Cloud services as part of a BC/DR plan after a terror attack

While terrorists usually go for big targets, even small-and-medium sized business need to think about the reprecussions of a terror attack. Gregory Machler outlines how the cloud can keep business running

By Gregory Machler

July 11, 2011CSO

I was talking to a friend about data security over lunch today and we discussed 'dirty bombs' and a what-if scenario for small-and-medium sized businesses.

If there was a catastrophe like a dirty bomb, many of the affected small-and-medium-sized businesses would go out of business. Many large businesses, like banks or healthcare firms, have extensive disaster recovery plans. A large terrorist attack would lead to many problems, but they could scramble services to various data centers around the country and select new suppliers to keep them running.

But, for example, I have a good friend that has a small business selling performance shoes. He markets the shoes in a geographic location within our metro that doesn't have many close competitors. A dirty bomb would have a disastrous effect on him. If he physically survives, he would have the following problems: Would his supply chain be intact? He could be disconnected from his suppliers and the outside world.


[See also: Business continuity and disaster recovery: The basics]


His phone and internet access come over a cable line which must be working in order to track product orders via emails with suppliers. The EMP (electromagnetic pulse) from the bomb could destroy his cable connection or cable head-end. Even more importantly, he could be missing power due to the EMP. The loss of a critical infrastructure would lead to a need to relocate elsewhere, because it is very likely that the cable and power companies could not restore power and cable services quickly enough.

This type of bomb would have repercussions throughout the country and some parts of the world. Businesses would have difficulty finding suppliers of goods that were provided by affected businesses. Affected businesses would need to move, potentially reacquire their goods, and restart. The lack of product supplies and proper business data (tracking goods, sales, and taxes) would drive many out of business.

The issues associated with business data can be addressed by cloud services. Many small businesses, like my friend's performance shoe business use email providers (like Gmail or Yahoo) to order goods such as shoes. My friend has a POS (Point-of-Sale) machine that runs a common business-accounting package that saves sales data on the server's hard drive and also backs it up to network NAS (Network Attached Storage) drive. So this covers goods (email provider), sales and taxes (business accounting), and backup. But, a dirty bomb's EMP (electromagnetic pulse) could blow out the POS machines and the NAS backup drive.

RESOURCE CENTER