SMEs not prepared for disasters: Survey

Symantec Corp. has announced the findings of its 2011 SMB Disaster Preparedness Survey, which measured the attitudes and practices of small- and mid-sized businesses (SMBs) and their customers toward disaster preparedness.

The survey findings show that though SMBs are at risk, they are still not making disaster preparedness a priority until they experience a disaster or data loss. The data also reveals that the cost of not being prepared is high, putting an SMB at risk of going out of business. According to the survey, downtime not only costs SMBs several thousands of dollars, it also causes their customers to leave.

“According to the research findings, SMBs still haven’t recognized the tremendous impact a disaster can have on their businesses. Despite warnings, it seems like many still think it can’t happen to them,” said Saurabh Arora, Manager – Small and Medium Business for MENA, Symantec.

“Disasters happen and SMBs cannot afford to risk losing their information or – more importantly – their customers’ critical information. Simple planning can enable SMBs to protect their information in the event of a disaster, which in turn will help them build trust with their customers.”

The findings show that many SMBs do not understand the importance of disaster preparedness. Half of the respondents do not have a plan in place. Forty-one per cent said that it never occurred to them to put together a plan and 40 per cent stated that disaster preparedness is not a priority for them.

This lack of preparation is surprising given how many SMBs are at risk. Sixty-five per cent of respondents live in regions susceptible to natural disasters. In the past 12 months, the typical SMB experienced six computer outages, with the leading causes being cyber attacks, power outages or natural disasters.

The survey revealed that the information that drives most small- and mid-sized businesses is simply not protected. Less than half of SMBs back up their data weekly or more frequently and only 23 per cent back up daily. Respondents also reported that a disaster would cause information loss. In fact, 44 per cent of SMBs said they would lose at least 40 per cent of their data in the event of a disaster.

According to the survey findings, half of the SMBs that have implemented disaster preparedness plans did so after experiencing an outage and/or data loss. Fifty-two per cent put together their plans within the last six months. However, only 28 per cent have actually tested their recovery plans, which is a critical component of actually being prepared for a potential disaster.

Disasters can have a significant financial impact on SMBs. The median cost of downtime for an SMB is $12,500 per day. Outages cause customers to leave – 54 per cent of SMB customer respondents reported they have switched SMB vendors due to unreliable computing systems, a 12 per cent increase compared with last year’s survey. This downtime can also put them out of business. Also, 44 per cent of SMB customers surveyed stated that their SMB vendors have temporarily shut down due to a disaster.

Customers of SMBs also reported considerable effects to their own businesses. When SMBs experience downtime, it costs their customers an average of $10,000 per day. In addition to direct financial costs, 29 per cent of the customers surveyed lost “some” or “a lot” of important data as a result of disasters impacting their SMB vendors.

The survey found that 36 per cent of SMBs intend to create a disaster preparedness plan in the future. As these and other organizations create plans, Symantec offers the following recommendations: Don’t wait until it’s too late: It is critical for SMBs to not wait until after a disaster to think about what they should have done to protect their information. Not only is downtime costly from a financial perspective, but it could mean the complete demise of the business. SMBs can’t wait until it is too late, and need to begin mapping out a disaster preparedness plan today.  A plan should include identification of key systems and data that is intrinsic to the running of the business.  Basically, identify your critical resources.

Protect information completely: To reduce the risk of losing critical business information, SMBs must implement the appropriate security and backup solutions to archive important files, such as customer records and financial information. Natural disasters, power outages and cyber attacks can all result in data and financial loss, so SMBs need to make sure important files are saved not only on an external hard drive and/or company network, but in a safe, off-site location.

Get employees involved:  SMB employees play a key role in helping to prevent downtime, and should be educated on computer security best practices and what to do if information is accidentally deleted or cannot easily be found in their files.  Since SMBs have few resources, all employees should know how to retrieve the businesses’ information in times of disaster.

Test frequently: After a disaster hits is the worst time to learn that critical files were not backed up as planned. Regular disaster recovery testing is invaluable. Test your plan anytime anything changes in your environment.

Review your plan: If frequent testing is not feasible due to resources and bandwidth, SMBs should at least review their disaster preparedness plan on a quarterly basis.

Follow Emirates 24|7 on Google News.