You all know how much I like surveys. But I tend to think surveys targeted at SMB tend to be a little closer to reality, especially ones with 1,000+ responses. Our Big Yellow pals recently did a Disaster Preparedness Survey of 1,800+ small businesses, and the news isn’t very good, but not unexpected either. Here are a few soundbites:

  • Median cost of a day of downtime is $12,500.
  • 50% of respondents don’t have a DR plan.
  • 41% said it never occurred to them to put a plan in place.
  • 40% said it’s not a priority.
  • Less than half back up data weekly.
  • Only 23% back up data daily.
  • 50% of those with DR plans wrote one after an outage

Yes, I could go on and on – but why bother? The issues are the same and a consistent mentality applies whether you are talking about security or disaster recovery. That’s the other guy’s problem. It won’t happen to me. Until it does.

We could be talking about an attack that takes out our critical resources or a hardware failure that takes out our critical resources. They’re effectively the same. You end up with stuff that’s down and unavailability is bad. That’s if you like your job.

So what to do? Continue fighting the good fight. Push for an incident response plan, as well as a disaster recovery plan. There should be a lot of leverage between the two. At least from the standpoint of restoring operations.

The Symantec folks made a few recommendations, which are actually pretty good. They include: Don’t wait until it’s too late, protect information completely, get employees involved, test frequently, and review your plan. Yup, that’s pretty much what you want to do.

Don’t wait until it’s too late to make sure you are ready for problems. Regardless of whether you work for a big or small company.