When Data Loss Strikes

Jay Decenella, IT audit expert
May 24, 2011 /

Even a simple mistake of deleting a file containing the personal information of customers can spell disaster for small- and medium-scale businesses (SMBs) according to Symantec, which claimed that SMBs do not seem to prioritize disaster preparedness until they experience data loss.

“The fact is many small businesses don’t have IT staff or resources dedicated to disaster preparedness, which leads to inconsistent and incomplete backup of vital business data,” Symantec said.

In fact, its 2011 SMB Disaster Preparedness Survey found that though SMBs are at risk, they are still not making disaster preparedness a priority until they experience a disaster or data loss.

The findings coincide with that of the study conducted by accounting firm KPMG and the Data Security Council of India (DSCI), which showed that majority of Indian banks have not adopted even the basic information security measures even as IT security regulations are driving data privacy and security in the country.

Symantec said “the cost of not being prepared is too high to ignore,” amounting to as much as $12,500 per day for downtime losses, not to mention that it drives away customers.

Several SMBs do not understand the importance of disaster preparedness based on the findings of the survey, with half of respondents saying they do not have a plan in place.

For example, 41 percent said data loss never occurred to them to put together a plan and 40 percent maintained that disaster preparedness is not a priority for them.

With only less than half of SMBs backing up their data weekly or more frequently and only 23 percent doing the same disaster preparedness practice daily, the survey showed that the information driving most small- and mid-sized businesses is simply not protected.

According to the survey, half of the SMBs that have implemented disaster preparedness plans did so after experiencing an outage and/or data loss.

“Fifty-two percent put together their plans within the past six months. However, only 28 percent have actually tested their recovery plans, which is a critical component of actually being prepared for a potential disaster,” Symantec said.

The security vendor advised small businesses to prop up their IT systems by starting to map out a disaster preparedness plan “today” that identifies their critical resources.

“Protect information completely: Use appropriate security and backup solutions to archive important files,” Symantec added.

Moreover, employees should also be educated on computer security best practices and what to do if they misplace information.

Symantec went on to say that disaster preparedness plan should be reviewed at least once a quarter.

“Regular disaster recovery testing is invaluable and should be done anytime anything changes in your environment,” it added.

 

Share your opinion