Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

One in four firms has no disaster plan, says PwC


More than a quarter of UK companies do not have a disaster recovery plan, and half of the plans that do exist have not been tested, according to just-published research from PricewaterhouseCoopers (PwC).

Advert: Infosecurity Europe, 22-24 April 2008, Grand Hall, Olympia, London, UKDespite the fact that 92% of companies surveyed on behalf of the Government believe that disaster recovery is "an important driver" of their IT spending, over half have no plan or an untested plan.

"The number of companies with a disaster recovery plan has gone up," said Chris Potter of PwC, which carried out the survey for the Department of Business, Enterprise & Regulatory Reform.

"However, experience shows that plans are only effective if regularly tested. It is a concern that only half of plans have been tested in the last year," said Potter.

Though the research found out that 99% of companies back up their data and 86% do so daily, it also found that 15% of companies stored their backups on the same site as the original systems.

The results are part of the 2008 Information Security Breaches Survey (ISBS), whose full findings will be published at Infosecurity Europe in London on 22–24 April.

The survey found that 31% of companies had no contingency plan in case of systems failure or data corruption, and that 10% of companies found the contingency plan they did have to be ineffective.

Martin Sadler, director of Hewlett-Packard's Systems Security Lab at HP Labs Bristol, which was one of the organisations which put the survey together, said that disaster recovery systems were vital now because almost all businesses are heavily data-dependent.

 “There has been an explosion of information within businesses," said Sadler. "Acquiring, analysing and delivering the right information to people so they can act on it is a major challenge for companies. The volume of data, and companies’ dependence on it, pose significant backup challenges for them."

Though Sadler said that one in five large firms now stores data off site, he said that this practice also posed dangers.

 “Taking backups off-site poses its own security risks," he said. "Historically, backups have tended to be unencrypted to minimise the effort to restore data. More companies are now considering whether they ought to be encrypting their backups.”

Learn more: The full results of the survey will be launched at Infosecurity Europe in London, 22-24 April.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.