Sep 25, 2014
Smaller businesses in the U.K. are at risk of significant downtime and revenue losses due to inadequate business continuity plans (BCPs), according to new research.
A Databarracks study revealed that while larger organizations tend to have sophisticated disaster recovery procedures in place, many small and medium-sized enterprises (SMEs) are not as well prepared.
The Data Health Check 2014 report found that less than one-third of small firms and 54 percent of medium-sized companies had BCPs. This compared with nearly three-quarters of larger organizations.
Databarracks indicated one of the most worrying statistics is that 40 percent of businesses without disaster recovery protocols had no intention of implementing continuity measures within the next year.
Typically, SMEs are the hardest hit when disasters halt operations, and some never reopen after incidents that cause major disruptions to business processes and IT infrastructure. This is why many organizations invest in disaster recovery solutions such as sophisticated standby databases, as they enable companies to bring operations back online as quickly as possible.
Statistics from Databarracks show hardware and software failures remain the biggest threat to company information, causing 21 and 19 percent of data loss incidents respectively. Human error is also a common complaint, being responsible 18 percent of the time.
Peter Groucutt, managing director of Databarracks, said this is just the tip of the iceberg, as there are many more well-publicized risks to business operations.
"Disasters don't discriminate when it comes to the size of your organization," he stated.
"We just need to look at the likes of the CryptoLocker virus or the U.K. floods earlier in the year to see that - the floods alone caused over £830 million worth of damage to small businesses."
Testing disaster recovery
Even among organizations that have BCPs, there is a notable lack in adequate system testing in place, Databarracks explained.
Large businesses were again more reliable in this area - they were twice as likely to have completed practice runs of their DR functions over the last year than smaller companies.
In early 2013, a study by FalconStor and IDG Research suggested poor disaster recovery testing is not just a U.K. problem. The companies claimed testing was still not a priority for US firms, despite an average of 34 instances of data loss or IT outages among enterprises they surveyed.
Many organizations were still reliant on tape backups, the study found, with nearly half of medium-sized businesses and 27 percent of small firms using this method of recovery.
The reasons given for insufficient testing were varied in the Databarracks research, although 'lack of time' was the most commonly cited, with 35 percent reporting this as a primary obstacle. Other issues included not having the right staff to perform such tasks (18 percent) and high costs (18 percent).
However, disaster recovery-as-a-service could be set to change these trends in the near future. Databarracks found an increasing number of companies are looking to adopt cloud-based business continuity systems in an effort to optimize their existing BCPs.
"Real IT disaster recovery has, until now, been a prohibitively expensive service and could only be afforded by the largest organizations," Mr. Groucutt said.
"The reductions in cost that cloud computing has brought about mean that's no longer the case - it should be a top priority for any organization."
He argued that a significant change in attitude was required across U.K. businesses, particularly now that disaster recovery is both affordable and readily available. Enterprises need to understand that business continuity measures are "absolutely essential", Mr. Groucutt concluded.
For further information around important points to consider when creating a Disaster Recovery plan, and to download a helpful checklist, see our recent article "why you should be thinking about DR right now".