Data Centers for Financial Firms Still Vulnerable to Terrorism, Experts Say
Firms still working on recovery plans as attack threats loom
Computerworld - Amid recent warnings from Washington that more terrorist attacks are inevitable, some experts say the financial services industry is ill-prepared to handle a second disaster because it's still mired in disaster recovery following the Sept. 11 attacks.
Peter Vinella, CEO of Miami-based Neoris FS, an IT and management consulting firm, said many of his clients whose data centers were destroyed in the attacks on the World Trade Center are still working from their disaster recovery sites, leaving them with no operational or data backup capabilities.
But Damon Kovelsky, an analyst at Meridien Research Inc. in Newton, Mass., said he believes there are fewer data centers in Manhattan today than before Sept. 11. Most companies have since made concerted efforts to geographically disperse their facilities.
"If someone flies another 747 into downtown Manhattan, in certain aspects, there would be less of an impact," Kovelsky said.
Financial services firms are less vulnerable to an attack because many brokerages and banks have relocated their IT operations to New Jersey, Kovelsky said, adding that "no one is going to attack Jersey City."
Paul Honey, first vice president of global contingency planning at Merrill Lynch & Co., said many firms had set up their disaster recovery sites to handle no more than a few weeks of use. Merrill Lynch, whose headquarters are across the street from the World Trade Center, lost its primary site for about six weeks. It had set up secondary sites under a six-week contingency plan, he said.
Merrill Lynch moved about 90% of its IT staff, roughly 8,300 employees, to alternative sites, where some workers stayed for as long as three months. However, the bulk of its IT staff returned to headquarters within six weeks.
Cantor Fitzgerald LP, which lost 733 employees and its primary data center on Sept. 11, insisted that it was prepared for a disaster then and is even better prepared now because its data centers are more dispersed.
"The reality is that in order to have [a disaster recovery plan]\ work in a catastrophic scenario, you have to have used it before," said Matt Claus, chief technology officer at eSpeed Inc., a business-to-business online marketplace and the IT services arm of New York-based Cantor Fitzgerald.
Since Sept. 11, Merrill Lynch has performed a gap analysis of what it needs to respond to another disaster.
"We're building resiliency into our day-to-day operations, looking at our real-estate footprints, business models and technical standards. These are typically things that don't get solved overnight and take a while to implement," Honey said. "But every day we get further away from Sept. 11, we get a little more resilient."
- IT Security - Fighting the Silent Threat "IT Security - Fighting the Silent Threat" is a global report into business attitudes and opinions on IT security. Download the report now...
- Cutting Complexity - Simplifying Security This white paper looks at how the latest IT Systems Management solutions can simplify and automate a vast range of routine IT management...
- Your Data under Siege: Defeating the Enemy of Complexity Even if you have adequate antivirus protection, are there still holes in your IT security armor? Is lack of bandwidth to manage the...
- Build Your IT Security Business Case In this latest whitepaper from Kaspersky Lab, you'll find useful facts, examples and business case arguments to help you get buy-in and commitment...
- Pre-Engineered solutions from VCE Simplify Core Infrastructure Implementation In this video, the CTO of Purdue Pharma, a privately held pharmaceutical company explains how Purdue transformed their data center infrastructure with VCE.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now All Disaster Recovery White Papers | Webcasts