Simply put, a Disaster Recovery (DR) plan for business isn’t sexy. It’s another business expense, a line item you leave to mid-level managers and IT staff, or something you once paid a consultant for and haven’t really looked at since.
Here are the straight goods: yes, DR is an expense; no, it doesn’t have to be expensive, especially considering the consequences. Like insurance, the question isn’t “Can my business afford an effective DR plan?” it’s “Can my business afford not to have it?”
Data Loss: Cost and Consequences
The leading cause of downtime is hardware failure at 55 per cent, followed by human error and software failure. Natural disasters come in at just 5 per cent (Quorum Disaster Recovery Report, Q1 2013). How will that statistically highly-likely hardware/software failure or human error potentially affect your business?
This handy infographic illustrates the cost: $8,000–$74,000 for SME, and up to $800,000 for larger enterprises—per hour. Other downtime risks: lost revenue and decline in employee productivity from disruption in day-to-day business activities; negative impact on customer experience, affecting their loyalty and your reputation.
That’s a lot to risk on a lower-level management decision or an outdated assessment. It may even come as a surprise that many business owners still confuse data backup for a DR plan, however they are not the same. Your backup software could fail or the person performing the backup may be doing something wrong, unfortunately you won’t know until it’s too late. It’s key to have a backup plan that is rooted in data restoration or recovery.
Now the good news! Today, more and more organizations are paying attention. A recent Computerworld blog post cited “a sharp uptick” from 2015 to 2016 in CIOs focused on functional activities such as security management, which includes laying a solid foundation for a functional Disaster Recovery plan (2016 State of the CIO survey).
The Tao of Data Recovery: RTO and RPO
Generalizing the numbers won’t help you figure out what kind of DR plan works best for your business—every sector and specific organization has its own requirements and risk profile, but you already know that. If you have a DR plan, you may also know that key metrics for DR plan assessment and development include Recovery Time Objective (RTO) and Recovery Point Objective (RPO). What’s the difference?
RTO assesses your entire organization and its systems to determine the optimal target time to resuming full IT functionality and business operations. This helps you figure out the type of DR plan, and the overall budget you need to assign, for effective business continuity. The shorter the RTO, the more critical it is for you to be consistently prepared with targeted solutions that ensure systems are recovered quickly.
RPO looks at your organization’s data requirements to assess how long you can go without data for essential operations, before your business suffers significant or irrecoverable losses. This helps you figure out how often you need to schedule data backup, what kind of data gets backed up, and when. The shorter the RPO, the more frequently you need to back up business-critical data.
An effective DR plan includes a comprehensive risk assessment and business impact analysis of your organization, an understanding of the systems most critical to your core business, and what you need to do to get them working again in an acceptable time frame.
Practice Safe Data: Test Your DR Plan
DR plans are only valid if they’ve been tested. IDC Canada found that “81% of Canadian IT professionals admit to not testing their DR plans to industry standards….” (IDC Canada and TeraGo report). Does your DR plan just look good on paper, and are you sure it will actually work?
If your answer is “maybe,” you’ve got plenty of company. The Disaster Recovery Preparedness Council 2014 Annual Report polled more than 1,000 organizations worldwide, from small businesses to large enterprises:
- About 78% of respondents had experienced outages of critical applications; of that group, 63% said losses ranged from a few thousand dollars to over $5M, with 28% saying their organization lost data center functionality for up to weeks at a time.
- More than 60% of respondents reported they did not have a fully documented Disaster Recovery plan; of those that did, 23% had never tested those plans.
- Approximately one-third said they test their DR plan once or twice a year, and more than 65% of those organizations do not pass their own tests.
The GT.net Solution
So how effective is the DR plan for your business? Don’t know? Then talk to us about testing or reassessing your existing DR plan. Looking to refine your RTO or RPO? Then put our GT.net team of experts and high-availability hosting hardware infrastructure to good use. By walking through our effective DR planning elements, we can develop the right DR plan for your organization, based on strategy tailored to your unique business risk profile.
With more than 20 years’ experience working with clients internationally, we have the depth to understand how to accurately assess risk, and the breadth to help minimize it. Data and systems assessment, monitoring, backup, maintenance and regularly scheduled testing are built into our solutions offerings; we own all our hardware, build our own core software tools, and partner only with a select number of trusted hosted technologies.