Businesses in Southern California are
at increased risks for disaster. Is your
company prepared in the event of a disaster or pandemic? How much are you
depending on technology? How much are
you depending on your employees?
Certainly, your day-to-day operations
require the best of both. How are you prepared to operate if employees can’t get to
the office or if computers aren’t accessible?
According to Kevin Burton, Disaster
Recovery Specialist with Agile360,
“Disaster recovery needs, data protection
and business continuity plans that include
the end user are at an all-time high. There
is the increased regulatory pressure. There
are employee safety concerns. There is an
overall feeling that Disaster Recovery and
Business Continuity planning are part of
the overall risk-mitigation picture.”
Smart Business talked with Burton for
his insights on how these risks can be mitigated.
Why is Southern California different than any
other part of the country?
For one thing, the United States
Geological Survey (USGS) has predicted
that an earthquake of 7.0 or greater magnitude will hit the area within five years. For
another, there is a high concentration of
technology companies and those that
depend on technology centered in this
area. But perhaps more alarming is the
notion that terrorists are prone to target
areas with the largest concentration of
people and businesses they can damage.
Those are the areas that are going to be
hurt the most by terrorists’ actions. The
areas that are at higher risk for a terror
attack (and according to Homeland
Security officials, Southern California is in
the top five) need to consider employee
responsiveness and inclusion more than
others.
Why is more or better technology not the only
answer?
Businesses depend on computers and
people to run them. What are your plans in
the event of a major disaster? Do you have
evacuation plans? You are going to need
people to continue the business. You are
going to need paper backup and human IQ
that can move that paper forward. You
must have processes in place to recover
information and use it to spring forth from
adversity with speed and determination.
Employee safety is extremely important.
Employees are key to a company’s survival; Sept. 11 certainly taught us that.
But why focus on the human side of the equation if computers run today’s businesses?
Chief executive officers and CFOs are
saying to the CIOs, ‘Show me the case
study to justify the expense of fully duplicating our current data center.’ The CIO
and the IT department require input from
business unit managers and other stake-holders to prioritize business processes
and then the applications that support
them.
Using this data, the CIO can then map the
technology to the human-driven processes
that run the business. The resulting set of
‘tiers’ or levels of criticality can indicate the
right-sized solution and appropriately
address the risk. The bottom line is that we
have to get better at tracking business
value against application performance or
automation.
How do you differentiate between cost and
value when it comes to Disaster Recovery
and Business Continuity?
Cost is just that — cost. For example, you
go to the store and come home and show your wife a receipt for $900. You’re simply
showing her the cost. If you come back
from the store and say that you got a new
washer and dryer for $900, then you have
shown the value of your purchases. If there
is not a value, a cost should not be
incurred. In short, by aligning processes to
applications, you can build a better shopping list for IT when it comes to risk mitigation. In the Risk Business, this is called a
Business Impact Analysis. Leading organizations parlay these findings into
Application Impact analyses that then lead
to appropriate technical solutions that mitigate risk.
What should be the roles of the CEO, CFO and
CIO?
They need to communicate with each
other and work together to determine
everything that is needed and what the
long-term effects are. Rank, based on criticality, everything the business does.
Mitigate risk and spend money accordingly. In some cases, High-Availability
Solutions and advanced technologies such
as VMW are perfect solutions — especially
for high-value applications. In other cases,
old-fashioned tape backup methods will
do. Make individual business cases based
on business value as opposed to relying on
the input of vendors and flashy new technologies to fix the risk problem. Go with
trusted advisers who understand your
needs, have a fixed view of how your business operates and offer cost-considerate
solutions on a case-by-case basis.
How can you save money while lowering the
risks?
One example is the opportunity to re-purpose old hardware. Another is to spend
less money on the least important things
on the criticality list to be more cost effective. By increasing the dialog between the
CEO, CFO and CIO and engaging a facilitator who respects your needs as a business
and purveyor of technologies, you can be
better assured of knowing what steps need
to be taken and having the right solutions
with the best value to move your company
forward no matter what disaster strikes.
KEVIN BURTON is a Disaster Recovery Specialist with
Agile360. Reach him at [email protected] or (949) 253-4106.