Is Your Data Worth Protecting At All Costs?

Posted by Kuljit Sangha on Oct 30, 2018 10:00:00 AM

When it comes to protecting your data, having a single strategy is often not enough. To combat the many different types of threats to your data, you should be prepared with a variety of means to protect your data. This begins with each business unit internally understanding its Recovery Time Objective (RTO), Recovery Point Objective (RPO), and availability needs. Once these items have been documented, we can determine which data protection strategies are the best fit for your environment.

Recovery Time Objective (RTO) + Recovery Point Objective (RPO)

The first items each business unit should understand are its RTO and RPO. RTO is the amount of time it takes to restore your application back to a working state. For example, how long does it take to get your database recovered from a corrupted state, or to bring up your server after a power failure? The speed at which you can rely on getting your application back online is a key component of planning your data protection strategy.

The other half of the puzzle is determining your RPO. RPO is the point, or time duration, of the last restore point for the application/data set. For example, if you are restoring a corrupt database, how long ago was the last valid copy created? The copy could have been created anywhere from 2 to 24 hours ago, and this affects the amount of data you may lose. If your only copy is from 24 hours ago, that means all data written within the last day has been lost. You must determine how much data you are willing to risk losing.

By identifying your RTO and RPO, you are taking the first step to understanding the appropriate data protection requirement.

Snapshots: Quick Data Recovery

If created properly, snapshots can help deliver your fastest RTO and RPO. A snapshot is a snap-in-time copy of your data volume. Let’s take a simple example of array-based snapshots of your VMware environment. On your storage array, you may have Volume A, which hosts a few of your critical virtual machines. If a virtual machine gets corrupted, you can visit your storage array and reapply a snapshot to restore an uncorrupted version of particular volume. With data protection software, you can go into a storage snapshot and restore only a particular virtual machine, as well.

Snapshots are lightweight, and on all-flash storage arrays, they can sometimes come at a zero storage cost penalty. Therefore, you can schedule to take these snaps in hourly windows, or even minutes, if an application requires it. Because the snapshot is being applied with the same storage array, reverting back to a snapshot is a very quick process. This keeps your RTO requirement very low.

Backups: Reliable Data Protection

Backups are typically the number-one way you can protect your data today. You can run backup software to take a copy of your data and send it to a secondary location. It is never advised to send your backup copy to the same storage location as your primary data location. Refer back to the old adage: “Don’t put all your eggs in one basket.”

Most users take a nightly backup of their environment, which gives an RPO of up to 24 hours, depending on when the store happens. The RTO can take slightly more time, because you are now restoring from a secondary data set back to the production storage array or another source. Based on disk/network speed of the restore process, the RTO can range from hours to days. The benefit of a backup over a snapshot is that the snapshot sits where the production data sits. If the entire storage array goes down, then the snapshots are not reachable and you would have to revert to a backup copy.

Replication: Remain Up + Running 24/7

Replication refers to the ability to copy the data set from your production data center to another location, commonly known as your disaster recovery (DR) data center. Based on the infrastructure available to you, you can do SAN-to-SAN replication or hypervisor-to-hypervisor replication. This is the best solution for applications that require high availability. If you lose your SAN, then snapshots won’t work. If you lose an entire data center, then your backups won’t work. If you require an application to be up and running 24/7, replication must be part of your data protection strategy.

In the case of a data center or site failure, an admin can failover the application to the DR data center. The DR data center will have up-to-date copies of your data and be able to get you to a running state. This does require an investment in additional infrastructure to support your production environment. Based on the cost of having a DR data center, some companies stick to localized data protection or replicate only a subset of their data.


In an ideal world, all three data protection methods mentioned above should be applied to your data sets. By determining your RTO and RPO objectives, you can fine-tune the requirements of each data protection step. Some applications may only require snapshots, while others may require data replication to a DR location. When it comes to protecting your data, knowing the specific level of requirements is critically important. It can make the difference between restoring and losing your most important data.


 Exploring the Modern Data Center

Is your data center keeping up with your digital transformation demands?

ConvergeOne's Data Center Experts have written a guide that provides valuable insights about how you can strategically design your data center infrastructure to power the technology of tomorrow. The following areas are explored:

  • Digital Transformation

  • Data Protection

  • Active/Active Data Centers

  • Converged Architecture

  • Hyper-Converged Infrastructure

  • Application Centric Infrastructure (ACI)


Topics: Data Center, Disaster Recovery, Data Protection