After a Fire Isn’t the Time to Buy Extinguishers

S. Schuchart

Summary Bullets:

• Enterprises and organizations have long ignored business continuity / disaster recovery (BC/DR)

• BC/DR is a fundamental business duty like insurance, not an optional expense

Yesterday, French cloud provider OVH suffered a fire in one of its data center complexes in Strasbourg, France. It entirely destroyed one unit, damaged another and caused the shutdown of the rest of the units on site. Thankfully, no one was hurt and OVH is working on restoring service. But an entire data center is gone, along with parts of another. Not down, burned. Gone. Fried. No realistic chance of recovery, not anytime soon if at all. The fire was so hot the metal walls of the building deformed.A lot of businesses and websites went completely offline. In a tweet, OVH founder Octave Klaba reported the fire and recommended customers activate disaster recovery plans. Sensible idea. But the responses on Twitter clearly showed that a lot of their customers didn’t have BC/DR plans. Some of them even asked where those plans were on OVH’s dashboard. Customers thought because their data was “in the cloud” it was safe. That thinking, which far too many individuals and businesses indulge in, is not only wrong, but destined to cause major data losses and downtime. Just because data and apps are in the cloud does not mean that BC/DR can be ignored. And no, just because you use a bigger cloud provider than OVH doesn’t change the need for BC/DR.

A year or so into a global pandemic it’s particularly frustrating that we are talking about businesses and organizations who simply did not have plans to deal with disaster, like flies in amber. In many enterprises and organizations, IT is considered a cost center rather than an enabler. IT management is routinely mandated to cut spending and areas like BC/DR are often either completely unfunded or entirely ignored. BC/DR isn’t any fun to talk about, hard to plan, and can be expensive. It deals, much like insurance, with “what-ifs” and scenarios that are possible but statistically unlikely. It’s easy to think “it won’t happen here!” until it does.

Over time, C-level and board level management have realized that they cannot skimp on security in IT. Hackers, ransomware, and loss of customer data are real and now security is funded fully. Top management was clear that best business practice and indeed fiduciary duty required good IT security. Its time for that same management to realize that lack of a consistently updated and tested BC/DR strategy is a grave violation of those same practices and duties. Yes, it’s expensive and time consuming. But the permanent loss of corporate data or weeks/months of rebuilding of corporate systems could literally drive the company into the ground.

Business leaders – it’s time to get serious and spend the time and money, on an ongoing basis, for BC/DR. It is unnecessary to suffer a disaster *first* to see why you need BC/DR. Set aside childish “it won’t happen to us” thinking and get to work before the next data center fire or pandemic puts you and everyone you are responsible for in the unemployment line.

What do you think?

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.