You would think that by now everyone understands the need to back up all data so it can be recovered in the case of a crisis event, such as a ransomware attack or server crash. Backup and recovery are the foundation of business continuity.
But then, why do so many ransomware victims end up paying the ransom to attackers? This has fueled the growth of this threat and caused ransomware attacks to become even more dangerous as the years go by.
A survey by tech firm Palo Alto Networks found that 58% of Canadian businesses paid the ransom to ransomware attackers. The average cost was just over $458,200. And most of the businesses hit with ransomware (58%) said that it took them over a month to recover.
While many businesses back up their data, they miss important elements that complete that backup strategy. Two of these are the recovery point objective (RPO) and recovery time objective (RTO).
Both of these elements are needed for a complete backup and recovery strategy that you know will have you covered in the case of a ransomware attack or another data loss incident.
When you lose data and turn to your backup, how recent do you want that backup to be? This is your recovery point objective. It’s the point at which you want to recover all your data.
Are you okay with losing a day’s worth of generated and captured business data? If so, then your RPO would be 24-hours.
If you’d rather lose as little as possible, then you may want to have all your data backed up every hour, and have a 1-hour RPO.
While everyone might immediately think that a 1-minute RPO is perfect, there are some considerations when deciding on your RPO:
Backing up every hour and storing all backups for three months will take quite a bit more storage space than backing up once per day with the same 3-month storage requirement.
So, you need to factor those considerations in when deciding your recovery point objective. Once this is decided it will be used with your backup system to ensure all environments (PCs, mobile devices, servers, cloud platforms) are being backed up according to the necessary schedule to meet your RPO.
RTO is often where companies that pay ransomware attackers end up faltering. For example, in the large ransomware attack on JBS (the world’s largest supplier of beef and pork) in 2021, the company paid about 11 million in ransom to get their data decrypted. JBS did this because leadership thought it would be faster than restoring the backed-up data.
Many companies aren’t sure how long it will take them to do a restoration of their data because they don’t have an RTO they have tested and are confident of.
RTO is how fast you can recover after a data loss incident. And it’s important that this isn’t just a guess. It needs to be tested regularly, at least once or twice per year in disaster recovery drills.
You need to know exactly how long it would take to restore data to your systems from your backup solution when needed. You won’t know if you run into glitches or if you’ve chosen a poor backup solution unless you actually go through the process of testing this.
This will help in several ways:
Recovery point objective (how much data you can afford to lose) and recovery time objective (how fast you can recover your data) are two vital components of your backup and recovery strategy for business continuity.
Doing the planning upfront on these two items pays off in the long run when you’re able to restore your data quickly, knowing exactly how long it will take and how much data you can expect to lose in the process.
Haxxess can help your Northern Ontario business put together a strong and resilient business continuity plan, including assisting you with determining your RPO and RTO.
Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.