1. What’s the total cost?
K–12 schools, particularly rural ones, often lack the IT staff to manage disaster recovery in-house. Despite burgeoning tech budgets for many school districts, there’s increasing pressure to demonstrate a significant return on investment. Administrators should ask providers for total cost estimates that include setup fees, monthly pricing and any additional features, such as legacy application protection.
2. Where are data backups stored?
Recovery locations should be far enough away to avoid local disasters, but close enough to limit latency. Always ask where providers store their data, if they have multiple storage sites available and what typical delays between data transmission and access look like.
3. How is information secured?
Evolving student privacy regulations demand careful data handling, regardless of where information is stored. Potential providers should employ both robust encryption and secure transfer protocols to ensure data is effectively defended at rest, in transit and in use.
4. Who has access?
If audited, schools must be able to show who accessed protected data, when, and for what purpose. Look for a provider that leverages zero-trust policies around information access — only authorized personnel from your school should have the permission necessary to move or modify data.
5. When (and how often) are DR services tested?
Ask prospective DRaaS providers about their disaster recovery testing practices. They should regularly evaluate the ability of their systems to handle disaster events at scale and continually monitor operations to make necessary improvements that increase overall resiliency.