Data Recovery Objectives. Why are they so important?


Backing up data and data recovery are vital functions of daily IT operations. Data is, after all, the lifeblood of your digital organisation. Even if your business is not directly involved in the digital industry, if you use systems in your business, you need to backup the data your organisation creates. Hardware and software can be replaced should a system fail but data is unique to each business and as such needs to be securely backed up.

There are three primary components when developing a backup plan or strategy which you need to consider. The backup scope, your recovery point objectives (RPO), and your recovery time objectives (RTO).

A failure in one component could result in catastrophic data loss for your business. It is therefore imperative that you apply the necessary due diligence when formulating your backup strategy to ensure you consider all the necessary factors needed for successful backups.

Understanding Data Recovery Objectives

Backup Scope

The backup scope is essentially the data set which is being backed up. Organisations must confirm all essential data is included in the scope to ensure the organisation is not at risk. Data which is not part of the backup scope is not backed up and finding out data is missing from the backup scope when you need to recover is far from ideal.

Organisations must however not make the mistake of defining a backup scope and not reviewing it on a regular basis. Data creation is dynamic and as such backup scopes need to be dynamic as well. For example, if a new folder is created on a file server or a new database is created on a database server, you must ensure that your backup scope is amended accordingly to ensure these new datasets are backed up.

Where possible, processes must be put in place to ensure new data storage locations are identified when created and added to the organisation’s backup scope to ensure no data is at risk due to backup exclusion.

Recovery Point Objectives (RPOs)

A recovery point objective (RPO) is the maximum amount of data, stated as a period of time, which an organisation is willing to lose in the event of a data loss incident. For example, if your RPO is stated as one hour, it means you are willing to lose an hour’s worth of data in the event a system goes down.

RPOs are set when backup schedules are set. If we use our one-hour example, an organisation with an RPO of one hour will need to ensure it performs backups every hour to ensure its recovery point objective is met.

Defining an RPO when formulating your backup strategy is therefore key as it specifies the amount of data you are willing to lose in the event of a data loss incident. The higher your RPO, the greater the amount of data at risk. So why would an organisation opt for a high RPO when any data loss could be detrimental? The answer is due to the limited time and storage resources available to the organisation when backing up its data.

The good news is organisations these days no longer need to have high RPOs. High recovery point objectives were created when backups were being performed on-premise, with primitive backup software on a limited amount of available storage. The cloud has changed all of that. You now have the option to continuously backup data via innovative software onto a platform where storage capacity is no longer your concern.

Recovery Time Objectives (RTOs)

A recovery time objective (RTO) is the maximum amount of time an organisation is willing to wait before data is fully restored. If your RTO is 30 minutes, it means post a disaster all data needs to be restored, and all systems need to be running normally within half an hour.

As with RPOs, RTOs were defined during the pre-cloud era when backup storage media such as magnetic tape were the backup medium of the day. Restoring from tape is a slow process due to the slow rate at which tape drives read data from tape cassettes. However, with the advent of disk storage and the additional option of cloud-based backup solutions, RTOs can now be as low as a few seconds.

Virtual Machine Backups = High-Availability

The advent of Virtual Machine (VM) backup solutions have also eroded the high RTOs of days gone by. A VM backup solution with a low RPO and a low RTO essentially creates a near-time high-availability platform for today’s modern enterprise. In the event of a failure, a backup VM can be commissioned in a matter of seconds ensuring your customers can access your services without you needing to perform damage control due to the negative effects of high RPOs and RTOs.

Nexon’s Backup and Recovery services, powered by Veeam, is a platform built with these features in mind. Nexon can help organisations achieve agility and high availability in an always-on world where any data loss and slow recovery is simply no longer acceptable.

Ready to be always on?

Discover the benefits of high availability to your business with our free whitepaper 5 Important Reasons Why Your Business Needs to Be Always On.

Related articles

6th December, 2023 | Stephen Ellis

How to deliver modern customer experiences with legacy finance platforms

Financial service providers are wedged between yesterday and tomorrow. While traditional systems still power core solutions (and will for some time), today’s customers expect personalised, real-time service delivery across any channel. How do you bridge the gap without reinventing the wheel?
4 minutes
21st November, 2023 | Dan Weis

From static reports to remediation: the journey to next-level cybersecurity

Our rigorous penetration test reporting is just the beginning. We understand that for most organisations, the real challenge begins with turning those findings into tangible security improvements. That's why we've introduced an intuitive, interactive Penetration Testing Reporting portal that allows you to seamlessly manage your vulnerabilities in a central location for multiple stakeholders to action accordingly.
5 minutes
20th November, 2023 | Janniek Starren

How Teams proliferation exposes you to security and compliance risks

Remember that cross-functional team that ran the big product launch in 2022? No, neither do I. But it still exists online, complete with sensitive financial documents, third-party access, and private discussions about competitors. Did anyone lock the door on the way out?!?   The recent rush to remote and hybrid work has created a flurry […]
5 minutes


Expert strategies for tackling 2021’s cyber security norms

nexon-cybersecurity-ebook@1x 1