Risk
8/27/2010
05:40 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

For SMBs, Data Protection Is A Virtual Affair

Think you can't afford BC/DR to rival enterprise-class systems? If you have x86 virtualization installed, you might be surprised.

InformationWeek Green - Aug. 30. 2010 InformationWeek Green
Download the entire Aug. 30. 2010 issue of SMB, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree
for each of the first 5,000 downloads.

What's your best-case scenario for getting back to normal after a worst-case disaster? We first polled small and midsize businesses on that subject back in January 2008; when we revisited our survey, in May, we found there's been some improvement. In 2008, 23% could get mission-critical apps back up in four hours or less. Today, it's up to 33%, based on our InformationWeek Analytics survey of nearly 400 business technology professionals from companies with 1,000 or fewer employees.

Other key changes: In 2010, 62% have business continuity/disaster recovery systems in place compared with 55% in 2008. Consolidation has increased; today, 52% are completely centralized, with one main HQ and no branch sites, compared with 44% in 2008. And the number of businesses backing up to tapes that are taken off site dropped a full 16 points, from 63% in 2008 to 47% in 2010. Use of online backup services posted the single biggest gain, up 10 points.

One head-scratcher: The number of survey respondents who say their organizations are accountable to one or more government or industry regulations fell in every area, sometimes dramatically. Given the state-level laws that have come on the books since 2008, this is wishful thinking on a massive scale, even for small businesses.

Putting a formal business continuity/disaster recovery plan in place and testing it properly costs money, and that's tough to come by nowadays. So to what do we owe improvement in BC/DR? The introduction of new technologies, notably cloud-based storage services, and the maturation of others, like server virtualization and data deduplication, have made effective disaster recovery accessible to a wider swath of businesses than ever before.

Widespread use of x86 server vitalization has had the most beneficial effect on the disaster recovery process. An obvious impact is a reduction in the number of physical servers that have to be provisioned, powered, and maintained at a DR location. A few years ago, even the smallest site would have had a dedicated server for each application that needed to be recovered quickly. But now, a single virtual server host can handle multiple applications. It's not only that SMBs can save money on hardware. The reduced size, power, and cooling footprint of a small blade chassis running several virtual server hosts means that branch offices and co-location centers become potential DR sites. That's especially important for small businesses; when we asked respondents to describe their DR setups, the No. 1 answer (with 28%) was another data center or office within the organization. Just 7% use a specialized co-location provider, such as SunGard--down from 14% in 2008.

To read the rest of the article,
Download the August 30, 2010 InformationWeek SMB digital supplement


Small Favors: Technology Advances SMBs' BC/DR Plans

Subscribe and get our full report on SMB BC/DR. This report includes 40 pages of action-oriented analysis, packed with 24 charts.

What you'll find:
  • A game plan for prioritizing your data protection efforts.
  • An in-depth discussion of DR site options
  • Synchronous, asynchronous, or snapshot? We help you decide
Get This And All Our Reports

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Back Issues | Must Reads
Flash Poll
Video
All Videos
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1449
Published: 2014-12-25
The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API.

CVE-2014-2217
Published: 2014-12-25
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.

CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2014-7300
Published: 2014-12-25
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.
FULL SCHEDULE | ARCHIVED SHOWS