Symantec Survey Warns SMBs Not Ready for Service Disruption

Written by Dave Courbanou 1
January 11, 2011

It may come as no surprise that a security company is recommending people increase their computers' levels of protection, but a recent survey by Symantec shows that SMBs aren't taking security seriously enough. I spoke to Bernard Laroche, senior director of SMB product marketing at Symantec about the findings.

It may come as no surprise that a security company is recommending people increase their computers’ levels of protection, but a recent survey by Symantec shows that SMBs aren’t taking security seriously enough. I spoke to Bernard Laroche, senior director of SMB product marketing at Symantec about the findings.

Laroche took me through a few key findings from Symantec’s report, which included responses from just less than 2,000 SMBs worldwide. The results showed that only 50 percent already had a plan in place should an outage or disruption occur, an increase of 3 percent from last year. However, 14 percent said they do not have a plan in place, nor do they plan on creating one. But there was also a dichotomy: 57 percent of small businesses didn’t have a plan compared with 47 percent of medium businesses that didn’t. That shows that smaller businesses have focused less on contingency plans.

The survey showed also that 16 percent of respondents planned to develop a contingency plan within the next 30 days, while another 34 percent said they’d fix their backup problems in the next one to three months and 25 percent plan on dealing with it in the next three to six months. Despite the gaps, 81 percent of all those surveyed said they were somewhat or very satisfied with their ability to deal with outages in “formal or informal” ways.

Interestingly, of those surveyed that did not have a backup plan, 52 percent said they simply “don’t think computer systems are critical to the business,” while 41 percent said “it never occurred to them” to put together a plan and 40 percent said that “disaster preparedness is not a priority.” Yikes!

Laroach also detailed a plethora of other issues SMBs have with their security policies, including frequency of backup and readiness to deploy said backup plans — that is, if the company even has them laid out.

So what does this mean for the channel?

The big push is obviously that security is still a prevalent issue and the market still has a very real need.

What’s more, Laroche noted that “technology and preparedness have become a competitive advantage,” and SMBs looking to set themselves apart from their competitors can promote the security of their business compared to their competitors. VARs, too, can use that as a selling point to those companies.

Looking over the numbers, one important question comes to mind: Symantec defines the SMB space as five to 1,000 employees, so how many responding companies represented the lower end of the space? A company with five to 20 employees might have ‘informal’ backup routines, such as a common dropbox folder or an off-site storage device, or might be so invested in the cloud that disaster recovery is not a priority. Still, Laroche noted that a medium-grade outage can cost up to $12,500 a day, which for smaller businesses could be a huge loss. But that figure seems dependent on so many different factors.

As usual, we’ll stay focused on trends in the SMB security market. We’ll especially be looking at whether non-security and backup are a continuing trend and how the definitions of backup and contingency are evolving as business practices shift away from centralized data centers.

Sign up for The VAR Guy’s Weekly Newsletter, Webcasts and Resource Center. Follow The VAR Guy via RSS, Facebook and Twitter. Follow experts at VARtweet. Read The VAR Guy’s editorial disclosures here.