Majority of North American Companies Exhibit Risky Disaster Recovery Behaviors: Evolve IP Biennial Survey Reports
Seven in Ten Disaster Recovery Plans Incomplete; Less Than Half of Companies Tested DR Plans in the Last Year; Cyber Attacks Fastest Growing Cause of DR Incidents WAYNE, Pa. – Feb. 1, 2018 -The majority of businesses in North America are not fully prepared to handle a major disaster striking their information technology, network and communications infrastructure according to a biennial technology survey conducted by Evolve IP, The Cloud Strategy Company™. The survey of approximately 1,000 IT professionals and executives uncovered risky behaviors exhibited by the majority of organizations including incomplete and untested DR plans and outdated technologies and methodologies. The survey also identified three main characteristics of organizations that felt “very prepared” to recover from a disaster. Download the Evolve IP Disaster Recovery & Business Continuity Survey for a complete review of the full findings.Risky Business: A significant number of organizations taking the survey noted that they were not fully prepared to handle a disaster either exhibiting risky behaviors or relying on outdated technologies and methodologies.
Gaining Confidence: There were several key factors that helped increase the confidence of IT professionals in feeling ‘very prepared’ to recover from a disaster. They were:
- Nearly 7 in 10 respondents (68.5%) noted that they had an incomplete DR plan. Of those, only 58% had a plan that was at least 75% complete. When asked if their plan was implemented formally in the business, just 67% indicated ‘yes’.
- Less than half of those surveyed (48.5%) had performed a DR test in 2017.
- 16% of DR plans didn’t document Recovery Point Objectives and 13.5% of IT professionals were unfamiliar with the term. 15% of DR plans didn’t document Recovery Time Objectives and 9% of IT professionals were unfamiliar with the term.
- 5% were using backup tapes in their DR implementation.
There were 63 survey respondents that noted their firms met all three of these criteria and of those, 78% felt “very prepared” to handle a disaster. Conversely, there were also 63 companies that had the opposite qualities and just 6.5% of those individuals expressed the same level of confidence.“Business executives and IT professionals need to start asking the really hard questions when it comes to DR; not just ‘how much is it and how much did we budget?'” said Scott Kinka, Chief Technology Officer and Founding Partner of Evolve IP. “The real questions that need to be asked are more like; ‘How many days can we afford to be down before we permanently damage our business?’, or ‘What is our hourly revenue loss when systems are corrupted or frozen from an attack?’Kinka continued, “Based on these survey results, it’s very likely not ‘if’ it’s ‘when’ disaster procedures will need to be implemented in a business and most of the incidents causing the issues will not be from fires or natural disasters. Unfortunately, from what we see in the market most organizations will be finding out on the fly how ready they are to recover.”Additional Findings
- Sufficient funding – Individuals that indicated that their company had invested sufficiently in DR were more likely to feel very prepared. (65.5% vs. 19%)
- Compliance requirements – Organizations with compliance requirements tend to be more confident in their ability to recover from a disaster. (51.5% vs 34%)
- Virtual private / private hosted solutions – leveraging either DRaaS or utilizing a MSP environment helps IT pros feel more assured. (56.5% vs. 46.5%)
- Cyber Attacks Top Growing Threat: Deliberate attacks were the fastest growing category of DR incidents and outages. This year, 17% of respondents noted deliberate attacks as the cause of an outage, up 4 points from 2016 and up from 6.5% in 2014. Other top causes include hardware / server failure (50%), environmental disasters (29%), power outages (28%), and human error (18%).
- It’s not if, it’s when: Over one-third (36.5%) of companies reported to have suffered from at least one incident or outage that required disaster recovery.
Survey MethodologyThis year’s survey, conducted in November of 2017, examined the disaster preparedness and business continuity trends in North American organizations. Just under 1,000 IT professionals and executives participated with IT professionals contributing 81.5% to the survey population and non-IT C-level executives making up 19.5%. Of the 966 respondents in the survey, 57% were from organizations with between 100-2,000 employees; 21.5% originated from organizations with 11-99 employees; 18% came from organizations with more than 2,000 employees and 3.5% participated from organizations with 1-10 employees.Why Businesses Choose Evolve IP for Disaster RecoveryEvolve IP’s disaster recovery suite protects your data and allows you to recover your environment based on how your business runs and the way your infrastructure is designed. From fully managed DR to assisted and self-managed solutions to essential cloud backups we have a service that enables IT resilience and fits your recovery timeframes, budget and compliance needs.Comprehensive Suite of Recovery OptionsEvolve IP doesn’t shoe-horn our clients down a single path. We offer multiple industry-leading replication technologies that work with how your infrastructure is currently designed while meeting nearly any RTO / RPO goals. Going well beyond traditional DR solutions, we are also able to offer our clients unique recovery options for desktops as well as voice services.Noted as a Visionary in the Gartner 2107 Magic Quadrant for Disaster Recovery as a ServiceEvolve IP has been recognized for the second consecutive year in Gartner’s Magic Quadrant for Disaster Recovery as a Service (DRaaS). As noted in the report, Evolve IP was named in the “Visionaries” quadrant in 2017. Evolve IP’s inclusion comes after a series of analyst interviews, service evaluations and customer references which confirmed the company’s completeness of vision and ability to execute.The Evolve IP Compliance CloudTMEvolve IP has been 3rd party audited by the top compliance auditors in the world (Grant Thornton and Ernst & Young), to enable clients to extend their compliance to our certified compliant cloud. We sign BAAs and deliver the documentation that our competitors cannot: HIPAA / HITRUST, PCI-DSS (all 12 sections), ITAR, SOC 3 and more. Unlike many other disaster recovery providers, The Compliance Cloud delivers true client isolation, encryption in transit and at rest, private VLANs, firewalls and more.Blue-chip Vendor Verified, Supported and IntegratedAt Evolve IP we use the technologies, tools and interfaces your team trusts and your executives know. Basically, we built our solutions they way you would want to … if you had the means and time. Today our solutions leverage Zerto, VMware®, Veeam, Nimble/ HPE, EMC and more and we sit on the advisory boards for Veeam and Zerto.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
- Industry Breakouts: Education and Manufacturing trail leading verticals like banking and technology in terms of their preparedness confidence. In terms of feeling ‘Very Prepared’, the Education sector was the lowest at just 34.5% while banking lead the segments at 61%.