While 90 percent of SMBs back up their servers, only 29 percent back up their SaaS application data, according to a recent Kaseya survey of more than 400 SMBs with up to 5,000 employees worldwide.
Unfortunately, that’s the same percentage as in Kaseya’s 2018 survey. “There continues to be a lack of understanding that SaaS data backup is typically the customer’s responsibility for anything longer than 30 days,” the report states.
That’s true while SaaS application usage continue to grow, with fully 67 percent of SMBs now using Office 365, 29 percent using Dropbox, 27 percent using G-Suite, and 17 percent using Salesforce, among other solutions.
The survey also found that just 31 percent of respondents have a formal business continuity disaster recovery plan in place, and just 34 percent have the ability to automatically recover to a separate site.
Ongoing Security Challenges
Security remains a significant issue – and priority – for SMBs. While 57 percent of respondents said improving security is their top priority, 62 percent listed both cyber security and data protection as major challenges.
Other leading priorities include controlling IT costs, cited by over a third of respondents; and delivery higher service levels, cited by 24 percent.
Fully 32 percent of respondents experienced a security breach in the past five years, down slightly from 35 percent in the previous survey. Ten percent of respondents suffered at least one breach in the past year.
And there’s a clear link between outages and data breaches. Almost 61 percent of respondents who had a security breach in the past year experienced two to four outages, a 15 percent increase over the 2018 survey.
Delaying Critical Patches
Just 42 percent of respondents automate or plan to automate patch management – and similarly, only 42 percent monitor third-party software and apply critical patches to that software within 30 days, down one percent from 2018.
“Significant improvements must be made in both of these areas,” the report states. “The vast majority of security breaches are preventable by applying patches in a timely manner. Automation can make this happen.”
In general, there seems to be a slight decrease in awareness of the importance of updates. While 65 percent of respondents apply critical OS patches within 30 days of release, 68 percent said they did so in the 2018 survey.
Separately, a recent Untangle survey of more than 300 SMBs worldwide found that while 80 percent of respondents rank IT security as a top business priority, 52 percent don’t have an in-house IT security professional on staff, and 29 percent spend less than $1,000 a year on IT security.
Financial limitations are a significant issue. Forty-eight percent of SMBs say budget constraints are the main barrier they face regarding IT security, followed by limited time to research and understand new threats (36 percent) and employees who don’t follow IT security guidelines (32 percent).
The survey also found that 40 percent of SMBs now operate in at least five physical locations, including remote access workers. And while 74 percent of SMBs now have at least part of their IT infrastructure deployed in the cloud, 63 percent don’t deploy a firewall on the public cloud, leaving them open to attack.
“As technologies change, SMBs must also change their dedication to network security and where it stands as a business priority,” the report states. “Small and midsize businesses will continue to be target for hackers because of their limited resources.”