Safeguarding Data

Last week's terrorist attacks proved brute force can't destroy information-age companies, because their infrastructure is virtual and backed up using several methods to ensure reliability.

Last weeks terrorist attacks proved brute force cant destroy information-age companies, because their infrastructure is virtual and backed up using several methods to ensure reliability.

In the aftermath of the suicide plane crashes into New Yorks financial district, hundreds of companies remained operational - even the World Trade Centers largest tenant, Morgan Stanley Dean Witter & Co. - and their data intact with help from disaster recovery companies such as Comdisco and SunGard, and from providers such as Sprint and IBM that sell similar services.

"Everything in business needs to stay in business. Its not just the network redundancy and switching capability. It is not just large computers. Its not just the data storage devices. It is also desks, chairs, phones, fax machines, copiers, automated call distribution - basically anything that a client needs to keep up and running," said Jim Simmons, president of SunGards disaster recovery unit.

In fact, some of the companies affected were sending their employees to makeshift offices in backup locations, most outside of Manhattan. While some locations were within driving distance for customers convenience, some were as far as Colorado to ensure redundancy.

The Nasdaq Stock Market and the New York Stock Exchange - the largest financial institutions in New York - were ready to resume operations late last week, their electronic trading facilities undamaged. Their data caches are among the best-protected sites, and they are not expected to lose any data.

"There are stock exchanges in America that back up their data instantaneously into SunGard facilities, so we have a perfect copy of what they have, the instant a trade happens," Simmons said. "So if something were to happen similar to [Tuesdays attack] they would be able to move in immediately and not lose a single transaction."

Such electronic capabilities are aided by a redundant physical facilities layout that makes businesses that are as dependent on information as stock exchanges hard to eliminate with a single large explosion. Neither Nasdaq nor NYSE have their main processing facilities anywhere near the NYSE trading floor or Nasdaqs video wall on Times Square, said Chuck Lewis, a Nasdaq IT veteran who is now senior director of operations of managed service provider SevenSpace. "The backup infrastructure has been built in a ring-type concept around New York," Lewis said.

Once the disaster hit on Tuesday, backup scenarios were set in motion: Declarations of disaster status started rolling into Comdisco as early as 9:02 a.m. EDT - just minutes after the first plane hit the first tower. By 10 a.m., 23 companies had declared disasters. Few companies were able to get their employees to backup facilities because of the traffic havoc in lower Manhattan.

But the vast majority of Comdiscos customers take a pass on full-fledged backup facilities. Among its 3,000 clients, only seven have contracted for standby offices. Forty of Comdiscos customers were affected by the attack, with 86 corporate sites requiring recovery.

"We have dedicated contracts and shared contracts," said John Jackson, Comdiscos president of availability solutions. "Dedicated contracts mean we have either space available or equipment in place on a dedicated basis for an individual customer. Seven customers have that. For the companies that have a shared solution with us, a contractual obligation is six weeks."

Comdisco will help companies that have not returned to their offices within six weeks find space in third-party data centers; that will be the case with World Trade Center tenants. After an unsuccessful foray into Web hosting, Comdisco is in bankruptcy reorganization and is in the process of being acquired by Hewlett-Packard, which owns space in several overseas data centers.

The cost of data backup is one of the chief reasons few companies go for the full-fledged disaster recovery support.

Until the first attack on the World Trade Center in 1993, few companies invested even in shared data backup. RagingWire Telecommunications, a California disaster recovery firm, estimated that of the 350 companies that operated in the World Trade Center before the 1993 bombing, 150 were out of business a year later because of the disruption. The 1993 blast didnt damage the upper floors as much as it did the garage, but FBI investigators kept the companies out of the building for two weeks and a lot of paperwork - and business - was lost.

On paper, the situation has not greatly improved since then.

RagingWire estimated that 82 percent of companies still dont have adequate disaster recovery plans in place. Former tenants of the World Trade Center, though, have apparently implemented disaster recovery plans, thanks in part to new recovery vendors such as SevenSpace. Because companies such as SevenSpace use IP networks for connectivity and use Internet data centers, their costs are lower and their solutions are available to businesses with IT budgets smaller than that of Nasdaq and NYSE.

SevenSpace execs estimated that customers could save up to 50 percent by going with SevenSpaces solution, which might be the key to quick restoration of companies affected by the attack.

"New York is a high financial arena, with a lot of companies having the money to build data resiliency and have data off-site in storage," SevenSpaces Lewis said. "In actuality, all we lost - other than a horrendous loss of life - is infrastructure, brick and mortar. We did not lose business integrity."