We’re kicking off the new year with DR 101. Recovery Point Systems Chief Marketing Officer Archana Mehta sat down with Mike Isaak, senior solutions engineer, to talk about RPO: Recovery Point Objective. This conversation is the first in our new series.

Archana: What is RPO?

Mike: RPO is short for Recovery Point Objective. It’s the amount of data you’re willing to accept as a loss, reflected as a measurement of time. In other words, RPO measures back in time to when your data was preserved in a usable format such as from 1) the previous night’s backup; 2) a snapshot made four hours ago; or from 3) the most recent journal entry seconds or minutes ago if using a Continuous Data Protection solution like Zerto.

Archana: What are other considerations?

Mike: It’s important to thoroughly understand the data, applications, and systems that live within your organization. Focus on interdependencies and how critical they are to the organization as a whole based on requirements from internal departments, such as accounting, operations, procurement, and sales, etc.

Once these metrics are determined, then criticality tiers for recovery can be defined. This step is absolutely necessary to create a successful, cost-effective disaster recovery solution. Typically, such analysis is part of an organizational-wide Business Impact Analysis and Business Continuity / Disaster Recovery (BC/DR) professional services engagement. 

Archana: What are examples of tiers?

Mike: For mid-to-large organizations, our team strongly recommends four criticality tiers:

Tier 0 = for systems that need to be always-on (core infrastructure systems such as Active Directory and DNS)

Tier 1 = for systems that need to be recovered in four hours or less

Tier 2 = for systems that need to be recovered between four and 24 hours

Tier 3 = for systems that need to be recovered between 24 and 72 hours

RPOs can vary across these tiers. However, typically the lower the tier ranking, the lower the RPO. For example, Tier 1 RPO is typically measured in seconds or minutes whereas Tier 2 RPO is typically measured in hours.

Archana: What is the best way to calculate RPO?

Mike: First, figure out how much data loss is acceptable as a measurement of time. Typically, this is determined from an application and data perspective based on criticality of that application and data to the organization. Once the criticality tier is defined, you need to solve for the infrastructure and technology that is required to achieve the specific RPO. 

There are a variety of solutions available today to protect data such as host or hypervisor-based replication, storage-based replication, and backup-based replication solutions. Lastly, you need to ensure there is sufficient bandwidth available to replicate data, per the designated replication window, as required to achieve the specific RPO.

Archana: What mistakes do we often see when determining RPO?

Mike: We often see that organizations don’t have sufficient bandwidth to support replication and achieve the intended RPO. They either fail to consider (or sometimes woefully underestimate) the data change rate percentage and the replication window mapped to a specific RPO. Or they don’t account for the latency and overhead experienced when attempting to replicate via IPsec VPN over the internet.

It’s feasible for an impressive disaster recovery solution to be represented on contractual paperwork, yet the solution can ultimately fail because there is insufficient bandwidth to support the required replication.

Archana: How can Recovery Point help?

Mike: A formidable and tenured service provider, like Recovery Point, has both the infrastructure and knowledge base readily available to support the various criticality tiers for recovery. Give us a call at 877-445-4333. We’ll help you through the disaster recovery process.

You Might Also Like

Leave a Comment