I like it, this guy is elevating the conversation.  He is making the excelent suggesttion that people should be thinking about more than just backing up.  People (and companies) should have an actual disaster recovery plan.

What’s in your disaster recovery plan? by Dan Blacharski

Last week, I wrote about disaster recovery, and what to do when disaster strikes and your company’s main facility is inaccessible. An old-fashioned phone tree and an alternate physical location, perhaps in a neighboring town, is just the beginning, though.

Some companies, especially with sensitive operations, do contract with an office/facilities management company for emergency back-up physical office space, but there is another alternative, and that’s to “go virtual.” In fact, even during ordinary times, there are presently many smaller companies that operate purely on a virtual basis with no physical headquarters. Doing so would be a little trickier for a larger organization, but it’s very possible in an emergency. Having a back-up plan to “go virtual” during a disaster may just be the best way to go. For one thing, if there’s a city-wide disaster, it’s very possible that even your back-up physical office could be inaccessible. Roads might be impassable, and it may be difficult for employees to gather anywhere. Employees may be stuck at home. But there’s one thing that almost all of your employees will have in common, and that’s that they have Internet access at home. Assuming that Internet service is still available, operating remotely could solve the business continuity problem in a disaster situation.

This does require some advance planning, however, and just advising your staff to “log in from home” is inadequate. You’ll need to ensure that everyone has remote software, or immediate access to it. It may not be necessary to provision remote access software ahead of time to everybody of course, just make sure everyone understands where to find the download or how to access the VPN securely from home.

And the biggest challenge is the same challenge faced by companies implementing remote teleworking in general, and that’s to ensure that the computers being used are compliant with internal policies (e.g., up to date antivirus software, etc.). And of course, remote authentication and authorization needs to be stringently applied, preferably with a two-factor authentication system with a granular system of authorization, so that each employee gains access to what they need, but not what they don’t need. And besides being compliant with your own internal policies, you’ll still be liable to comply with any legislative compliance mandates as well, so the same precautions and procedures will still apply.
Read the original and take a poll.

FROM PCWORLD:

It can be a storage nightmare: Given expanding regulatory requirements and the key role that electronic records now play in lawsuits, some enterprises are saving every bit of data they have, just to be safe. As a gauge of storage demand, IDC says the total amount of disk storage shipped last year grew 40.5 percent from 2007.

Sure, storage media are getting less expensive. The cost of a gigabyte of disk storage fell more than 27 percent from 2007 to 2008, according to IDC. But with the storage requirements of average enterprises rapidly growing, keeping it all forever can create long-term management challenges and lead to headaches when something needs to be found. Analysts, attorneys, and vendors say enterprises are better off getting rid of some data — but doing it judiciously. For IT departments, that means planning, carefully executing, and not going it alone.

—Read the rest of the article