Okay, raise your hand.  Who wants to be first?  You, in the back.  You’ll do.  No, you can’t back out now.  I don’t care if the person beside you did say you were raising it to win a door prize.  Here’s a door prize for you.

Now, let’s say your data center gets destroyed in a natural disaster – flood, earthquake, hurricane, cup of coffee, whatever.  Quick, what’s the first thing you do?  No, you can’t call in sick.  (They won’t buy the fake cough bit anyway.) 

Good.  You have a contract with an off-site disaster recovery company.  But it’s been a couple of years since you tested recovering your critical systems?  Oh, I see.  It wasn’t actually you that performed the most recent recovery tests either.  It was that guy who left the company last year.  So you don’t exactly know the steps to restore access to your systems in the event of a disaster?  And the DR company doesn’t use the same server brand or models that you have in-house?  Hmmm, well, you seem like a smart guy.  I’m sure you’ll figure it out if you have to…

Hey, did you know there are DR companies that can geographically disperse your critical data and save secure, scheduled snapshots to disk rather than tape to make recovering your data much easier and more reliable?  And if having duplicate hardware is too expensive, you can have a virtual environment on stand-by that can be made available on short notice.  You can even test recovery remotely rather than go on-site.  And some DR companies even offer the option of a mobile personnel center so that key IT persons will have a central location to operate from; a mobile command central, so to speak.

Oh, I see.  You say you don’t have the money budgeted for that kind of DR solution?  Well, I’m sure you have nothing to worry about.  It’s not like disaster will ever strike your company…

No, don’t sit down just yet.  Let’s answer another question.  Suppose your company’s legal department requests access to the mailbox of that second-line manager who was fired a couple of years ago for sexual harassment.  And they need access to it today. 

Good.  You exported the mailbox to a Personal Folder (.pst file) a long time ago.  Wait.  What do you mean, if you can find it?  Oh, I see.  Now you found it, but can’t open it because the file is corrupt.  Well, at least you can recover the mailbox from backup, right?  Oh, you can but you’ll have to restore the entire message store.  And it may be a day or two because the tape isn’t stored at your location.  It’s too bad your mailbox retention policy was only set for 90 days.  Hmm, well, I’m sure the lawyers will understand…

Hey, did you know there are email archive solutions that can automatically off-load data from your mail servers to a SQL database or NTFS drive based on policy settings that you configure?  And that doing this can improve the performance of your mail servers while also making archived mailboxes easier to access and searchable for specific text.  I’m sure you were aware that this kind of solution also helps your company to adhere to corporate compliancy laws such as Sarbanes-Oxley and HIPAA.

Oh, I see.  You did know that kind of solution was available, but just don’t have the time or IT budget to implement it this year.  Well, maybe next year or the year after, huh?  I’m sure nothing will happen between now and then anyway.  And your CIO will understand after you explain how important it was to upgrade to Office 2007 and Windows Vista.

Okay, I’ve got one last question about how you deploy security patches to your servers and workstations.  Oh, never mind.  I’m sure you have that covered…