RTO vs RPO

All businesses should have a business continuity plan (BCP), especially companies that rely on IT infrastructure to support or operate their business model. A business continuity plan is a predefined business process created to document and demonstrate the planning undertaken to prevent a disaster scenario occurring.  The BCP also documents and demonstrates the process of how a business will recover from a declared disaster scenario. The disaster could be caused by any number of scenarios; typical causes may be user error, hardware failure or a natural disaster.

One of the key elements of any business continuity plan is the disaster recovery plan (DRP). A DRP will be designed to incorporate the fundamental principles of RTO and RPO. Both RTO and RPO share a common goal; they quantify what losses might ensue if critical services are disrupted and set targets for re-establishing services based on mitigating potential losses. Both principles are equally important and should always be central to the design of any disaster recovery solution. Providers and clients must work together to define realistic RTO and RPO goals as often these goals vary from client to client.

What is RTO?

RTO stands for Recovery Time Objective. It is the maximum tolerable time allowed to recover client systems after a disaster scenario has been declared.  This could be failure of servers, network, storage or even a complete outage of the entire infrastructure. The Recovery Time Objective is measured from the time the hosting services are declared to have become unavailable until such time services become available and operational in accordance with applicable service level agreements.

RTO is the time a business can afford to be without critical services before incurring significant losses, and it is the acceptable magnitude of system downtime. RTO is always a measurement of time, be it minutes, hours, days or weeks. A Managed Service Provider’s goal is to achieve an RTO for critical systems as close to near-zero as possible.

What is RPO?

RPO stands for Recovery Point Objective. It is the measure of the maximum acceptable data loss recorded by time, or the maximum allowed age of the data when recovering a client’s system. RPO is measured from the time the first transaction is lost or from the time the hosting services became unavailable. This generally refers to data backups and data availability – for example, does a company require data backups that are no more than four hours old? A day? A week? Depending on the nature of the business, the RPO could differ.

RPO is all about data and how much data a client can afford to lose in a disaster scenario. In an ideal world, near-zero data loss would be the desired RPO target for all businesses. The RPO defines the extent of acceptable data loss for a client. As RPO is measured by data, critical business decisions need to be made regarding backups, high availability, data replication and disaster recovery planning to define a RPO which is both achievable and tolerable for the client.

How to improve RTO and RPO?

Near-Zero RTO and RPO is the ultimate goal for most disaster recovery plans, this is becoming more achievable as technology evolves.  Traditionally, an IT service provider’s disaster recovery plan was defined by a backup policy. Clients would typically have their entire infrastructure backed up every 24 hours, usually at the end of the working day. This process would be complemented with weekly, monthly and annual archives of the data. Often this data would be written to tape and sent into offsite storage.

In the event of a disaster, the correct tapes would need to be located and couriered to site, often adding lengthy delays to the RTO. Additionally, depending on the extent of the disaster, entirely new infrastructure may have needed to be built from scratch, potentially in a different location, and then restored from the backup tapes.

Now with VMware virtualization, disk based backups, and replication in the private and public clouds, the traditional backup strategy approach is, thankfully, in decline. Technological advancement in site-to-site storage replication and private cloud hosting allows providers like Atlantic.Net to offer vastly improved RTO and RPO.

Always-on, synchronous replication allows us to stand up a disaster site at any of our world-class data centers, and in the event of a disaster, we can use our policy defined disaster recovery service to failover production systems into a predefined DR site. This process is fully automated and offers some of the best RTO and RPO available. Once service has been failed over to the DR site, replication is automatically synchronized back, allowing us to move services to the primary location at a mutually agreeable time.

Backup Strategy

Atlantic.Net works with clients to define a backup strategy to achieve the best RTO and RPO target possible. All our backup services use highly available disk based storage which is replicated to ensure protected data consistency. Our engineers will work with you to ensure the most efficient backup policy is defined for your infrastructure.

Disaster Recovery as a Service

A strong backup strategy is the first step for securing our clients’ data. We offer world-class private cloud hosting which can include our Disaster Recovery as a Service. We work with our clients to define a Disaster Recovery policy to identify key servers and services to protect. Our software will replicate these servers to a chosen DR site, and our teams will build a resource group for your systems which, in the event of a disaster, will cut over services in a pre-defined boot sequence. This technology allows Atlantic.Net to offer some of the best RTO and RPO available.