More than a third of government departments don’t have disaster recovery plan

More than a third of government IT departments don’t have a documented disaster recovery plan.

Only 38 percent of government IT departments have a comprehensive business continuity plan. that includes recovery, interim solutions, and communication. Moreover, almost a quarter (24 percent) of remote government workers are not equipped with backup and recovery solutions.

These are the findings of recent research by Arcserve, which focuses on government IT departments’ approach and experience with ransomware and data recovery preparedness. The findings reveal several weaknesses that can hamper government departments’ fight against ransomware and their ability to recover data.

Forty-five percent of government IT departments mistakenly believe it is not their responsibility to recover data and applications in public clouds. A third (33 percent) require more than a day to recover from severe data loss, despite 82 percent reporting that less than one day is an acceptable level of downtime for critical systems.

Only 34 percent are very confident in their IT team’s ability to recover all lost data in the event of a ransomware attack.

Upon release of the research, EVP of operations at Arcserve, Patrick Tournoy, said: “It’s like opening yourself up to a one-two knockout punch. Gaps in protecting remote workers and cloud-based apps and data create an ideal hunting ground for bad actors and ransomware, while not having documented and tested recovery plans leave an organisation more vulnerable and poorly equipped to recover data.”

Regular testing of solutions needed

Mark Appleton, chief customer officer at cloud marketplace ALSO Cloud UK, said the fact that many government organisations require more than a day to recover from severe data loss suggests that there may be room for improvement in disaster recovery procedures and testing.

“Government organisations need to have robust backup and recovery plans in place to minimise the impact of such incidents and ensure that they can recover as quickly as possible,” he said. “Implementing regular testing of backup and recovery solutions or investing in cloud-based disaster recovery solutions can help minimise downtime in the event of an attack.”