Whenever an IT assessment is conducted, it’s important that a business’s backup and disaster recovery posture is examined. And unfortunately, studies repeatedly show there is often a meaningful gap between how protected company executives think they are and their true exposure to real data loss and downtime. When this gap exists and a data loss event occurs, otherwise smart, engaged IT decision-makers are thrust squarely into the spotlight when their solution fails to meet everyone’s expectations.
So what’s the reason for this perception gap, even in businesses that are investing in protecting their data? There are two primary contributors:
- A general lack of understanding in the nuanced differences between data backup, disaster recovery, and high availability
- A surprising level of optimism in an area best served by skepticism
As part of our series of articles around protecting data, we thought we’d start at the top, or rather at the bottom, and make sure you have a solid foundational understanding as to the difference between data backups, disaster recovery, and high availability.
Data Backups – Any data protection strategy is rooted in having reliable and frequent data backups. Explained simply, backing up your data is a method of copying your data. These copies are written to another device, ideally, at different location, for the purpose of restoring data in case a file is accidentally deleted, a drive gets corrupted, or a single server fails. These scenarios actually happen quite often, so the concepts of Recovery Time Objective (RTO) and the Recovery Point Objective (RPO) are the driving forces around which data backup solution is right for the business.
Simply put, RTO is the length of time following a disaster within which business process must be restored to avoid unacceptable consequences. RPO is the maximum time that a business can tolerate between backups.
Most small to mid-size businesses should have an RTO for simple data restorations of minutes or hours and an RPO of no more than 24 hours. Unless you have a specific regulatory requirement, keeping a rolling 30 days of backups is also normally sufficient. If your organization is not in a position to meet these data backup and restoration standards, we advise you stop reading this article and resolve this. We can then talk Disaster Recovery.
Disaster Recovery (DR) – If you are still reading, you understand that without data backups, there is little chance for a successful recovery from a disaster. Disaster Recovery entails a more complex orchestration of activities – including restoration data backups – in response to a significant loss of infrastructure, facilities, and access to systems. Of note, technology “disasters” are caused just as much by humans as by Mother Nature. The concepts of Recovery Time Objective (RTO) and the Recovery Point Objective (RPO) are still front and center when architecting a DR Strategy.
The expectations of most executive teams around RTO and RPO in the face of a disaster are where we find the largest disconnect between perception and reality. The executive team almost always has an overly optimistic perspective of their speed to recover and the age of the data offsite. If your business can’t afford to be without its core technology for more than a few days (48-72 hours), there must be offsite data backups, a redundant infrastructure in place, and a documented plan on how to activate, or failover, to this redundant infrastructure based on clear direction or a defined set of events. If you have not tested your DR plan in the last 12 months, we advise you stop reading this article and go test it. You will learn a LOT. We can then talk about High Availability.
High Availability – Welcome back! Now that you understand that data backups are table stakes and that architecting and testing your Disaster Recovery plan is paramount, let’s discuss High Availability. High Availability, or “HA,” has almost nothing to do with Data Backups and everything to do with Disaster Recovery, specifically expediting Recovery Time Objective (RTO). If a business cannot tolerate any meaningful downtime and must be online within minutes of a significant disaster or disruption in infrastructure, HA is right for you.
HA entails having a warm or hot parallel infrastructure online that is synchronized with your production infrastructure. Unlike data backups, having multiple historical copies of the data with HA is not relevant, as HA is designed to be a real-time mirror image of your primary system. This allows for the immediate failover, often in an automated fashion, within seconds, resulting in little to no downtime for the business. HA has been applicable in the enterprise space for years, but is becoming more and more common in the SMB space as public cloud platforms, like Microsoft Azure or AWS, offer cost-effective options.
Now that you are more versed in these concepts, you can shrink that gap between how protected you think you are versus your actual exposure to data loss. We will dive deeper into the differences in cold, warm, and hot offsite backups in our next series.