Corrections Telecommunication and Technology
F. Warren Benton, Ph.D.
John Jay College of Criminal Justice, CUNY
Reprints from a series published in Corrections Managers' Report.

Access the entire collection at the CTT Web Site.

Year 2000 -- Are You Ready?

by F. Warren Benton, Ph.D.
Copyright Corrections Managers' Report, October/November 1998
Will your agency's telecommunication and technology systems accurately process dates in the year 2000 and beyond? Experts are concerned that, unless agencies comprehensively detect and correct Y2K (the acronym for Year 2000) defects, major disruptions will take place. In corrections, the consequences of failures of information and security systems could be devastating.

There is a great deal of hype about this problem in the news media. A reader might get the impression that trees will grow upside down and the ocean will drain once the year 2000 begins, and that the only solutions involve spending the next decade of budgets on consultants, buying all new equipment and software, or revising operations to bring back the quill pen and horse-drawn cart.

The truth is that for most agencies, Y2K is a manageable problem if it is faced in a timely and organized manner. Much of the key information and the necessary tools are available on the internet.

Begin by Becoming Informed

Good starting points include the Federal Emergency Management Agency Summary of the Y2K Problem or the Y2K Best Practice to address the challenge.

Focus on Agency Problem Areas

It is important to recognize that Y2K exposure is not limited to large-scale computer-based information systems. Y2K defects also exist in desktop systems and local area networks, and in user applications such as spreadsheets, where the application itself may be compliant but the spreadsheet created by a user contains a defect.

However, the most challenging risks involve what are called "embedded systems," where specialized microprocessors are built into equipment such as alarm, telephone, facility heating and ventilation systems, and lock systems. These micro-processors may rely on dates in ways that are not obvious. It is very likely that, on the first day of the year 2000, there will be buildings without heat, elevators that do not move, and locks that do not work. We need to make sure that these problems do not involve prisons and jails.

 Within a typical prison or jail agency, responsibility for the Y2K problem can be divided into several broad areas. If your agency shares a computer system with other agencies, primary responsibility for Y2K assessment and remediation should rest with the agency that operates the system. However, your agency may be assigned responsibility for corrections applications that run on the shared system.

Evaluating Your Desktop Systems. Within your agency, there are two potential problem areas: (1) local computers and applications and (2) embedded systems. There are several computer programs that can be used to evaluate desktop computer systems. The National Technical Standards Laboratory provides a free program that tests desktop computers at the hardware level. There also are commercial packages that are designed to evaluate software on desktop computers. A recent list of such packages can be found at PC Y2K Evaluation Software.

As you investigate whether your application software is Y2K compliant, be sure to check on the exact version of your software. The most recent versions of many packages may be Y2K compliant, while earlier versions may not be. Another problem is that, while your spreadsheet software itself could be fully compliant, your spreadsheet files may not be. For example, your accounting division may use a spreadsheet to summarize canteen inventories, written years ago by your accounting staff, which might store years as a two-digit number rather than as a date. When the inventory suddenly reports 100-year old products, it will not be the fault of Microsoft or Corel. The fault lies with the accountant who did not use a date function correctly.

Reviewing Your Embedded Systems. Embedded systems must be approached in a different way. Begin by identifying the hardware that might contain embedded microprocessors. The following is a good listing of Categories of Suspect Equipment. Then, determine the status of each piece of equipment, keeping in mind the exact model, the version of any microcode, and compatibility with related equipment. (For example, a monitoring device may be compliant by itself, but noncompliant if connected to a particular central alarm device. Many vendors have made available the results of their own testing on the internet. The General Services Administration maintains an updated and comprehensive List of Vendors and Products. Product categories include:

  • Critical;
  • Fire/life safety;
  • HVAC Systems;
  • Miscellaneous;
  • NonCritical;
  • Security Systems;
  • Utilities;
  • Water;
GSA also maintains a list of Known Noncompliant Systems. Several states maintain similar pages, including Florida, Washington, and Utah.

Do Not Ignore Y2K!

The Y2K problem is a major organizational challenge. In some businesses and public agencies, for several years to come the majority of technology and telecommunication resources are being dedicated to the Y2K challenge. Some organizations are "freezing" application development programs before the last six months of 1999 to assure resources to correct problems, and to avoid last- minute surprises from new systems. While such a large-scale response may not be necessary for many correctional organizations, the critical factor for a successful strategy is to face the issue early, with an organized plan. Ignoring the problem is a sure-fire recipe for disaster.