What is your risk tolerance level?
No one is immune to the possibility of a breakdown or equipment failure on a hosted server. It’s essential for any organization to understand and know its tolerance level in the face of such a possibility.
If the server hosting your web project breaks down, what will be the consequences for your organization, your customers, your revenues, your reputation and your nerves?
The purpose of this article is to guide you through this process, so that you can plan for the worst-case scenario and act swiftly in the event of a crisis.
The aim is not to anticipate all types of risk, but to identify the technological means and actions to be taken to minimize them.
The first question is: what is our risk tolerance? To this end, here are 2 concepts that will facilitate understanding and guide reflection.
RPO and RTO concepts
1. RPO – Knowing the value of your data
The RPO (Recovery Point Objective) defines the frequency with which critical and non-critical data is backed up.
Objective: define the value of our data and the frequency of backups
- What data do you consider critical to your organization?
- How much data are you prepared to lose in the event of an incident (think of the time elapsed since the last backup, for example)?
- How often is your data updated (in real time, daily, weekly)?
- Do you currently have a backup solution? If so, how often are backups performed?
- Are you able to assign a value to your data to justify the frequency of backups?
2. RTO – the impact of a service interruption
The RTO (Recovery Time Objective) consists of defining the delay time required to restore service, taking into account the amount of data to be restored from the most recent data backup.
Objective: Understand the consequences of an interruption in order to define an acceptable recovery time.
- What is the maximum downtime your organization can tolerate without major impact on its operations?
- Which services should be restored first?
- What would be the financial and/or operational consequences of a prolonged outage?
- Do you have a continuity or disaster recovery plan?
3. The reality of your hosted solution
The best way to cope with the unexpected is to prepare for it now. The worst thing you can do in the event of an incident is improvise. Planning means knowing which direction to take in order to act and restore the situation.
Objective: assess current ability to meet RPO and RTO targets
Do your current systems allow for rapid service recovery (e.g. local and off-site backups, hardware redundancy, replication or high availability (HA))?
- What technologies are currently in place to manage your critical data and applications?
- Have you ever simulated a data restore or experienced a restart of your systems following a service interruption?
- Have you defined the minimum distance in kilometers between your primary site and the backup site?
- Does your infrastructure meet the needs of today’s reality?
4. Compliance and safety
The security of your hosted solution must be designed to meet the requirements of your web project at every level. Geographical, political and technological contexts must be harmonized with the requirements of your web project.
Objective: ensure that the solution meets your organization’s standards
- Where is your data hosted? Where are backups of your data stored?
- How do you manage data security (encryption, access control)?
- Are you subject to any specific data protection regulations?
- Are there any legal or contractual requirements relating to data recovery or recovery times that bind you to stakeholders?
- In the event of an incident, is your recovery plan defined in actions for each party involved in restoring service?
5. Solution review
Each web project has its own technological realities. It’s essential to pay special attention to each project to better understand its needs over time.
Objective: maintain a technology revision plan in line with project growth
- Do you have a clear guideline for wearing out your web hosting solution and replacing it?
- Do you foresee a significant increase in data volumes in the coming months or years?
- How will your availability and resilience requirements evolve as your organization grows?
- Do you have any upcoming projects or major changes (new services, new infrastructures)?
- How important is automation in your backup and recovery processes?
We hope these questions will help you to identify the specific RPO and RTO requirements of your web project, and to better understand your risk tolerance.
Book your free consultation today.
Our aim is to guide you in making the best technological choices for the growth and evolution of your web project, and to offer you managed solutions that meet the requirements of today and tomorrow.
