Why Every Disaster Recovery Plan Must Include RPO
In our last post, we provided an overview of recovery point objective (RPO), a critical disaster recovery metric that defines the level of data loss a company is willing to tolerate when an outage takes place. In this entry, we’ll discuss what makes RPO so crucial when it comes to facilitating proactive disaster recovery planning strategies.
Today’s companies run on information. Corporate data is leveraged each and every day during automated business transactions and in support of strategic planning and decision-making by executives and managers. And in many cases, data is made available to customers to enhance service and satisfaction, or to external business and supply chain partners. So when information is lost as the result of a technical failure or system outage, mission-critical operations can be severely affected.
The level of impact an organization will feel when a disaster strikes will depend greatly on the type of information lost and its primary use. Data can be classified in a variety of ways – there is data needed for revenue generation, data that enhances the customer experience, data that facilitates internal productivity, etc. Those who are defining recovery plans need to take these data classes into account, and set an appropriate RPO for each. For example, data that is required for sales and revenue generation, such as inventory information that lets customers know if a product is in stock before they place an order over the Web, would need a shorter, more rigid RPO than data utilized in non-critical internal processes.
By taking this approach, companies can better design, budget for, and implement the optimal IT solution to ensure that all RPOs are met. Additionally, they can more effectively communicate disaster recovery plans to all internal and external stakeholders, to maximize preparedness if and when an outage does occur.
Those companies who don’t set RPOs for the various types of data they maintain – and the systems that house them – might find that their disaster recovery plans fail in the event of an emergency. Without setting and measuring RPOs, it can be quite difficult to properly define disaster recovery processes, or to clearly articulate how those processes should be carried out. As a result, organizations may:
- Face unnecessary risks due to “gaps” in their plan’s coverage. This can lead to unacceptable data loss, which ultimately translates to lost revenue, lack of regulatory compliance, customer churn, or damage to brand image and reputation.
- Hinder the efficiency and effectiveness of disaster recovery procedures. Without clear instructions, IT teams are likely to either over-provision (wasting valuable human and financial resources) or under-provision (leaving important data unprotected from loss) their environments. In our many years of experience helping companies evaluate the technical validity of their disaster recovery infrastructures, this is one of the issues we see most frequently.
And, perhaps most importantly, remember that defining an RPO is not a one-time event. It is an ongoing process that must be flexible, leaving room for re-evaluation and refinement as business needs, technology environments, and other internal and external factors change.
Visit our Web site to find out more about RPO, its vital role in the disaster recovery process, and RecoverGuard, our robust solution for enabling rapid, accurate RPO measurement.