|
By Bill Merchantz
What Are Your Availability Goals?
Which is more likely to keep you up at night: worrying
about threats to your company's data or worrying about operations
being halted by system downtime? Your answer probably depends on
the nature of your business.
Consider a pharmaceutical firm. It can take years
and hundreds of millions of dollars to complete all of the research,
development and testing phases necessary to obtain regulatory approval
and begin to sell a new drug. If downtime extends the process by
a few days, the added expense is insignificant relative to the total
cost of bringing the product to market. However, if an entire phase
must be repeated because critical test data was lost due to a disk
failure, the added cost could be staggering.
Banks are also more concerned with protecting data
than with maintaining 100% uptime. Undoubtedly, customers will become
upset if they can't access their accounts for an hour because of
a system outage. Yet, that frustration pales in comparison to the
rage that the bank would see if it lost all record of a customer's
accounts.
When looking at availability solutions, banks, pharmaceutical
firms and other similar organizations typically focus on recovery
point objectives (RPO). If a disk crashes, they need an available
backup that is fully synchronized with the production data right
up to the last transaction. Likewise, if a system goes down, they
need to be sure that no transactions are lost in the process.
"Of course," you say, "protecting data is always the
top priority!" Really?
A 911 emergency call center would probably disagree.
While it does want to keep data for analysis and follow-up, its
number one concern is maintaining the ability to respond immediately
to current and future emergencies. Losing information about situations
that have already been effectively handled would certainly be troubling,
but not being able to dispatch fire, police or paramedic services
due to system downtime would be catastrophic.
A highly automated manufacturing plant provides a
more common example of a situation where maintaining uptime may
be more important than protecting data. If the plant's systems are
down, production stops. Depending on the size of the plant and the
value of the goods produced, that could result in hundreds of thousands
or even millions of dollars of lost production each hour. If, on
the other hand, a system glitch loses the occasional inventory transaction,
the consequences would likely be minor. The inventory discrepancy
would be detected during the next physical tally, something that
must be done anyway to account for breakage and theft.
The availability concerns of this second type of organization
focus primarily on recovery time objectives (RTO). They obviously
want to protect the integrity of their data, but even more importantly,
if a system crashes they need to know that they can get back online
as quickly as possible, preferably without any noticeable interruption.
The RPO/RTO Continuum
When asked about their priorities, many people, without thinking,
quickly respond that protecting data and maintaining uptime are
equally important. And, statistics suggest that both do warrant
concern.
Weighing in on the RPO side, Gartner Group research
shows that 93% of all companies that experience a major loss of
data are out of business within five years. The case for an RTO
focus is bolstered by International Data Corporation research showing
that unscheduled system downtime significantly affects business
for 98% of companies.
However, while the relative importance of RPO versus
RTO is occasionally similar, one objective is - or should be - given
priority over the other in most enterprises. In some cases, such
as the above examples, the difference in levels of concern is substantial.
Ascertaining where your organization falls on the
RPO/RTO continuum provides basic information necessary to determine
which availability solution will best fulfill your requirements.
The RPO vs. RTO worksheet in Table 1 provides a starting point for
the analysis. Answer the questions in Table 1 for your organization,
then use Table 2 to calculate your scores based on the total number
of each letter you selected. Finally, Figure 1 shows how to take
your scores and determine your RPO/RTO centricity and your Level
of Concern.
The results derived from this analysis typically do
not apply across the entire enterprise. For example, a manufacturer
would likely have different objectives for its manufacturing systems
than for its accounting or human resources systems. All applications
in the enterprise's portfolio should be considered separately and
appropriate availability solutions should be chosen for each.
In order to serve a wide audience, these worksheets
are necessarily generic and approximations at best. Mitigating circumstances
will inevitably shift the direction of your concerns or raise their
intensity over what is indicated by the results. You should, therefore,
build on the results by carefully examining your specific business
requirements when establishing your availability objectives.
The Search for Solutions
After determining the relative importance of recovery point and
recovery time objectives, you can then begin to search for the solutions
that will best meet your needs. In general, if your organization
is more recovery point oriented, it will also tend to be data-centric.
The solutions that best meet these needs include RAID, disk mirroring,
journaling, and/or data vaulting.
If your organization is recovery time oriented, it
is likely application-centric and will require a multiple system
approach, such as clustering, that monitors system availability
and immediately switches users to a fully redundant hot-standby
system whenever the primary system is unavailable.
Foundation Questions
As suggested above, the worksheets included with this article provide
only a rough first estimate of the recovery point and recovery time
objectives that are most appropriate for your business. Fine-tuning
the analysis involves looking more closely at your specific business
environment and requirements. To start the process, ask yourself
these questions:
- How many hours per day can your company afford to have its
data offline or unavailable?
- How many transactions or how much data can be lost before they
impact your business?
- What is the cost to the business of lost data or transactions?
- If you practice regular backups, is your business exposed to
loss of data or transactions between the saves?
- Have you ever recovered from these backups?
- How many hours per day can your company afford to have its
application servers offline and unavailable?
- What is the hourly cost to the business of lost application
functionality?
- Has your company calculated the cost versus benefit of availability?
By addressing these questions you will be better prepared
to set availability objectives that will best protect your company's
vital business interests.
About the Author
Bill Merchantz is the founder, president and
CEO of Lakeview Technology, an Infrastructure Software Developer
of the MIMIX® solution for Information Availability and the OmniReplicator
solution for Real-Time Data Integration. Advantage International
Systems also contributed to this article, and is a long-standing
IBM Premier Business Partner and MIMIX Business Partner. Visit www.lakeviewtech.com/AIS
or call 1-800-241-4428.
|
