Stats & Trends
Brianna Gammons
Jan 2017

4 Surprising Backup Failure Statistics that Justify Additional Protection

When it comes to relying on backup systems to restore encrypted or compromised files, it’s always good to have, well, a backup plan. Backup products have come a long way, but there’s always room for failure. And backup failure in the case of an emergency leaves you and your company up a creek without a paddle.

The following backup failure statistics and stories of attempted recovery gone wrong make the case not only for improving your backup system, but keeping your company safe with additional layers of endpoint protection, too.

Recovering from ransomware: Does your backup actually have you covered?


September 28th 2016: Marin Healthcare District reported a ransomware attack that occurred in July 2016. During the attack, Marin providers were unable to access patient data for more than a week. What’s worse, they lost two weeks worth of data because their backup system failed. The data of 5,000 patients collected at MHD’s nine medical centers was lost.

January 5th, 2017: The Texas-based Cockrell Hill Police Department announces they have lost 8 years worth of data, including evidence pertaining to ongoing investigations, due to a ransomware attack that infected their server. They were unable to recover the data from backups because their backup procedure kicked in shortly after the infection, replacing the previously backed-up files with copies that were now encrypted. 

Organizations often make the mistake of thinking backup alone can make them impervious to ransomware. The stats and stories tell otherwise. 

1) One third of IT managers have lost data while migrating between devices or upgrading operating systems

Source: Knoll Ontrak

Knoll Ontrak surveyed 572 IT administrators in March 2016. They found that some of the top reasons it was hard for IT managers to recover from backup failure was that their backup wasn’t current or operating correctly.

2) While 57% of IT managers have a backup solution in place, 75% of them were not able to restore all of their lost data

Source: Knoll Ontrak

In fact, 23% of people with a backup solution in place weren’t able to recover any data at all. These findings were similar to those they found in the past three years of surveys, where over half of consumers and businesses reported data loss even when a backup system was in place.

3) Prior to a ransomware attack, 4 out of 5 organizations are confident backup can provide them with complete recovery

Source: Barkly

Barkly surveyed IT pros from over 300 organizations in May 2016. We found that nearly 100 percent of respondents reported they were actively backing up their data. 81% who hadn’t experienced a ransomware attack were confident they would be able to recover any data attackers encrypted from backup without paying the ransom.


4) Less than half of ransomware victims fully recover their data, even with backup

Source: Barkly

When we followed up with respondents who had experienced a ransomware attack, only 42 percent reported being able to successfully recover all their data from backup.


The Top Reasons Backups Fail


Why isn't recovering from backup a sure thing every time? Here are some of the most common reasons organizations aren't able to fully restore their data. 

1) You’re only as good as your last backup

Very few backups offer continual backup, and the ones that do are extremely expensive. The vast majority back data up once a day, week, or month. That means unless you’re lucky enough to be restoring immediately after the last backup was made, you’re going to lose data.

Whether that’s a day’s, week’s, or month’s worth of work depends on your settings. And how critical that work was to your sales, marketing, engineering, or senior management team may dictate 

2) Actually, you're only as good as your last tested backup

In other words, if you haven't tested your backup and made sure the restoration process actually works like you expect it to, then it technically exists but also doesn't exist at the same time. 

3) On third thought, you're only as good as your last tested, secure backup

Don't forget that during a ransomware attack your backups are subject to encryption, too. If the ransomware can reach them — via network drives, shared storage, etc. — it will turn them into useless strings of gobblegook, too. 

Make sure your backup is 3-2-1 compliantyou have three copies of your data in two different locations, one of which is offsite.  

4) Your users can store data in places you're not backing up

More and more often, users are leveraging free cloud storage as a way to have easy access to important documents and data. They can be storing data in Google Drive, a personal Dropbox, or other shadow IT solutions you're not aware of. Even if you're not technically responsible for managing those systems you're still going to be expected to help if that data gets hits by a ransomware attack.


What are your options for preventing data loss due to backup failure?

Must-do #1: Make sure your backup is properly configured so it will be there when you need it.



Must-do #2: Make sure your company has preventative measures set up so you won’t have to rely solely on backup.



You may think recovering from backup is the standard response to a ransomware attack, but the best solution is to avoid getting to that do-or-die point in the first place.

Brianna Gammons

Brianna Gammons

Brianna is helping us grow an active community of security beginners and experts alike. She is exploring topics like security in healthcare and how to keep companies safe from ransomware.


Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.