RPO and RTO – Keeping Your Data Safe

May 21, 2017 The TNS Group

Business continuity is something that all businesses are consumed with today.  With natural disasters such as Hurricane Sandy in 2012 and Ransomware infections in the recent years wiping out file servers, to name a few, there has been a major shift if focus on RPO (Recovery Point Objective) and RTO (Recovery Time Objective).  It is vital for businesses to clearly define their RPO and RTO and to communicate that information to their internal IT team or their IT Managed Service Provider (MSP) to meet those objectives.

Before we dive into definitions, differences, and other acronyms behind data protection, I want to point out that losing data, no matter how well defined and tested your recovery plans may be, is guaranteed to happen.  Data protection is not something that is continually occurring so there will be a time where changes are made, and files could be lost.  Clearly defining how much data you are willing to lose, and how long your business can operate without your data, is what will help you not only outline your RPO’s and RTO’s, but understand the investment required to meet those objectives. 

What is an RPO?

A Recovery Point Objective (RPO) requires that you define how long your company can run without the most current version of your files/data.  Depending on the type of business you are in, losing one day’s amount of work could be acceptable, but if you are in a financial institution you may only tolerate 1 hour when it comes to data loss.  As long as you define how current your files need to be to resume normal business, you can find a solution that will help you meet that goal.

What is an RTO?

A Recovery Time Objective (RTO) defines how much data loss threatens the survival of your business.  How long can your business afford to have your line of business application offline, until your business is impacted financially?  How long can your company not have access to email?  What does your business consider as an acceptable amount of time to not have access to that critical application or server?  This can vary, but knowing how long it can take to recover these business critical components will determine if your company will make it through the next natural disaster or security breach, such as ransomware.

How it Affects your Business

Recovery time is critical when you turn to solutions that help meet your RPO’s and RTO’s.  How quickly you can recover your data or application and get your business online, after a failure, has a cost not only in budgetary dollars but also in time.  The amount of time it takes to get your business running again is also important, and at times, an overlooked component of any disaster recovery solution.  You may have an RTO of a day, but depending on how complex your systems can be, it could take up to a day to get your systems up and running after a disaster. 

It is imperative to have a Business Continuity Plan (BCP) in place that clearly defines your RTO’s and RPO’s. It is important to work with your internal IT team or work with a reliable MSP to safeguard your business against a disaster.  If you would like to discuss how to clearly define your business objectives, contact The TNS Group today.

By: Jonathan Cartagena, Engineering, The TNS Group


, , , , , , , , , ,