The Public Eye with Eric Chabrow

BlackBerry Slowdown: Heads Should Roll

Not Necessarily at RIM, but at User Organizations
BlackBerry Slowdown: Heads Should Roll

In the end, organizations that rely on technology must be prepared for its breakdown, and the disruption in BlackBerry service is a clear reminder of the danger of relying on just one tool to get work accomplished.

The network that carries the messages to and from BlackBerries, run by the device maker RIM, failed in Europe earlier this week, and a backlog in messages caused a slowdown of service in North America on Wednesday.

Companies ... where the disaster recovery plan does not address the loss of communications should fire whoever is in charge of information systems. 

Simply, organizations - and individuals, for that matter - must have a business continuity or disaster recovery plan ready for such incidents. If they don't, heads should roll. That point was made in an e-mail exchange - neither of us used BlackBerries - I had with Francoise Gilbert of the IT Law Group, whose specialty is IT security and risk management.

"This should be a reminder to everyone that nothing is infallible, and that they should think of the other technologies or other communications means that they could lose and with respect to which there will be much more serious problems if they cannot access their data," Gilbert says.

Not being prepared is inexcusable. "That is basic Disaster Recovery 101," she says. "Companies that have a realistic, detailed, up-to-date disaster recovery plan should not be affected because they should have thought about the issue ahead of time."

Executives and managers at user organizations responsible for assuring the uninterrupted flow of communications should be accountable if their employees can't use the tools they're given.

"Companies that do not have a disaster recovery plan in place, or where the disaster recovery plan that does not address the loss of communications, should fire whoever is in charge of information systems," she says. "If none exists, then the CFO and the CEO should be fired for not having allocated money and thoughts for a disaster recovery plan. Not having a disaster recovery plan is irresponsible. It is like being on a ship that does not have lifeboats and lifejackets."

Many may find Gilbert's solution as being too extreme. But a constant complaint I've heard repeatedly over the past few years is that when something goes wrong, say a breach, no one seems to take responsibility and no one seems to be punished. Heads may or may not roll when a tool that an organization relies on fails, but those responsible for business continuity must not go Scot free.



About the Author

Eric Chabrow

Eric Chabrow

Host & Producer, ISMG Security Report; Executive Editor, GovInfoSecurity & InfoRiskToday

Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.