Risk
8/27/2010
05:40 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

For SMBs, Data Protection Is A Virtual Affair

Think you can't afford BC/DR to rival enterprise-class systems? If you have x86 virtualization installed, you might be surprised.

InformationWeek Green - Aug. 30. 2010 InformationWeek Green
Download the entire Aug. 30. 2010 issue of SMB, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree
for each of the first 5,000 downloads.

What's your best-case scenario for getting back to normal after a worst-case disaster? We first polled small and midsize businesses on that subject back in January 2008; when we revisited our survey, in May, we found there's been some improvement. In 2008, 23% could get mission-critical apps back up in four hours or less. Today, it's up to 33%, based on our InformationWeek Analytics survey of nearly 400 business technology professionals from companies with 1,000 or fewer employees.

Other key changes: In 2010, 62% have business continuity/disaster recovery systems in place compared with 55% in 2008. Consolidation has increased; today, 52% are completely centralized, with one main HQ and no branch sites, compared with 44% in 2008. And the number of businesses backing up to tapes that are taken off site dropped a full 16 points, from 63% in 2008 to 47% in 2010. Use of online backup services posted the single biggest gain, up 10 points.

One head-scratcher: The number of survey respondents who say their organizations are accountable to one or more government or industry regulations fell in every area, sometimes dramatically. Given the state-level laws that have come on the books since 2008, this is wishful thinking on a massive scale, even for small businesses.

Putting a formal business continuity/disaster recovery plan in place and testing it properly costs money, and that's tough to come by nowadays. So to what do we owe improvement in BC/DR? The introduction of new technologies, notably cloud-based storage services, and the maturation of others, like server virtualization and data deduplication, have made effective disaster recovery accessible to a wider swath of businesses than ever before.

Widespread use of x86 server vitalization has had the most beneficial effect on the disaster recovery process. An obvious impact is a reduction in the number of physical servers that have to be provisioned, powered, and maintained at a DR location. A few years ago, even the smallest site would have had a dedicated server for each application that needed to be recovered quickly. But now, a single virtual server host can handle multiple applications. It's not only that SMBs can save money on hardware. The reduced size, power, and cooling footprint of a small blade chassis running several virtual server hosts means that branch offices and co-location centers become potential DR sites. That's especially important for small businesses; when we asked respondents to describe their DR setups, the No. 1 answer (with 28%) was another data center or office within the organization. Just 7% use a specialized co-location provider, such as SunGard--down from 14% in 2008.

To read the rest of the article,
Download the August 30, 2010 InformationWeek SMB digital supplement


Small Favors: Technology Advances SMBs' BC/DR Plans

Subscribe and get our full report on SMB BC/DR. This report includes 40 pages of action-oriented analysis, packed with 24 charts.

What you'll find:
  • A game plan for prioritizing your data protection efforts.
  • An in-depth discussion of DR site options
  • Synchronous, asynchronous, or snapshot? We help you decide
Get This And All Our Reports

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Back Issues | Must Reads
Flash Poll
Video
All Videos
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5437
Published: 2014-12-17
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php,...

CVE-2014-5438
Published: 2014-12-17
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.

CVE-2014-7285
Published: 2014-12-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

CVE-2014-7880
Published: 2014-12-17
Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.

CVE-2014-8133
Published: 2014-12-17
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.
FULL SCHEDULE | ARCHIVED SHOWS