International law firm Norton Rose has moved its disaster recovery centre from central London to Uxbridge following London's bomb attacks.
The law firm is also seeking ISO 27001 accreditation for security, which carries stringent tests for client data and employee security. Both initiatives will help Norton Rose differentiate itself among its competitors.
The business continuity plan has also been driven by the City-based law firm's experience of being a bomb victim twice over. In April 1992 it had to suspend operations when an IRA car bomb was detonated in London's financial district, and in 1993 it was hit when an IRA lorry bomb exploded in the Bishopsgate area.
Norton Rose's head of IT, Jeff Roberts, said that the business survived both IRA bombs in part because it was not as dependent on IT then as it is today.
In October 2006, Norton Rose commissioned BT to set up and run the new £5m datacentre in Uxbridge, which is accessible to approved Norton Rose IT staff.
Norton Rose tested the new centre, which houses 100 servers holding 50Tbytes of data, for two weeks. It found the centre could be fully functional within five hours.
BT is helping to develop an information lifecycle management strategy for the law firm, which categorises data into "active" data, which is stored on more expensive media, and "inactive" data, which is stored on less expensive media.
Malcolm Todd, head of systems delivery at Norton Rose, said the firm was also using a range of software products from Attachmate division NetIQ to help achieve ISO security accreditation. These include security incident and event management software to address faults, often automatically, before they impact business users.
"Lawyers today need IT systems to do their work. If our systems are not available, our lawyers cannot prepare cases or bill their time, so there is a direct correlation between billings and system availability," said Todd.
Related article: BT to open £17m datacentre to host high-end enterprise services
Stuart King’s risk management blog
Dealing with the operational challenges of information security and risk management
Comment on this article: [email protected]