Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/27/2010
05:40 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

For SMBs, Data Protection Is A Virtual Affair

Think you can't afford BC/DR to rival enterprise-class systems? If you have x86 virtualization installed, you might be surprised.

InformationWeek Green - Aug. 30. 2010 InformationWeek Green
Download the entire Aug. 30. 2010 issue of SMB, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree
for each of the first 5,000 downloads.

What's your best-case scenario for getting back to normal after a worst-case disaster? We first polled small and midsize businesses on that subject back in January 2008; when we revisited our survey, in May, we found there's been some improvement. In 2008, 23% could get mission-critical apps back up in four hours or less. Today, it's up to 33%, based on our InformationWeek Analytics survey of nearly 400 business technology professionals from companies with 1,000 or fewer employees.

Other key changes: In 2010, 62% have business continuity/disaster recovery systems in place compared with 55% in 2008. Consolidation has increased; today, 52% are completely centralized, with one main HQ and no branch sites, compared with 44% in 2008. And the number of businesses backing up to tapes that are taken off site dropped a full 16 points, from 63% in 2008 to 47% in 2010. Use of online backup services posted the single biggest gain, up 10 points.

One head-scratcher: The number of survey respondents who say their organizations are accountable to one or more government or industry regulations fell in every area, sometimes dramatically. Given the state-level laws that have come on the books since 2008, this is wishful thinking on a massive scale, even for small businesses.

Putting a formal business continuity/disaster recovery plan in place and testing it properly costs money, and that's tough to come by nowadays. So to what do we owe improvement in BC/DR? The introduction of new technologies, notably cloud-based storage services, and the maturation of others, like server virtualization and data deduplication, have made effective disaster recovery accessible to a wider swath of businesses than ever before.

Widespread use of x86 server vitalization has had the most beneficial effect on the disaster recovery process. An obvious impact is a reduction in the number of physical servers that have to be provisioned, powered, and maintained at a DR location. A few years ago, even the smallest site would have had a dedicated server for each application that needed to be recovered quickly. But now, a single virtual server host can handle multiple applications. It's not only that SMBs can save money on hardware. The reduced size, power, and cooling footprint of a small blade chassis running several virtual server hosts means that branch offices and co-location centers become potential DR sites. That's especially important for small businesses; when we asked respondents to describe their DR setups, the No. 1 answer (with 28%) was another data center or office within the organization. Just 7% use a specialized co-location provider, such as SunGard--down from 14% in 2008.

To read the rest of the article,
Download the August 30, 2010 InformationWeek SMB digital supplement


Small Favors: Technology Advances SMBs' BC/DR Plans

Subscribe and get our full report on SMB BC/DR. This report includes 40 pages of action-oriented analysis, packed with 24 charts.

What you'll find:
  • A game plan for prioritizing your data protection efforts.
  • An in-depth discussion of DR site options
  • Synchronous, asynchronous, or snapshot? We help you decide
Get This And All Our Reports

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
All Videos
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Cartoon Archive
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Back Issues | Must Reads
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25414
PUBLISHED: 2021-06-17
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.
CVE-2021-32078
PUBLISHED: 2021-06-17
An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4.
CVE-2021-31818
PUBLISHED: 2021-06-17
Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Exploiting this vulnerability could allow unauthorised access to database tables.
CVE-2021-34825
PUBLISHED: 2021-06-17
Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
CVE-2021-32944
PUBLISHED: 2021-06-17
A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service c...