Companies are worried about data loss, but many are behind the curve when it comes to safeguarding their assets, according to EMC’s Global Data Protection Index. While these results aren’t exactly surprising, digging deeper into the report uncovers a shocking statistic: The more data protection vendors a company has, the greater the risk. What gives?

Dealing With Loss

According to a Dark Reading article about the new report, companies have a lot to lose. Every year, unintended downtime costs more than $950 billion, while data loss accounts for over $750 billion. That’s a $1.7 trillion price tag just for doing business. Companies are well aware of the risks, with 62 percent saying at least one of their new technology initiatives — such as big data, hybrid cloud and mobile devices — is “difficult” or “very difficult” to protect. Despite this, EMC found that 87 percent of businesses are behind the curve for data protection, and 71 percent aren’t completely confident that their data could be restored after a loss.

So what’s causing all this downtime and loss? Hardware failure tops the list at 53 percent, followed by power loss (39 percent), software failure (38 percent), data corruption (29 percent) and user error (26 percent). In a recent InfoStor article, Guy Churchward, president of EMC Core Technologies, notes that while simple, scheduled backups are no longer enough; companies “lack confidence that data protection will be able to meet future business challenges.” Business response to this issue isn’t unexpected. Most organizations bank on multiple protection strategies to minimize the possibility of loss; after all, if one vendor is good, more must be better, right? As it turns out, however, the math isn’t so simple.

All By Myself

EMC found that without a protection vendor, companies lost 1.75 terabytes of information per year and $420,000 in downtime. Adding one vendor lowered both numbers to 1.16 terabytes and $340,000 lost. Adding a second vendor actually made things worse, bringing the number up to 1.73 terabytes and $400,000 lost over the course of a year.

Here’s where things get weird. The report found that using three or more vendors was worse than using none at all, with data loss more than doubling to 3.54 terabytes and downtime quadrupling to $1.6 million. And it gets worse, because using more vendors means spending a bigger chunk of the information technology (IT) budget. Those with one vendor spend just over 7 percent, while those with three or more vendors spend nearly 9 percent.

Data Protection

So what’s the problem? Why don’t more vendors provide greater protection? The EMC report doesn’t have the answers, but it’s possible to make educated guesses. First is the fact that multiple vendors means fractured spending. Sure, using three vendors eats up 9 percent of the IT budget, but that equates to 3 percent per vendor. In a single-provider scenario, all 7 percent is spent in one place.

Another important factor is the creation of coverage gaps. When companies use multiple vendors, it doesn’t make sense to have them all doing exactly the same thing. Instead, it’s tempting to treat these vendors like cloud services and purchase them on a need-by-need basis rather than as a complete package. The problem? Data protection isn’t a discrete issue: Hardware issues bleed into power problems, and accidental user error can cause data corruption. Assigning specific tasks to multiple vendors means something always gets missed — and it’s costly.

The takeaway when it comes to data protection vendors is that having none is bad, having two isn’t great and having three or more is even worse. According to EMC, one is the safest number.