FORT WORTH- In 1968, a dishonest employee pulled a fast one on the J.C. Penney Co. when he stole several tapes from a data-processing library, copied and returned them, then sold the copies to a competitor. Those tapes contained a mailing list of several million customers’ names and buying patterns. Without a system to protect against computer fraud, the department store chain was more or less out of luck.
Too bad big business didn’t know about Louis Scoma Jr. yet. In 1969, Scoma, a former NASA consultant, formed Data Processing Security Inc. (DPS), a Fort Worth-based independent management consulting firm designed to analyze clients’ existing computer networks and security precautions.
The company’s purpose has changed with the times and technology. In 1973, a major computer scandal cost Equity Funding stockholders millions when bogus mutual fund transactions and insurance records were fed into the company’s computers to create false company assets.
The company went to DPS, which until then had focused on the physical security of a building, for answers. Scoma’s response led to a new method of dealing with increasingly sophisticated computer fraud. “It was at that point,” says Scoma, “that our service moved from the physical genre to the informational genre.”
After a study showed that a company would lose in excess of 90 percent of its ability to function if it lost its computer capabilities for only 10 days, contingency recovery planning became a major part of DPS’s business.
While studying contingency plans, Scoma found that most companies relied on reciprocal agreements, which guarantee that if a company loses its computer capability due to a disaster, it may borrow the other company’s computer. Scoma found several problems with these reciprocal agreements.
Although two companies may own the same type of computer, the internal workings of the computer have usually been customized to meet the special needs of the company. This can make the system incompatible with the type of work other companies will do. Also, since both companies have full data processing loads, the company that suffered the disaster will usually be relegated to using the system on weekends at best.
In 1979, DPS built its first Recovery Operation Center. ROCs were designed by Scoma to be secure, pre-engineered backup computer sites available to member firms. Rather than build their own ROCs, DPS’s clients can pay a monthly fee of $1,000 to DPS, and in the event of any type of disaster (such as fire, flood or sabotage), a member firm can immediately move its data processing operations to any one of DPS’s five existing ROCs.
The ROCs, which are always ready for a client to move in and begin operations, are secured against every conceivable problem, Scoma says. The data processing room at an ROC sits on a raised floor 18 inches above the concrete foundation. The space underneath the floor houses the masses of cable and wire that would accompany a member corporation’s computers. Water sensors on the concrete slab can detect two drops of water and will sound an alarm.
Although no company ever wants to have to use DPS’s services, the price is negligible to member companies like Texaco, Shell and IBM, which could be permanently crippled by the loss of their computer capabilities.