Rethinking IT priorities
The attacks wound up giving some IT teams the support they needed to put longtime plans into action. For Brandeis University, that meant going ahead with plans to build a redundant data center.
"We talked about it, we planned for it, but it never really got beyond the planning stages. It's something that really got pushed to the back burner," says John Turner, director of networks and systems at Brandeis in Waltham, Mass. "I think that 9/11 had a direct impact on the overall funding decision to go ahead and build out a second data center."
New and expanded legislation passed post-9/11 also impacted Brandeis. As part of the Patriot Act, colleges and universities hosting international students are required to use the Student Exchange and Visitors Information System (SEVIS), a digitized system for tracking information regarding exchange visitors, international students and scholars.
Homeland security efforts also expanded the impact of the 1994 Communications Assistance for Law Enforcement Act (CALEA), or digital wiretap law; colleges and universities that essentially act as ISPs to the student populations can be required to allow surveillance access to their networks.
IT teams at Brandeis have had to equip the school's ERP systems to collect and monitor SEVIS data, for instance, and security groups have been trained to respond to court-ordered wiretaps and data preservation requests. "The Patriot Act had a big impact on what we do and how we operate," Turner says.
The mass shooting on the campus of Virginia Tech also had a big impact on Brandeis; the 2007 tragedy forced the entire education industry to reconsider and strengthen their ability to communicate with students, faculty and staff in the event of an emergency.
Brandeis bolstered its emergency communications systems to allow the university to notify students, faculty and staff about crisis situations on campus through a number of different media, including campus email and voicemail; voice and text message sent to students' personal cellphones; broadcast messages to phones located in offices, classrooms and public gathering places; and students' personal email accounts.
"After Virginia Tech, the main concern was to evaluate our ability to message the community in a crisis situation," Turner says.
Private industry, too, is paying greater attention to emergency communications, Gartner's Witty says, with hosted offerings enabling businesses to share essential information before, during and after a crisis. "They're using it to communicate the company's recovery operations and to inform the workforce, customers and partners about the impact of an emergency and how the company is responding," Witty says.
Laying the groundwork
In Washington, D.C., one of the most tangible technology deployments completed in the wake of 9/11 is the city's municipal fiber network, called DC-Net.
"From the moment I walked in the door in January of 2003, it was all about, 'Let's make sure we have citywide services and those citywide services must be able to sustain various levels of disaster,'" recalls Rob Mancini, who today is CTO in the District of Columbia's Office of the Chief Technology Officer (OCTO). "The existence of the basic infrastructure, the city-owned government network on high-speed fiber, is the beginning of getting our arms around a 9/11-type of issue."
DC-Net provides voice, data, video and wireless services for 347 District government sites including 120 schools, 35 recreation centers and 20 libraries. DC-Net also supports the District's 911 call center and its police, fire, emergency medical and emergency management services. For the public, DC-Net provides backhaul for more than 250 free wireless hotspots throughout the city.
Those wireless hotspots proved to be an important asset when a 5.8 magnitude earthquake occurred in Virginia last month and cellphone networks were jammed by a flood of calls.
"When the earthquake hit, we had a few thousand people jumping on [the Wi-Fi network on the National Mall] to let their families know they were OK. We didn't have that 10 years ago, and we continue to build on that," says Mancini.
The terrorist attacks were a turning point, and the operational vulnerabilities that were exposed after 9/11 continue to be tested by events worldwide, such as hurricanes, earthquakes, volcanic ash incidents, flu pandemics and campus violence, Gartner's Witty says.
IT pros agree.
"Everything from that day forward has prepared us to handle a crisis situation as part of normal operating procedures. We prepare further in advance for these situations, and we have good methodologies in place now. A decade ago it wasn't that way," Brandeis' Turner says.
Sign up for CIO Asia eNewsletters.