TORONTO — Canadian enterprises have to stop focusing on backup and recovery capabilities and instead develop IT environments that can anticipate unforeseen disasters, an IBM Canada executive told an audience of IT managers Tuesday.
as part of a breakfast seminar hosted by Toronto Hydro Telecom, IBM Canada business resiliency services director Ralph Dunham said senior managers are no longer interested in funding second sites or building in network redundancy that doesn’t add value to the organization. He said IT managers should move beyond traditional disaster preparedness to a more holistic approach that encompasses high availability and business continuity as well.
“”In 20 years of looking at disaster recovery plans, I never saw one that took into account two planes flying into the side of a building,”” he said, referring to the terrorist attacks on the World Trade Center on Sept. 11, 2001. “”What boards of directors want is to see ways we can redeploy what we have today more effectively to protect the business.””
Besides viruses and natural disasters like the recent hurricanes, businesses are discovering other unexpected threats to their business that need to be factored in, Dunham said. These include sudden spikes in demand, such as the one Victoria’s Secret suffered when a surge in Web traffic overwhelmed its online fashion show in 1999. The bankruptcy of a competitor is another example, Dunham said. “”If they go out of business, can you handle the influx?”” he asked the audience. “”Will you end up angering your existing customers as well as the new ones?””
Instead of disaster recovery strategies that use storage backup and failover locations to keep businesses running, Dunham preached the idea of resilience, where processes would change in the event of a disaster to keep things up and running. For instance, a company might set up its IT infrastructure in a grid computing environment to better balance computing loads. Another option might be disabling one service, like online account balances in the case of an IT outage at a bank, in order to supply more mission-critical ones.
“”If I’m a bank customer they tell me that I can still transfer money but I won’t be able to see the balance in the account until the next day, I think I’ll tolerate that,”” he said.
Although senior management teams have been slow to embrace even traditional disaster recovery, Dunham said privacy laws, securities regulations and other rules have made them more attentive. “”They’re having to make assurances and sign off on things that say the business will be resilient,”” he said. “”Risk management is becoming less tied to physical assets and more (to) reputation . . . if they’re brand is worth a lot, they’ll spend a lot to protect it.””
Toronto Hydro Telecom president Ian Miles said business continuity services has come to represent a third of its business since it began offering data services two years ago. He highlighted customers like University Health Network, which recently employed Toronto Hydro Telecom to help move a duplicate data centre off site through a range of carrier-class products, including a SONET core network.
“”Not surprisingly, no two customers are alike, and we’re seeing a lot of interest in customized solutions,”” he said. “”There’s also the concern that customization means more cost, but that’s not necessarily the case.””
Dunham urged IT directors to think of resiliency in the broadest way possible, including operational issues like governance. He admitted creating that kind of culture and revisiting it periodically will be tough for many enterprises.
“”I’m dealing with some clients who are looking to merge because it will give them more resiliency,”” he said. “”They know of a firm that could bring those capabilities faster than if they were to build it in themselves.””