http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,109752,00.html
By Stephanie Overby MARCH 21, 2006 CIO Just before Hurricane Katrina made landfall last Aug. 29, Tom Oreck, CEO of vacuum manufacturing company Oreck Corp., took off from New Orleans on a plane bound for Houston with his wife, his three young children, his dog and his company's backup tapes. When he touched down, he FedExed the tapes to the company's backup data center in Boulder, Colo., and began piecing his company back together. Oreck's headquarters are in New Orleans, and the company also has a 375,000-square-foot manufacturing plant and call center based in Long Beach on the Mississippi Gulf Coast. Though the company was back in operation 10 days after the hurricane (and now, more than six months later, has resumed normal operations), its disaster recovery plan was severely tested by the storm. In a Q&A [1] with CIO, Oreck said he was surprised by how important communications was to a disaster recovery plan and how even cell phone systems have a fundemental design flaw -- that each call is routed through your original area code, where towers may be down. The experience taught Tom Oreck some critical lessons about the role of IT in business continuity. First, in today's networked environment, when one IT system breaks down, they're all down, for all intents and purposes. Second, the public telecommunications system can't be counted on. And although a good business-continuity plan is essential, recovery from a disaster depends on what Oreck calls "aggressive improvisation" by employees. The company owes its existence to improvisation. When Oreck's father David first tried to sell his lightweight, heavy-duty vacuum cleaner in the 1960s, he had trouble marketing the product through department stores, which were the traditional channel of distribution. So the elder Oreck went straight to the consumer, turning the fledgling Oreck Corp. into a direct marketing company. Back then, Oreck's systems consisted of a few telephones, typewriters and invoices to be filled out in triplicate. Four decades later, with estimated annual revenue of $190 million (Oreck doesn't publish its revenue), the company has 450 retail stores and an expanded product line that includes cleaning and air-purification products. And its IT needs are complex. The direct marketing side of the business lives or dies by its data. Manufacturing depends on supply chain and logistics systems. Customer service requires its call centers. Oreck and his chief financial officer approve all major IT investments. Nevertheless, Oreck is hard-pressed to name the applications that keep the company running smoothly (aside from that expensive ERP system he recently approved). He is less interested in the systems themselves than in the business results they deliver -- or don't. "Our business is about three things. It is about marketing. It is about controlled, aligned distribution. And it is about quality, both in the product and in customer service," says Oreck. "IT's role is to support those three things. And as we continue to develop, IT's job is to make sure that the information that's needed is in the form it's needed in, and in the location it needs to be in, for people to be able to accomplish their jobs." [1] http://www.computerworld.com/hardwaretopics/storage/story/0,10801,109753,00.html _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org