There are many kinds of disasters that can compromise your IT network. Fire, flood, and tornadoes are just a few. These can all bring your network down and your business to a standstill. But cybercrime, including data loss and theft, can also prove disastrous without proper IT support.
Recent surveys show that most small to mid-sized businesses have no disaster recovery plan in place. That’s a pretty scary scenario given that about 50% of all small businesses have reported some sort of data loss. In fact, according to the Association of Small Business Development Centers (SBDC), about a quarter of these businesses will experience a “crisis level” loss each year.
What Have You Got to Lose?
Think about all the electronic records in your business – customer contacts and purchase records, email, finance, etc. – now think about how devastating this kind of loss can be. You can lose some of your records or you can lose all your records. There have been many cases of total loss through ransomware attacks that lock up every file and that cannot be undone.
But even lesser losses can be problematic. Statistics show that the average data loss costs the victimized company more than $10,000. This includes lost business, lost future customers, the cost of reloading compromised files, etc. It builds very quickly. But these problems are unnecessary as worst case scenario prevention and recovery plans are affordable to the point where it is truly foolish to not explore your IT support options.
Know Your Limits
We are going to cover this area in some depth over the next few weeks and today we’re going to start with three of the key IT support metrics companies should be using in determining the level of risk they can tolerate, the level of data loss they can afford to suffer, and how quickly they must get back online.
Recovery Time Objective (RTO): This states the maximum time you are willing for your company to be down. “Not at all” is generally not an acceptable answer because, although such planning is possible, the cost of IT support doing so is generally prohibitive for most companies. The actual answer often depends on the type of company you are. If you are a manufacturer, it’s one thing. Quite another if you sell products online.
Recovery Point Objective (RPO): This is the point in time to which you need your data recovered, in other words, how much data can you afford to lose? Again, it’s a question of dollars spent in setting up your back-up / recovery process vs. dollars that will be lost.
Maximum Tolerable Outage (MTO): This is kind of a first cousin to RTO but looks more closely at loss of business relationships and the daily continuity of your business. Or, how long can you be down before the effect on your business relationships becomes a disaster?