Data growth, limited testing, and mobile device vulnerabilities drive decreasing resilience and increasing risk
Alexandria, Va. – MeriTalk, an online community and go-to resource for government IT, today announced the results of its new report, “Disaster Unpreparedness.” The study, underwritten by NetApp and SwishData, reveals that Federal IT professionals lack confidence in their data resilience and disaster recovery (DR2) capabilities and may not test their systems as often as they should.
Government agencies rely on data and information to deliver mission success. While data loss in the private sector can damage a business, loss of Federal agency data can cripple or delay the vital safety net upon which tens of millions of Americans depend. To protect our data and keep government running, agencies need robust, reliable, and routinely tested DR2 systems. However, according to the new report, few Federal agencies are prepared to recover their data in the event of a natural or man-made incident.
Federal IT professionals give themselves high DR2 marks – 70 percent give their agency an “A” or “B” in data backup and disaster recovery preparedness. Despite the high marks, only 8 percent of Federal IT professionals are completely confident that they could recover 100 percent of the data subject to service level agreements (SLAs) in the event of a natural or man-made incident. For government agencies, even one percent of data is an enormous slice – just one percent of Social Security recipients, for example, is approximately equal to the entire population of Washington, D.C.
These recovery and resilience problems will likely get worse. Federal IT professionals are facing unprecedented data growth and backup solutions that are nearing capacity. By 2015, agencies expect the amount of data they need to back up to grow by 39 percent. Just 46 percent of Federal IT professionals believe their agency’s current DR2 solution is sufficient for the next 12 months, while 25 percent believe their solution will get them through the next 12 months but not beyond.
Insufficient testing is also a major DR2 challenge. When asked how many times their agency had tested its disaster recovery solutions in the last 12 months, Federal IT professionals reported an average of 2.5 times. When those same Federal IT professionals were asked how many times they would recommend their agency test its disaster recovery solution, they reported an average of 5.3 times per year. Federal IT professionals are held back from testing as often as they would like due to lack of budget (68 percent), lack of support from the mission owners (42 percent), and incomplete solutions (42 percent). The majority of Federal IT professionals (61 percent) are able to test DR2 without any impact or interruption to production systems.
“Data is a critical asset and Federal IT professionals are sounding the alarm on DR2 preparedness,” said Jean-Paul Bergeaux, chief technology officer, SwishData. “To increase confidence in their systems, agencies should test their DR2 solutions often and thoroughly. Testing will expose vulnerabilities and help IT professionals secure support from mission owners for updates or improvements. Waiting until disaster strikes to test your system is too late.”
Mobile devices are outstripping agency efforts to integrate them. Federal IT professionals report mobile device vulnerabilities with their current DR2 systems – estimating that only 53 percent of data stored on mobile devices could be reliably restored inside their SLA. An over reliance on on-premise backup solutions may also jeopardize government data. Fifty-nine percent of agencies do not use any form of cloud-based DR2 solutions. Just one in three plan to increase, or start, using off-premise cloud backup in place of on-premise backup. When testing their DR2 solution, only 55 percent test their ability to restore data from a second location.
To get their DR2 systems prepared, MeriTalk and SwishData recommend that agencies assess their DR2 environment and perform regular tests. Tests should be thorough and include on-premise backup as well as secondary locations. Last, agencies should make sure they are prepared across all DR2 facets – technology, processes, and people.
The “Disaster Unpreparedness” report is based on an online survey of 150 Department of Defense and civilian agency chief information officers and IT managers conducted in December 2012. To download the full report, please visit http://meritalk.com/disasterunpreparedness.
The voice of tomorrow’s government today, MeriTalk is an online community and go-to resource for government IT. Focusing on government’s hot-button issues, MeriTalk hosts Big Data Exchange, Data Center Exchange, Cyber Security Exchange, and Cloud Exchange – platforms dedicated to supporting public-private dialogue and collaboration. MeriTalk connects with an audience of 85,000 government community contacts. For more information, visit www.meritalk.com or follow us on Twitter, @meritalk.