How Long Can My Company's Technology Afford to be Down During a Disaster?

Measuring the possible effects on your business from an unknown catastrophe that could occur at any given time in the unforeseeable future sounds a little overwhelming, right? Not to mention, all of the other unknowns, which may or may not create a domino effect of setbacks in your Disaster Recovery Plan. So, how do you factor those unknowns into a useful Business Continuity Plan (BCP) for after the disaster happens, but before systems are fully restored and you are back to business as usual?

 First, you have to identify the metrics of your company’s Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for data, hardware and applications. 

What is Recovery Point Objective (RPO)?

Recovery Point Objective (RPO) refers to the last point in time that a valid replication was made and data can be restored from. Example: If data is corrupt, lost or unavailable, when was the last point in time that a valid copy or replication was made that data can be restored from? If you or your service provider’s objective is to have a valid backup every 24 hours, and you have a good backup within this window, then your RPO has been met. However, if you have to go back farther in time past this desired window to find a good backup, you have not met your RPO. Now, data loss can occur for any new data created between the last known good backup and the time of the disaster or incident.

Our team at Centre Technologies will use the RPO most beneficial to your business need to create a Service Level Agreement (SLA) that guarantees at least one good backup within the RPO window. Our default RPO is 24 hours, however we can accommodate a Zero hours RPO if this is what you need.

What is Recovery Time Objective (RTO)?

Recovery Time Objective (RTO) is the amount of time after data corruption or hardware failure has occurred in which full restoration is desired. Example: If your Exchange server is down, how long can your company afford to continue without it? If the longest your business can run without your Exchange server is four hours, then your RTO for Exchange server is four hours.

It is paramount to design a system that aligns with your company’s overall recovery needs, and addresses the most important data and applications first to assure they have been assigned the shortest RPO and RTO.

Your IT department or IT service provider uses these two metrics when configuring backups and offsite replication for your business’ Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP). Diagnosing the RPO and RTO for each application or process is crucial for a successful BCP and DRP.


Now, you will have the information needed to determine your organization’s Maximum Tolerable Downtime (MTD). 

 Business Continuity & Disaster Recovery Timeline

What is Maximum Tolerable Downtime (MTD)?

Maximum Tolerable Downtime is the absolute maximum length of time that your most important applications, data or hardware can be unavailable before irreversible damage has been done, or you begin to lose business.

Your MTD can be calculated based on the following factors:

  • The maximum time period allowed after the initial start of disruption within which each system needs to be recovered.
  • According to necessity of the data, hardware or application, the maximum time each activity or business process needs to be preformed after recovery.
  • The length of time your company can withstand before normal levels of operation must be resumed.

Identifying your MTD is critical, because if recovery doesn’t occur within projected RTO, we have to make sure there is still a window of time before reaching MTD in an effort to avoid losing business.

At Centre Technologies, we learn about our clients RPO, RTO and MTD’s by asking questions during initial assessments of their environment.  By performing a Risk Assessment (RA) we become aware of the possible risks your business faces due to possible gaps in service. We also conduct a Business Impact Analysis (BIA) to determine how those risks, or a disaster could impact your business. Stay tuned for more blogs about RAs and BIAs next week! Has your company identified RPO, RTO and MTD for your IT environment? Call or email Centre Technologies today to discuss your infrastructure and an effective BCP and DRP plan for your business!

Was this article helpful?  How does your company determine MTD?  

Share your thoughts below!

Originally published on February 3, 2014

Be a thought leader and share:

Subscribe to Our Blog

About the Author

Centre Technologies Centre Technologies

Centre Technologies is a full-service IT consulting and managed services provider headquartered in Texas, with a focus on mid-sized businesses. As a trusted IT partner for well over a decade, Centre is recognized for its local experience and enterprise-grade cloud and cybersecurity solutions. Centre is committed to helping organizations harness the power of technology to maximize their operational efficiency and exceed their business goals. Learn more about Centre Technologies »

Follow on LinkedIn »