IT Managers Under-Estimate Impact Of Data Loss


I find it a little surprising in this day and age that such a low percentage of IT managers believe data loss is a low impact issue.

Don’t they read the news? Don’t they understand how losing customer trust can really effect your bottom-line?

I would have thought 30% of respondents thinking data loss was high impact as a low figure, but 7%? That’s just insane.

A mere seven per cent of respondents to a survey on data management believed data loss has a “high” impact on a business.

This is one of the key findings of a survey launched in Hong Kong yesterday by Kroll Ontrack, a US-based provider of data recovery solutions. The survey was conducted earlier this year by StollzNow Research. It asked IT managers from 945 small, medium and large companies in Hong Kong, Singapore and Australia about their views and experiences related to data management.

The survey found that just less than half (49 per cent) of all IT managers have reported a data loss situation in the last two years.

Even more shocking is that half of the small business surveyed don’t even run back-ups! It’s so cheap and simple now with mass storage devices available off the shelf with Terabytes of storage.

There’s really no excuse for not backing up any more, I even had a 2TB RAID mirrored storage unit at home to back up my personal stuff. All my websites are backed up nightly and the backups sent to multiple physical servers and DB backups sent via e-mail.

While larger companies may not fully appreciate the risks they face with data loss, it is the small business sector that appears to be most at risk. An alarming 49 per cent of small companies stated that they fail to back up their data on a daily basis.

This is despite the fact that nearly half of all participants had experienced data loss in their workplace in the past two years, and 36 per cent felt that data loss could have a significant impact on their business.

Small businesses were also less likely to test their backup systems on a regular basis, or to have implemented a policy for the preservation of data. While 61 per cent of overall respondents reported that their company had a formalised data retention policy, this figure fell to just 45 per cent for companies with 50 or fewer employees.

I’d be interested to see a similar survey for the US and Europe to see if the figures are in the same kind of range.

It’s very common though for policies and backups to be implemented and never updated or tested. So when a failure actually occurs the company finds out their system isn’t even working.

Computers and backup systems don’t just keep magically working, especially when you’re changing configurations, server setups and software all the time.

Source: Network World

Posted in: Hacking News

, , ,


Latest Posts:


Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.


One Response to IT Managers Under-Estimate Impact Of Data Loss

  1. Bogwitch June 22, 2009 at 1:51 pm #

    I am also very suprised by that figure. I wonder if they are talking about data loss in terms of availability or confidentiality?

    From the article, it would appear that availability was the issue. I have seen many, many businesses during my time in InfoSec, I can name only one that had a good handle on backups, what was required, storage, testing, etc. Not down to good management but due to a single techie who knew his stuff. If that company were to lose him, they would be in the same boat as everyone else.

    So many times I have seen a backup try to grab the whole WINNT directory yet fail to capture all the user areas.
    More of a problem is a lack of user education, meaning users storing their work on local drives, desktops, My Documents etc, and the backups running across the servers every night, backing up the same stuff they’ve been backing up since they were started.

    Darknet, it’s good to hear you are making regular backups now, has it always been the case? ;)