It's easy to watch the news and make quick judgements about natural and man-made disasters around the world. It's easy to sit back, especially if you live in a region not prone to the specific sort of disaster you're watching and say "It will never happen to me."
In an age where we depend more and more on computers and networks for commerce, entertainment and vital services, are we really looking at the risks any kind of disaster could have on these important conduits of information and income? If you work with computers, are you secure in the knowledge that your company has taken the steps necessary to ensure its survival if the unexpected happens?
Many industries have relied on computers for decades. For them, business resumption plans are serious affairs. Companies such as Sungard and Comdisco have large operations devoted to providing space, hardware and networks to be used by paying clients should one of them lose their main data center. For firms such as banks, which in the United States are prohibited by law from being closed for more than a few consecutive days, telephone companies and other utilities, the ability to get back on line is an absolute must. Yet even in these industries, with "mature" IS implementations, disaster recovery planning is often relegated to a very secondary status, with test exercises performed in a cursory way to please auditors, rather than with the more important intent of guaranteeing that the company can continue to function.
Disasters come in many forms. Depending on where you live, you might picture hurricanes, tornadoes, floods or earthquakes as the disasters for which you should prepare. These are the more extreme disasters. The disaster that is most likely to strike any business is fire.
With the ever-increasing use of desktop workstations and LANs in today's business environment, the ability of any company to protect its information assets can be severely hobbled.
Think about your own company. Now answer these questions and see if you think you could resume business quickly if you had a disaster.
- Is all vital data backed up to a secure storage medium on a regular basis and stored at a location not likely to be affected by a local or regional disaster? Or are key business functions being performed on desktop machines with no regular backup?
- Does your business have a remote location where resumption could take place if the building you occupy is unusable?
- Assuming you have a remote location, do you have the routine supplies you require to get going: pencils, paper, telephones, etc.?
- Can you get key personnel to the remote location in a timely fashion? What if normal transportation arteries are cut off?
- Can you contact key personnel in the event of a disaster? Or are the only people in your organization who carry 24-hour pagers the junior dweebs who haven't earned enough seniority to escape their off-hours support responsibilites?
- If you got this far without answering "no" does your company practice for disasters? Do you have surprise "mock disasters" where life stops and you activate your remote center?
Disaster planning only seems to become important after a disaster strikes. Planning and testing the plan can help prepare companies for the unfortunate circumstance of dealing with the real thing. It can make the difference between having a business (and the jobs it provides) and losing it. No company, regardless of size, can afford to ignore the possibilities.