|
We have been having
thinderstorms all day today and the news online and on-air is all about
Hurricane Rita. I managed to get out for an hour between downpours
and reflect on some past experiences and current events.
In the mid 90's I started
working for Oracle and one of my first engagements was a Fortune 100 firm here
in the greater Detroit area. I still remember a meeting that I attended where
the company's Chief Data Architect (everyone at this company had a unique
title because, as I found out later, each employee kind of created
their own) met with the consulting team to go over the Failover, Disaster
Recovery and Risk Mitigation deliverables.
I was thoroughly impressed
by the documents, not realizing that this was just a starting point. When
all was said and done there was two sets of servers, located several miles apart
on different electrical grids. The system saves each transaction to one set of
servers and mirrors the transaction to the other set. Then there were tape
backups, stored offsite at a third location. And these examples are just the tip
of the iceberg. This company took their data very seriously and were willing to
go to great lengths to protect it. The assumption is that without a system their
business comes to a screeching halt. Good assumption.
Now, working with small
and medium size firms I see the same need to protect the data, the same need for
disaster recovery plans and risk mitigation. These companies are as tied to
their data as any company. The business owners feel this need also. The
major difference is that small and medium size companies do not have the human
bandwidth to stop and think about the issues of business continuity. Forget the
required financial resources and physical limitations, these business people
simply do not have the time for an IT Strategy. They just hope that
disaster does not strike.
Unfortunately, the way
some of these firms operate they are only one stolen laptop away from disaster.
I heard from one owner that his business was robbed and they walked out with his
server. His whole business history gone in a smash and grab.
Being the unflagging
entrepreneurs that they are, SMB owners and managers pick up the pieces and
carry on. But it does not have to be this way. Putting servers behind your brick
walls does not mean security and risk mitigation. To the contrary, the best way
to mitigate risk and plan for business continuity in the face of disaster is to
get out of the IT business. It's not the strong point of SMB firms anyway, as
they readily admit in an honest moment. There are now other options available to
SMB firms. From Email to Web to CRM and ERP, there are a host of choices for
software as a service.
Helping SMBs develop a
business continuity plan is no small undertaking. Just bringing up the issue
sets you up as a scaremonger. But it's not long before the conversation becomes
interesting and worthwile. Senior people do think about business continuity in
passing, and given the opportunity they participate in planning
enthusiastically. This is an issue that resonates with them, if you can get them
to take the time to think about it strategically. | 
