New research by Databarracks has revealed that just 27 per cent of small businesses have a business continuity plan (BCP) in place, compared to 68 per cent of medium organisations and 75 per cent of large organisations. Worse still is that 73 per cent of the small businesses questioned admitted they hadn’t tested their BCP in the last 12 months, with nearly half not planning to within the next year.
The findings are part of Databarracks’ sixth annual Data Health Check report, released today. The survey questioned over 400 IT decision makers in the UK to find out how they’ve experienced the IT services they use in the last year, and what they expect to change in the next 12 months.
The results revealed that, unsurprisingly, disaster recovery (DR) testing had a huge impact on how confident organisations are in their DR solution. Of those organisations that had tested their DR plans within the last year, 58 per cent were “very confident” in them, with this figure falling to just 28 per cent for non-testers.
Other key findings from the survey regarding disaster recovery and business continuity included:
– 88 per cent of organisations with a BCP had a specific IT DR plan outlined within it, with a further 7 per cent planning to implement this within the next 12 months.
– The overall leading cause of data loss was human error (24 per cent), with hardware failure close behind (21 per cent). However, for the second year in a row, large organisations have lost more data to hardware failure than human error.
– Just 3 per cent of organisations that had tested their DR plans in the last year admitted having concerns about their solution, compared to 16 per cent of those that hadn’t tested.
Oscar Arean, technical operations manager at Databarracks, who penned the report, commented on the results:
“It’s not surprising to find that small businesses are less likely to have a BCP than larger businesses – we found the same result last year. What is worrying is the lack of improvement we’ve seen for small businesses in the last 12 months.
“Disaster recovery used to be prohibitively expensive for smaller businesses but that’s not the case anymore. Cloud computing has made the technology for IT disaster recovery available to all businesses so the only barrier is the investment in time.
“A lot of the organisations we speak to cite a lack of time as their main reason for not testing. In truth, it’s rarely the case that time is such an inflexible commodity. Using it as an excuse for not testing may represent more of a cultural aversion rather than a genuine lack of resources.
“Sometimes it takes a prolonged period of downtime or a substantial data loss for a business to realise the importance of a robust DR solution, but it shouldn’t come at that cost. We need to see a culture shift and perhaps some of that responsibility falls to the service providers as well as the customers. DR providers need to educate organisations on the importance of disaster recovery planning and testing, and demonstrate how vulnerable they are if this isn’t done. Disaster recovery isn’t a luxury insurance policy anymore, it’s absolutely essential for businesses no matter what size.”