Recently I had a conversation with a customer at a small seminar around his backup environment. It went something like this:
Me: You know, you use EqualLogic so you could supplement what you’re doing for backups with snapshots and replication during the day.
Him: Yes – we’ve talked about doing that but never got around to it. How would we get started?
Me: Well, the technical part is pretty simple to implement, but the tricky part is figuring out what kind of policies to set that meet the requirements of your business. It depends on your RPO – the point in time representing the most amount of acceptable data loss – and your RTO – the longest amount of time it was acceptable to take in bringing a failed system back up.
(That’s the sound of the conversation screeching to a halt.)
He explained that the business never gave IT guidelines on this kind of things – they just said “do the best you can…and we can’t have any downtime.”
Later, I got to thinking – is this advice I’ve been giving customers around setting their RPOs and RTOs before they implement data protection strategies sound? As I started to listen more carefully to their answers over the next few weeks, it seems like the responses from the business side fall into one of two camps:
- The Zero-tolerance response: “We can’t have any downtime.”
- The Ping-Pong response: “Well, what’s the best you can do?”
Neither one helps IT figure out what to do.
Some companies, mostly on the larger side, have implemented ITIL or some other framework that enables them to work through agreeing on these policies. But for most small and medium businesses, this discussion on data protection has been on someone’s whiteboard for so long that it won’t erase.
In my next post, I’ll suggest some ways to get this conversation going. Have some ideas? Leave some ideas in the comments