1 00:00:00,000 --> 00:00:04,160 In my early IT career, I worked technical support. 2 00:00:04,160 --> 00:00:05,160 I took phone calls. 3 00:00:05,160 --> 00:00:08,600 And the company I worked at, we made games. 4 00:00:08,600 --> 00:00:10,840 Some of us came on a single floppy disk, 5 00:00:10,840 --> 00:00:13,800 advanced Dungeons and Dragons as the case. 6 00:00:13,800 --> 00:00:15,640 And we had someone, a repeat defender, 7 00:00:15,640 --> 00:00:17,560 who would call a few times in a row. 8 00:00:17,560 --> 00:00:19,320 Something wrong with the game. 9 00:00:19,320 --> 00:00:21,080 I played it once, I put the disk back in, 10 00:00:21,080 --> 00:00:22,920 and now I can't play anymore. 11 00:00:22,920 --> 00:00:24,960 Okay, great. We'll send you another one. 12 00:00:24,960 --> 00:00:27,400 Stick another disk in the mail, move on. 13 00:00:27,400 --> 00:00:30,000 Well, a week or two later, we get another call. 14 00:00:30,000 --> 00:00:31,920 Same thing. 15 00:00:31,920 --> 00:00:34,200 The person who took the call didn't realize 16 00:00:34,200 --> 00:00:37,480 that they had called in before, so sent another disk. 17 00:00:37,480 --> 00:00:38,680 Now the person calls back in and says, 18 00:00:38,680 --> 00:00:40,120 hey, I've been to this twice, 19 00:00:40,120 --> 00:00:42,000 don't send me another disk. 20 00:00:42,000 --> 00:00:43,280 I've got a bigger problem. 21 00:00:43,280 --> 00:00:45,280 Okay, great. Describe to us what you do. 22 00:00:46,280 --> 00:00:49,880 Put the game in, enter a few commands. 23 00:00:49,880 --> 00:00:51,400 I save. 24 00:00:51,400 --> 00:00:52,560 Great, now what happens? 25 00:00:52,560 --> 00:00:55,160 Now I take the disk out, and I use a magnet 26 00:00:55,160 --> 00:00:58,240 to stick it to my refrigerator. 27 00:00:58,240 --> 00:01:00,120 And of course that renders a floppy disk 28 00:01:00,120 --> 00:01:01,040 completely useless. 29 00:01:01,040 --> 00:01:04,760 So there's my disaster recovery story. 30 00:01:04,760 --> 00:01:07,400 Don't use magnets and floppy disks. 31 00:01:07,400 --> 00:01:08,240 Oh no. 32 00:01:08,240 --> 00:01:09,080 Or if you're Gen Z, 33 00:01:09,080 --> 00:01:11,320 it's the thing that looks like the save icon. 34 00:01:11,320 --> 00:01:12,360 Yeah. 35 00:01:12,360 --> 00:01:13,200 That too. 36 00:01:14,240 --> 00:01:15,080 Oh boy. 37 00:01:15,080 --> 00:01:15,920 True story. 38 00:01:17,280 --> 00:01:19,600 What was the recovery part of your story? 39 00:01:21,960 --> 00:01:23,400 It was end user error. 40 00:01:23,400 --> 00:01:25,400 Best practice. 41 00:01:25,400 --> 00:01:26,240 That's a good one. 42 00:01:26,240 --> 00:01:28,080 Best practice after this, right? 43 00:01:28,080 --> 00:01:30,840 Avoid this, it's created disaster for yourself. 44 00:01:32,360 --> 00:01:34,280 I was thinking, when you brought this up, 45 00:01:34,280 --> 00:01:36,400 I'm like, do I have a good disaster story, 46 00:01:36,400 --> 00:01:38,280 but it's a disaster for me. 47 00:01:38,280 --> 00:01:43,280 I had my address book, like pen and paper written out, 48 00:01:43,680 --> 00:01:45,320 all these names and phone numbers, 49 00:01:45,320 --> 00:01:47,680 like my holy grail here. 50 00:01:47,680 --> 00:01:49,840 And I put it down somewhere, 51 00:01:49,840 --> 00:01:53,960 and I hit a cup of water, 52 00:01:53,960 --> 00:01:57,160 and it just went all over my book. 53 00:01:57,160 --> 00:01:58,520 And I was like, oh no. 54 00:01:59,880 --> 00:02:02,480 So I got it, and I'm like trying to get all the water off 55 00:02:02,480 --> 00:02:03,400 and everything. 56 00:02:03,400 --> 00:02:07,200 Thankfully, recently I transitioned to 57 00:02:07,200 --> 00:02:10,640 like these special Sharpie pens that don't bleed. 58 00:02:10,640 --> 00:02:13,000 So like it was completely soaked, 59 00:02:13,000 --> 00:02:15,200 but nothing was destroyed. 60 00:02:15,200 --> 00:02:18,480 So, you know, my disaster recovery was a little bit 61 00:02:18,480 --> 00:02:22,360 of like the forethought of changing the type of pens 62 00:02:22,360 --> 00:02:23,200 that I use. 63 00:02:23,200 --> 00:02:25,200 So it's like a total mess. 64 00:02:25,200 --> 00:02:28,000 It's all warped, but all of it is readable. 