The intro to a recent IT resiliency report asks the question: “Is IT turbulence the new norm?”
In a year marred by ransomware attacks large and small, catastrophic natural disasters and other IT outages, that’s a valid question. But how are organizations handling the disruptions and IT resiliency planning?
Generally, not that well. “Overall, IT departments exceeded their maximum tolerance for downtime during a failure, a weakness that must be addressed,” said the Syncsort report, “The 2018 State of Resilience,” which surveyed 5,632 global IT professionals between January 2017 and July 2017 and came out last month.
“It continues to surprise us that organizations feel underprepared to deal with disasters,” said Terry Plath, vice president of global services at Syncsort, an enterprise software provider.
Only half of respondents met their recovery time objectives after a failure, according to the report. Eighty-five percent of professionals had no recovery plan or were less than 100% confident in their plan.
For those IT professionals whose organization suffered data loss, when asked how much was lost in their most significant incident, 28% said they lost a few hours and 31% lost a day or more of data.
The IT resiliency report found that many of the reasons for data loss involved lack of a quality backup. In order, the top primary reasons for the data loss were: Old backup copy, human error, lost data was in memory and no backup was made, malfunction in data protection platform, and data protection platform was not configured to back up the specific data.
Thankfully, when IT professionals look ahead the next two years, 45% say high availability/disaster recovery (HA/DR) is a chief IT initiative, second only to security at 49% and just above cloud computing at 43%. And in choosing top IT issues of concern in the coming year, 47% said business continuity/high availability, 46% said the ability to recover from disaster and 45% said security/privacy breaches.
Comprehensive IT resilience planning needed
Specifically regarding high availability or disaster recovery, businesses’ top initiatives in the coming year are tuning or reconfiguring the current HA/DR platform, expanding the current HA/DR platform to cover additional servers or data, adopting new technology to augment the current HA/DR, and incorporating cloud or hosting technology into the HA/DR strategy.
“Appropriate staffing, workforce training, better recovery planning and testing are needed to ‘bulletproof’ company systems,” the report said. “This is especially true, since a considerable majority of companies have HA/DR initiatives planned for the coming year.”
Surprisingly, when asked which technologies organizations use for data protection and archiving, just under 50% said tape backup, the second most popular answer behind hardware and storage replication at slightly over half.
Plath recommends several steps for a solid IT resiliency strategy. It starts with defining and documenting the disaster recovery process. Organizations then need to have the right tools in place and make sure that recovery time objectives and recovery point objectives are acceptable. They must ensure that IT staff or the third-party support providers are trained and up to speed on the DR platform.
And then there’s resilience testing. Organizations should take the time to schedule HA/DR switch tests. Companies should also have run books in place that define what needs to happen in a disaster, but many don’t, Plath said.
The IT resiliency study is a continuation of the annual survey conducted for the last 10 years by Vision Solutions, now part of Syncsort.