08-29-14 | Blog Post
There are a number of options for offsite backup, including tape backup shipped offsite, backing up to a simple cloud storage like Amazon, or an enterprise-grade offsite backup and recovery solution.
Before any detailed conversation takes place around the technical and business considerations impacting your backup strategy — such as compliance, confidentiality of the data, security requirements and recovery targets — there are three questions your CIO needs to answer prior to researching solutions for your offsite backup and recovery plan.
Question 1: How important is your data?
If you lost an important file or all of your servers to a disaster, what kind of impact does it have on your business? Backup and recovery is basically an insurance policy. Your insurance can provide system-level recovery in case of a major disaster or file level recovery to restore lost files for minor disasters as well.
This first question is important to ask because it gives you a framework on how to think about the type of “insurance” you want to buy with backup. If your data is critically important to the success of your business, your CIO will most likely want a higher coverage, faster response insurance policy than if your data could be completely recreated from paper records.
Question 2: How much data can you afford to lose?
Once you know how valuable your data is to the business, you need to understand the recovery point objective (RPO) that your CIO wants for the different applications.
The RPO dictates how often you capture your data and send it offsite – weekly, daily, hourly or instantly. If you can survive with weeks-old data without an impact to your business, it drives a different set of decisions than if you need to recover the latest up-to-the minute customer transactions.
Question 3: How fast do you need to recover your data and be operational again?
This is your recovery time objective (RTO). Some applications may not need to be backed up for weeks while others need immediate failover. Many mid-size businesses look at a 4- to 24-hour range as reasonable targets for recovery on their applications.
In my experience, once you have the answers to these three strategic questions, you’re ready to dive into the technical and business drivers for your backup and recovery strategy, as you start researching solutions to meet your goals.
RELATED CONTENT
Data is money: Just as money belongs in a bank, data belongs in a data center
Don’t strand your data
Data protection and the cloud
