Small businesses harbor out-of-date or inadequate disaster recovery plans, study says
In recent weeks, a number of studies revealed that small businesses in Europe and Australia were lacking disaster recovery planning documents that could help them achieve a swift recovery in the wake of a major incident. However, recent research by nCircle, a top provider of auditing solutions and automated security, indicates that this problem could be widespread in the United States as well.
In particular, the study, which was conducted during a 12-day span in November 2011 and surveyed nearly 150 IT security professionals, found that 13 percent of small businesses didn't have a disaster recovery plan. Of the remaining 51 percent that had this type of essential business document, many said that they weren't sure whether it was kept up-to-date with recent changes in their company's operations.
Inconsistencies were also found in how the security policies of U.S. small businesses are being enforced. For example, the nCircle study indicated that while 26 percent of the respondents said they had such a policy, they didn't take steps to ensure that it was being adhered to by employees.
"The number of small businesses that have no written security or disaster recovery plan is a significant concern," Elizabeth Ireland, a vice president of marketing for nCircle, said in a press release. "It seems counter intuitive, but even though smaller businesses have fewer resources, they need to pay more attention to security rather than less."
As a result, small businesses that have let their disaster recovery planning documents fall into a state of disorder may be wise to appoint a trusted employee to the task of bringing this paperwork up-to-date. However, businesses that are concerned about the productivity drain this appointment may cause can look to an experienced consulting agency capable of offering nuanced and effective disaster recovery consulting.