Disaster Unpreparedness June 3, 2013

Transcription

1 Disaster Unpreparedness June 3, 2013 Underwritten by:

2 Introduction Government relies on data and information to deliver mission success. Data loss means more than files simply missing from a database it could mean citizens don t receive social security checks or service members face unnecessary risks. To protect our data and keep government running, agencies need robust and reliable data resilience and disaster recovery (DR 2 ) systems. So, how confident are Fed IT professionals in their agencies DR 2 capabilities? How ready and resilient are the systems, and do agencies verify by testing? To find out, MeriTalk surveyed 150 Federal DoD and civilian IT professionals in December The Disaster Unpreparedness report reveals that few agencies are actually prepared to recover their data in the event of a natural or man-made incident. 2

3 Executive Summary Federal IT professionals give themselves high DR 2 grades: One in four give their agency an A in DR 2 preparedness and nearly all give a passing grade Despite the high marks, many agencies fail to test their data recovery capabilities: In the last 12 months, only 54% of agencies have tested their ability to meet their data recovery service level agreement (SLA) Federal IT professionals say agencies should test their DR 2 systems twice as often Testing is not the only DR 2 challenge: Data is Growing: 30% of Federal IT professionals say their current DR 2 solution is insufficient today or near its limit Backup Onsite: 59% of agencies do not use any form of cloud-based DR 2 solutions But are agencies actually prepared? Only 8% of Federal IT professionals are completely confident that in the event of a natural or man-made incident, their agency could recover 100% of its data required by SLAs 3

4 Federal DR 2 Self-Assessment One in four Federal IT professionals give their agency an A in data backup and disaster recovery (DR 2 ) preparedness; nearly all give a passing grade How would you rate your agency s complete data backup and disaster recovery preparedness including people, processes, and technology?* A 28% B 42% C 22% D 7% F 1% Feds are more confident in their DR 2 technology than people and processes. Average preparedness grade by element: Technology: B+ Processes: B- People: B- Take Away: Feds Confident in their DR 2 Preparedness *Respondents asked to rank their agency s preparedness on a scale of 1-10 where 1 is not at all prepared and 10 is completely prepared. A rankings reflect 9-10 ratings; 4

5 Virtualization Benefits Virtualized workloads are increasing and can have a positive impact on DR 2. Agencies need to look for ways to effectively manage DR 2 in virtualized environments On average, IT professionals expect virtualized workloads to almost double in the next four years* 63% 37% Percentage of workload virtualized today Percentage of workload expected to be virtualized in 2015 say virtualization has had a positive impact 57% on their DR 2 profile Take Away: Virtualized Environments are Expanding, Get Prepared Now 5 *According to the 2012 Virtualization Vacuum study

6 False Confidence? Despite high marks, agencies admit limited testing and other vulnerabilities with their current DR 2 systems In the last 12 months, has your agency tested its ability to meet your data recovery SLA? Yes 54% No 33% Unsure 13% Additionally, Feds estimate that only 53% of data stored on mobile devices could be reliably restored inside of their SLA Fewer than half say their current solution includes a dedicated network switch, network-attached storage, or tape array Take Away: Feds Recognize DR 2 Weaknesses 6

7 Challenge #1: Enormous Data Growth Feds are facing unprecedented data growth and must address backup solutions nearing capacity Do you believe that your agency s current DR 2 solution is sufficient for the next 12 months? Yes 46% Yes, but not beyond 12 months 25% No, sufficient today, but near the limit 21% No, not sufficient today 9% By 2015, agencies expect the amount of data they need to back up to grow by 39% The average agency has 51% capacity left in its current backup solution. Take Away: As Data Continues to Grow, DR 2 is Only Going to Get Worse 7

8 Challenge #2: Backup Onsite Feds must improve security against on-premise disasters, consider offsite solutions 59% of agencies do not use any form of cloud-based DR 2 solutions And, just one in three plan to increase (or start) using off-premise cloud backup in place of on-premise backup say their experience with Hurricane 86% Sandy has not changed the way their agency looks at and manages DR 2 Just 55% say their typical disaster recovery test includes testing their ability to restore data from a second location Take Away: Put Distance Between You and Your Secondary Backup Site 8

9 Challenge #3: Insufficient Testing Feds say agencies should test DR 2 systems twice as often 2.5 Average number of times IT pros say their agencies tested disaster recovery solutions in the last 12 months 5.3 Average number of times those same IT pros would recommend their agency test its disaster recovery system with a 100 percent failover What is holding your agency back from being able to test its ability to meet its SLAs for restores? 1. Lack of budget (68%) 2. Lack of support from the mission owners (42%) 3. Incomplete solution (42%) The good news? 61% say they are able to test DR2 without any impact or interruption to production systems Take Away: If We Say We Can, We Should So, Why Aren t We? 9

10 Tipping Point? Leadership To be successful in DR 2, agencies need leadership support How would you describe the level of priority your agency leadership and mission owners place on DR 2 for sustaining their operations? 43% of IT professionals say their leadership places some priority on DR 2 How can I help? What do you need? Take Away: Good DR 2 Solutions Start at the Top 10

11 The Two ITs When it comes to data backup and disaster recovery preparedness, the data reveals that agencies fit one of two profiles agencies that prioritize DR 2 systems (Agency A) and those that do not (Agency B) Agency A Agency B Well integrated systems Frequent testing Involved leadership Lack of leader buy-in Less budget Involved testing Confident in the security of its data For many agencies, DR 2 systems are a priority. Tests just a third as often as Agency A Less confident in the security of its data Other agencies are less prepared. Non-integrated systems 11

12 Disaster Preparedness Agency A is more prepared than Agency B across all DR 2 facets How would you rate your agency s complete data backup and disaster recovery preparedness including people, processes, and technology? Agency A is more likely than Agency B to say: Its technology is well prepared* 75% 49% Its processes are well prepared* 58% 27% Its people are well prepared* 53% 39% Take Away: DR 2 Preparedness Requires Strong Technology, Processes, and People 12 *Those who selected 8-10 on a scale of 1-10, where 1 is not at all prepared and 10 is completely prepared

13 Preparedness? The amount of data agencies must backup and recover is growing, yet only 8% of Feds are confident they can recover their data today How confident are you that in the event of a natural or man-made incident, your agency could recover 100% of its data required by SLAs? Completely Confident* 8% Take Away: We are Not Prepared 13 *Those who selected 10 on a scale of 1-10, where 1 is not at all confident and 10 is completely confident

14 Recommendations Five Steps to Preparedness: 1. Get an honest, clear assessment of what your DR 2 environment really is 2. Share assessment with leadership to increase its priority 3. Leverage DR 2 experts to design and implement a complete plan that involves technology, people, and processes 4. Test Test Test. Test some more 5. Re-assess as your data is constantly growing 14

15 Methodology and Demographics MeriTalk, on behalf of SwishData and NetApp, conducted an online survey of 150 DoD and civilian government agency CIOs and IT managers in December The report has a margin of error of ± 7.97% at a 95% confidence level IT manager titles: 5% Chief or Deputy Chief Information Officer 5% Chief or Deputy Chief Technology Officer 22% IT Director/Supervisor 49% IT Manager 4% Data Center Manager 15% Other IT management Agency category: 62% Agency A 38% Agency B 100% of respondents are familiar with their agency s data capture, management, and analysis capabilities 15

16 Thank You Erin Leahy MeriTalk (703) , ext. 139