http://www.eweek.com/article2/0,1895,1957612,00.asp By Larry Dignan May 4, 2006 VeriCenter Chief Technology Officer Dave Colesante is a rare bird. Unlike many IT executives, Colesante has actually thought about a potential avian influenza virus, or bird flu, pandemic and reckons his company, which provides technology services, is relatively prepared if the virus becomes transmitted through human contact. After all, Colensante's 225-person support staff is used to managing VeriCenter's seven data centers from home. And that's a good thing if a bird flu pandemic hits, because the federal government would encourage "social distancing" to prevent further illness. According to the Department of Health and Human Services, a severe bird flu pandemic would make 30 percent of the population, or 90 million people, ill and result in 2 million deaths. Companies would have absentee rates of about 40 percent. "You would have to set up to remotely manage IT," said Colesante in Houston. "You'd have to leverage connectivity." The big question: How many companies are prepared for a bird flu pandemic? An AMR Research study released May 2 found that 68 percent of companies with more than $1 billion in revenue aren't ready for a pandemic. An earlier study by Deloitte & Touche concluded that two-thirds of companies aren't prepared for a pandemic. Among the issues: How do you manage a work force at home? What workers would be on site in data centers to swap servers and manage power? Can companies rely on Internet access in employees' homes? Those questions are likely to pick up for technology workers and others involved with business continuity. Through April 27, the World Health Organization tracked 205 cases of bird flu that led to 113 deaths. On April 28, a mild form of bird flu was found at a live-bird market in New Jersey. Meanwhile, public awareness—not to mention your boss' - could be stoked by "Fatal Contact: Bird Flu in America," an ABC movie airing May 9. "This is just now becoming a hot button issue," said Henry Fieglein, chief innovation officer of thin-client company Wyse Technology, in Austin, Texas. Fieglein, who was the global director of infrastructure and security architecture at Deutsche Bank, led a task force to prepare the bank for a pandemic. According to Fieglein, the bank is exploring thin-client technology that would extend into workers' homes to securely re-create on-site technology such as telephony and trading applications. Deutsche Bank said in a statement that its business continuity plan can "cover a wide range of contingencies, including pandemics," but officials declined further comment. While preparations are fluid, there is one bright side: We have time. "An avian flu pandemic is not coming tomorrow, and the disease is probably a ways off," said Alex Tabb, principal at The Tabb Group, a New York-based consultancy to financial services firms. "But that doesn't mean you don't plan now." M. Lewis Temares, CIO and dean of the engineering school at the University of Miami, said it can't hurt to bring bird flu preparations to the forefront. "Companies aren't paying attention to this at all," said Temares. "It's like Y2K - no one worried about it until right before Y2K. Most don't have a plan." Companies remain mum about bird flu preparations, but they note the risks. For the fiscal year ended April 24, bird flu was mentioned in annual and quarterly reports 388 times, according to regulatory filings with the Securities and Exchange Commission. Where's the Return? Tabb said the biggest reason companies are quiet about their planning is that they are just getting started. In addition, it's hard to generate a return for something that may never happen. Given the uncertainty, Tabb said executives need technologies that will deliver a return even if a pandemic doesn't occur. "The main thing to determine is what you have lying around today that can be reused in the case of a pandemic," said Tabb. "Being pragmatic is important if you are going to have your staff working from home." The lack of a short-term return on bird flu planning means many companies are viewing a pandemic scenario as an extension to current business continuity plans. "We have our hurricane playbook as far as contingency planning goes, and we'd probably amend that for bird flu," said George Chizmar, vice president of IT at Apple Vacations. Colesante said VeriCenter's plan is to make sure its most valuable technology tools are ready in case bird flu breaks out. Fieglein advised that companies schedule work-at-home days to test infrastructure. Among the technology tools that will be necessary in a pandemic: * VPN: "The VPN is the most important technology to create a redundant tunnel so workers can tunnel from various locations securely," said Colesante. The challenge: It has to be tested so it can handle a crush of at-home workers, he said. * Desktop support: Some workers will use their home PCs. Companies will need to keep desktop applications standardized and maintain security. The challenge: Security could be an issue. "It's easy to say employees will work from their house, but less secure if they don't have the same level of software protection they have at work," Colesante said. * Identity management: Steve Ross, global leader of Deloitte's business continuity management practice, said a pandemic would force companies to cross-train workers on technologies. Perhaps an auditor has to fill in to manage a database. The challenge: A company will need technologies to track and provision worker roles and access permissions quickly, most likely from afar. * Citrix MetaFrame: One way around standardizing applications would be to allow workers to tunnel into applications through software from Citrix, Tabb said. The challenge: Bandwidth constraints could hamper performance. * Thin clients: Fieglein said Wyse has discussed streaming software that would deliver applications remotely to PCs. Deutsche Bank is already a Wyse hardware customer. The challenge: Companies would need to build the centralized architecture to support thin-client use in the home. Ross said those technologies only go so far because some productivity will be lost. "People are used to working together, and if you separate them, it may not go as well," he said. "Teleworking is a major issue, and there are problems with social distance." Wild Card: Cable and DSL Access Of course, all this planning isn't going to help companies if so-called last mile access to workers' homes falters. Tabb said companies with workers at home will rely on cable and DSL providers for connectivity. "If a massive number of people have to work from home, that last mile is going to get clogged quickly," Tabb said. "There will be congestion if industry has to move significant data back and forth." VeriCenter's Colesante said his workers also have wireless cards that connect to cellular networks to use in case of DSL or cable outages. The rub with all that telecommuting: Someone has to pick up the tab. "You need a continuity policy that dictates how a company approaches broadband," Tabb said. "Should the company reimburse broadband for those that aren't connected?" Add that to the long list of bird flu planning yet to be done. "No one wants to tempt fate and say we have all of this covered," said Ross, in New York. "Especially when they haven't really started to consider the implications." _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu May 04 2006 - 23:00:40 PDT