Almost half of UK enterprises may be leaving themselves vulnerable to catastrophe, fines and prosecution by failing to properly prepare for systems outages.

A number of surveys of enterprise attitudes to disaster recovery (DR) were published to coincide with this week’s Storage Expo show in London. They make uncomfortable reading for businesses that count every minute of system downtime or application unavailability in pounds rather than pence.

Research consultancy Dynamic Markets was commissioned by Symantec to survey 903 IT managers across 14 countries in September this year.

The report indicated that natural disasters (69 per cent), virus attacks (57 per cent) and war/terrorism (31 per cent) represent the biggest perceived risk. But government and industry sector regulations, such as the data protection act (DPA) and new financial service authority (FSA) rules, have proved instrumental in persuading companies to implement DR strategies.

“From the FSA perspective, organisations that are responsible for other people’s money are not allowed to have downtime because customers need to be able to get at it at any point in time,” explained Symantec chief scientist Guy Bunker.

“What is surprising is that almost 50 per cent of people said they had had to implement a DR plan, which shows disasters are not uncommon, but 88 per cent plan for only one form of disaster as opposed to the whole spectrum of risks,” Bunker added.

A survey of 100 IT directors commissioned by Dell suggested that eight per cent of public organisations and companies with 500 or more employees still do not have, or at least did not know if they have, effective back up and recovery plans in place.

Dell UK enterprise marketing manager John Coulsdon stressed that customers should view an effective business continuity plan as an insurance investment, but lamented the fact that so many companies still seem unable to justify the expense.

“Stories about floods and high-profile cases of infrastructure going down do bring the importance of effective backup and recovery to people’s attention, but customers have ongoing perceptions about high cost, complexity and long deployment cycles, and the industry needs to do a better job of demystifying that,” Coulsdon said.

Both surveys highlighted the ongoing need for IT managers to regularly test their existing DR strategies to make sure they are fit for purpose.

Dynamics Markets found that 48 per cent of companies that did test their DR plans said those tests had failed, either because the technology (22 per cent) or staff (19 per cent) were not equal to the task, or because the DR processes in place were inappropriate (18 per cent).

Of those questioned by Dell, 23 per cent test their DR plans monthly, 26 per cent every three to six months, and 10 per cent once a year. A further 10 per cent said they did not know if their company’s DR strategies were tested at all.

In Bridgehead Software’s annual information lifecycle management audit of 472 IT executives in the UK and US, 93 per cent of respondents reported the volume of data to be backed up is increasing, placing added strain on existing infrastructure and manpower.