Symantec announced just recently the findings of its 2011 SMB Disaster Preparedness Survey, which measured the attitudes and practices of small- and mid-sized businesses (SMBs) and their customers toward disaster preparedness.

Conducted in October and November 2010 by Applied Research, which surveyed IT professionals responsible for computers, networks and technology resources, the report was designed to gauge the impact and stage of disaster recovery preparedness, perceptions and practices of SMBs.

According to the survey, SMBs do not make disaster preparedness a priority until they experience an incident or data loss, revealing further that it could mean for such companies losing hundreds of thousands of dollars, a lot of customers, or even being out of business.

Didn’t the current earthquakes in Japan demonstrate the tremendous impact natural disasters can have on people and businesses?

Although the disasters that followed the 9.0 magnitude earthquake in Japan are paralysing, Internet users should not forget those who await to exploit such delicate situations, such as spammers maintaining the guise of charitable institutions and governmental organizations or cybercriminals who launched Facebook pages claiming to contain Japanese tsunami videos to lure users to the malicious sites such as hxxp://www.{BLOCKED}, do use caution when opening forwarded messages related to the Japan earthquake and tsunami, and any other tragedy or event that stirs international news coverage, legitimate and otherwise. Nefarious attackers may be sending malicious Java scripts and other threats that could compromise both your personal data and your computer.

While natural disasters are top of mind for many businesses today, they also need to consider the more common disasters of human error and IT systems failures” said Steve Martin, director small and medium business for the Pacific region, Symantec. “A disaster can strike at any time and SMBs cannot afford to risk losing their information.” According to research findings, SMBs still haven’t recognised the impact a disaster can have on their businesses, although simple planning can protect their information and minimise downtime during a disaster.

Despite Warnings, SMBs Still Not Prepared

Many SMBs still don’t understand the importance of disaster preparedness, have no plan in place, or say that disaster preparedness is not a priority for them. This lack of preparation is surprising given how many SMBs are at risk just by living in regions susceptible to natural disasters.  In the past 12 months, the typical SMB experienced six outages, with the leading causes being cyber attacks, power outages, or natural disasters.

SMBs Don’t Act Until After a Disaster

According to the survey findings, half of SMBs globally implemented disaster preparedness plans only after experiencing an outage and/or data loss, while only 28 percent have actually tested their recovery plans, which is a critical component of actually being prepared for a potential disaster.

Lack of Preparedness Impacts the Business

Disasters can have a significant financial impact on SMBs, as outages cause customers to leave - 54 percent of SMB customer respondents globally reported they have switched SMB vendors due to unreliable computing systems, a 12 percent increase on last year’s survey. In addition, 44 percent of SMB customers globally surveyed stated that their SMB vendors have shut down temporarily due to a disaster.

SMB customers also reported considerable effects to their own businesses. When SMBs globally experience downtime, it costs their customers an average of US$10,000 per day. In addition to direct financial costs, 29 percent of SMB customers globally lost “some” or “a lot” of important data as a result of disasters impacting their SMB vendors.


The survey found that 36 percent of SMBs globally intend to create a disaster preparedness plan in the future, considering:

Don’t wait until it’s too late: It is critical for SMBs not to wait until after a disaster. Not only is downtime costly from a financial perspective, but it could mean the complete demise of the business. SMBs can’t wait until it is too late and need to begin mapping out a disaster preparedness plan today. A plan should include identification of key systems and data that is intrinsic to the running of the business.

Protect information completely: To reduce the risk of losing critical business information, SMBs must implement the appropriate security and backup solutions to archive important files, such as customer records and financial information. Natural disasters, power outages and cyber attacks can all result in data and financial loss, so SMBs need to make sure important files are saved not only on an external hard drive and/or company network, but in a safe, off-site location.

Get employees involved: SMB employees play a key role in helping to prevent downtime, and should be educated on computer security best practices and what to do if information is accidentally deleted or cannot easily be found in their files. Since SMBs have few resources, every employee should know how to retrieve the businesses’ information in times of disaster.

Test frequently: After a disaster hits is the worst time to learn that critical files were not backed up as planned. Regular disaster recovery testing is invaluable. Test your plan anytime anything changes in your environment.

Review your plan: If frequent testing is not feasible due to resources and bandwidth, SMBs should spend an hour to review their disaster preparedness plan every six months.

Source: Symantec, Inc