Be preparedPractical guides to disaster recovery planning in SMEs

Published 11 July 2009

Gartner says that “40% of all SMBs will go out of business if they cannot get to their data in the first 24 hours after a crisis”; two papers aim to help SMBs prepare for disaster

Typically, vendor white papers are written with the CIO or senior ITDM (for “IT decision maker”) at a large company in mind. Most companies in the world are small companies, and people working at smaller companies are less well served, in quantity and quality. It is good to see that the Register aims to remedy this imbalance by selecting a couple of good papers directed at small and medium-sized businesses.

A practical guide to disaster recovery planning
Gartner says that “40% of all SMBs will go out of business if they cannot get to their data in the first 24 hours after a crisis.” This well-known quote makes an early appearance in this informative paper from Double-Take Software. Gartner’s claim is highly suspect — 40 percent in 24 hours? — but quibbles aside, the risks to reputation and profit from a data disaster are self evident.

Double-Take’s white paper walks you through the process to get your business continuity plan up to snuff. The underlying thesis, expressed gently, is that tape back up is insufficient for data recovery — it is too slow and things can go horribly wrong (note that Double-Take specializes in data replication software). The paper explains the need for a disaster recovery plan, how to get started, how to scope the right technology for your company, and highlights pitfalls to avoid. This is a very good, non-technical read, pitched well at the target audience.

Everything you need to know about web and e-mail security (but were afraid to ask)
MessageLabs also knows how to write a non-technical white paper, without descending into brochureware. Aimed at business managers and owners, this paper argues that many SMEs, especially those with little or no IT support, “tend to put a low priority on protecting themselves.” So they are attractive targets for bad people. The authors romp through the the risks that all businesses face, give advice on risk assessment, and deliver a checklist on what companies need to do to protect themselves.

The paper contains nothing that IT security professionals do not know already, but it may be a useful narrative to push at the business manager or client, the next time they squeal about the cost of implementing a proper security strategy.