By Justin Moran, chief revenue officer, Cloud IBR
Small and medium-sized businesses (SMBs) represent a massive segment of the U.S. economy, accounting for nearly half of all employment and overall tech spending, according to research from McKinsey & Company. In fact, more than 99% of businesses in the U.S. are in the small category alone, per the U.S. Chamber of Commerce, employing 61.6 million Americans and bringing on more workers as they grow.
Unfortunately, these Main Street U.S.A. businesses recently experienced technical nightmares robbing owners, executives and IT heads of sleep. Severe weather has caused extensive damage, such as hurricanes like Milton, which was one of the strongest Atlantic storms on record by barometric pressure. Megafires sparked by record droughts and higher temperatures took out entire towns, such as Phoenix, Oregon. We’ve seen data centers crippled, physical access cut and business operations halted.
Then there is ransomware, one of the most prevalent and disruptive threats of all, and the easiest and fastest way for cybercriminals to generate significant income for their criminal organizations. According to a recent Veeam survey of IT leaders, approximately half said they suffered a ransomware attack one to three times in 2023, with another 26% reporting four or more.
Larger businesses with deep pockets may be able to afford a monthly tab of tens of thousands of dollars for traditional Disaster Recovery (DR), but that is unaffordable for most SMBs. The high prices of DR causes some SMBs to take a gamble by saving the funds and hoping they are not the next victim. The problem with disasters and especially with ransomware, is that it is not a matter of if you will get hit, but when.
In the spirit of Halloween and Cybersecurity Awareness Month, the following looks at three scary DR scenarios facing SMBs.
Ransom to ruin
Veeam’s research showed roughly a quarter of those organizations who were attacked and paid the ransom still have not recovered their data. Imagine this happening to your SMB. How would it impact customers? Sales? Reputation? Your career? At least, you sigh, there is insurance to cover the damage. But while 95% believe that’s the case, nearly a quarter of policies exclude ransomware. You’ve been attacked and about to learn yours is one of them.
Nowhere to run
The foremost problem in DR is the inability to recover until a production environment is fixed, or if the data center was destroyed, until an alternative site is found. This leaves IT with nowhere to point data to in the meantime, and with each passing minute of nowhere to restore your services, the cost of downtime continues to rise. One option is to have a mirrored environment with infrastructure at the ready but maintaining that hot site means paying for resources you may never use – and you have a tight budget. You rolled the dice and now have nowhere to run anything and a C-suite breathing down your neck.
Treat or trick?
If you have ever had to recover a large amount of data from tape, you know how slow the process can be. Now imagine doing this in the aftermath of a natural disaster, which makes getting the tapes from that offsite repository difficult, at best. Let’s say you chose to retire tape and instead staged a site with a big hypervisor and now you are backing up everything to the cloud – comparatively a real treat. That is until you try to bring your data back down and face crippling egress fees, making you wonder if it was a trick all along?
Fear not
A 2024 survey conducted by Information Technology Intelligence Consulting showed the average cost of a single hour of downtime now tops $300,000 for more than 90% of mid- and large-sized enterprises. For SMBs with 20 to 100 employees, the figure is an eye-watering $100,000 per hour. But fear not, there’s hope for SMBs who are vulnerable to disasters but unable to afford protection.
An emerging backup recovery as a service approach may provide SMBs with an answer to complex and costly traditional DR. Designed with simplicity in mind, it can provision bare-metal cloud servers and storage infrastructure on-demand with a single click. Backups stored in object storage can be automatically imported for immediate failover, completing recovery in hours.
This overcomes the foremost problem in DR; an inability to recover until environments are fully repaired. Traditional DR requires a mirrored environment with infrastructure that is always on, so you are paying for resources that are not used until there is a disaster. The ability to stand up a failover site instantly and automatically eliminates those costs while providing recovery in hours.
Basically, this new category of solution, called backup recovery as a service (BRaaS), delivers fundamental, fully automated DR to SMBs who do not want to pay for bells and whistles they will never use. This makes it affordable, without sacrificing protection, security or compliance. For instance, regularly scheduled recovery testing and detailed reporting can be used for auditing and to show compliance with cybersecurity insurance and regulatory requirements.
For SMB leaders who have been whistling past the graveyard – praying a disaster or hacker would not strike – this backup recovery as a service model could finally put an end to DR nightmares.
Justin Moran is chief revenue officer at Cloud IBR.