CAMBRIDGE, Mass. (AFX) - At Akamai Technologies Inc., a framed photo of a smiling young brown-haired man serves as a daily reminder of terrorism's toll, and the importance of preparing for the unexpected -- a growing need at a company responsible for shepherding as much as one-fifth of the world's Internet traffic.
Next to an American flag at the front desk of Akamai's headquarters hangs a portrait of Danny Lewin. In the late 1990s, the graduate student at nearby MIT helped develop mathematical algorithms to ease Web traffic congestion -- work that made up the core of Akamai's business when the company he co-founded began offering Web content-delivery services in 1999.
But the married father's life was cut short at age 31. Lewin was on a business trip Sept. 11, 2001, when his American Airlines jet was hijacked and crashed into one of the World Trade Center towers.
For Paul Sagan, Akamai's president and CEO, Lewin's portrait and an apple tree planted in his honor outside the headquarters inspire more than just memories of a departed friend and colleague.
Lewin's death, Sagan said in a recent interview, 'is clearly a reminder that companies have to be prepared for the unthinkable.'
The Internet is a much bigger and busier place today than it was five years ago, when Akamai and other firms that route Web traffic helped keep links running smoothly despite spiking online activity and days-long phone outages near the attack sites. Meanwhile, corporate America depends more than ever on instant data retrieval and suppression of computer viruses and worms to maintain an uninterrupted flow of goods and services.
That's made disaster planning far more expensive and complex than in the 1990s. Back then, many companies large and small did little more than stock closets with emergency supplies and draw up contingency plans with a goal of returning to normal operations within a few days of a calamity.
Now, many firms are spreading data centers to far-flung parts of the globe and beefing up back-up systems to ensure they can avoid disruptions should any single piece of their operations fail.
'We've come a long way in seven or eight years,' said Donna Scott, a disaster planning expert at the technology research firm Gartner Inc. 'Until 2000, the scenario planning was based only on fires, floods, and natural disasters.'
Today, Scott says, 'disaster recovery times are getting shorter, and businesses want their products and services to be available all the time.'
Although disaster preparations in the late 1990s for the Y2K computer bug are a distant memory, the terrorism threat looms large.
There's been no shortage of recent disasters, from Hurricane Katrina to the Northeast blackout of 2003. And some new threats have emerged -- for example, the Washington-based Disaster Recovery Institute now offers a course for businesses to prepare for a possible bird flu pandemic.
Those factors have helped fuel growth of about 10 percent a year since 2001 in the $26 billion global market for so-called business continuity and disaster recovery services, a field drawing interest from more companies than ever before.
'It used to be just the large firms that were concerned about business continuity, but it's filtering down to the smaller ones,' said John Bennett, business continuity director for Hewlett-Packard Co., which operates 70 disaster recovery centers worldwide that corporate customers can use as homes away from home in case of disaster.
Meanwhile, insurance covering property owners' terrorism losses has grown in popularity since Congress approved a temporary law in November 2002 guaranteeing government reimbursement to insurers of up to $100 billion should foreign terrorists strike again.
Some of corporate America's post-Sept. 11 steps have been small. For example, at Akamai, Lewin's death inspired a rule allowing no more than two senior executives to fly on the same plane.
But companies intent on preventing a single knockout blow from terrorism or other disasters also are spreading offices and employees to multiple geographic locations, and expanding backup systems to keep computers and phones operating and shuffle employees among work sites.
In its eight-year history, Akamai has branched out to the point that the company believes it can maintain operations without interruption from any one of four sites: an operations center at the Cambridge headquarters; two newer operations centers in San Mateo, Calif., and Bangalore, India; and an emergency backup office 5 miles away from headquarters.
In the event that all three operations centers are simultaneously knocked out, Akamai's Cambridge staff could use the emergency backup office, or manage the server network by using laptops and logging onto a secure internal computer system.
The three global operations centers and emergency office have increased Akamai's real estate and equipment costs as well as travel bills.
'There is inefficiency for us,' Akamai's Sagan said. 'But you can't look customers in the eye and say, 'We haven't done enough to make sure we can handle a disaster.''
Corporate America's recent emphasis on spreading data security resources to far-flung locations marks a shift from the 1980s era of mainframe computers and the 1990s emphasis on information technology efficiency, Gartner Inc.'s Scott said.
'In the 1990s, we saw a massive consolidation of data centers, and after 9/11, we saw a decentralization,' she said.
'Whenever you decentralize, you spread your risk, and when you centralize your information technology, you reduce costs,' Scott said. 'But if you centralize and something bad happens, it has a much bigger impact.'
A recent survey of technology managers conducted for Hewlett-Packard found 73 percent of organizations used technology to replicate data at multiple sites, and 44 percent had access to disaster recovery centers run by third parties.
Despite the additional costs, safeguarding data in case of terrorism or natural disasters also helps companies meet other objectives. Examples include protecting against data loss caused by hackers or human error, and satisfying growing legal and regulatory requirements for expanded record-keeping.
'The reality is that the majority of cases involving data loss have to do with human error, not a terrorist incident or a hacker,' said Doug Chandler, a data storage analyst with the technology research firm IDC.
Companies also increasingly are planning for the possibility that a key office or factory may be destroyed in a disaster, rather than merely disabled for a few days, Scott said. That means backup locations must be equipped to pick up the slack for longer than just a few days.
'In the past, contingency plans generally didn't account for the destruction of a site, and the loss of employees' lives,' Scott said.
Most manufacturers have plans to keep factories running in case of disaster, but remain vulnerable to parts and materials shortages from third-party suppliers that may be less prepared, said Bruce Schneier, author of a book on security technology. Manufacturers are responding by demanding contractual guarantees that suppliers prepare for disasters.
'The weak links are the areas that you can't control,' Schneier said.
Other potential weak links include outdated disaster plans and a lack of employee training. The survey of technology managers conducted for Hewlett-Packard found 90 percent of organizations had a plan to deal with disruptions including disasters. About two-thirds of those companies had tested their plans, and just one in four updated their plans every quarter.
'There still are a lot of businesses that are not as prepared as we think they should be,' HP's Bennett said.
Companies also are enrolling more employees in disaster preparedness courses offered by organizations like the nonprofit Disaster Recovery Institute, which has certified more than 5,000 disaster-response coordinators since 1988.
But few small businesses enroll employees in the courses, which can cost thousands of dollars, said John Copenhaver, the institute's CEO.
'Small companies are still struggling in this area,' Copenhaver said.
Copyright 2006 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.