If you run a business and think RPO means run pass option, your business backup strategy is in trouble. An area of focus we highlighted last week was recovery planning. There are two key concepts in recovery planning. These concepts link directly to the success of your business surviving a ransomware event. It is important that you understand both of these concepts more than you do the RPO of modern day NFL offenses!
Recovery Point Objective (RPO)
The question here is how much time are you willing to lose? For most businesses a day is uncomfortable, a week painful, and a month catastrophic. The RPO defines how far back you are willing to go when you have to recover data. It also defines what level of recovery is possible. Is it hourly, daily, or weekly that you can choose from?
Starting with a small RPO of 15 minutes and then seeing if that delivers acceptable performance and storage usage is a great place to start. Roll these up hourly, daily, and weekly so that your business has plenty of recovery options after a ransomware event. PLEASE NOTE: You do need to keep at least weekly backups for the past month in the event the ransomware was not detected for some time……otherwise all your backups will also be infected!
Recovery Time Objective (RTO)
Backup is useless if the RECOVERY time is unacceptable. This is the number one issue for businesses after a ransomware event. They have backups BUT the restoration process is not clear and ends up taking a week or more. To avoid this you need to utilize an image-based recovery that allows for instant virtualization of the backup data, and tests that it will work at least daily.
Image based backups ensure that the entire server (or volume) can quickly be mounted and accessed when needed. Many products claim to be image based, BUT the time required to get them to a usable state can be days depending on the technology. The leading provider of this service is Datto and we use them exclusively.
Stringfellow works with our Clients to ensure that data is not only backed up, but also recoverable in a timeframe that is acceptable. It is the second part that many providers are missing!