Symantec (producers of Norton antivirus software) has produced compelling evidence that small and mid-sized businesses are seldom well-prepared to deal with technology disasters. Their 2009 SMB Disaster Preparedness Survey (based on interviews with more than 1650 respondents from 28 countries in North America, Europe, Middle East and Africa, Asia Pacific and Latin America) shows a large discrepancy between how SMBs perceive their disaster readiness and their actual level of preparedness.
The data also suggests SMB downtime costs their customers tens of thousands of euros each year. As a result, the findings show that SMBs can – and often do – lose business as a direct result of being unprepared for disasters.
“The startling part of this research is the fact that SMEs don’t realize the impact their outages have on customers, particularly when they have tools at their fingertips to help them be prepared to deal with disasters,” said Pat Hanavan, vice president, Backup Exec product management, Symantec. “While no one wants a disaster to occur, the reality is that they happen. Rather than continuing to be unprepared, small and mid-sized organizations can take simple steps to protect their data. And, as companies communicate their plans to their customers, they strengthen those relationships and become a trusted partner.”
Confidence High Regarding Preparedness
The findings show that SMEs are confident in their disaster preparedness plans. Eighty-two percent of respondents say they are somewhat/very satisfied with their disaster plans, and a similar number (84 percent) say they feel somewhat/very protected in case a disaster strikes.
SMEs also believe their customers will be understanding and patient if there is a disruption to their computer or technology resources. In case of such an outage, only one-third (34 percent) of SME respondents believe their customers will evaluate other options, including looking at competitors.
Reality Shows Confidence Unwarranted
However, the practices of SMEs reveal that this confidence is unwarranted. The average SME has experienced three outages within the past 12 months, with the leading causes being virus or hacker attacks, power outages or natural disasters. This is alarming as almost half report they do not yet have a plan to deal with such disruptions.
The survey found that only one in five (23 percent) SMEs back up daily and an average SME backs up only 60 percent of their company and customer data. More than half of the SMEs estimate they would lose 40 percent of their data if their computing systems were wiped out in a fire.
Customers Significantly Impacted By Downtime
SME customers surveyed estimated the cost of these outages as being 12,000 Euros per day on average. These outages were impactful as well, with 42 percent lasting eight hours or more. One in four customers (26 percent) reported losing important data.
According to the findings, two in five (42 percent) SME customers have actually switched vendors because they “felt their vendor’s computers or technology systems were unreliable.” This is a stark contrast to the two-thirds of SMBs who believe their customers would either “wait patiently until our systems were back in place” or call “to get what they could, but would wait patiently for the rest until our systems were back in place.” Another side effect of downtime is damage to the company’s reputation. Sixty-three percent of the customers reported that downtime damaged their perception of the SME vendor.
Although 47 percent of SMEs do not have a formal disaster preparedness plan, of those without plans, nearly 89 percent say they will create one within the next six months. This is crucial as most SMEs (77 percent) report they live in a region that is vulnerable to natural disasters (such as hurricanes, tornadoes, earthquakes). As these organizations create plans, Symantec has the following recommendations:
- Determine your needs: SMEs should take time to decide what critical information should be secured and protected. Customer, financial and business information, trade secrets and critical documents should be prioritized. In addition, SMEs should monitor industry reports that help to identify and prevent threats that SMEs face.
- Engage trusted advisors: With limited time, budget and employees, SMEs can look to a solution provider to help create plans, implement automated protection solutions and monitor for trends and threats that SMEs should protect against. They can also educate employees on retrieving information from backups when needed and suggest offsite storage facilities to protect critical data.
- Automate where you can: Automating the backup process ensures that it is not overlooked. SMEs can reduce the costs of downtime by implementing automated tools that minimize human involvement and address other weaknesses in disaster recovery plans.
- Test annually: Recovering data is the worst time to learn that critical files were not backed up as planned. Disaster recovery testing is invaluable and SMEs should seek to improve the success of testing by evaluating and implementing testing methods which are non-disruptive.
To discuss this and other articles please visit The Business Technology Forum group on LinkedIn.