Data from real-world recovery scenarios highlights why strengthening recovery testing is key to achieving resilience at scale.

Keepit, the only independent provider of cloud-native data backup and recovery, has published the Keepit Annual Data Report 2026. As businesses increasingly rely on SaaS platforms, new data from Keepit reveals how recovery readiness is evolving. Based on real-world backup and restore activities, the report highlights that recovery practices are still in their infancy for many organisations – particularly smaller ones. Larger organisations, by contrast, are increasingly demonstrating greater operational maturity through active recovery practices.

The report analyses aggregated and anonymised behavioural data from Keepit’s production backup environment and examines how organisations actually use their backups.

Key findings of the report include:

• 9 out of 10 companies have validated bulk recovery, demonstrating the maturity of their disaster recovery readiness.
• Identity systems are tested four times less frequently than productivity systems, even though the loss of identity access can block access to all other SaaS applications.
• 90 per cent of recoveries involve downloading individual files. This shows that simple data loss incidents are the most common and that IT administrators greatly value the ability to perform granular, immediate recovery.
• High-profile global outages – including serious cloud and security incidents – did not lead to an increase in recovery testing. This suggests that even highly visible disruptions rarely trigger a validation of recovery readiness.

“The data shows that organisations are actively using their backups and developing genuine recovery readiness on a large scale – particularly larger organisations that routinely validate mass restores,” says Jakob Østergaard, CTO at Keepit.

“At the same time, the results highlight that confidence in recovery comes through practice. Simple, everyday restores are an important foundation, but structured tests and guided restores are what turn backups into a repeatable, reliable function. Backups are only effective when teams know they can restore the right data in the right order and under real pressure.”

A behaviour-based signal and a clear path forward

One of the report’s clearest findings concerns user behaviour. Everyday restores demonstrate how organisations build confidence and recovery capabilities over time. Restoring individual files is familiar and useful, but represents only an early stage of readiness – and does not constitute full validation for large-scale incidents.

The report shows that resilience is built through practice, not through additional tools. Organisations that make recovery a routine, repeatable process – supported by structured testing and guided recoveries – are better prepared to restore the right data in the right order and to the right extent.

Objective data rather than subjective behavioural reports

The Keepit Annual Data Report 2026 is based on aggregated, anonymised behavioural data collected from Keepit’s production backup environment between 1 January and 31 December 2025.

The analysis covers backup and recovery activities across all active Keepit data centre regions, including Denmark, Germany, Switzerland, the UK, the US, Canada and Australia.

The report does not rely on surveys, interviews or self-reported behaviour. Instead, it examines observable patterns: recovery frequency, recovery types, timing, dataset behaviour and user interactions across various business segments and application categories. All results are presented at a population level and do not contain any customer-identifiable data.

The Keepit Annual Data Report 2026 is available now.

About Keepit

Keepit offers a state-of-the-art SaaS data protection platform designed specifically for the cloud. Backing up data in an independent cloud protects essential business applications, strengthens cyber resilience and future-proofs data protection. Unique, segregated and immutable data storage without subcontractors ensures compliance with local regulations, mitigates the impact of ransomware, whilst guaranteeing continuous data access, business continuity and rapid, effective recovery in the event of a disaster. Headquartered in Copenhagen, with offices and data centres worldwide, over 20,000 businesses rely on Keepit – thanks to its user-friendliness and the ease of backing up and restoring cloud data.