Report from Israel: A Developer's Perspective of the September 11 Fallout Danny Kalev offers his perspective on how the threat of terrorism has impacted the IT industry's disaster preparedness in an already unstable region. by Danny Kalev

shdod, Israel — Unlike in Western countries, the threat of terrorism is hardly new in Israel—nor in the many other countries in this region, for that matter. The IT industry here has long been aware of the business risks of terrorism and war and the corresponding responsibility to provide a plan for business continuity.

The prevailing reaction among Israelis to the terrorist attacks on the U.S.—other than shock and dismay—was the feeling of having been there and of possessing expertise in something that has suddenly become a major global concern. While there are, in fact, many things Western governments and citizens can learn from Israel in terms of personal security and protection of human life, the West would do well to also gain an understanding of the state of business-continuity planning here.

Disaster Preparedness of Israeli Companies
The preparedness of any Israeli company depends very much on its size, the number of customers it has, and the criticality of its services. Banks, of course, have a very sophisticated redundancy plan. They maintain alternate IT sites with duplicate hardware and software in secret locations so in the event of an outage at the primary site they can switch immediately to the alternate location. Some financial institutions, such as brokerage houses and insurance companies, have several alternate locations; typically, one of them is located abroad. The same is true for all security services (e.g., the police, army, and blood bank).

Sadly, but perhaps not surprisingly, most technology start-ups are too busy improvising to meet impossible deadlines and raise venture funds that even periodic backups are unusual. However, most of them have branches overseas. Usually, the sales and marketing departments are located in the U.S. or Europe. Often they have an office in Japan serving Asian customers. Although this distribution model is primarily meant to improve responsiveness and customer care (i.e., mitigating language and time zone differences), it also enables a company to relocate from one location to another very rapidly.

Government Assistance
That said, it's probably impossible to expect individuals and private entrepreneurs to deal with incessant, ubiquitous terror threats all by themselves. That is why a significant component of the overall preparedness strategy relies on active government support and involvement. For example, the Israeli National Insurance Institute (the equivalent of Social Security in the U.S.) insures every Israeli citizen and permanent resident (diplomats, foreign workers, etc.) against injuries from hostile acts by a country or terrorist group. The coverage includes full medical treatment, rehabilitation, compensation for partial or complete employment disability, and financial support for the injured person's family. Although this insurance doesn't alleviate the fear or pain inflicted by terror activities, it's an important part of employers and employees' ability to recover fast from terror attacks and get back to business as usual.

It's probably impossible to expect individuals and private entrepreneurs to deal with incessant, ubiquitous terror threats all by themselves.

In addition to the National Insurance Institute's personal insurance, Property Tax, a section of the Israeli Income Tax (the equivalent of the U.S. Internal Revenue Service), automatically insures civil property such as real estate, vehicles, etc., against any damage caused by hostile actions. The National Insurance Institute and Property Tax have been put to this test numerous times in past decades. For example, the Iraqi scud attacks against Israel during the Gulf War caused substantial damage to buildings, cars, and private businesses. The Property Tax responded quickly to hundreds of lawsuits and reimbursed the claimants, thus enabling them to recover and get back to business quickly.

My Disaster Recovery Plan
Though I am currently self-employed and work from my home without an elaborate network set up, even I have an informal disaster recovery plan. I regularly back up critical documents and data and store them in a compressed archive file. I then attach the file to a self-addressed email that I send to my private accounts in various free Web-based email services such as www.excite.com.

I originally used this email backup technique to work from abroad during vacations or business travels, but I soon realized that it could serve as a crude method of data redundancy. While I do hope to add hardware to my home network for data backups, storing critical data in Web accounts has the added benefit of being located in a place other than my home, which could be considered a single point of failure, even with mirrored CPUs.

Backup Is a Must
Of course the most common means for ensuring business continuity regardless of where you're located is periodical backups of critical data, and critical data needn't be only computer files. Calendars, passwords, drafts, and even a contact list stored in your cell phone are additional forms of critical data that you should backup periodically (even if it's creating photocopies of your paper data). The backup policy depends on the volume of changes to your data as well as your budget. For most medium-sized companies, an alternate site is a luxury they can't afford because of the rental and maintenance costs, as well as additional hardware and software expenses. Still, at least one generation of a full backup should be stored outside the company's primary site. Depositing it in a bank's safe, for example, would enable recovery from catastrophes such as fire, earthquakes, or terror attacks.

The most common means for ensuring business continuity is periodical backups of critical data.

That said, don't neglect data security practices either. Strong encryption, firewalls, intrusion-detection tools, and reliable biometric identification are nonetheless important. Remember, the chances of being hit by an e-mail virus are enormously higher than those of being hit by a terrorist act.

Danny Kalev is a system analyst and software engineer working in Ashdod, Israel. He has 13 years of experience, specializing in C++ and object-oriented analysis and design. He is a member of the ANSI C++ standardization committee and the author of ANSI/ISO C++ Professional Programmer's Handbook (Que, 1999). He is a frequent contributor to DevX and serves as the C++ Pro. He can be reached at dannykk@inter.net.il.

Back to the Series...