UK firms flop in the data back-up department
False sense of security
Data back-up procedures amongst UK companies leave a lot to be desired, according to early results from a government-backed study out today.
A survey of 1,000 companies of all sizes - conducted as part of the Department of Trade and Industry's 2004 Information Security Breaches Survey - found that two-thirds of large businesses suffered an incident where they had to restore significant data from back-up during the last year. Roughly half of the businesses that had a systems failure or physical theft suffered major disruption, a factor which has led 95 per cent of firms to establish some form of back-up.
Unfortunately, these back-up procedures are often far from complete, the study concludes. Only a third of businesses store their back-ups off-site, and less than 20 per cent back-up their desktops. Even more worryingly, only eight per cent of companies have tested their disaster-recovery plans to see if they would work in practice.
This might lead to a false sense of security, according to the PricewaterhouseCoopers-led consortium of companies which carried out the study.
Chris Potter of PwC said that IT staff often lack awareness of which data is business critical and therefore don’t understand what they need to back up: "There’s a disconnect between the boardroom and the IT function which is potentially dangerous. Despite 9/11, the vast majority of UK businesses are living on a prayer when it comes to disaster recovery."
Another company involved in the study is online data back-up and recovery specialist Atttix5.
Attix5 Chief executive Roelou Barry commented: "The research reveals a worrying trend. Most businesses only back-up their servers, yet critical business information is often distributed across the entire extended enterprise - from servers and desktops to laptops and mobile computing devices.”
The full findings of the DTI 2004 Survey will be launched at the InfoSecurity Europe conference in London in April. ®
DTI Information Security Breaches Survey home page. Contains background on previous studies, which have consistently advised UK companies to spend more on security. There’s probably a lot of truth in that, but it’s worth bearing in mind the heavy involvement of IT suppliers and consultants in the group conducting the study.