Disaster planning is critically important for individuals, families, organizations large and small, and governments.
For the individual, it can be as simple as spending a few minutes thinking about how he or she would respond to a disaster. For example, I’ve spent a lot of time thinking about what I would do if I lost the use of my computer, whether by equipment failure, theft or government seizure. As I a result, I have a pretty complex backup and encryption system, ensuring that 1) I’d still have access to my data, and 2) no one else would. On the other hand, I haven’t given any serious thought to family disaster planning, although others have.
For an organization, disaster planning can be much more complex. What would it do in the case of fire, flood, earthquake and so on? The resultant disaster plan might include backup data centers, temporary staffing contracts, planned degradation of services and a host of other products and service — and consultants to tell you how to use it all.
And anyone who does this kind of thing knows that planning isn’t enough: Testing your disaster plan is critical. Far too often the backup software fails when it has to do an actual restore, or the diesel-powered emergency generator fails to kick in. That’s also the flaw with the emergency kit suggestions I linked to above; if you don’t know how to use a compass or first-aid kit, having one in your car won’t do you much good.
But testing isn’t just valuable because it reveals practical problems with a plan. It also has enormous ancillary benefits for your organization in terms of communication and team building. There’s nothing like a good crisis to get people to rely on each other. Sometimes I think companies should forget about those team building exercises that involve climbing trees and building fires, and instead pretend that a flood has taken out the primary data center. It really doesn’t matter what disaster scenario you’re testing.
The real disaster won’t be like the test, regardless of what you do, so just pick one and go. Whether you’re an individual trying to recover from a simulated virus attack, or an organization testing its response to a hypothetical shooter in the building, you’ll learn a lot about yourselves and your organization, as well as your plan. There is a sweet spot, though, in disaster preparedness. Some disasters are too small or too common to worry about. It makes no sense to plan for total annihilation of the continent, whether by nuclear or meteor strike: That’s obvious.
But depending on the size of the planner, many other disasters are also too large to plan for. People can stockpile food and water to prepare for a hurricane that knocks out services for a few days, but not for a Katrina-like flood that knocks out services for months. Organizations can prepare for losing a data center due to a flood, fire or hurricane, but not for a Black-Death-scale epidemic that would wipe out a third of the population. No one can fault bond trading firm Cantor Fitzgerald, which lost two thirds of its employees in the 9/11 attack on the World Trade Center, for not having a plan in place to deal with that possibility.
If your corporate headquarters burns down, it’s actually a bigger problem for you than a citywide disaster that does much more damage. If the whole San Francisco Bay Area were taken out by an earthquake, customers of affected companies would be far more likely to forgive lapses in service, or would go the extra mile to help out. Think of the nationwide response to 9/11; the human “just deal with it” social structures kicked in, and we all muddled through.
A blogger commented on what I said in one article: Schneier is using what I would call the nuclear war argument for doing nothing.
Bird flu, pandemics and disasters in general — whether man-made like 9/11, natural like bird flu or a combination like Katrina — are definitely things we should worry about.
http://www.wired.com/politics/security/commentary/securitymatters/2007/07/securitymatters_0726