Disaster Recovery: Write People into the Plot

Business continuity and disaster recovery plans truly work only if they take employee needs into account

Call center operator MM Teleperformance has plenty of practice dealing with disaster and disaster recovery. In recent times the Bristol, U.K.-based company—part of a French-owned group that operates 179 call centers in 36 countries—dealt with the aftermaths of both September 11, 2001, and Hurricane Ivan, and advised U.K. citizens on travel to the Middle East in the run up to the Iraq invasion of 2003. Retained by the British government to field emergency calls in the event of a disaster, the company is required to have fully briefed agents on standby to field calls from the public within four hours of a service invocation.

But the Dec. 26, 2004, tsunami brought disaster closer to home. Although a call center that the company operates in the Gurgaon suburb of Delhi, India, was physically unaffected by the catastrophe, the sheer scale of the devastation forced management to ponder a number of unpalatable what-if scenarios. The center employs a considerable number of people from southern India, for example, and many of them

had taken advantage of the holiday to visit relatives—some residing in the affected regions. Ultimately no MM Teleperformance workers were killed, injured or delayed in their return, but center managers wouldnt know this until much later.

"We recognized that we needed to look again at our disaster recovery plans," says Chief Operating Officer Bibi Bajwa. "It was important to know that we had a workable contingency plan in the event of a full-scale disaster." Long-held nagging doubts about the nearby backup center, for example, have now crystallized—especially given the proximity of both buildings to the Delhi airport. "I dont now think it is sensible to have the two so close together," she says. "When we can, well change it." The disaster recovery plans for the companys two operations in the U.K.s Midlands region, for example, call for core operatives to be quickly bused to an unaffected site, from which a skeleton service would be operated—responding to incoming calls only, for example, rather than making outgoing calls as well.

Bajwa is not alone in contemplating the consequences of disaster with a capital D. Time and again, notes John Medaska, a vice president with IT services vendor Relational Technology Services of Tampa, Fla., supposedly workable contingency plans have foundered in the face of devastation that is widespread rather than localized. The weak spot? The human element.

"With their homes and neighborhoods in ruins or under threat, employees—as youd expect—tend to concentrate on their personal life. But because thats never been considered at the planning stage, companies are surprised when it happens," says Medaska. In the immediate aftermath of 1992s Hurricane Andrew, he adds, employers surveys apparently revealed that up to 70 percent of employees who were working on supposedly mission-critical tasks didnt show up for work. "Their planners put their hands up and said, Gee, we never imagined that people would put their wife and kids before the company," notes Medaska, wryly. And so, minutely detailed business continuity plans might contain a gaping hole, if people arent on hand to carry out those planned actions.

Read on for tips from companies with lessons to impart on ensuring employees are as well taken care of as IT systems or other business assets.

Employees and Disaster Recovery: Rising to the Occasion

First, a caveat. No two disasters are the same, and employees responses will differ. While blanket no-shows certainly happen, experience suggests that this is exceptional. "In the face of adversity, human beings will usually step up to the plate," asserts John Wisbey, head of business continuity services for Europe, Middle East and Africa at Computer Sciences Corp. And Wisbey knows of what he speaks: He was personally involved in the aftermath of two high-profile terrorist atrocities in the United Kingdom—the Manchester city center bombing of June 1996, and the bombing of Londons Moorgate in April 1993. The Moorgate bomb, which struck right at the heart of Londons financial district and caused almost $1 billion of damage, has especially colored Wisbeys views. An employee of financial institution J.P. Morgan at the time, he witnessed firsthand how people and organizations pitched in to help shattered businesses get back on their feet. Thanks to borrowed equipment and freely given help to install it, the trading floor of the Saudi International Bank, for example, was back in action just 48 hours after the bomb detonated, recalls Wisbey, noting that similar reports emerged from New York City in the aftermath of 9/11.

"People are far more resilient than is often imagined," he says. Yet while recognizing that resiliency, Computer Sciences Corp.s own business continuity plans make practical allowance for the unpredictability of disaster. Given an event that necessitates employee relocation, he explains, the company predicts that the majority of its employees would rise to the occasion, even in circumstances of widespread disruption. Despite this, there is an acceptance that some employees would have other priorities. "A certain percentage would put their families first, sure," says Wisbey, but for genuine reasons, which would be accepted as such. "It could be you next time; people recognize this," he says.

1 2 Page 1
Page 1 of 2
7 hot cybersecurity trends (and 2 going cold)