When creating a data backup up and disaster recovery strategy plan, it is important to have certain parameters in place. Deciding these internal objectives in line with an organisation’s business continuity guidelines can direct your organisation through the process of choosing a backup and disaster recovery vendor.
Of all parameters, Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) are some of the most important.
RPO: Recovery Point Objective
Recovery Point Objectives identify the point furthest back in time to which you can restore data and continue functioning with minimal disruption to business operations. This also describes the total quantity of data that can be lost during that period, in accordance with the tolerable limits required for business continuity.
When considered as a timeline, the RPO outlines the last point, prior to the disaster occurring, where all data is backed up and secure. The data that was accumulated in the gap between the RPO and the disaster is most likely lost or corrupt. Organisational parameters dictate the maximum length this ‘gap’ can reach before the recovery processes are hindered, and business performance becomes affected to an intolerable level.
RTO: Recovery Time Objective
This objective refers to the furthest away point in the future where disaster recovery procedures should be complete, and business processes have returned to normal. This identifies the total length of time that can pass between the disastrous occurrence and the resumption in business operations, any longer than this and the consequences will reach unacceptable levels.
When considered as a timeline, the RTO designates the period of time after a disaster can pass before the disruption begins to seriously and unacceptably impede the flow of normal business operations.
How to determine your parameters?
Understanding these objectives and the factors behind each of them is essential to determining an effective backup and disaster recovery strategy.
To understand exactly what parameters are acceptable for your business’ continued operations - and therefore essential requirements of a backup and disaster recovery service - information must be collected from a variety of business units and departments and then must be analysed.
Areas to be considered are:
- The responsibilities of the department/unit: consider each activity and the consequences of its interruption
- All possible losses: consider the financial or intangible losses that would occur with an outage
- Dependencies: Map out the role of each application in a business function and how critical its role is to performance
- Contingency planning: Consider all possible alternatives or manual processes that can be put in place to delay irreversible consequences.
Possessing information for each of these areas puts an organisation is in a position to determine what it can tolerate as a loss, giving way to the considerations of an acceptable RPO and RTO and the actions required to ensure that each of these objectives are met.
For example, the RPO and each of the aspects it represents can be used to determine the frequency and type of backups performed for each business application and the data contained within. This will ensure that there is a minimal gap between the RPO and the occurrence of the disaster, and that it falls within a tolerable scale of loss.
Using this information, the Recovery Point Objective and Recovery Time Objective can be determined. When considered in parallel with the factors determined as essential for the resumption of standard business operating procedures, the necessary qualities and features of a backup and disaster recovery solution can be identified.
Download our Free IT Managers' Myth-Buster, a guide for IT professionals: