Are Singapore SMBs ready when disaster strikes?

The flash floods that impacted several parts of Singapore recently serve as a stark reminder that businesses of all sizes face increasing uncertainty and risks.

Small businesses in particular are more vulnerable as the stakes are much higher. When disaster strikes and renders a company’s critical information lost or inaccessible, the cost for small businesses in terms of financial loss and reputation could be irreparable.

Small and mid-sized businesses (SMBs) are the lifeblood of our economy. According to SPRING Singapore, Singapore SMBs account for about 99 percent of all enterprises, contribute to 60 percent of the total value added in the economy and employs seven out of 10 of the country’s workforce.

Undoubtedly, SMBs are powerful economic forces but they often forgo basic protections against business risks due to lack of time, budget and staff resources. Disaster planning can all too often appear at the bottom of the investment priority list as SMBs focus on channeling all their efforts into propelling business growth.

While no one wants a disaster to occur, the reality is that they happen—whether a flood, fire or even a power outage. The average SMBs experience four outages over a 12-month period according to Symantec’s 2011 SMB Disaster Preparedness Survey.

Majority (80 percent) feels protected against these potential disasters and believe their customers will understand and be patient if there is a disruption to their computer or technology resources.

These however are serious misconceptions. The reality is that these companies are not prepared and their customers will not wait around for them to fix the problem.

The same study revealed that 38 percent of SMBs in Singapore do not have a plan for disasters or business disruptions and would lose an average of US$14,700 per day as a result of downtime.

For many SMBs, disasters could also put them out of business. Forty-five percent of SMB customers polled said their SMB vendor had shut down due to a disaster. The subsequent cost of this lack of preparedness to their customers can be as much as US$12,000 per day on average, with 31 percent having lost some data. Not surprisingly, a whopping 73 percent of SMB customers have actually switched vendors because their vendor’s computer or technology systems are not reliable.

Considering that SMBs are faced with the constant challenge of insufficient IT staff or resources, leading to inconsistent and incomplete backup of vital business data, Symantec offers the following best practices for SMBs to ensure that their business do not lose valuable data:

• Don’t wait until it’s too late: It is critical for SMBs to be proactive in mapping a disaster preparedness plan and not wait until after a disaster to think about what they should have done to protect their information. Downtime can be very costly. The disaster preparedness plan should include identification of key systems and data that are intrinsic to the running of the business.
• Protect information completely: To reduce the risk of losing critical business information, SMBs must implement the appropriate security and backup solutions to back up and archive important files. Natural disasters, power outages and cyber attacks can all result in data and financial loss, so SMBs need to make sure important files are saved not only on an external hard drive and/or company network, but in a safe, off-site location.
• Get employees involved: SMB employees play a key role in helping to prevent downtime, and should be educated on computer security best practices and what to do if information is accidentally deleted or cannot easily be found in their files. Since SMBs have few resources, all employees should know how to retrieve the businesses’ information in times of a disaster.
• Test frequently: After a disaster hits is the worst time to learn that critical files were not backed up as planned. Regular disaster recovery testing is invaluable. Test your plan anytime anything changes in your environment. 
• Review your plan: If frequent testing is not feasible due to resources and bandwidth, SMBs should at least review their disaster preparedness plan on a quarterly basis.

Tan Yuh Woei, Country Director, Singapore, Symantec