MELVILLE, N.Y, LONDON, UK – The personal data held by local authorities for over 3.5m people in the UK is not protected by a Disaster Recovery (DR) plan, according to research published by storage solutions provider FalconStor Software Inc. (NASDAQ: FALC). The lack of a DR plan could mean that should councils be affected by a cyber attack, equipment failure or human error, personal data could be permanently lost or fall into criminal hands.
The Freedom of Information Act (FOIA) request which covered 429 local authorities also revealed that despite previous examples of public sector data loss and the risks posed by issues such as ransomware and human error; over 50% of councils will make no further investment in disaster recovery this year – 4% will decrease.
Additionally the research highlighted that in the past 12 months 85% of councils have not had to use their DR plan, making it difficult to know whether or not the plan is effective or how long it takes to recover data. Despite this, nearly two-thirds of councils (63%) have a minimum target time in which to recover lost data. 5% of those respondents aim to have data back in one to two hours, 10% in half a day and the remainder in ‘a day or more’.
“It’s encouraging to see the majority of councils have realised the importance of having Disaster Recovery plans in place,” said Gary Quinn, FalconStor CEO. “However, this research does highlight that more work needs to be done both in implementing plans and testing them thoroughly. Cyber threats are continuing to evolve and human error and natural disasters are not going anywhere – so it is important that public bodies and organisations alike don’t stand still when it comes to protecting data. Having a central resource such as FreeStor ® to manage your Disaster Recovery plan across multiple departments is key to protecting public information.”
“In this digital day and age data is an increasingly important asset, so making sure you have a Disaster Recovery plan in place is essential,” says Tony Howard, Enterprise Strategy and Operations Manager at Beta Distribution Plc. “If data is lost fines are likely to be handed out by the Information Commissioner’s Office and with key information, such as payment details and personal data, as well as services compromised, it is still important that councils plan ahead in order to protect their data – it is certainly better to prepare for the worst, rather than being caught off-guard.”
“Just having a disaster recovery plan does not mean you are prepared,” says Jody Popplewell IT Consultant at C >Ways a UK solutions provider. “The research revealed that although there are plans in place, not all of them have been used. IT teams will need to be testing their solutions regularly so that if disaster strikes, they are prepared to get back up and running as soon as possible. There has been a big push for public authorities to become more digital in recent years and protecting data correctly is an important step towards achieving this.”
To view the full research report please visit the FalconStor website.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.