2e2 - Old Lessons, Relearned
- Category: Tim's Blog
- Published: Friday, 12 April 2013 14:26
- Written by Tim Walls
- Hits: 15234
For those of us who survived the dot-com boom and then bust, coping with the failure of a major supplier was not just a remote risk. Personally, I learned the lesson that supplier diversity is key when a hosting provider based in London's Docklands failed, but the failure of 2e2 earlier this year suggests that not everybody did.
Customers of 2e2 were met with demands that they pay cash up front to the company's administrators just to get access to their own data. Many business large enough to know better were caught up - and naturally, most ended up paying. After all, they were over a barrel, as this quote from the administrator's letter makes clear:
"We have received a number of requests from customers seeking to gain access to their data immediately. Unfortunately, the levels of data held in the companies' datacentres are such that this process could take up to 16 weeks and we will need to ensure that the integrity of third-party data and security is maintained."
The failure of 2e2 is not a lesson in why outsourcing or cloud computing are a bad idea, despite some commentators hopes. It is a lesson that contemplating supplier failure is a critical part of your disaster recovery planning, and supplier diversity a key tool to combatting it.
Too many business don't consider Disaster Recovery and Business Continuity Planning at all of course, big and small. But even when DR is on the agenda, frequently the plan considers extraordinarily unlikely events at length - earthquakes, floods, biblical flooding and, on the other side of the pond, the coming of The Rapture. But the far more likely eventuality that suppliers will go out of business, with no notice, taking your services and data with them, is overlooked.
Consider this; around five thousand UK businesses fail every quarter (based on recent data,) and of those around 20% are in the Business Services sector.
Is an earthquake really the biggest threat to your business, or do you have rather too many eggs in a single supplier basket?
Of course, the risk can partly be mitigated by doing your due diligence when you select your suppliers. But it's not enough on its own; any supplier can fail, however big or invulnerable they seem (remember Enron?,) and when they do you can't fall back on the SLA or your contract to protect you, however ironclad it seemed.
When you get the phonecall to tell you the lights are being turned out on your datacentre and you have less than 24 hours to do something about it, it's a lesson you won't want to learn more than once. Supplier diversity is the only real way to mitigate the risk.