Since the events of Sept. 11, 2001 — and more recently, Aug. 29, 2005 — disaster recovery has moved to the forefront of executive minds in corporate America. Terrorist attacks and natural catastrophes have prompted reviews of data storage practices, customer care locations and tech support.
“Business continuity continues to be first and foremost on the minds and radar screens of enterprises from very high-cap businesses such as [those in] financial services and healthcare to small and medium businesses, even to work-at-home professionals,” says Jerry Shammas, AT&T’s director of business continuity and recovery services. Some of the drivers of increased attention to disaster recovery planning include a global economy in which businesses operate 24/7, a constant focus on optimizing productivity with limited resources and recurring threats from spam, spyware, viruses and worms.
Continuity for Their Customers
“Disaster recovery is never completed,” says Bob Prezkop, senior vice president of enterprise infrastructure and managed technologies at Phoenix-based Avnet.
Avnet, with the assistance of AT&T, is upgrading its metropolitan area network. Sonet technology from AT&T will allow Avnet, which manages IT for small and mid-sized businesses as an outsourcing vendor, to redirect applications to unaffected data centers in the event of natural or man-made disasters. Because of the trust clients place in this partnership, Avnet is dedicated to data, network and power source redundancy, and remote command centers.
Affluent consumers rely on the Chubb Group of insurance companies in a similar way. The underwriter of luxury homes, art and yachts, therefore, puts the same emphasis on its own disaster recovery capability as it does on those it creates for customers.
“After all, we are in the business of helping people and businesses manage risk,” says Mark Schussel, public relations manager for Chubb, Warren, N.J. “Since we play such an important role in the lives of our customers and their businesses, it is vital that we be there when they need us. Hence, our own business continuity planning is a paramount concern to many of our customers.
“At Chubb, we always have been conscious of our own exposures to various types of disasters, whether natural or man-made,” he tells CRM Buyer. “Since 9-11, however, like many other companies, Chubb has increased its focus on business continuity planning, crisis management and disaster recovery.”
Key executives identified potential vulnerabilities to various types of disasters, and a full-time business continuity manager works with a crisis incident management team representing the company’s different business units. A chief information security officer ensures that technology and redundancy protect the business from cyber crimes. Furthermore, local incident management teams were created to oversee crisis response in the insurer’s branch network.
Improvement Through Testing, Experience
Business impact analyses expose what part of an enterprise would experience the most pain in the event of a catastrophe. “Pain” in this context may mean loss of revenue, hardship for customers, challenges for employees or a negative impact on shareholders, says AT&T’s Shammas.
“A hurricane, etcetera, could cause a serious or adverse impact to business,” he tells CRM Buyer. Assessments of the likelihood of individual occurrences enable proper recovery strategy planning. Once in place, plans need to be tested periodically and updated as the enterprise adopts new hardware, software or network technology.
“We test [disaster recovery plans] frequently through tabletop exercises that involve a potential scenario,” Chubb’s Schussel says. “We bring together our crisis incident management team and others to work through a drill, evaluate the drill, [and] then we put new policies and procedures into place.”
Real life tests occur, too. From burst pipes to national tragedies, companies learn disaster recovery through doing it.
Fidelity Investments calls upon hundreds of staffers to populate task forces and emergency operations teams. “When a crisis hits, these people swing into action, joining forces with our security, risk, human resources, employee communications and other support groups to ensure the security of Fidelity people and assets, as well as that of our customers’ accounts and their continuing ability to do business with us,” says Vin Loporchio, a spokesperson for the firm.
Within minutes of the first attack on the World Trade Center, Fidelity was lining up remote office space for hundreds of New York City employees. Dozens of Fidelity people worked days, nights and over the weekend to complete the relocation and prepare for the markets to reopen.
Fidelity employs several regional operating facilities throughout the United States with redundant computer and customer service functions. “In the event an area of the country where Fidelity is located is adversely affected, customer inquiries and computer services can be routed to other regional operating facilities,” Loporchio says. “Fidelity also maintains alternate-site readiness plans in the event employees need to be relocated.
“The firm works diligently to make sure its disaster recovery, contingency and security plans are effective and as up to date as possible,” he concludes. In the end, it spells high reliability and accessibility for Fidelity customers.