• United States



by Anuradha Shukla

Hong Kong SMBs not making disaster preparedness a priority

Jan 20, 20114 mins
Data and Information SecurityEnterpriseSecurity

Most small- and mid-sized businesses (SMBs) are not making disaster preparedness a priority until they experience a disaster or data loss, according to Asia Pacific findings of Symantec's 2011 SMB Disaster Preparedness Survey.

Most small- and mid-sized businesses (SMBs) are not making disaster preparedness a priority until they experience a disaster or data loss, according to Asia Pacific findings of Symantec’s 2011 SMB Disaster Preparedness Survey.

As many as 47 per cent of Hong Kong SMBs do not have a disaster preparedness plan in place.

Symantec’s survey measured the attitudes and practices of small- and mid-sized businesses (SMBs) and their customers towards disaster preparedness. Findings show that only half of those surveyed already had a plan in place.

Although the cost of being unprepared is high, about 14 per cent of SMBs do not have a plan, nor do they have any intention of creating one.

SMBs not prepared for disasters are at high risk of going out of business and Symantec points out that downtime costs SMBs hundreds of thousands of dollars, and also causes their customers to leave.

Downtime costs

According to the survey, globally, downtime costs SMBs an average of US$10,000 per day.

Commenting on the disasters, David Dzienciol, Symantec’s vice president for SMB and channels, Asia Pacific and Japan, said they are unpredictable and can happen due to natural causes, human error or IT systems failures.

SMBs have to handle sensitive information and cannot afford to risk data loss incidents.

“Findings from the research show that SMBs still haven’t recognised the tremendous impact of a disaster. Simple planning can enable SMBs to protect their information in the event of a disaster, which in turn will help them build trust with their customers,” said Dzienciol.

Although 33 per cent of Hong Kong SMBs stated that disaster preparedness is not a priority for them, the city’s businesses fared better than their Asian counterparts.

About 38 per cent of Asian businesses have not even begun to think of putting any kind of plan in place despite the fact that in the past 12 months, the typical SMB experienced five outages.

These outages were mainly due to cyber attacks, power outages, upgrades and employee errors.

Late reaction

The survey revealed that only 54 per cent of Hong Kong SMBs back up their data weekly or more frequently and only 16 per cent back up daily. Thirty-eight per cent of the respondents said they would lose at least 40 per cent of their data in the event of a disaster.

About 48 per cent of SMBs in Hong Kong that have implemented disaster preparedness plans did so after experiencing an outage and/or data loss. The majority (66 per cent) put together their plans within the last six months and only 32 per cent have actually tested their recovery plans.

If businesses are not prepared, they are going to negatively impact the customers they are serving and this is apparent from the findings that indicate 59 per cent of SMB customer respondents across the region are switching SMB vendors due to unreliable computing systems.

About 52 per cent of SMB customers said their SMB vendors had temporarily shut down in the past due to a disaster. Twenty-four per cent of these customers experienced financial losses and also suffered important data loss as a result of disasters impacting their SMB vendors.

Be proactive

According to Symantec, businesses should follow a proactive approach and should not wait until it’s too late as downtime is expensive.

SMBs should implement the appropriate security and backup solutions to back up and archive important files in order to protect information completely. Important files ought to be saved not only on an external hard drive and/or company network, but in a safe, off-site location.

Employees in SMB should be educated on computer security best practices and they must know what steps to do if information is accidentally deleted or cannot easily be found in their files.

Businesses should also conduct regular disaster recovery testing and if frequent testing is not feasible due to resources and bandwidth, they should review their disaster preparedness plan on at least a quarterly basis.