Information Security News
mailing list archives
Comdisco Shines as Disaster Recovery Takes Center Stage
From: InfoSec News <isn () c4i org>
Date: Tue, 18 Sep 2001 03:02:13 -0500 (CDT)
By TOM ALEXANDER
tom () eprairie com
AOL/AIM screename: TAL37469
CHICAGO - Two months ago, Comdisco declared bankruptcy and was pretty
much left for dead. But now, in the wake of the tragedy in New York
City, the company's data recovery unit is experiencing a resurrection.
"I think our focus has been on recovering our customers," said
Comdisco spokesman Rich Maganini. "We had seven companies that were
located in the World Trade Center and a lot that were in [nearby]
buildings. We're now supporting 35 companies."
Maganini says in the first 20 years of Comdisco's disaster recovery,
the firm had 438 emergency calls. In the past five days, he says
they've had 90.
"The recoveries have gone very well," Maganini said. "Our customers
were working very hard over the weekend and the first day of trading
has gone very well."
Services provided have ranged from finding lost data to setting up new
Web sites to providing office space for some 3,000 displaced
employees. In one case, Comdisco's space in Queens, N.Y. was used
Monday to trade cocoa and sugar by members of the New York Board of
As Comdisco's recovery business moves ahead and proves it can
function, it is in the process of being purchased. Subject to approval
by regulators, Comdisco has a tentative agreement to sell the disaster
recovery portion of its business to Hewlett-Packard.
But for now, Maganini says Comdisco is simply working to get its
customers back on their feet.
"This event, probably more than ever, has raised the need for having a
recovery solution," Maganini said. "In this case, what is unique about
this situation is that the facilities are gone and there's no place
for the companies to return. In our industry, that's a rare thing.
Most of the time, you fix the roof and you go back in again."
Been Here For a While, Folks
Diana Mackenzie, co-chair of the commercial practice at local
tech-focused law firm Gordon & Glickson, is involved with the part of
her firm's practice that deals with disaster recovery.
Mackenzie's charge is to link her clients up with what she calls the
"big three in disaster recovery" Comdisco, IBM and SunGuard.
"Any company needs to make sure that if there is some kind of
disaster, they can continue to run their data," she said. "Every
industry has got its own particular need."
While the data recovery efforts going on in the wake of the World
Trade Center disaster have garnered much recognition, Mackenzie says
this is anything but a new industry.
"Anyone that maintains serious data has been using disaster recovery
services for quite some time," Mackenzie said. "The public became more
aware that the service was out there, but the businesses were already
on that. This is really the first event that has tested these players
to see how well their systems are in place."
Basically, Mackenzie says, a lot of these companies reported some
ability to get information back or keep things flowing smoothly, but
this was the first time a real test of the system under duress was
"They were reporting some large number of assistance calls after the
World Trade Center disaster, which was an unprecedented number,"
Mackenzie said. "Before everybody was using these numbers and talking
in theory, but all of a sudden, you've got a real, live example of
putting these systems in place."
For many, it was like the difference between a drill and a real
"A business will have a fire alarm, but it is quite a different story
when you have to evacuate a building," Mackenzie said.
Not Soon Enough
Some believe attention to this field is not coming soon enough.
"This type of work is always too late," said Tim Wightman of Effective
Data, a local IT consultancy that also does data recovery. "It's not
just enough to put a plan into place. You have to have this thing
doucmented and tested. A lot of people go out but they have not
completed proper testing of it or actually done a dry run."
Wightman said that to some extent, people don't understand what
disaster recovery is.
"It is one thing to lose a system and have a redundant system,"
Wightman said. "[For] a lot of these companies, if you have a
catastrophe, you don't have a facility. Do you have a hot site? Do you
have a place that's plug and play? Or if you have a hot site, where do
your people work? There's a ton of stuff you need to go through to
properly do this. Most smaller companies don't pay a lot of attention
Effective Data has been in business for 10 years, Wightman says, and
he expects the business will get a boost.
Single Points of Failure
Some of the "Big Five" consultancies, like Deloitte & Touche, have
seen a significant interest bump in security even with the relatively
short time since the attack.
"It's only been a week and we aren't out ambulance-chasing, but in
terms of our existing clients, there's a heightened awareness," said
Deloitte & Touche partner Marty Johnson. "I think people understand
that there's more involved than just the technology part of the
Johnson said that Deloitte & Touche had a client whose senior
executives were in Europe on Tuesday and couldn't get home.
"You're never prepared for an event like what occured on Tuesday,"
Johnson said. "Things happen and you have to re-assess the risk. It's
an ongoing process. In recent years, companies have consolidated
operations and they're created single points of failure."
In this case, Johnson says, the need to have remote copies of all
important information became painfully evident this past week. "There
are organizations, I'm sure, that have been wiped out," Johnson said.
However, Johnson continued to say the awareness raised by the disaster
of the past week may bring about some positive changes down the road.
"We've all been lulled into a false sense of security," Johnson said.
"Individuals are re-assessing their own personal security and
resources just like organizations. It effects us all."
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
- Comdisco Shines as Disaster Recovery Takes Center Stage InfoSec News (Sep 18)