At the heart of every business is a set of people, processes and technologies that allow the organization to achieve its goals. But what happens when something occurs that interrupts the flow of these things? Traditionally, businesses have focused on recovery from a disaster such as a tornado or a flood. In recent years, this focus has been expanded to something referred to as business continuity—the ability for the business to respond to a wide range of unexpected incidents.
Your data is at the core of almost all of your business processes. Most organizations will routinely review insurance policies, check fire extinguishers and test alarms to ensure the safety and protection of the company. The same proactive organizations that consistently evaluate the security of the staff and premises frequently overlook the significance of the data stored at their facility, be it on computers or in paper files. Ask yourself: can my business survive if that data is destroyed? Can we meet sales commitments, financial commitments, and state or federal regulations if accessing our data becomes a challenge?
As you start approaching your data’s security and recoverability, you will most likely come upon some unfamiliar terms. One of the more frequent terms you can expect to hear is RTO, or Return to Operations. RTO is the period of time it will take to get the organization’s people, process and technology working again after an incident or interruption to the operations.
Everyone wants a short RTO. There is, however, a cost associated with shortening the RTO for any organization. While it is theoretically possible to have a nearly instantaneous RTO, it is neither fiscally responsible nor operationally necessary to go that far. Finding the right balance between cost and recovery time is the goal of any well-constructed strategy.
It is also important to consider retention strategies for your data. Retention strategies refer to what should be backed up and how often. A common method is to perform a weekly backup of all the data and then execute a daily change. An important question to ask is: do I keep one week, two weeks or even a month? That answer depends on how far back you want to go to retrieve the data.
As part of your business continuity strategy, an inventory of your electronic data should be done at least on an annual basis. This would include identifying the types of files/data being saved, as well as where and how the data is being saved. Policies and guidelines should be developed with regards to security, retention, size, local/state/federal rules and regulations, and redundancy. The question is: do you really understand your data? Do you know what data would be needed when an incident occurs that interrupts your business? Businesses that take the time to understand their data and proactively manage it, consequently are able to more efficiently and cost effectively secure and back up business-critical data, putting them at an advantage if the need to recover from a disaster ever occurs.
Here are two scenarios to consider when looking at the recovery of your data. When creating a business continuity strategy, many people focus on the more catastrophic scenario involving the destruction of one or all of the business servers. However, it is important to keep in mind the more common scenario of which we have all experienced. Although it is an everyday occurrence, the accidental deletion of a file can be devastating as well. Both scenarios remind us of the importance that data backup and retrieval has on the welfare of a business.
Even in a slow economy, there is one thing guaranteed to grow in all businesses: the amount of data generated by the business and subsequently stored for later retrieval. This data comes in many forms and levels of importance. The data may be client information, marketing materials, financial reports, employee files or other intellectual property, but no matter the type of data, it is important for every business to take the time to review and understand the data that is being generated in their business.
As you can see, there is more to data security, backup and recovery than most believe. Having a solid business continuity plan, including a backup strategy, is key to helping a business recover in the event of a disaster. You should consult with a business continuity specialist to develop and implement a business continuity plan for your organization. iBi
John Jenkins is associate director of STL Business and Technology Solutions, a 12-year employee with emphasis in software and new usiness development.