Most Organizations are Failing Their BC/DR Tests in 2024
For the sixth spotlight blog into key areas of the 2024 Data Protection Trends report, let’s look at some new insights related to business continuity and disaster recovery (BC/DR). As a reminder, the 2024 Data Protection Trends Report reflects the unbiased responses of 1,200 IT leaders and implementers who are responsible for the data protection strategies of their enterprise organizations. The survey was conducted by a third-party research firm and it’s not necessarily representative of the viewpoints of Veeam customers or other named parties.
Can SLAs be Met?
One of the new questions asked this year was for organizations to reflect on their last ‘large-scale server recovery’ test, as one might do after a natural disaster or cyberattack. The question asked respondents what percentage of their servers resumed within their established expectations — e.g. their service level agreements (SLAs). Unfortunately, only 58% of servers met their recovery SLA during their last large-scale attack.
There are at least two valid ways to interpret a 58% success rate:
- If the organization is using well-orchestrated recovery workflows — whereby the same processes and technical minutia are enacted each time that recovery is attempted — then 58% of recovery processes can be relied upon and the IT team now knows which 42% of their processes that they need to improve. This is the way that a seasoned IT disaster recovery planner should look at these numbers because they now know where to focus prior to the next test
- If the organization is NOT using well-orchestrated recovery workflows — meaning that their IT teams are relying on written procedures or institutional knowledge — then 58% should be considered a ‘failing grade’ whereby the business processes should not assume that their IT systems will recover on their worst day. Without orchestration, maybe 58% of systems will come back online next time, maybe a few more, maybe several less
Are Organizations Utilizing Orchestrated Recovery?
Unfortunately, the 2024 survey reveals that only 13% of organizations utilize orchestrated workflow as part of their disaster recovery processes.
Imagine if two out of five of your key systems did not come back online when expected.
Surprisingly, another question in the survey asked respondents if they were to need to recover 50 servers as part of a hypothetical site recovery, “how long would it take?” Only 32% of organizations believe that they could recover 50 workloads (which isn’t a large amount) within an entire business week.
So now imagine that two out of five of your key systems did not come back online when expected and the IT team says that you’ll need to wait at least a week before they resume. Could your business processes sustain that kind of outage?
Other BC/DR Insights From the 2024 Report
- How often do organizations update their disaster recovery process documentation?
- How often do they test single server and whole site recoveries?
- Whether their anticipated DR site would be cloud-hosted (e.g. hyperscale host or DRaaS provider) and/or using on premises infrastructure?
- Lastly, where do those organizations intend to store their survivable data, to be used for those disasters or cyber recoveries?
It is worth noting that the Cloud Protection Trends for 2023 report, listed the top reason why an organization uses a managed service provider for disaster recovery as a service (DRaaS) as: the expertise provided in BC/DR implementation and planning. Which assuredly comes back to the orchestration discussed above. As such, check out our earlier blog post in this research series on BaaS and DRaaS trends for 2024.
Check out the video below for more insights on the state of BC/DR in 2024 — and don’t forget to download the entire 2024 Data Protection Trends report.
In case you missed any, here are all the blog posts (so far) exploring the 2024 Data Protection Trends report:
- Overview of the research project and insights
- Data Protection Budgets and Interest trends in 2024
- Enterprise capabilities expected in Modern Data Protection in 2024
- Hybrid-Cloud Trends in 2024
- BaaS is Nearly Inevitable for Most Organizations
- Cyber Remains the Greatest Threat in 2024
- Most organizations are failing their BC/DR tests in 2024 (this post)
As always, if you have questions about the research, you can find Jason and Dave on X (@JBuff and @BackupDave), LinkedIn, or you can e-mail us at StrategicResearch@veeam.com.
You must be logged in to post a comment.