But as the Vodafone break-in and equipment theft this week showed they are not infallible. Datacentres more often than not plan for disasters such as fire, flood and terrorist threats, but this incident shows that damage resulting from the theft on a grand scale is less often considered.
In general there is an all or nothing approach coupled with individual system solution to disaster recovery; no-one anticipates that, for example, all the comms equipment will go, or that someone will steal the disk arrays.
However this incident shows that it is now worthwhile to target datacentres for specific reasons so it is time to up the ante on physical security. And while you are at it, add a few more scenarios to the disaster recovery/business continuity plan.
On the topic of datacentre thefts, there was a case a few years ago where disk arrays were stolen in the days before data loss became the keen issue it is today. What would the impact be today if a disk array was taken and does every company encrypt such data? I doubt it, but it might be time consider doing so.
Guy Bunker, Jericho Forum board member