To define the right Data Protection strategy, you need to take several input variables into account. Beside the technical numbers which we can measure with tooling we need to define some functional requirements.
These numbers are sometimes hard to define and require alignment with the business. To define a proper Data Protection and Disaster Recovery strategy you need to re-evaluate those values on a regular interval. You need to consider the impact of every possible scenario and define the right numbers to protect your business against disasters like:
- Ransomware attacks
- Hardware failures
- Physical disasters (Fire / Floods)
- Data corruption
At the end we need to define the following numbers as input for our sizing calculations:
How long may it take to recover data in case of a incident or a disaster.
What interval will suit your needs? How often do we need to create a recovery point? Do we need to create it hourly, daily, weekly?
For which period do you need to store the recovery points. Ensure you have multiple copies of your data!
Processing backups will take an amount of time. How much time this may take depends on the accepted application impact and functional requirements.