Backup and Recovery

How Data Loss Impacts Businesses

The loss of data can have wide-ranging impacts, including substantial financial burdens for recovery efforts but also intangible costs that might be harder to measure but ultimately impact the bottom line.

Direct Costs
In terms of dollars, the cost of a data breach is as high as ever, at an average of $4.45 million.³ There are a variety of ways data loss can cost you. Ransom payments are one that many organizations pay, and the average amount has been increasing. Last year’s average ransom payment was $1,542,333, while the previous year’s average was $812,380.⁴

Other recovery costs can add up as you buy replacement hardware, acquire additional storage space, pay employees overtime, purchase recovery software and tools, and hire an incident response team. Regulatory fines are potentially another cost you have to pay for stolen data or data that is not stored and managed properly.

Cyber insurance premiums can also skyrocket for cyber victims or become unavailable when tapped too many times. Over one-fifth (21%) of organizations say ransomware is now specifically excluded from their policies. For organizations that still have ransomware insurance, 74% saw an increase in their premiums, and 43% saw an increase in their deductibles in their last policy renewals.⁵

Indirect Costs
There are also data loss costs to your organization that are harder to measure but can have a tremendous impact in the long term.

• Business continuity: During downtime, employees may lose access to data and systems. This affects your ability to complete tasks and more.
• Loss of data: Once you determine what the data was that you cannot recover, you’ll have to take steps to mitigate the damage. Some lost data may be gradually and frustratingly revealed.
• Hindered growth: Data loss can cause delayed or lost sales, missed opportunities, slowed development, and even total failure.

Customers can lose trust in your organization, your ability to provide necessary products and services, or your ability to protect their data. The loss of trust and damage to a brand’s reputation can last years, as in the case of Target’s 2013 data breach, which took years to recover from and tarnished its reputation for having a top-rated shopping experience.⁶

Data loss can take a toll on employees as well. Incidents can place stress on workers, from the initial impact to the efforts required to mitigate damage and make up for lost time and opportunities. Some employees blame themselves or others in the organization for contributing to the incident and the subsequent trouble and costs. All of this can damage morale and cause employees to have negative feelings about their jobs and the organization.

How to Avoid Data Loss
The best way to avoid all the costs and negative impacts of data loss is to back up your data in reliable and secure ways.

Minimizing loss and risk is not just a matter of backing up your data. Backups must be done at the right frequency and with the right tools and expertise. In one study, 45% of IT leaders said their backup and recovery solutions failed at a critical time.⁷ Other research shows that only 57% of backups and 61% of restores will succeed.⁸ The causes of data loss can include corrupted data, user error, system failure, or the protection gap—the space between the last backup and the data incident. To address those risks, you can update solutions, increase employee training, bring in additional resources, add power backup systems, and follow best practices.

Data Backup and Recovery Considerations

Looking at your processes and procedures can help prevent damaging data loss. These are some ways best practices can strengthen your data protection.

How often do you run backups?
Problem: Only one-third of IT managers back up their systems weekly, while a quarter do it once a month.⁹
Best practice: It’s a best practice to run backups at least daily. Companies with large amounts of data may need to do it several times a day to achieve recovery point objectives (RPOs). Your RPO is the maximum amount of data loss your organization can tolerate. It’s also essential to know RPOs and recovery time objectives (RTOs)—how long your system can be down before it begins to harm your organization.

Do you test your response and recovery plans?
Problem: Only 20% of IT managers say they perform weekly testing of their backup restoration.⁹
Best practice: It’s not only a best practice to have a response and recovery plan but to test it frequently. Companies that had high levels of planning and testing their incidence response saved $1.49 million versus those with low levels.³

How many backups do you keep?
Problem: With 43% of organizations saying they were unable to recover data in the past year⁷, it’s likely they were not making multiple backups of important data.
Best practice: A longstanding best practice is to follow the 3-2-1 backup strategy of saving data in three copies (including the original) in two media types (including one off-site). One backup should be immutable (cannot be changed or deleted).

Find Data Protection Resources

The data volume and infrastructure complexity of today’s organizations can be overwhelming. A data backup and recovery expert can provide guidance on data protection. They can help you find solutions and follow industry best practices to avoid common pitfalls. You can also choose a backup as a service (BaaS) solution to manage your data backup and recovery for you.