9/11: Top lessons learned for disaster recovery

By , Computerworld |  Security

Public services and corporate disaster recovery teams have stepped up their use of social media, such as Facebook and Twitter, to keep employees informed and communicate with key players. Many companies have even created the position of social media officer to manage online communications and ensure corporate sites remain updated.

"It's also about controlling the rumors," Witty said.

In addition, some companies now consider having cots, flashlights, food and water on hand for employees who stay in the office and have a remote recovery site in operation to make sure they can restore critical systems as quickly as possible.

Risk management

Even in the aftermath of 9/11, IT managers said they had to fight for money to implement disaster recovery plans and technology.

What began with 9/11 but evolved with numerous cases of fraud and rogue trading, was the concept that risk management needed to be a part of disaster recovery planning.

"Chief risk officers who used to never ... look at the IT side of things, do talk more about IT risk as becoming part of something they need to incorporate as part of an enterprise risk management capability," said Rodney Nelsestuen, a senior research director at industry consultancy Tower Group.

The U.S. government saw to it that in the years following the terrorist attacks, the financial industry spent hundreds of millions of dollars upgrading internal systems to comply with the Patriot Act. That law required financial services companies to beef up their ability to flag suspicious transactions and customers.

"The fact that there's evil out there -- 9/11 drove that, but I don't think people were looking internally to that," Nelsestuen said.

According to Tower Group, after 9/11 about 39% of IT budgets went to integrating back-end systems; 34% was spent on new software; and 24% was used to upgrade IT infrastructures, such as server, network and and storage systems. Another 2% was spent on outsourcing services with operators of customer databases, such as Regulatory DataCorp International LLC (RDC) in New York.

Firms such as Merrill Lynch, whose headquarters was located right next to ground zero and lost its primarydata center for six weeks, performed a gap analysis to determine what was missing and what might be needed respond to another disaster.

Originally published on Computerworld |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question