By Doug Stein

Any organization today will state unequivocally how crucial their company data is. Let's face it; most of you are in the Novell space for that very reason. Whether it is because of age old trade secrets or compliance purposes, data is considered to be among the most important facet of any business today. Would that be a fair statement to make? Well, one would think so, but upon further investigation it appears not everyone behaves that way.

Many of the interactions I have with companies today are centered on pain. The pain is usually related to problems they are having at that moment or have recently experienced. Very few organizations are focused on proactive initiatives, which I find surprising to say the least. I can understand that dollars and cents (not sense) play a large determining role in these conversations, but does that make sense (and/or dollars and cents)? Without any hard quantitative data, it is hard to say for sure. However, at the very least my experience has taught me otherwise.

Consider your personal life for a moment. We all employ more than a few ways of protecting our own interests. We have personal insurance, home insurance, liability insurance, life insurance etc. We also have locks, alarm systems, safes, safety deposit boxes and the list goes on. Why? Is it because our car is worth more than our job? Is it because your sports card collection is worth more than your company's email? Do we buy insurance after a theft, car accident, personal injury, natural disaster? Sure we all hate making insurance claims (another topic altogether), but would we rather be caught off guard? No, because proactive measures can be used to hedge against the risk of potential financial loss. Although organizations all have basic insurance, why generally speaking, do they not implement the same degree of proactive measures to protect their data?

Here is a tip from someone with a sales background. When a company calls in with a very urgent problem, they will pay a premium to solve it. They would not pay more than standard pricing. However, they certainly would not, nor would they have time to obtain or negotiate a better price. Therefore, any organization that has had a disaster will pay in productivity loss, overtime, loss of data, equipment and on top of that, they end up paying top dollar for the solution that will allow them to avoid any future disasters. Does that make sense/cents?

Does it make sense to address problems only once they have occurred? Conventional wisdom would have to say no, yet experience seems to show otherwise. There is a growing minority that seems to be adopting a proactive approach, but then again, most of them have had issues in the past. Believe it or not I have spoken to companies who had experienced major problems that we could have helped them avoid, and still they ask for our help in justifying the cost to upper management. When it comes to disaster recovery, security audits and/or system monitoring, we are still in a period of "that won't happen to us" denial. This reminds me of how companies approached anti-virus software before all the big viruses hit.