The east coast of the US is biting its nails with the news that Hurricane Earl is heading its way. The tropical storm, which began the week as a category four storm with winds of 215 kilometres per hour, has already caused power cuts and heavy rain across the eastern Caribbean and more than 30,000 people on Hatteras Island, North Carolina, have now been ordered to evacuate.

Earl, which has since dropped to a category three storm, is due to reach Eastern US tonight, and the governors of North Carolina, Virginia and Maryland have now declared states of emergency after forecasters said the storm could move inland. In fact, according to the National Oceanic and Atmospheric Administration (NOAA), this could be with most active hurricane season ever and, with tropical storms Fiona and Gaston close behind Earl, the NOAA is warning that IT managers should now be in the midst of crossing off check lists to ensure that their company’s business continuity and disaster recovery plans are in place.

Disaster Recovery

It’s hardly AC/DC (I’m on a hiiiighway to Hell), but disaster recovery is a critical issue for businesses. And while there is a lot of talk about disaster recovery being important against natural disasters, there is often little talk about disaster recovery pertaining to, say, security risks.

In the simplest of incidences it can result in downtime or data loss, but often, when disaster plans are discussed, they neglect to take into account what happens if a server is compromised or breached. Perhaps most worryingly, however, is the news that the recent economic downturn has caused many businesses to cut back on disaster recovery and business continuity support, putting IT systems at even more risk when a major storm (either meteorological or financial) hits.

The worry is that, as budgets are cut, companies are decreasing investments in alternate data recovery sites, cutting back staff responsible for disaster recovery and business continuity, maintaining insufficient capacity on servers and storage and neglecting to update plans and procedures.

The answer? Don’t. Look back at the 2004 Indian Ocean tsunami disaster, for instance, and the need for post-disaster recovery planning becomes glaringly obvious. Put quite simply, don’t let your disaster recovery plan look like this and get plans in place.