As we pointed out in our blog post earlier this month, while backups are essential for the health of your business, there are many details which often remain overlooked in a basic backup plan. These oversights can render any strategy useless just when you need it the most…even if there are backup files available somewhere.
There are so many different methods of backing up your data, each with its own set of abilities and drawbacks. Some take file-level backups but are not able to recover an entire system in the event of a complete catastrophe. Others take whole image backups which can be restored to different and/or new hardware. Some systems take backups daily; others take continuous backups. Whichever approach you choose, here are a couple foundational elements that are relevant to all of them, and that your Information Technology team should be sure to consider when designing and executing a strategy to keep your information secure and retrievable.
- Recovery Point Objective (RPO)
That’s just technical jargon for, “What information do you need restored first?” To be more explicit, what data do you need recovered most in the immediate aftermath of a disaster in order to keep your business moving forward? Most companies don't need to have 100% of their servers up and running right away, and it’s unlikely that everything is going to be restored instantaneously. You will probably want your Domain Controllers (i.e. the security servers that let you and your users log in to network resources), email servers, file servers, and accounting information servers restored. However, even with that limited list, it’s important to let the team responsible for managing backups know how you want to prioritize the resources. Hence…
- Recovery Time Objective (RTO)
This simply defines the length of time before each resource must be back online. How long can your business survive with each of these resources non-functional? To demonstrate, let's go back to the list of services above. You will probably want to get users logging in immediately, since authentication is the backbone of any network. You might want to get your email server up next, so your customers don't think that you have gone out of business. So let's say you can have those down for two hours total before the business is negatively impacted. Next, you want your files and accounting servers up so that you can conduct administrative functions. You might be able to live for a little while longer without these services, so let's set those to a four hour timeframe. The more precise and definitive you can be in advance, the faster your Information Technology group can work - uninterrupted - to get your organization back in action after a problem.
Both of these aspects really have to do with the priorities within your business. In fact, before you dive in to the technical details of any backup plan, it’s critical to agree upon your company’s goals in the event of an emergency. Only after you know what you want to achieve with regard to recovery (i.e. what needs to be back up and running first and in what timeframe) can a proper RPO and RTO process flow can be established. As with all things in your network, the human needs and aspects should always dictate the technical requirements.
If you need help creating or improving your backup strategy, we’re happy to schedule a free consultation and discuss it with you.