Riverbed White Paper Sample

Compliance and regulatory issues are also playing a bigger role in disaster recovery plans. While not all regulations mandate a formal disaster recovery plan, many—like HIPAA in the healthcare industry—specify that data must be kept available. The best way to ensure availability is to keep data protected and recoverable. As most of the health care industry becomes digitized, there is no excuse for missing data. This is also true in the financial services industry governed by the Gramm-Leach Bliley Act (GLBA), BASIL II, and SEC rules that specify business continuity in the event of a man-made or natural disaster. State disclosure laws for data breaches and the EU data directive are playing more prominent roles as well.

In these cases, it is not the fines and penalties that are motivating organizations to protect data better, but the costs of notification, loss of customer confidence, and the resulting impact to shareholder value that compels companies to act. In fact, with an average notification cost of $90 per customer and the average number of users impacted by a lost tape averaging over 900,000 (as reported from Oct 07 - Oct 08), a single lost tape incident can cost a company in excess of $80 million—without factoring in any impact to stock price.