Oz disaster recovery: sloppy or paranoid?

commentary Australian small to medium businesses lack confidence in their disaster recovery plans, according to a global report released yesterday.

(What is going on? image by Alessandro Lucia, CC2.0)

The research, conducted by the Ponemon Institute and commissioned by disaster recovery company Acronis, polled 259 local SMBs from a global total of 3000.

It found that 78 per cent of Australian respondents lack confidence in their disaster recovery plans, ranking well below all major countries except Italy and France.

The report blamed technically complex environments, poor planning and a lack of executive buy-in. However, Singapore, Hong Kong and Japan were confident of their disaster recovery, yet reported some of the most complex environments, with an average of four or five backup solutions spread across physical, virtual and "cloud" architectures.

Acronis country manager Simone Howe admitted that the lack of confidence by Australians could be seen as healthy, since if the findings were reversed, Australians would be seen as complacent.

So what does the statistic mean?

IBRS analyst and director of CapioIT, Phil Hassey, said SMBs have had plenty of reason to invest in disaster recovery, but simply have not.

"If 11 September wasn't reason enough, nothing is," Hassey said. "We've had tsunamis and had the same talk, we've had floods and fires and had the same talk."

It doesn't lead to changed behaviour because the boss assumes everyone backs up. The attitude that it won't happen to me is still pervasive."

He said respondents to the SMB survey would have had dramatically different priorities, according to size and industry.

"A small trucking firm might not have a clue how to run disaster recovery. It just ranges so much."

And executive buy-in in an Australian SMB is far removed from the larger counterparts in the United States. To attain buy-in, the technical director may need only call-out through an office to the boss. This does make it seem like the decision is not necessarily one of awareness, but rather of priorities defined by hip pockets.

Then there's the issue of maturity: disaster recovery is not a new concept, and Australia — being the land of extremes — should have mastered the art. But could it be that products for small businesses lack the finesse of those for large enterprise? Is it a case of products just not meeting needs?

One thing seems certain: a host of disaster recovery case studies will become available as the chaos of the Queensland floods is worked through. We will see if a lack of confidence signals sloppy disaster recovery procedures, bad products or just healthy concerns that what should have been enough just wasn't.

Do you work in an SMB? Do you have a lack of confidence in your disaster recovery? Why?