This is astute advice for disaster recovery planning folks. When it comes to determining what events could lead to the loss of data or critical applications and services, the reality of life dictates that there are infinite possibilities. It's therefore impossible to cover all your bases if that's your approach. When counseling clients evaluating disaster recovery options, I usually proclaim the first step is to get the data out of the building. Whether it's a site-specific outage or a more widespread event which simply prevents normal access to corporate systems, this approach ensures you have the flexibility to adjust as necessary. Cloud Computing, whether it's wholesle outsourcing of IT systems using Infrastructure as a Service or application-specific outsourcing using Sofware as a Service solutions, provides a way to "get the data out of the building" without the huge capital expenditures associated with traditional disaster recovery scenarios.
Too much corporate disaster planning focuses on the scenario that triggers a disaster. What if there’s an earthquake? What if two terrorists attack an airplane? Three? What if… It’s obviously a time-consuming exercise to contemplate every single disaster scenario, and even the most imaginative group would likely miss some (a volcanic ash cloud from Iceland for instance). Rather than considering all the possible incidents, consider potential outcomes.
