Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Disaster Recovery: Confidence High, Experience Low

With everything moving to the cloud, it is little surprise that Disaster Recovery (DR) is now also offered as cloud-based DRaaS. The majority of organizations still employ on-premise DR, but cloud usage is growing. A new survey investigates how and why UK businesses are employing DR; how they rate their existing DR readiness, and whether they are considering a move to cloud.

With everything moving to the cloud, it is little surprise that Disaster Recovery (DR) is now also offered as cloud-based DRaaS. The majority of organizations still employ on-premise DR, but cloud usage is growing. A new survey investigates how and why UK businesses are employing DR; how they rate their existing DR readiness, and whether they are considering a move to cloud.

An Opinion Matters survey, which questioned 250 IT decision makers, was commissioned by iland. iland is a US-based cloud infrastructure provider with eight data centers in the US, UK and Singapore. In Gartner’s 2016 Magic Quadrant for DRaaS it was placed squarely among the leaders.

The majority of outages are still caused by system failure (reported by 53% of respondents) closely followed by human error (52%). Cyber attacks are relatively low in comparison at 32%, while environmental issues (flood, storm, fire and power outages) are even lower at 20%.

What is immediately apparent from the survey is that DR is a necessity rather than a luxury — 95% of respondents admitted to an outage over the last 12 months. Beyond the clear implication of these figures (that an outage will almost certainly happen), things get a bit confused. Confidence is high, but experience is poor. Ninety-eight percent of respondents claimed that employees would have post-disaster access to systems within 24 hours, while 27% claim access would be immediate.

Experience, however, throws doubt over such claims. Confidence in a successful DR failover was only substantiated in 38% of cases. Fifty-eight percent of respondents experienced issues during a failover. Forty percent had been confident in the process — but 30% experienced issues, and 10% experienced significant issues.

There seems to be a clear understanding of the business impact of an outage. Eighty-three percent of respondents would expect ‘significant impact’ from an outage lasting hours. However, 4% predict ‘catastrophic impact’ within seconds, 2% within minutes, and 7% within hours. The obvious conclusion from such figures is that organizations are over-confident in their ability to mitigate a critical incident through disaster recovery.

“In today’s business world, the question is no longer if a company will need to trigger a disaster recovery plan, but when,” said Justin Giardina, CTO at iland. “This study shows there is work to be done, as teams seem to put too much confidence into inadequately tested systems.”

Training and testing is indeed another confused issue. Nearly two-thirds of respondents claim to have a trained team and regular testing — and yet the issues continue. The remaining 37% have either lightly trained or untrained teams, while testing is infrequent or non-existent.

Advertisement. Scroll to continue reading.

Needless to say, DRaaS removes or limits organizations’ need for trained on-premise staff; so iland was particularly interested in reasons for companies not to move to a cloud solution. Nearly two-thirds of the on-premise users cited concerns over security and compliance as reasons to stay on-premise. These are indeed complex issues, but in many cases established cloud providers can provide improved security — especially in areas of limited data use in the cloud. Compliance, especially with national or regional data protection laws, is also complex — but Monica Brink, director EMEA marketing at iland, confirmed that iland always adheres to the local laws pertaining, and has its own experts continuously monitoring new developments (such as GDPR).

Without these hindrances, DRaaS becomes an attractive proposition. Brink told SecurityWeek that an increasing number of companies, both large and small, are beginning to adopt DRaaS. The reality is that cloud is now offering lower costs and the potential for almost zero downtime with greater ease, reliability and efficiency.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...