The findings are part of Databarracks’ fifth annual Data Health Check report, which surveys over 400 IT professionals in the UK on the changing ways in which technology is used by businesses today.
The results revealed that only 30 per cent of small organisations had a BCP in place, compared with 54 per cent of medium and 73 per cent of large businesses. Perhaps even more concerning is that when asked if the organisation intended to implement a BCP in the next 12 months, over 40 per cent of small organisations had no intention to do so.
Other key findings from the survey regarding disaster recovery and business continuity included:
• - Hardware failure (21 per cent), software failure (19 per cent) and human error (18 per cent) were reported as the top causes of data loss
• - Large organisations are more than twice as likely to have tested their disaster recovery plans in the last year compared to small organisations
• - ‘Lack of time’ was deemed to be the biggest factor for all organisations not testing their disaster recovery plans (35 per cent), this was closely followed by ‘cost’ (18 per cent) and ‘lack of skilled staff to carry out testing’ (18 per cent)
• - This figure, however, is expected to change over the next 12 months as Disaster Recovery as a Service (DRaaS) is expected to have one of the highest up takes of cloud services across all organisations
In light of these findings Peter Groucutt, managing director of Databarracks, states that disaster recovery services are no longer a luxury but a necessity for all organisations, regardless of size: “It isn’t a surprising trend for larger organisations to be more likely to have a business continuity plan than smaller organisations. What we do find surprising is that it is only 30 per cent of respondents from small organisations, and around half of medium sized, even have a BCP at all. Two of the main reasons for the disparity are cost and time. Larger organisations have dedicated Business Continuity Managers but in the smaller organisations the responsibility falls to the Managing Director or CEO and the IT Manager to own the plan and handle disaster recovery.
“Real IT disaster recovery has, until now, been a prohibitively expensive service and could only be afforded by the largest organisations. The reductions in cost that cloud computing has brought about mean that’s no longer the case - it should be a top priority for any organisation. Of the organisations that do have IT disaster recovery practices in place, over half haven’t tested in the last year and the top reason is that organisations don’t have the time to do so.
“Disasters don’t discriminate when it comes to the size of your organisation. We just need to look at the likes of the CryptoLocker virus or the UK floods earlier in the year to see that - the floods alone caused over £830m worth of damage to small businesses. And it’s not just the media-worthy incidents such as cyber-attacks or natural disasters that are a risk. The largest causes of data loss last year were actually down to some of the more mundane issues such as hardware failure or human error. It’s these that are often overlooked, but that can have the biggest impact on the business if things go wrong.”
Groucutt concluded: “There needs to be an attitude change. Disaster recovery is not only available and affordable to organisations of all sizes, it’s absolutely essential.”