Senior IT professionals in small-to-large-sized businesses are investing a substantial amount of their IT budgets into data protection and recovery, according to the latest Arcserve State of Data Resilience in the Enterprise survey.
“The high standard deviation (21%) in responses indicates there is a lot of variance in the observed data around the mean, further pointing to the fact that the data observed is quite spread out,” says Byron Horn-Botha, business unit lead at Arcserve Southern Africa. “The finding that a substantial number of companies arguably vastly underinvest in this area is supported by this variance. Presumably, smaller overall IT budgets impose difficult trade-offs upon IT leaders.”
The following data point offers some reassurance: overwhelmingly, IT leaders aim to grow their data protection budget – 89% of survey respondents’ organisations expect to increase their data protection budget in the future.
They may find the 2023 Security Budget Benchmark Report helpful, as it showed that the average IT security budget increased by 6%. Overall, that’s a growth pace that is 65% slower than previously.
“In many cases, though, growth must accelerate in the data protection bucket,” Horn-Botha says. “Even as an increased budget gets allocated to data protection, how can an organisation make the most of it?”
He confirms it is important to consider the trade-offs between having a disparate patchwork of individually configured fine-tuned components and an integrated, unified solution that reliably gets the job done.
“The former may provide unique customisation opportunities, while the latter should be easier to deploy and faster to deliver value,” he says.
Horn-Botha says the question business leaders should be asking themselves is what the cost would be – in money and reputational damage – if they couldn’t access their data. The survey revealed that only 31% of respondents were confident in their ability to recover lost data in 24 hours.
“The bottom line on this is that time is of the essence – the longer the business is down, the greater the operational cost and reputational impact.”
The survey asked: “is taking more than 24 or 48 hours to recover acceptable for companies?”
The answer was a resounding no for two out of every three companies. The survey revealed only 34% of respondents said their organisation could take more than 48 hours and still avoid significant business disruption.
While 70% of organisations reported they perform weekly or monthly data recovery drills to ensure business continuity, over one in five businesses were shown not to test their systems often enough.
Horn-Botha confirms regular data recovery drills are essential because they help ensure that the organisation’s Recovery Time Objective (RTO) and Recovery Point Objective (RPO) can be met when disaster strikes.