65 00:02:28,000 --> 00:02:30,840 So that is my disaster story. 66 00:02:30,840 --> 00:02:32,200 That was a twist ending for me. 67 00:02:32,200 --> 00:02:33,240 I thought for sure, I'd be like, 68 00:02:33,240 --> 00:02:34,720 I transitioned using my phone. 69 00:02:34,720 --> 00:02:36,120 And then you were like, no, it was the pen. 70 00:02:36,120 --> 00:02:36,960 And I was like. 71 00:02:38,280 --> 00:02:40,960 Well, the phone is not adverse 72 00:02:40,960 --> 00:02:42,680 to being destroyed by water either, 73 00:02:42,680 --> 00:02:44,400 but I did like that. 74 00:02:44,400 --> 00:02:47,320 This is the fantastic transition, right? 75 00:02:47,320 --> 00:02:48,840 So what's the real disaster? 76 00:02:48,840 --> 00:02:52,120 Better planning, which just really leads really well 77 00:02:52,120 --> 00:02:57,120 into a deep dive on backups and so forth. 78 00:02:57,360 --> 00:02:58,800 There you go. 79 00:02:58,800 --> 00:03:00,640 Ooh, segue. 80 00:03:00,640 --> 00:03:03,720 Today we're talking about RTOs and RPOs. 81 00:03:03,720 --> 00:03:07,680 Tara, Kelsey and myself are joined by Todd, our COO 82 00:03:07,680 --> 00:03:11,000 and CISO, Scott, our manager of strategic engagement 83 00:03:11,000 --> 00:03:12,640 and Matthew, our VISO. 84 00:03:12,640 --> 00:03:15,480 And before we kind of dive in, 85 00:03:15,480 --> 00:03:18,160 I'm gonna throw it to Scott to give us 86 00:03:18,160 --> 00:03:19,800 a little bit of an overview. 87 00:03:19,800 --> 00:03:23,000 What does someone need to kind of understand 88 00:03:23,000 --> 00:03:26,280 to really listen to the rest of this podcast today? 89 00:03:27,320 --> 00:03:29,080 Thanks for that intro, Ariel. 90 00:03:30,480 --> 00:03:32,880 This is a topic I'm really passionate about. 91 00:03:32,880 --> 00:03:35,440 If it's right into what I am talking about, 92 00:03:35,440 --> 00:03:39,120 talking about to customers very often, 93 00:03:39,120 --> 00:03:43,760 which is acronyms, fun, IT acronyms, 94 00:03:43,760 --> 00:03:46,080 RPO and RTO. 95 00:03:46,080 --> 00:03:48,080 So what are those two things? 96 00:03:48,080 --> 00:03:52,640 Let's first explode the acronym and say, 97 00:03:52,640 --> 00:03:56,240 RPO is recovery point objective. 98 00:03:56,240 --> 00:03:59,440 And I'll talk about that one specifically. 99 00:03:59,440 --> 00:04:04,160 Let's think about normal computer systems operation. 100 00:04:06,000 --> 00:04:10,760 And then let's think about the time a disaster strikes. 101 00:04:10,760 --> 00:04:13,720 RPO, recovery point objective, 102 00:04:13,720 --> 00:04:17,960 is the amount of data, transactional data, 103 00:04:17,960 --> 00:04:21,800 the organization is tolerant of losing 104 00:04:21,800 --> 00:04:23,840 in that timeframe, right? 105 00:04:23,840 --> 00:04:26,560 So let's say, for example, 106 00:04:26,560 --> 00:04:31,240 we have a disaster at precisely noon on a Tuesday. 107 00:04:34,520 --> 00:04:39,040 And you've been working up until that time throughout the day. 108 00:04:39,040 --> 00:04:41,600 So say people started working at 8 a.m. 109 00:04:41,600 --> 00:04:46,600 The last backup of your critical data occurred yesterday, 110 00:04:50,240 --> 00:04:51,400 so on Monday. 111 00:04:51,400 --> 00:04:56,400 So what that means is you would have lost any transactions 112 00:04:57,160 --> 00:05:00,840 that would have occurred in that before that timeframe. 113 00:05:01,760 --> 00:05:05,480 The last backup ended or was performed the night before, 114 00:05:05,480 --> 00:05:09,120 you then were working and then there was a disaster 115 00:05:09,120 --> 00:05:12,080 and you don't have backup of that transactional data. 116 00:05:12,080 --> 00:05:13,800 So that's what RPO is. 117 00:05:13,800 --> 00:05:16,760 It's our recovery point objective. 118 00:05:16,760 --> 00:05:18,360 What we're trying to navigate there 119 00:05:18,360 --> 00:05:20,800 is the time that backups occur 120 00:05:20,800 --> 00:05:23,360 and when you're susceptible to have a disaster 121 00:05:23,360 --> 00:05:26,920 and how much transactional data you are tolerant of losing. 