster.
- Are all our communications as secure as they should be?
I'll find it hard to believe any IT department would answer this question with a no. So, you are going to get a "yes."
While you may get a "yes," it's best to investigate a bit further. Ask if the software requires use of Transport Layer Security. Hopefully the answer here is yes also.
One easy way to check from your browser is when you access your grants management system, make sure you are using "https://" in the front of the website name. That's a good indication you are using some encryption for data being sent to/from the grants management software.
Asking these few questions of your IT department now may save countless headaches later. Remember, it's not just grants management software; it's your grants data!
Photo Credit: https://pixabay.com/static/uploads/photo/2014/09/14/16/39/encrypted-445155_960_720.jpg