Councils have disaster recovery systems in place – but they’re not being tested
There’s good news and bad news: councils in London do have disaster recovery (DR) systems in place; but many haven’t tested them in at least a year.
The findings from disaster recovery provider Databarracks, following a Freedom of Information (FoI)request, arrive at a time when the United Kingdom takes to the polls in the General Election. And the results represent a worrying sign, according to Databarracks managing director Peter Groucutt.
“As expected, all councils to respond to our request had thorough backup and DR plans in place, which is excellent, but without testing, they could be proved useless at their time of need,” he said.
With election fever high, Databarracks also examined the importance of electoral data to councils should disaster strike through recovery time objectives (RTO) and recovery point objectives (RPO). For some councils, RTO for electoral data was 24 hours, while others said seven days and one case gave two weeks.
Groucutt added: “We put a lot of faith in IT infrastructure to just work. If [councils] haven’t tested their DR capabilities, they really have no idea of how they’d cope should disaster strike at the very time that would cause most damage.
“All of the boroughs we spoke to have good backup and disaster recovery policies in place, but now it’s time to put them to the test and make sure they really work.”
Disaster recovery continues to gain prominence in IT analysis, so much so that Gartner released its first disaster recovery as a service (DRaaS) Magic Quadrant in April. IBM, NTT Communications and Sungard Availability Services were named the top vendors, while Databarracks was listed as a niche player.
Of the 32 councils who were sent FoI requests, three did not respond while two did not answer on the basis it was outside the FoI requirements.
- » How cloud providers are changing the outlook for IoT data and analytics management
- » How AI is bringing a new dimension to software testing
- » Five key takeaways from RSA Conference 2020: Cloud SIEM, Zero Trust, API-based security, and more
- » Waste not, want not: How enterprises can avoid an idle cloud estate
- » What is cyber insurance truly worth? Analysing the risks and responses