Early in September, New York Federal Reserve employees in Financial Markets and Operations began relocating to the bank's technology center in New Jersey.
The occasion of the mass movement is now all too well mourned. With airplanes having rained down from the sky just 24-hours before, all employees were shipped out for fear of further building collapses or attacks. Routine operations such as coin and currency distribution had always been handled in New Jersey, but now, that facility would serve as home base for as long as required.
As it all turned out, the Fed's downtown offices were soon reoccupied--and the banking system held steady. Even so, the World Trade Center attacks illustrated the critical importance of an effective business continuity plan. It pointed to the need for a systematic guide where data, personnel, and process as well as the ever critical transactions would be retained even should all hell break loose.
"Systems are only part of the equation," says Philip Jan Rothstein, a consultant based in Brookfield, Conn.
Greg Valdez, CIO, of Veritas, a business continuity services and software provider in Mountain View, Calif. agrees. "A business can fail if the result is the loss of domain and business process knowledge. New York City is certainly experiencing that after Sept. 11," says Valdez.
Certainly, the collapse of the Twin Towers was an emergency of a fundamental sort. In addition to generating ambient anxiety, it evinced a major psychological shift in the business world.
"You'll still have many CEOs that remain unconvinced that the expense of failover equipment or other recovery technology is worth it," says Valdez. "But others are looking more closely at both our technology and their recovery plans," he explains. "Many CIOs are beginning to understand the kinds of revisions that need to be made."
Rothstein notes that many executives have been chastened by the experience of terrorism on U.S. soil, however indirect it may have been for any given company.
"In Europe, of course, terrorism has always been real and evident," he says. "After the hijackings, much of our cultural naivete was shattered," he explains. As the corporate world begins to feel its way around in more cautious times, revising disaster recovery plans will become important. And though many will ignore the problem and stay at risk, many more will begin to think about disruptions of the catastrophic sort.
"What the WTC situation illustrated was the need to consider personnel very carefully," says Greg Benton, director of strategic alliances with Agilera, an application management services provider in Englewood, Colo. "You can have all the redundant data in the world and be in significant trouble if you haven't planned for the death, defection, or illness of staff." Benton sees third-party providers taking a bigger role in an environment shaped by increasingly sophisticated technologies and limited personnel resources.
State of the union
On business disruptions, the statistics are telling. For every minute that passes during a bank system failure, about $250,000 is lost, according to Valdez. Meanwhile, 40% of businesses that experience a major disruption from a disaster never really bounce back.
Whether act of God, act of war, or a simple but devastating computer chip malfunction that leads to a single point of failure, the long-term effects can be huge. "Five years later, on average, these disaster stricken companies are out of business," says Valdez.
He explains that continuity or contingency planning is designed to address the whole gamut of business disruption. Disaster recovery, as a subset of this discipline, is arguably the most crucial aspect.
By way of definition, Valdez offers this take: "'Failover' refers to saving a transaction by switching to another system should a component fail. 'Recovery' refers to recreating a transaction in the case when a system is destroyed. …