As software as a service (SaaS) becomes more prevalent, new research from Keepit shows that – based on a real‑world backup and restore activity – recovery practices remain a work in progress for many organisations.
The report analyses aggregated and anonymised behavioural data from Keepit’s production backup environment, examining how organisations actually engage with their backups.
Key findings from the report include:
- Nine in 10 enterprises have validated bulk recovery, demonstrating a maturity in their disaster recovery preparedness.
- Identity systems are tested four times less often than productivity systems, even though losing identity access can prevent access to all other SaaS applications.
- 90% of restores are single file downloads, indicating that simple data loss incidents are most common – and that IT administrators appreciate the ability to do granular, immediate recovery.
- High-profile global outages – including major cloud and security incidents – did not lead to increased recovery testing, suggesting that even visible disruptions rarely prompt validation of recovery readiness.
“The data shows that organisations are actively using their backups and, at scale, developing real recovery maturity – especially among larger enterprises that routinely validate bulk recovery,” says Jakob Østergaard, CTO at Keepit. “At the same time, the findings make it clear that confidence in recovery is built through practice. Simple, everyday restores are an important foundation, but structured testing and guided recovery are what turn backup into a repeatable, dependable capability. Backup is only effective when teams know they can recover the right data, in the right order, under real world pressure.”
A behavioural signal and a clear path forward
One of the clearest insights in the report is behavioural. Everyday restores show how organisations build confidence and recovery capability over time. Single‑file restores are familiar and useful, but they represent an early stage of readiness – not full validation for large‑scale incidents.
The report also shows that resilience is built through practice, not additional tools. Organisations that make recovery a routine, repeatable process – supported by structured testing and guided recovery – are better prepared to restore the right data, in the right order, at the right scale.