Your answer may depend on your job title. In one recent survey , 70% of C-level executives declared their firms “very prepared” – but fewer than half of the IT people at those same companies agreed.
Such a gap between C-level and IT staff perceptions can lead to uneven C-level support for business continuity/disaster recovery planning – which leaves the business vulnerable to unplanned downtime.
The painful costs of “incidents”
And unplanned downtime isn’t cheap.
Fully 56% of those dealing with a major incident suffered financial loss . For upwards of 30%, recovery affected the business and consumed staff time. And 10% permanently lost data, applications, or systems.
Among smaller and midsize businesses (1-150 employees), almost half estimate that just one hour of unplanned downtime can cost $100,000 in lost revenue and end-user productivity – a price tag that does not include remedial actions by IT or costs associated with non-compliance penalties and litigation.
What IT people see: digital business complexity
Unlike C-level execs, those in the IT trenches experience the day-to-day impacts of accelerating reliance on ever more complex and interdependent technologies .
(No surprise, then, that 82% of unplanned downtime can be attributed to application failures, hardware failures, or operational errors. Cyberattacks still account for only 13% of downtime ; note, however, that this represents a 200% jump in two years as bad actors exploit gaps between current technologies and people’s understanding of them .)
Thus, 80% of organizations now demand a minimum of 99.99% availability – i.e., just 4.33 minutes of unplanned monthly outage – and more and more data and systems are considered mission-critical (30%) or business-critical (34%) . Also, the need for continuously available web services is changing how we regard RTOs (recovery time objectives) and RPOs (recovery point objectives).
Meanwhile, in 60% of organizations , server footprints are flat or shrinking, thanks to performance improvements at the processor level and expanding adoption of both server virtualization and cloud computing .
So what helps IT people feel prepared?
IT professionals confident in their organization’s ability to cope with an incident cite two key contributors:
- Clearly defined DR compliance requirements ; those who have developed compliance requirements tend to (a) have a disaster recovery plan in place and (b) recover more quickly from a major incident.
- Commitment to a multi-site IT resilience strategy ; 68% of those with such a strategy are confident that their applications, networks, and IT services will function as expected in an outage. A multi-site IT resilience strategy can take several forms, including moving IT infrastructure to a managed service provider’s environment and using Disaster Recovery as a Service (DRaaS) .
In my next post, I’ll take a look at the business continuity/disaster recovery best practices that can help you avoid unplanned downtime – beginning with the basics.