The anticipated real-world problems associated with the year 2000 are a lot more complex than a single company collapsing for lack of Y2K compliance.
Even if Bank A is fully Y2K-compliant, its operations do not exist in isolation. Bank A must interoperate with Bank B in Hong Kong, Bank C in London and so on; such is the nature of the global economy.
The real problem with Y2K is the Cascade Effect — one company’s Y2K problems flowing downstream into other companies’ networks.
I have met a couple of executives from major financial and industrial firms who have seriously considered the Cascade Effect and how to deal with it. But in general, the prevailing attitude seems to be, “We’ll do everything we can reasonably do, and hopefully, have less of a mess to clean up than if we did nothing.” This approach is litigation waiting to happen.
I suggest there is a much more sane and common-sense approach than waiting for disaster to arrive: I advocate Graceful Degradation when it comes to Y2K.
Twenty or so years ago, we probably could have given up our primitive fax machines and word processors with negligible impact on our businesses. In fact, many of us could have easily reverted to pencil-and-paper alternatives to technology. That is a Graceful Degradation from one business process to another.
Today, business is conducted on a network of networks. The Cascade Effect occurs when failure hits one network and the errors compound as they travel from network to network. The past AT&T outages are but a few examples of the Cascade Effect that have occurred over the past decade. Now with Y2K, we face the ultimate network-of-networks failure.
Graceful Degradation does not have to mean resorting to yellow pads and No. 2 pencils. Today, it could mean something as simple — and survivable — as isolating networks from one another and seeing what happens.
I suggest that we redefine network survivability in the face of Y2K to mean, “a network that can correctly operate in isolation from the networks with which it normally interacts.”
First, you have to identify the departmental networks that absolutely have to be part of your corporate network. For example, if you disconnect the human resources or finance department networks from the corporate network, how much disruption will occur to your business processes? This is Graceful Degradation; mitigating the possibility of far greater damage by disconnecting networks that could be subject to the Cascade Effect.
Politically, disconnecting your networks from one another may be unpopular, but it certainly provides a solution for surviving Y2K. To determine whether your organization is a candidate for Graceful Degradation, answer the following questions:
• Are you absolutely positive that none of your business partners or networked associates can trigger a downstream Y2K failure in your systems?
• Are your absolutely certain that your network is Y2K-compliant and cannot accidentally infect those of other organizations?
• Have you tried to disconnect your extranets in order to measure the impact on your business?
• Is the impact of disconnecting those networks in a controlled manner any worse or better than if they failed without your management?
• Have you looked into how to conduct business with your partners without being networked to them?
• Within your company, have you tried to isolate departmental networks from one another to measure the ramifications on internal business processes?
• Have you developed a business policy to deal with reduced network functionality for a prolonged period of time?
• Do you have a corporate plan that parallels your disaster recovery and operations contingency plan?
I don’t know much about Y2K coding, but I do know that if we don’t test and mitigate the ramifications of the Cascade Effect now, things will be a hell of a lot worse than if we do. Graceful Degradation is one approach.
Winn Schwartau is president of InfoWar.Com and chief operating officer of The Security Experts, an information security consulting firm in Seminole, Fla.