Over the past couple of weeks, we have looked at disaster recovery from the perspective of RPO, RTO, and MTO. Then we took a look at creating a Business Impact Analysis. This week, let’s evaluate how “time” figures into your calculations of potential losses, how to determine how much time you can afford to lose, and how managed IT services can help. This is an exercise that should involve all aspects of your business and you should be asking this question to at least one person from every department: “How long can we be down before the loss of critical systems starts to have a serious negative long-term impact on our business?”
The answers may vary by department and, depending on the department and depending on your business, the answer may be zero acceptable downtime. Solutions for zero downtime do exist. These solutions allow for immediate transition to a secondary yet fully functional and operational infrastructure from a remote location. Needless to say, back-up like this is expensive, but for some businesses, it is imperative to their survival. Most businesses will determine that their requirements are less draconian.
When considering acceptable downtime, you must also account for what we call “dependencies.” If your calculations tell you that you can be down for 36 hours, for example, you also need to deduct from the 36 hours the amount of time you will need for your servers, networks, and all your other critical functions to be up and running. And you must also consider time to acquire replacement equipment, availability of personnel, etc. Based on these “dependencies”, your effective downtime may be far less than 36 hours. These are factors that must be discussed with your managed IT services provider as they will figure heavily into your recovery.
In working through these time calculations, do not lose sight of your RPO – your Recovery Point Objective. In simple terms, this means: how much data can you afford to lose? This will be the data lost between your last backup and the point at which you are fully online again. This includes your ability to service your customers/clients. This will be impacted by how often you run back-ups. If you haven’t backed up often enough, will you be able to, or be comfortable in asking your customers/clients to provide documentation to help you fill in gaps in your data caused by downtime since your last data backup? At best, it is embarrassing. At worst, you create a lack of confidence in your business among your customers/clients, and possibly lose revenue to which you are entitled because you cannot produce invoices, or even the existence of customers to whom you may have provided goods or services.
If you would like to catch up and read our past two blogs on disaster recovery, or any of the other topics we cover regularly, check out our blog. Keep an eye out for our next blog in which we will discuss risk assessment and how to achieve peace of mind. Better yet, give us a call today. We are a managed IT services company that has been protecting Atlanta’s small to mid-sized businesses since 1992 and we would love to speak with you. Call us at 770.629.9615.