How low are you willing to CybeRTO and CybeRPO? Part 3 of 3
In the first part of this series, we discussed CybeRTO (Sigh-Ber-To) and CybeRPO (Sigh-Ber-Po) and the general meanings of both. In the second part of the series, we took a deeper look at the two different ways to address the particular aspects of CybeRTO. In the third and final part of this series we’re going discuss CybeRPO, and identifying the point in time you’ll be recovering from in the event of data loss from a cyber attack. Another way to look at it is, how much data will I lose after a cyber attack has occurred?
In most cases, CybeRPO mainly pertains to servers and end-user computing devices though it could affect networking and security devices. In all cases having a backup of the data in question is the first step. The next question is at what point was the last backup taken?
When discussing servers, CybeRPO can be a very low number or a much higher number depending on how often the data in question is backed up. Do you just need the ability to recover files or might you need to recover an entire physical or virtual server? The more often the data is backed up the lower the CybeRPO. Solutions can be designed to have the backups occur as files or servers as a whole are changing which drives the CybeRPO down very low. On the flip side, backups can happen on a daily or weekly basis which will cause CybeRPO to be quite high.
End-user computing devices, specifically laptops, and desktops are similar to servers but in some cases, the entire device does not need to be backed up and only the user files need to be backed up. Many organizations use imaging software to create base images of the end user devices so when a cyber attack affects the end user devices they blow away everything that was on the device and send a new image down to the device. With the popularity of the cloud, applications such as OneDrive from Microsoft, have made the backup of end user files easier than ever before. If configured correctly all the files are backed up to the cloud, including versioning, so that an end user can easily get the files back.
As a general statement, networking devices have configurations that could be altered in a cyber attack so having a backup of the configurations to quickly restore is the easiest. An automated system that makes backups of device configurations each time a change is made is the best way to make sure that the CybeRPO is a low as possible.
Thrive has solutions to address your particular business requirements as every situation is unique and our engineers can help to architect the correct solution for your business. Contact Us today to learn more and discuss how we can help your company with your Cyber Security and Disaster Recovery initiatives!