SMB Companies ignoring web site disaster recovery

Research suggests organisations could lose revenue & customers


Many mid-sized firms risk losing revenue and alienating customers because they do not have a disaster recovery plan in place for their web sites, according to new research from hosting specialist NetBenefit.

The survey of 100 UK IT directors found that a third did not have a disaster recovery plan in place. Of the firms that did, only 38 percent said they tested their plans more than once a year.

A communication breakdown between the IT department and those who share responsibility for the web site such as marketing teams could account for some of the findings, according to NetBenefit's chief operating officer, Jonathan Robinson. "Disaster recover is familiar territory to the IT audience but I'm not sure if they've necessarily said to the marketing people 'Can we be satisfied the web site is sorted out?'," Robinson said. "Where IT people can be useful is that because they haven't been involved in the procurement of these things, they can really drill down into the disaster plans - whether it covers datacenter power, load balancer and firewall failures, and data back-up."

The research also found that around two-thirds of respondents anticipated no damage or only slight damage to their business if their site went down for a whole day, which according to Robinson could be due to a lack of commercial awareness on the part of IT. "I'm not sure IT are the best judges of cost. They need to talk to the commercial people more," he added.

Michael Azoff of analyst Butler Group said that while firms have contingencies in place for their bricks and mortar business, many do not take web sites as seriously, unless they are online-only companies. "The tendency is not to view it in the same high-risk category, but from a business point of view this isn't a prudent approach" Azoff argued. "It's an issue that should be addressed at the board level. If the web site is important to the business it shouldn't be left to the IT department alone." Azoff added that firms should continually monitor the end user experience to ensure that web site problems do not go undetected.

To construct a comprehensive disaster recovery plan, Robinson advised IT managers to first find out what the commercial side of the business can tolerate in terms of web site outage. They should then move through the infrastructure layer by layer, highlighting the single points of failure in application servers, network layers and data centres. "It's all about cost benefit analysis. If you want each layer to have added security, what are you prepared to pay for it," Robinson said.

END

If you would like to know more about how your organisation can get involved and benefit from working with the Continuity Forum, please email us HERE! or call on + 44 (0) 208 993 1599.