[ISN] Survey: Most EMEA countries unprepared for a disaster

From: InfoSec News (isn@private)
Date: Tue Dec 07 2004 - 23:59:08 PST


http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,98098,00.html

By Samantha Perry
DECEMBER 07, 2004 
Computerworld South Africa

JOHANNESBURG - Veritas Software Corp.  last week released the results
of its third annual disaster recovery study which revealed, among
other things, that 97% of businesses surveyed in EMEA (Europe, Middle
East and Africa) would be unable to continue normal operations
following a data center fire.  The survey, conducted worldwide by
UK-based Dynamic Markets, polled 1,259 IT professionals at companies
with more than 500 employees.

Of the EMEA IT managers surveyed, only 3% said they would be able to
continue with business as usual after a data center fire. Thirty-eight
percent had no idea how long it would take to resume bare bones
operations, 31% could achieve bare bones service within 12 hours, and
38% didn't know how long it would take to get back to business as
usual. In addition, 52% said that the only copy of their
organization's disaster recovery plan was stored in the data center.

According to the research, 16% of companies surveyed in EMEA don't
have a disaster recovery plan in place. Thirty-four percent of these
companies said they had not got around to it and 24% were in the
process of putting a plan together. Another 24% felt they didn't need
a DR plan, and of these, 19% say the company is too small to merit it,
and 6% say that their board would not back such an initiative.

Of those companies that do have DR plans in place, the majority don't
review them often enough, resulting in plans that are falling behind
in the face of rapidly changing technology.

However, 92% of those companies with plans do actually review them:  
13% do so monthly; 8% do so every three months; 14% every six months,
34% annually, 12% review on an ad hoc basis, and 9% review either less
than every three years, never review, or do not know if they review.  
The figures for those companies that actually test their plans are
much the same.

Veritas vice president, marketing, EMEA, Chris Boorman said, "The
issue of change control is an interesting one, particularly in light
of the substantial increase in patches that we have been seeing
lately, and spiraling concerns about viruses and accidental or
malicious employee behavior."

"While patch updates will rarely trigger the need for a change in DR
strategy, IT departments should certainly be reviewing their DR plans
more frequently than once a year," he concludes.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Wed Dec 08 2004 - 03:01:01 PST