Safeguarding Against the Everyday Disaster
BY Angus Loten
Hurricanes and other natural disasters command the headlines. But it's everyday calamities, like computer viruses, that can really wipe out a company.
The start of the Atlantic hurricane season has traditionally prompted small-business owners to undertake an annual review of their disaster preparedness plans.
Yet the growing need among businesses of all sizes for round-the-clock access to customer, marketing, and financial data, along with other enterprise applications, is making disaster planning a far less seasonal concern, experts say. More simply, a company is far more likely to be wiped out by malware than Mother Nature -- and business owners finally seem to be taking notice.
Nearly two years after Hurricane Katrina slammed in the Gulf Coast, impacting as many as 125,000 small businesses across the region, a national survey of more than 1,000 employers by AT&T found that 82 percent ranked computer viruses, worms, and other network disruptions as the biggest risks to their businesses. By contrast, natural disasters were cited by just 1 percent, ranking them last among all potential hazards. Of the 73 percent of business owners who reported having disaster plans in place, nearly every one focused those efforts on Internet security, backup servers, and other network protections.
This shouldn't be mistaken for arrogance in the face of recent severe storms. What's happening, market watchers say, is that the increased reliance on 24/7 access to enterprise applications is leading business owners to treat hurricanes and malware as posing essentially the same risks to network uptime. How? By rolling disaster-planning efforts into ongoing data-storage protection and business continuity systems with an eye to keeping operations online -- whether or not their physical workplace is submerged under floodwaters or under attack by a malicious virus.
This more centralized approach has big economic advantages, says Sonia Lelii, an analyst with Aberdeen Group, a Boston-based market research firm.
"Ultimately, this should weed out inefficiencies that occur when business continuance, high availability, and disaster recovery are treated as three separate initiatives," Lelii says.
It's also driving an expected boom in the network continuity and recovery services market. Last year, U.S. businesses spent just over $15 billion on network continuity and recovery services, according to Frost & Sullivan, a Palo Alto, Calif.-based business consulting firm. By 2012, they're expected to spend up to $23.3 billion by 2012 as even more Web-based enterprise applications are adopted, the firm said in a study released in April.
"The need to minimize financial repercussions associated with network outages and applications downtimes are driving an increasing number of small, medium, and large enterprises to pro-actively plan for business continuity services," says Imran Khan, a Frost & Sullivan program manager.
It's perhaps telling of this shift that IT managers now place a higher priority on disaster planning than any other company executive -- including the boss.
A recent Harris Interactive survey of 500 executives found that 71 percent of IT mangers identified disaster recovery and continuity as "very important" to business success, compared to just 49 percent of those on the administrative and business side.
"Business executives may not fully understand the interdependencies between corporate processes -- like CRM [customer relationship management] and supply chain -- and the back-end systems responsible for keeping these critical systems available during an unexpected outage or disaster," says David Palermo, vice president of marketing for SunGard Availability Services, a Wayne, Pa.-based software firm that commissioned the survey.
Despite the discrepancies, both groups agree that e-mail, back-office applications, customer service, and telecommunications are among the top systems that would impact the bottom line if they went dark.
Both groups also agree that more than five hours of downtime is unacceptable, regardless of the type of disaster that strikes. Yet they disagree on what applications were the most crucial. Only 29 percent of IT respondents said the CRM applications are a priority, compared to 40 percent of business executives. Generally, business mangers are more concerned with outages of external, or customer-facing systems, while IT mangers were worried about internal infrastructure.
Palermo says he believes that could have an affect on the types of investments made towards managing disaster planning and recovery processes.
"IT executives may be resigned to 'making do' with the resources that they have, even though there are growing pressures to decrease downtime," he says.
They may consider switching on the Weather Channel at the next budget meeting. Storm experts are warning of another active hurricane season this year, with climatic conditions leading to intensified storms closer to the coast. Three weeks ahead of the official start of the Atlantic hurricane season -- from June 1 to Nov. 30 -- the National Weather Service issued its first storm warning of the year for Subtropical Storm Andrea, which was packing winds of up to 45 mph off the southeastern coast on May 9.
That should have more residents and business owners alike in hurricane-prone areas stocking traditional emergency supply kits with drinking water, flashlight batteries, and other traditional provisions -- let alone worrying about network downtime, says Tim Harden, a network services president for AT&T's Southwest region.
"When it comes to disaster preparedness, there is no such thing as being too prepared," Hardin says.