It is a common misunderstanding that managed backup and disaster recovery are the same thing. Managed backup is a storage-only offering. To become disaster recovery, there needs to be a compute capability that can be spun up when needed to access the storage and supply the users. Without compute, in the event of a disaster, the customer’s data will be safe but they will have no means of accessing and processing it, e.g. they won’t be able to restore service.
A disaster recovery option builds on managed recovery by enabling this restore capability. The primary compute resources, like the primary storage described under backup and archiving, can exist on-premise, in colocation racks or on a cloud somewhere. The scenario remains the same: there has been a disaster at the primary site and all compute and storage (e.g. the on-premise server room) resources are offline or destroyed. Cloud-based DR exists to restore full services within the agreed customer SLA. At this point, it is necessary to become familiar with RPO and RTO.
RPO: Recovery Point Objective
RPO determines how far back the customer wishes to go to restore data from the backup – the recovery point in time – as part of their SLA. Note that this cannot be a timeframe more frequent than the backup schedule. So if the managed backup is scheduled for every 24 hours, the best-case RPO will be 24 hours. If the frequency is shorter, the RPO can be sooner. Some companies may choose to pay a higher fee for more frequent synchronisation allowing a shorter RPO window, e.g. a recovery point objective of 4 hours.
RTO: Recovery Time Objective
RTO determines how quickly the customer expects service to be restored, i.e. the compute resources are spun up and the data is live, with this being enshrined in SLA. An RTO of 4 hours is commonplace. Many companies pay more for an RTO of 1 hour. At its most extreme, some pay for a “live/live” environment where services run in parallel and can be “cut across” nearly instantaneously, but that is prohibitively expensive for most.
The agreed RPO and RTO combine to form the service level to which the customer expects the service provider to adhere. In short, it’s an indication of how far back to go and how quickly to restore. So a 24 hour RPO and 4 hour RTO would mean that the customer would expect data to be no more than 24 hours old and service to be restored in less than 4 hours.