Tiered Approach to Disaster Recovery
Businesses today produce more data and use more applications than ever before. The sheer volume of data adds to the complexity and cost of today’s disaster recovery plans. When it comes to backing up your information, not all data and applications should be treated the same. A tiered approach is a great way to efficiently organize and prioritize to ensure your most critical data and applications are restored the fastest.
Identifying mission-critical applications. The key to maximizing your disaster recovery budget may be in determining which applications and data are truly “mission critical.” For most businesses, the old 80/20 rule applies: approximately 20 percent of your data is business critical and required for your business to function. The other 80% of data may be important, but your business could function without it temporarily if needed. According to NTP’s Software Storage Assessment Survey 61% of unused data in primary storage systems has not been accessed for more than six months. If data has not been accessed for more than six months, it is probably not mission critical.
Determine the tier. Now that you’ve determined the business value of your data and applications, it is time to assign them a tier to determine what needs to come back “online” first. I recommend starting with a 3 or 4-tier ranking system. To determine which tier your data belongs in, classify it based on two things: the time it takes to recover it and the impact it can have on revenue. Transactional sales, manufacturing and marketing applications which generate revenue are generally referred to as “Tier 1.” These applications should get top priority over the others. For example, if your company is running an e-commerce site, make sure your website and payment portal are classified in Tier 1, as downtime with these could result in loss of profit. Tier 2 applications get the next level of priority and include major business applications such as email and enterprise resource planning (ERP) systems. Tier 3 data may include historical financial data not necessary for day-to-day business operations, but that should be accessible for trend analysis and to support major business decisions. Tier 4 typically contains a large amount of historical data, such as old HR records or archived emails.
Define the RTO. After your applications and data have been organized into different tiers, it is important to determine the Recovery Time Objective (RTO) and Recovery Point Objectives (RPO). For high level, business critical tiers such as Tier 1, the maximum downtime allowed should be no longer than an hour. Whereas, for Tiers 3 and 4, you may decide a 24-hour or longer RTO is acceptable. The RTO and RPO assigned will help you determine which Disaster Recovery method is necessary for applications in that particular tier. Tier 1 applications may require an active/active replication strategy with instantaneous or near real-time recovery. For Tier 4 data, slower, low-cost tape backup may be the best option.
Which data and applications are most important to your business’s functionality?