If last weeks terrorist attacks were intended to bring America and its information economy to its knees, the terrorists hit the wrong buildings. Many companies in the World Trade Centers Twin Towers, as well as the Department of Defense in the Pentagon, have some of the most thoroughly planned backup and recovery operations anywhere. Those plans were largely able to keep data—the lifeblood of our economic and defense systems—flowing, even as the buildings crumbled.
Nonetheless, there remains the giant task of replacing data centers and office space and that most precious of resources: the people who do the work.
“The people are the most critical issue, and organizations have not thought through all the different aspects associated with the people when something like this happens,” said Robert Rosen, director of information management at the U.S. Army Research Laboratory, in Adelphi, Md. “It seems cold, but in terms of keeping your business operational, its what youve got to do.”
Morgan Stanley Dean Witter & Co., with nearly 4,000 people working in the World Trade Center, was hit hard but was bouncing back.
“The bond desk doesnt exist anymore, but all those people have been given new desks and will be up and running tomorrow [Thursday] morning” from the recovery site, said one Morgan Stanley employee who asked not to be identified. “Whoever designed the plan was truly a genius and had us all prepared.”
Indeed, as the toll of those unaccounted for rose late last week, data recovery proceeded smoothly, as is generally the case in weather-related and other disasters, sources said.
For example, as a result of the 1993 World Trade Center bombing as well as the more recent Y2K preparations, major financial services companies in the vicinity of last weeks attack had well-established disaster recovery plans already in place that went into effect as soon as need arose. Although trading markets remained closed through late last week, there were no reports of critical data loss, and many companies were able to continue providing client services from other locations.
At disaster recovery sites in New Jersey and elsewhere, companies were on a war room footing and could not be reached for comment on the state of their operations. However, recovery service providers such as Comdisco Inc. and SunGard Data Systems Inc. said many companies devastated by the terrorist attacks were using their services to carry on business.
The companies with the least disruption were reported to be those with mirrored data. Those companies were able to switch over to their backup sites almost instantaneously, according to service provider officials, who declined to provide names of their clients due to confidentiality agreements. Those that relied on tape backup stored in data vaults typically took 24 hours or more to come online, as the tapes had to be physically retrieved from the vaults and mounted at the recovery sites.
“We were tracking all of our customers minutes after the disaster occurred. All of our customers lost people. The first thing we did was to make sure all the authentication systems were mirrored,” said Tom Brady, vice president and director of strategic accounts at Secure Computing Corp., in San Jose, Calif., maker of the SafeWord mirrored authentication server. “One hundred percent of our customers were still running.”
Comdisco is servicing 36 companies as a result of the disaster, mainly at its data centers in Carlstadt and North Bergen, N.J., and in Queens, N.Y., said John Jackson, head of recovery services at Comdisco, of Rosemont, Ill. Comdisco was also providing services for companies in cities that saw major office building evacuations, including those in Chicago, Boston, San Francisco and Los Angeles.
“In some cases, we are supporting their data center as well as their normal business operations,” Jackson said. “They have a place to work and access to their computer systems.” Clients include brokerage houses; banks; investment banking firms; insurance companies; and the New York Board of Trade commodities exchange, which was relocating its operations to the Queens facility, he said.
Information technology at the Pentagon, in Arlington, Va., suffered “spotty outages” primarily because of water damage, said Lt. Col. Ken McClellan, of the Department of Defense Press Office. Although McClellan could not give details, “IS continues to provide information to military personnel worldwide,” he said. “Neither the NIPRnet nor the SIPRnet were affected. They both remain operational,” he added, referring to U.S. militarys Non-classified IP Router Network and Secret IP Router Network.
“We have water pouring into the building, [but] no datas been lost that weve identified at this point,” McClellan said. Off-site backups of data are handled by the Defense Information Systems Agency, he said. DISAs headquarters, also in Arlington, is just 1.5 miles from the Pentagon.
Even as companies brought up critical functions from disaster sites, they began to consider how to re-establish permanent facilities, taking into account lessons learned from the disaster, including, for a change, the loss of people.
Tom Miller, a senior director of IS in Santa Clara, Calif., said Tuesdays events put the concepts of business continuity planning—prevention, response, resumption, recovery and restoration—into perspective. “I think this has caused everybody to step back, to revisit their business continuity plans, to think about how they make arrangements for potential loss of people,” Miller said.
“If your datas off-site, halfway across the country, its safe, but what do I do if my IT department is wiped out?” said Kevin Baradet, network systems director at the S.C. Johnson Graduate School at Cornell University, in Ithaca, N.Y., and an eWeek Corporate Partner.
Bank of America Corp. had approximately 400 employees at the World Trade Center, and although a spokesman said that data on local servers was backed up and recovered, the company last week was seeking to confirm the whereabouts of the 400 workers.
“As a result of this, Im sure were going to be taking a good hard look at our disaster recovery plans and preparedness,” said Brian Jaffe, an eWeek columnist and IT manager whose offices are on 49th Street in Manhattan. Some of the steps he anticipates taking are using multiple lines from different carriers for telecommunications, ensuring greater redundancy with his companys West Coast hub, ensuring methods for disseminating information to employees, guaranteeing remote access capabilities and, of course, providing an alternate location.
Jaffe also said companies may re-think the locations of corporate facilities including data centers. “A hub site in [New York] may be very attractive … but while Peoria may not be state of the art, its probably less of a target.”
Gartner Inc. analyst Donna Scott, in Austin, Texas, said companies are bound to consider a number of new approaches. “Companies may be looking at the increased use of telecommuting,” she said. “They may very well be looking to move staff out of the city into cheaper space and split technology and staff into multiple locations. They may also have people trained in multiple jobs so that if you do have loss of life, you have a knowledge base that survives.”
Scott added that the trend for companies to consolidate data centers to achieve more-economical processing probably will not continue, despite the costs of carrying multiple data centers. “There is pressure to consolidate to save money, but there is a greater amount of risk,” Scott said.
New office space in distributed locations outside of Manhattan are looking promising to some. “Initially we are focusing on New Jersey, where we think it will be easier to get services,” said John Wollman, senior vice president for Alliance Consulting, whose New York office was on the 102nd floor of One World Trade Center. Manhattan, with offices that are 97 percent occupied, is going to be a difficult place for quite a while. It just lost its two biggest buildings.
“But first and foremost,” Wollman said, “we are dedicated to finding our missing comrades.”