Blog & Events

Latest Blog

The Difference between RTO and RPO

Nov 16, 2016, 10:07 AM by Peter Ely

Like it or not, data loss is a cost of doing business today, and ignoring the likelihood of sudden data catastrophe threatens the ongoing operations of any business.


Developing a good continuity plan means deciding upon how much data your business needs to protect, and how much time it can afford to be without it.

These distinct volume sets are referred to as your Recovery Point Objective (RPO) and Recovery Time Objective (RTO), respectively. Creating a comprehensive business continuity plan requires setting tolerances for each of them. But first you must understand their differences.


Finding Your RPO


Recovery Point Objective (RPO)

Setting a Recovery Point Objective (RPO) means determining the length of time your business can afford to operate without a select amount of data before operations suffer.

This amount of data is determined by two factors:

The length of time between data backups

The amount of data that could potentially be lost within that time.

For example, Bob has recently completed a lengthy whitepaper. Unfortunately, Bob's computer crashed before he could complete the final save, which caused all the data he'd input since his previous save to be lost.

Bob's boss must now ask herself, "How much time can I tolerate being without this whitepaper until Bob can replace the lost content?"

If Bob’s boss can survive three days waiting for Bob to replace the lost text, her company’s RPO is now defined as three days, and she should use this timeframe as an indicator of how often she needs to back up her data.


Finding Your RTO


Recovery Time Objective (RTO)

Recovery Time Objective (RTO) is focused less upon data restoration than upon recovery of the whole of your IT and business activities following a data disaster.

RTO, therefore, reflects the amount time that your business can function without access to its vital systems.

Determining this amount of time, whether it’s four hours, eight hours, or a full business day, depends on several factors, including server provisioning, storage, networking resources, and virtual machine configuration.

Learning the difference between RPO and RTO, and setting realistic tolerances for each, is one of the most important steps you can take to ensure business continuity in the event of a data disaster.

If you're looking to improve, or even set, your company's RPO and RTO tolerances, schedule a Free Demo with our representative, or contact KeepItSafe directly at 888-965-9988.

Patrick Rougeau

Technical Sales Engineer, KeepItSafe

Get Your FREE Tech Brief!


nycrr-cyber-security-reqs-fin-services

Download a free tech brief.

"NY Cyber Rules and Compliance:
How to become compliant – and prove it."