Four Core concepts of Disaster Recovery
I had a frustrating meeting with a stake holder recently, it wasn't that he didn't know these concepts but that he didn't seem to understand his business well enough to articulate decent answers so we can design a cost effective solution. It's kind of simple, any downtime of production systems = money lost, directly through wages & productivity loss but indirectly too such as reputation, deadlines not met etc. Do you want a tick the box CYA backup or do you need an effective business continuity system that allows you to ride the waves of misfortune without sinking the ship?
- RTO - Recovery Time Objective, how quickly after failure do you need be back online?
- RPO - Recovery Point Objective, if you had to revert back to an older version of critical data, what's the oldest you can live with?
- Retention - how far back in time may need to look into your backup archives? Days, weeks, months or years?
- THE 321 RULE - 3 copies of any critical data, 2 different formats and 1 copy stored offside!