Report claims UK/European firms are poorly prepared for data loss event

According to data centre and cloud data storage specialist Iron Mountain – which commissioned the research, carried out by MacArthur Stroud in late 2010 – despite this data loss issue, 40% of respondents failed to test their disaster recovery system more than once a year, and a third admitted they have no archiving strategy.

The research, which looks at the disaster recovery provisions of 200 medium to large European enterprises, found that the loss of email for four hours might result in administrative disruption, inconvenience, lost productivity and decreased customer satisfaction.

The loss of transactional or production data for a similar duration, however, says the report, could have a catastrophic impact on operations and profitability.

Because of the issues raised in the report, Christian Toon, head of information risk with Iron Mountain, is advising businesses to take their back-ups offsite, as well as performing a risk analysis of your entire back-up process to identify security vulnerabilities.

If your analysis exposes a serious likelihood of data falling into the wrong hands, he says firms should consider whether encryption is justified.

Companies should also, he adds, revisit their disaster recovery plan regularly. Circumstances change so fast that an annual review of your plan is no longer appropriate.

"As your company grows, your information needs change, and your DR practices and processes are likely to evolve with them", he explained.

Finally, he says, companies need to consider using a private cloud for storing back-up data – known as electronic vaulting – since it bypasses the need to transport data on physical media.

Data security, he argues, can be addressed with encryption, and for very large volumes of data, firms should consider transporting the data on tape to the cloud provider's primary data centre.

In the event of a disaster, the entire customer data centre can be switched to the cloud until systems can be recovered.

What’s Hot on Infosecurity Magazine?