My late grandfather would never countenance the idea of contents insurance. It was anathema to him to hand over ‘good money' every year in case something might happen to his possessions. In part, living at the top of a hill and having a fiercely protective hound gave him all the peace of mind he required – flood and burglary, at least, were dealt with.
It is easy to see this attitude reflected in corporate thinking around business continuity. Why spend on expensive disaster recovery plans that might never be needed? The figures suggest that few businesses want to spend such money. In fact, only one in five of the Global 2000 companies chose to develop sophisticated business continuity plans.
But this reluctance to invest may be changing. Recently Information Age spoke to the chief architect of a leading online retailer. His business was entirely focused on stripping out costs, passing the savings on to end users; disaster recovery was seen as overkill. Unfortunately, when his email server crashed and recent back-ups were found to have been corrupted, he was forced to pay a small fortune to data retrieval specialists to try to restore vital email from the damaged disks.
On the scale of things, that problem was relatively small. Industry statistics show that when companies are hit by disasters that knock out their IT capabilities, as often as not they never reopen, and those that do are almost invariably dead in the water within two years.
If this is not enough to convince executives of the need for business continuity planning, then the increasing levels of regulations demanding business assurance surely should.
For my part, I should make it clear that my grandfather was no fool. His investment strategy simply placed a higher value on mitigating risk than recovering from disasters. It is a strategy that some businesses are starting to consider – especially as grid-like infrastructures start to offer high resilience without the kind of costs associated with disaster recovery.