Keepit: enterprises still lag on SaaS recovery testing

Keepit has published its Annual Data Report 2026, which examines backup and restore activity across its production environment.

The findings highlight a gap between widespread software-as-a-service adoption and the level of recovery testing many organisations carry out. They also suggest larger businesses are more likely than smaller ones to check whether they can restore data at scale.

According to the report, nine in 10 enterprises have validated bulk recovery, indicating a higher level of disaster recovery preparation among larger organisations.

By contrast, identity systems are tested four times less often than productivity systems. The report notes that losing access to identity tools can also block access to other SaaS applications.

Most restore activity remains small in scope. Keepit reports that 90% of restores are single-file downloads, a pattern that reflects the frequency of routine data loss incidents and IT teams' need for immediate item-level recovery.

Observed behaviour

The dataset is based on aggregated, anonymised behavioural information from Keepit's production backup environment. It covers backup and restore activity across active data centre regions in Denmark, Germany, Switzerland, the United Kingdom, the United States, Canada and Australia.

The analysis focuses on observable activity rather than survey responses. It examines restore frequency, restore types, timing, dataset behaviour and user interaction across business segments and application categories.

One of the report's more striking findings is that major cloud and security outages did not lead to more recovery testing. This suggests that visible disruption does not necessarily prompt organisations to check whether they can restore systems and data under pressure.

The pattern matters because many organisations now depend on SaaS tools for email, collaboration, identity and other core business functions. In that context, backup is only part of resilience if teams can verify that recovery works in the right sequence and at the right scale.

Keepit argues that everyday restores still serve a purpose. Repeated single-file recoveries may help administrators build familiarity with backup tools, but they do not prove that a business can handle a broader incident affecting large datasets or multiple applications.

Recovery maturity

The data points to a progression from basic backup use to more structured recovery readiness. The clearest divide appears between organisations that mainly carry out small restores and those that regularly validate bulk recovery processes.

That distinction is especially relevant for identity platforms. If identity systems fail or become unavailable, staff may be unable to access other SaaS services, making recovery order as important as recovery itself.

"The data shows that organisations are actively using their backups and, at scale, developing real recovery maturity - especially among larger enterprises that routinely validate bulk recovery," said Jakob Østergaard, Chief Technology Officer at Keepit.

He added that day-to-day restores are only one part of the picture. "At the same time, the findings make it clear that confidence in recovery is built through practice. Simple, everyday restores are an important foundation, but structured testing and guided recovery are what turn backup into a repeatable, dependable capability. Backup is only effective when teams know they can recover the right data, in the right order, under real world pressure."

The report draws on activity recorded throughout 2025 and presents the results at population level, with no customer-identifiable information. The approach is intended to reflect what organisations actually do with their backups rather than what they say they do.

Keepit, which says it serves more than 20,000 customers, is positioning the findings around operational practice rather than new tooling. Its conclusion is that resilience depends on routine testing and repeatable recovery processes, with restore behaviour offering one of the clearest indicators of whether organisations are prepared for a larger disruption.