New research from the Cloud Industry Forum (CIF) has revealed a distinct lack of confidence in disaster recovery (DR) and backup capabilities. The survey asked participants to identify which applications represented the biggest risk to their business in the event of failure. DR and data backup services were ranked the highest priority amongst those surveyed.
But according to Peter Groucutt, managing director of disaster recovery service provider Databarracks, this concern is caused by a lack of rigorous DR testing in the UK, which is leaving a significant proportion of plans unfit for purpose.
“The CIF research gives an interesting insight into attitudes towards disaster recovery. While it is encouraging to see organisations embracing the business value that DR brings, it does also suggest that concerns over the risk and vulnerability of a plan could be fuelled by a simple lack of confidence in their ability to execute it.
“The findings from our most recent Data Health Check revealed that from over 400 IT professionals in UK organisations, 88 per cent of respondents with a formalised business continuity plan (BCP) in place had a specific IT DR plan outlined within it, with a further 7 per cent planning to implement this within the next 12 months. It’s encouraging to see organisations factoring disaster recovery into their continuity plans, but simply having a plan in place is not enough.
“Unfortunately, when it comes to disaster recovery too many organisations end up treating it as a documentation exercise. From our own research, it was revealed that a significant proportion of organisations, notably SMEs, were not carrying out regular testing on their DR plans. Unsurprisingly, the impact of not testing had a huge knock-on effect, whereby only 28 per cent of non-testers were “very confident” in their plans compared to almost 60 per cent of those which regularly test.”
Groucutt continued: “Without testing your DR plan, you have no idea if it’s actually going to be fit-for-purpose in a disaster, no matter how impressive the technology is. Testing highlights weaknesses, enabling businesses to address them before they have the chance to do any damage. We recommend testing your DR plan at least annually, but regularly updating critical information like roles, responsibilities and contact details, so that anyone who happened to pick up your plan in the disaster would know exactly what the call to action is.”
Alex Hilton, CEO of CIF commented: “Cloud has moved from the edge of the IT estate to its centre, and it is now largely regarded as just another way that we do IT. The latest CIF research shows that 51 per cent of organisations are using Cloud based backup or DR, this is often viewed as a logical first step in to Cloud services. Central to the success of Cloud lies in the ability to keep the data stored in it safe and secure. A data backup and DR plan is critical but confidence is key in order for it to be effective and this can only be achieved through regular testing.”
Groucutt concludes: “We’ve just launched a tabletop testing simulator tool to address exactly this issue. We often hear that SMEs don’t have the same budgetary or time resources for DR planning and testing that large enterprises do. We believe that SMEs should have the same access to the planning tools needed to build a robust BC/DR plan regardless of budget. In light of this we created a simulator that allows IT teams to test DR plans against a number of different disaster scenarios to see how it would cope as well as identifying areas where improvements could be made. It’s not exhaustive, but it provides a great foundation for further testing, and will ultimately serve to improve confidence in DR capabilities.”