Optimizing Productivity through RPO and RTO in Terms of Data Protection

[This is the final excerpt from my How to Sell Backup to Your CFO whitepaper.]

The first two optimization techniques discussed in previous posts centered around reducing capital expenditure and operational expenditure by focusing on increasing productivity through reducing on-going cost.

Today’s technique focuses on increasing productivity through reducing the operational cost when a data loss event actually occurs.

First, a few definitions:

• RPO: The amount of work that can be lost and will need to be redone in the event of data loss.
• RTO: The amount of time it will take before employees can start working after a data loss event.
• Productivity Loss: RPO + RTO
• Cost: Productivity Loss x Total Hourly Rate of Affected Employees

Thus, the answer here is to minimize RPO and RTO, right?  Not so fast.  You should make a proposal to show your CFO that you’ve thought through the problem and that the proposed solution will deliver the most “bang for the buck.”

First, you need to think about how you’ll recover your system, not just your data.  Your RTO will be dramatically impacted if you don’t have some form of bare metal recovery, which allows you to restore entire systems and not just pieces of data.  In particular, look for what is called dissimilar bare metal recovery on a physical-to-physical (P2P) and on both a virtual-to-physical and physical-to-virtual (V2P and P2V, respectively).

In terms of RPO, you want to make sure you balance your desired RPO against your desired retention.  Also, you should make sure that your data protection solution can flexibly support technologies such as SAN snapshots that provide protection against both logical failure and against physical failure by moving sufficient data from your primary storage device.

You should also understand whether you have different RPO needs for different types of data.  Typically structured data, such as databases and e-mail, require a faster RPO than unstructured data, like file systems.  In addition, different protected clients may have different RPOs as well.  The ability to easily define different RPOs for different types of data and for different systems is important.

One thing that many people take for granted is the fact that your RPO and RTO should be measured against all of your IT assets (such as laptops, workstations, etc) distributed throughout your company– not just those within your data center.  It’s wonderful to talk about lowering your RPO and RTO, but if you haven’t included all of the IT assets, then you’re just kidding yourself in terms of what your overall protection levels are.

There’s no easy way to convince your CFO that data protection is vital to reduce the financial risk to your company.  However, if you use the insurance metaphor, taking into account your industry-specific needs and your regulatory requirements, and then extend the insurance metaphor to show specifically the increased productivity possible via optimization, then you will create a bridge between you and your CFO in terms of a shared understanding of risk and reward.  Plus, you’ll show your CFO that you take the financial side of this as seriously as he or she does while guaranteeing your data solution gives you the most “bang for the buck.”