Study: Discrepancy Between Disaster Preparedness Perception, Reality In SMBs
Symantec Corp. recently announced the findings of its 2009 SMB Disaster Preparedness Survey, reflecting the attitudes and practices of small and mid-sized businesses and customers toward technology disaster preparedness.
The report shows a large discrepancy between how SMBs perceive their disaster readiness and their actual level of preparedness. The data also suggests SMB downtime costs their customers tens of thousands of dollars each year. As a result, the findings show that SMBs can -- and often do -- lose business as a direct result of being unprepared for disasters.
"The startling part of this research is the fact that SMBs don't realize the impact their outages have on customers, particularly when they have tools at their fingertips to help them be prepared to deal with disasters," said Pat Hanavan, vice president of Backup Exec product management with Symantec. "While no one wants a disaster to occur, the reality is that they happen. Rather than continuing to be unprepared, small and mid-sized organizations can take simple steps to protect their data. And, as companies communicate their plans to their customers, they strengthen those relationships and become a trusted partner."
The findings show that SMBs are confident in their disaster preparedness plans. Eighty-two percent of respondents say they are somewhat/very satisfied with their disaster plans, and a similar number (84 percent) say they feel somewhat/very protected in case a disaster strikes.
SMBs also believe their customers will be understanding and patient if there is a disruption to their computer or technology resources. In case of such an outage, only one-third (34 percent) of SMB respondents believe their customers will evaluate other options, including looking at competitors.
However, the practices of SMBs reveal that this confidence is unwarranted. The average SMB has experienced three outages within the past 12 months, with the leading causes being virus or hacker attacks, power outages or natural disasters. This is alarming as almost half report they do not yet have a plan to deal with such disruptions.
The survey found that only one in five (23 percent) SMBs back up daily and an average SMB backs up only 60 percent of their company and customer data. More than half of the SMBs estimate they would lose 40 percent of their data if their computing systems were wiped out in a fire.
SMB customers surveyed estimated the cost of these outages as being $15,000 per day on average. These outages were impactful as well, with 42 percent lasting eight hours or more. One in four customers (26 percent) reported losing important data.
According to the findings, two in five (42 percent) SMB customers have actually switched vendors because they "felt their vendor's computers or technology systems were unreliable." This is a stark contrast to the two-thirds of SMBs who believe their customers would either "wait patiently until our systems were back in place" or call "to get what they could, but would wait patiently for the rest until our systems were back in place." Another side effect of downtime is damage to the company's reputation. Sixty-three percent of the customers reported that downtime damaged their perception of the SMB vendor.
Although 47 percent of SMBs do not have a formal disaster preparedness plan, of those without plans, nearly 89 percent say they will create one within the next six months. This is crucial as most SMBs (77 percent) report they live in a region that is vulnerable to natural disasters (such as hurricanes, tornadoes, earthquakes). As these organizations create plans, Symantec has the following recommendations:
- Determine your needs: SMBs should take time to decide what critical information should be secured and protected. Customer, financial and business information, trade secrets and critical documents should be prioritized. In addition, SMBs should monitor industry reports that help to identify and prevent threats that SMBs face.
- Engage trusted advisors: With limited time, budget and employees, SMBs can look to a solution provider to help create plans, implement automated protection solutions and monitor for trends and threats that SMBs should protect against. They can also educate employees on retrieving information from backups when needed and suggest offsite storage facilities to protect critical data.
- Automate where you can: Automating the backup process ensures that it is not overlooked. SMBs can reduce the costs of downtime by implementing automated tools that minimize human involvement and address other weaknesses in disaster recovery plans.
- Test annually: Recovering data is the worst time to learn that critical files were not backed up as planned. Disaster recovery testing is invaluable and SMBs should seek to improve the success of testing by evaluating and implementing testing methods which are non-disruptive.