IT Managers Under-Estimate Impact Of Data Loss

Outsmart Malicious Hackers

I find it a little surprising in this day and age that such a low percentage of IT managers believe data loss is a low impact issue.

Don’t they read the news? Don’t they understand how losing customer trust can really effect your bottom-line?

I would have thought 30% of respondents thinking data loss was high impact as a low figure, but 7%? That’s just insane.

A mere seven per cent of respondents to a survey on data management believed data loss has a “high” impact on a business.

This is one of the key findings of a survey launched in Hong Kong yesterday by Kroll Ontrack, a US-based provider of data recovery solutions. The survey was conducted earlier this year by StollzNow Research. It asked IT managers from 945 small, medium and large companies in Hong Kong, Singapore and Australia about their views and experiences related to data management.

The survey found that just less than half (49 per cent) of all IT managers have reported a data loss situation in the last two years.

Even more shocking is that half of the small business surveyed don’t even run back-ups! It’s so cheap and simple now with mass storage devices available off the shelf with Terabytes of storage.

There’s really no excuse for not backing up any more, I even had a 2TB RAID mirrored storage unit at home to back up my personal stuff. All my websites are backed up nightly and the backups sent to multiple physical servers and DB backups sent via e-mail.

While larger companies may not fully appreciate the risks they face with data loss, it is the small business sector that appears to be most at risk. An alarming 49 per cent of small companies stated that they fail to back up their data on a daily basis.

This is despite the fact that nearly half of all participants had experienced data loss in their workplace in the past two years, and 36 per cent felt that data loss could have a significant impact on their business.

Small businesses were also less likely to test their backup systems on a regular basis, or to have implemented a policy for the preservation of data. While 61 per cent of overall respondents reported that their company had a formalised data retention policy, this figure fell to just 45 per cent for companies with 50 or fewer employees.

I’d be interested to see a similar survey for the US and Europe to see if the figures are in the same kind of range.

It’s very common though for policies and backups to be implemented and never updated or tested. So when a failure actually occurs the company finds out their system isn’t even working.

Computers and backup systems don’t just keep magically working, especially when you’re changing configurations, server setups and software all the time.

Source: Network World

Posted in: Hacking News

, , ,

Latest Posts:

GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.
Memcached DDoS Attacks Will Be BIG In 2018 Memcached DDoS Attacks Will Be BIG In 2018
So after the massive DDoS attack trend in 2016 it seems like 2018 is going to the year of the Memcached DDoS amplification attack with so many insecure Memcached servers available on the public Internet.
libsodium - Easy-to-use Software Library For Encryption libsodium – Easy-to-use Software Library For Encryption
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API.
XSStrike - Advanced XSS Fuzzer & Exploitation Suite XSStrike – Advanced XSS Fuzzer & Exploitation Suite
XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads.

One Response to IT Managers Under-Estimate Impact Of Data Loss

  1. Bogwitch June 22, 2009 at 1:51 pm #

    I am also very suprised by that figure. I wonder if they are talking about data loss in terms of availability or confidentiality?

    From the article, it would appear that availability was the issue. I have seen many, many businesses during my time in InfoSec, I can name only one that had a good handle on backups, what was required, storage, testing, etc. Not down to good management but due to a single techie who knew his stuff. If that company were to lose him, they would be in the same boat as everyone else.

    So many times I have seen a backup try to grab the whole WINNT directory yet fail to capture all the user areas.
    More of a problem is a lack of user education, meaning users storing their work on local drives, desktops, My Documents etc, and the backups running across the servers every night, backing up the same stuff they’ve been backing up since they were started.

    Darknet, it’s good to hear you are making regular backups now, has it always been the case? ;)