Disaster recovery is an increasingly important component of modern business operations. When an event strikes that causes a business to lose connectivity, every minute of downtime can represent thousands in lost revenue and slowly erode customer confidence in your business.

Years ago, disaster recovery plans centered around on-premises backups. Today, the increased use of the cloud means that downtime can grind most business activity to a halt. A good disaster recovery plan not only dictates the steps an organization should take in the event of a disaster, but the process of developing the plan also informs your vulnerabilities and needs.

Driving Components of Disaster Recovery Planning

A recovery point objective (RPO) and recovery time objective (RTO) are crucial elements in any disaster recovery plan. RPO and RTO not only help in identifying risks and needs but also dictate the type of backup infrastructure that your enterprise will put together.

RPO seeks to answer a relatively simple question: “how much data can I afford to lose?” It’s a measure of tolerance that helps an enterprise know the impact of downtime. It sets a line in the sand as far as the amount of time that a network can be down without risking data loss that goes beyond the threshold set in a plan. In other words, how far back must an organization recover after a disruption to resume business as usual?

RTO is a target time that an organization sets for recovery after an incident. This component is a calculation of how fast a business has to mobilize to achieve an acceptably small gap in business continuity.

For example, if an organization determines that they need to rebound from an outage within three hours, then it has a three-hour RTO. If your volume of critical data is low, then your organization might be able to withstand longer delays. Some organizations have very little tolerance for downtime and need a solution that provides as close to 100% uptime as possible.

Backup Requirements for Open Source Clouds

Industry best practices for OpenStack data protection

Calculating Your Enterprise’s RPO and RTO

It’s easy to see that both the RPO and RTO cannot be chosen lightly. The numbers have to reflect how your organization functions, from all aspects. However, some general guidelines can help a business determine these timeframes.

Factors to consider in determining RPO include the frequency of crucial data changes in your business, your backup schedule, and resources for the backup. An organization can also consider the projected costs of downtime. Costs can be complicated, as unscheduled interruption in a business ripples throughout the organization, affecting everything from sales figures to salaries.

These factors also play a role in determining the appropriate RTO for your business. How much can your business absorb before it has a noticeable impact?

Integrating RPO and RTO into your business impact analysis

So, what does all of this mean for most businesses? The concepts of RPO and RTO combine to help determine business impact analysis. This analysis is a methodology used to identify and measure the impact of a loss of services such as network connectivity. The business impact analysis is a time-intensive process that incorporates all activities within the organization, critical or not.

Determining this impact requires not only in-depth knowledge of a business’s operations, but experience in the differing capabilities of backup and disaster recovery systems, based on expense and feature. One way to achieve minimal downtime with maximum efficiency and protection is implementing a cloud-native recovery solution that restores to a point-in-time. By retaining valuable metadata and restoring workloads to their last-best-known state, your organization can significantly reduce RTO in the inevitable event of an outage.

See TrilioVault in Action

Register for a demo of TrilioVault to see cloud-native data protection in action.