Risk
8/27/2010
05:40 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

For SMBs, Data Protection Is A Virtual Affair

Think you can't afford BC/DR to rival enterprise-class systems? If you have x86 virtualization installed, you might be surprised.

InformationWeek Green - Aug. 30. 2010 InformationWeek Green
Download the entire Aug. 30. 2010 issue of SMB, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree
for each of the first 5,000 downloads.

What's your best-case scenario for getting back to normal after a worst-case disaster? We first polled small and midsize businesses on that subject back in January 2008; when we revisited our survey, in May, we found there's been some improvement. In 2008, 23% could get mission-critical apps back up in four hours or less. Today, it's up to 33%, based on our InformationWeek Analytics survey of nearly 400 business technology professionals from companies with 1,000 or fewer employees.

Other key changes: In 2010, 62% have business continuity/disaster recovery systems in place compared with 55% in 2008. Consolidation has increased; today, 52% are completely centralized, with one main HQ and no branch sites, compared with 44% in 2008. And the number of businesses backing up to tapes that are taken off site dropped a full 16 points, from 63% in 2008 to 47% in 2010. Use of online backup services posted the single biggest gain, up 10 points.

One head-scratcher: The number of survey respondents who say their organizations are accountable to one or more government or industry regulations fell in every area, sometimes dramatically. Given the state-level laws that have come on the books since 2008, this is wishful thinking on a massive scale, even for small businesses.

Putting a formal business continuity/disaster recovery plan in place and testing it properly costs money, and that's tough to come by nowadays. So to what do we owe improvement in BC/DR? The introduction of new technologies, notably cloud-based storage services, and the maturation of others, like server virtualization and data deduplication, have made effective disaster recovery accessible to a wider swath of businesses than ever before.

Widespread use of x86 server vitalization has had the most beneficial effect on the disaster recovery process. An obvious impact is a reduction in the number of physical servers that have to be provisioned, powered, and maintained at a DR location. A few years ago, even the smallest site would have had a dedicated server for each application that needed to be recovered quickly. But now, a single virtual server host can handle multiple applications. It's not only that SMBs can save money on hardware. The reduced size, power, and cooling footprint of a small blade chassis running several virtual server hosts means that branch offices and co-location centers become potential DR sites. That's especially important for small businesses; when we asked respondents to describe their DR setups, the No. 1 answer (with 28%) was another data center or office within the organization. Just 7% use a specialized co-location provider, such as SunGard--down from 14% in 2008.

To read the rest of the article,
Download the August 30, 2010 InformationWeek SMB digital supplement


Small Favors: Technology Advances SMBs' BC/DR Plans

Subscribe and get our full report on SMB BC/DR. This report includes 40 pages of action-oriented analysis, packed with 24 charts.

What you'll find:
  • A game plan for prioritizing your data protection efforts.
  • An in-depth discussion of DR site options
  • Synchronous, asynchronous, or snapshot? We help you decide
Get This And All Our Reports

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
All Videos
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0640
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

CVE-2014-0641
Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

CVE-2014-2505
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

CVE-2014-2511
Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CVE-2014-2515
Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.
UPCOMING!
Wednesday, August 27, 1pm EDT

The Best of the Rest of Black Hat: The Enterprise View
FULL SCHEDULE | ARCHIVED SHOWS