Backup testing not front of mind for Australian IT

While more than three quarters (84 per cent) of Australian organisations questioned in a recent survey rely on backups to restore lost corporate data, only 35 per cent of IT managers conduct monthly or weekly checks to confirm that data can be retrieved from their backup systems.

An Australian data management survey by Kroll Ontrack found that 10% of IT managers test the success of their backups annually, while only one third of organisations (39 per cent) sporadically check that their backups work. A further four per cent never review their backed up data.

“The need to protect company data is fairly well ingrained, with 97 per cent of organisations backing up daily or more frequently,” said Adrian Briscoe, General Manager, Ontrack Data Recovery APAC, a division of Kroll Ontrack.

"However, far too many IT managers undo all this effort by not testing their backup systems. It doesn't matter how often a company backs up; if the process doesn't work and you can't restore the data when you need to, you have a problem. Every instance of data loss involves risk to the company through increased costs, lost intellectual property, damage to reputation, delays and reduced productivity.”

Given the potential expense of data loss, it appears that some organisations are beginning to look for ways to mitigate the risk. When asked if they would consider taking on data recovery insurance just over one-third (35 per cent) of respondents answered “maybe” or that they were unsure of their intentions.

One of the biggest changes in data management over the last 12 months is that a growing number of IT managers are taking the time to update business continuity plans to accommodate new technologies. In 2010, 66 per cent of respondents revised disaster recovery plans within the last 12 months compared to 52 per cent in 2009*.

“New technologies are not always catered for under existing backup procedures. That's why it is essential for organisations to review their processes and test their backups as they introduce changes to their IT systems,” Briscoe added.

The survey also shows that data end-of-life procedures continue to be a concern, with 17 per cent of IT managers unaware of their organisation's policies relating to erasing sensitive data and 46 per cent stating that their organisations have no formal policies in place.

Following government guidelines for software destruction, erasure was the most popular method of erasing data, followed by the physical destruction of drives and outsourcing to a third party and shredding. Other alternatives ranged from the practical – degaussing, downloading a software erasure program, or overwriting and reallocating - to the imaginative such as smashing with a hammer, cutting with scissors, driving a nail into the hard disk drive, or writing zeros to the entire drive.

“Methods of erasing sensitive data tend to be haphazard at best and, at times, ill-informed,” Briscoe noted. “Some of the practices employed by organisations are unlikely to completely erase the data, leaving the potential for confidential material to fall into the wrong hands.”

The annual Kroll Ontrack Data Management survey seeks to identify current IT management views and experiences relating to data management. The 2010 survey was conducted last month and involved IT managers from 144 organisations across Australia.