As Hurricane Sandy bears down on the entire eastern seaboard this week, threatening massive power outages, flooding and property damage from Boca Raton to Bangor, it is an opportune time for CIOs in all parts of the nation to review their disaster recovery plans. Protecting your data and IT systems from possible disaster is not cheap, but being unprepared when disaster strikes is far more costly.
Disaster Recovery Awareness Grows, Preparation Lags
The 2012 Global Disaster Recovery Index from Acronis indicates businesses around the world are starting to take disaster recovery preparation more seriously. Two-thirds of businesses are checking their backup/disaster recovery plans more frequently. However, while fairly routine tasks like backup/disaster recovery plan testing are popular (65% of respondents have performed), more complex disaster recovery steps such as implementing a full-scale business continuity plan (46%) are less popular.
And less than one in three respondents (28%) have accelerated virtualization adoption even though moving data and software onto virtual servers is one of the best ways to mitigate risk from physical damage caused by natural disasters. In another sign businesses still are not taking disaster recovery as seriously as they could or should, less than one in five respondents (17%) have escalated backup and disaster recovery to become a priority at board level.
The Cost of Disaster
When disaster strikes, it creates quite an expense. Acronis data shows system downtime costs the average business more than $366,000 per year. The average company loses 2.2 workdays a year to system downtime and 86% of companies have experienced system downtime in the last year.
And disasters can be caused by human folly as well as the unpredictable whims of nature. Human error is by far the most common source of system downtime according to index results, with 60% of respondents citing it as a downtime cause. Other frequent sources of system downtime include human-generated events such as unexpected patches and updates (56%), server room environment issues (44%) and virus/malware attack (18%). Hardware error/theft combines IT glitches with human greed (14%), while onsite disasters (26%) and power outages (44%) may or may not have human error or malfeasance at their root.
Only 10% of respondents cited natural disasters as a cause of system downtime. Although natural disasters receive a large amount of publicity (witness the round-the-clock Sandy coverage) due to their unequaled destructive power and the natural human fascination with things beyond our control, CIOs need to account for many more potential threats when formulating a disaster recovery plan.
The Path Forward
CIOs need to start creating a comprehensive disaster recovery plan, if they haven’t already, immediately, Any modern plan should definitely include a server virtualization component (including regular backup of virtually-hosted data and assets) and be considered a board-level priority.
In addition, while outsourcing does not have to be a component, CIOs should investigate whether outsourcing part or all of a disaster recovery plan to a competent and trustworthy third-party specialist can help reduce cost, speed up implementation and streamline operation and upkeep. Nobody wants to walk around all day thinking about what would happen in the worst case scenario; a good disaster recovery plan ensures you don’t have to.