You’ve got backups. Great! Everyone is probably tired of being beat over the head with articles about making sure you have backups. I know I am, but here I am writing one because there is another question that is almost equally critical.
How long after a catastrophic disaster, systems failure, data corruption or ransomware attack would your organization take or be able to recover and operate? If the answer is a week or more than in many cases it might not even matter. And more often than not, that is the situation many businesses find themselves in.
In many SMB environments “backups” consist of ensuring that the company’s application data and files are copied on a regular basis to a separate storage device or service. But, that data may not be of much value if something happens that requires not only restoration of the data, but securing replacement hardware, reinstalling and configuring operating systems and application software AND THEN restoring your data from the last point it was backed up.
There are two acronyms used widely in the IT business and they are ones that non-IT business leaders should know – RTO and RPO.
RTO (Recovery Time Objective) is used in reference to what an organizations goal for restoring an IT resource after an outage. The RTO is something that may vary from service to service. An Internet-enabled, customer facing application may demand a much shorter RTO than maybe an infrequently used internal service.
RPO (Recovery Point Objective) is used as a time reference for what an organization’s goal is for minimizing data loss in event of a system failure or other event that could result in data loss.
If the desired RTO and RPO thresholds are measured in minutes or hours instead of many dozens of hours, days or weeks than just having backups aren’t going to be sufficient.
Backups represent a point-in-time snapshot and may or may not include full snapshots of an entire system or just application data. Even if the backups include full snapshots there still has to be a system (internal or external) to restore and/or activate them on. Waiting for a new system to show up may take longer than desired.
Replication is similar to backups in that it makes copies of data or whole systems, but it does so in or near real-time. As soon as new information is added or a record is updated it is replicated to one or more duplicate copies. Replicating data is a great way to ensure that in the event of a major system problem, as little data as possible (if any) is lost. But, replication usually comes at a higher cost than just simple backups and doesn’t replace the need to back up data.
Disaster Recovery relates to the plan, process, tools and activities that are to take place after the loss of one or more systems to restore it and business function(s) it supports?
Business Continuity is a broader term that includes more than just restoration of the technology that supports a business process, but restoration of the process or processes that the business engages in to operate. A manufacturing company dependent on specialized machinery, for example, may be more challenged to have a workable business continuity plan than one that can just let workers do their jobs from home if need be.
You’re tired of hearing about it. I’m tired of hearing about it. But, the fact remains, that each week we hear stories about organizations that have been the victim of hackers. employee error or some catastrophic event and don’t have things arranged ahead of time in order to quickly and cost-effectively continue their operations.
SMBCIOs is happy to work with your organization, big or small, to ensure you are aware of the options, the costs and have testable, updated plans in place – just in case.
Call 317-513-2406 or just go ahead and find a time on our calendar that works for you!