There are all sorts of areas businesses overlook on the cyber security front. And with cyber security being of particular importance in the current climate, we should be leaving no security stone unturned. In the following article we’ll be covering an area many businesses might overlook when it comes to backup. So read on to learn how you can stay safe and ready your business for a disaster recovery situation.
What is RPO?
It stands for Recovery Point Objective, and it’s the maximum amount of data a business can afford to lose before sustaining significant losses. It’s measured in time and will be tied closely to how often you backup your servers. Backing them up once a night means your RPO would be worse than if you backed them up every minute.
What is RTO?
This stands for Recovery Time Objective. This describes how long it will take to get your data back after a failure of some sort. For example, the RTO of a very important email – deleted + trash emptied – would need to be pretty short. Thankfully exchange backs up email data continuously so this should only be a few minutes. Conversely, an online store that changes its inventory no more than weekly might only need an RTO of a day or two. The data will be spread across multiple databases so these can be relied on in such an event.
It’s all about knowing your data and testing your RPO and RTO
Regularly assess your backup. Make sure you always know how much critical data needs to be backed up. If needed increase the frequency of snapshots you take of your critical data. Conferring and collaborating with every department will usually be necessary here to determine what data to prioritise, what will cost more in downtime etc. Make sure you then test to confirm your RPO and RTO are what they need to be in order to save your critical data.
When you regularly review what’s critical you can also use this time to improve your RPO and RTO. For example, removing more critical data wherever feasible from your RPO can improve it. Plus as technology advances, there may be newer, smarter ways for getting your data back more quickly.
Along with a range of various other measures, getting your RPO and RTO right is one of the most important things you can do for your business’s cyber security. Making sure your team is educated and cyber aware is also paramount. So if your team isn’t educated yet, click below to see how CMI can help strengthen your first - and weakest - line of defence.