122 00:05:27,920 --> 00:05:31,680 Recovery time objective or the other acronym, RTO, 123 00:05:31,680 --> 00:05:35,560 is simply the amount of time 124 00:05:35,560 --> 00:05:39,920 that you're tolerant for experiencing downtime. 125 00:05:39,920 --> 00:05:41,960 So again, let's think about normal operation, 126 00:05:41,960 --> 00:05:44,840 same timeframe, we're operating normal from 8 a.m. 127 00:05:44,840 --> 00:05:47,280 And then at noon, there's a disaster. 128 00:05:47,280 --> 00:05:48,800 What's the amount of time 129 00:05:48,800 --> 00:05:51,240 that the organization has expressed 130 00:05:51,240 --> 00:05:55,040 it's willing to deal with in that outage. 131 00:05:55,040 --> 00:05:57,560 Most organizations say, well, zero, Scott. 132 00:05:57,560 --> 00:05:58,400 Well, that's fine. 133 00:05:58,400 --> 00:06:02,000 That's the absolute tip of the cost pyramid, 134 00:06:02,000 --> 00:06:04,320 but it's an important conversation to have. 135 00:06:04,320 --> 00:06:09,200 So that's a brief overview of what RPO and what RTO are. 136 00:06:09,200 --> 00:06:12,480 Again, I'm really passionate about these two topics. 137 00:06:12,480 --> 00:06:14,880 I have this conversation very often, 138 00:06:14,880 --> 00:06:17,960 which usually sounds like this. 139 00:06:17,960 --> 00:06:21,160 Scott, what's our recovery time? 140 00:06:21,160 --> 00:06:25,000 Well, I need the organization to communicate to me 141 00:06:25,000 --> 00:06:28,320 what its recovery time goals are. 142 00:06:28,320 --> 00:06:30,640 So often that's a two-way conversation. 143 00:06:30,640 --> 00:06:33,560 The organization really needs to ask itself, 144 00:06:33,560 --> 00:06:37,720 what's our tolerance for transactional data loss? 145 00:06:37,720 --> 00:06:41,760 What's our tolerance for outage 146 00:06:41,760 --> 00:06:44,680 in any one of the applications that we use every day? 147 00:06:44,680 --> 00:06:47,800 And with that, I'll hand the mic over 148 00:06:47,800 --> 00:06:50,240 to the rest of the group. 149 00:06:54,440 --> 00:06:55,280 Pretty sick, huh? 150 00:06:56,600 --> 00:06:57,440 All right, I'll go. 151 00:06:57,440 --> 00:06:59,160 You're gonna be quiet, I'll go. 152 00:06:59,160 --> 00:07:01,880 Yeah, so I agree everything that Scott said. 153 00:07:01,880 --> 00:07:04,880 I typically have a smaller, shorter version 154 00:07:04,880 --> 00:07:07,120 of both of those, but irrelevant. 155 00:07:07,120 --> 00:07:09,600 I think you have a great intro 156 00:07:09,600 --> 00:07:11,600 to what that conversation typically looks like 157 00:07:11,600 --> 00:07:14,640 and what the next steps usually are 158 00:07:14,640 --> 00:07:16,360 is it depends on who you talk to, right? 159 00:07:16,360 --> 00:07:19,480 So if you talk to the CEO, the CFO, 160 00:07:19,480 --> 00:07:21,400 their answer is going to be, 161 00:07:21,400 --> 00:07:23,760 none, I have zero tolerance from downtime, 162 00:07:23,760 --> 00:07:27,520 and you go, great, let's dig into that a little bit further. 163 00:07:27,520 --> 00:07:29,520 If you talk to your IT manager, 164 00:07:29,520 --> 00:07:31,440 they're gonna say, well, I don't really have any budget, 165 00:07:31,440 --> 00:07:34,360 so we're looking at 24 hours, 48, 166 00:07:34,360 --> 00:07:37,680 and you can see there's a fairly large gap into there. 167 00:07:38,640 --> 00:07:42,160 One of the very first things that I would typically do 168 00:07:42,160 --> 00:07:44,880 is start to ask the questions of, 169 00:07:44,880 --> 00:07:46,960 have you gone through the process of identifying 170 00:07:46,960 --> 00:07:48,840 what your various systems are 171 00:07:48,840 --> 00:07:50,520 and putting a criticality on them, right? 172 00:07:50,520 --> 00:07:54,200 So as I said, the CEO, CFO is gonna come in and say, 173 00:07:54,200 --> 00:07:56,880 none, I wanted up all immediately, 174 00:07:56,880 --> 00:07:59,040 I want you to tell me I can have it in five minutes, 175 00:07:59,040 --> 00:08:00,960 and that's everything. 176 00:08:00,960 --> 00:08:04,160 And that's super, that's great, that might be possible, 177 00:08:04,160 --> 00:08:06,160 we can figure out what we can do about that, 178 00:08:06,160 --> 00:08:07,800 but then we need to start digging into that 179 00:08:07,800 --> 00:08:09,840 and saying, okay, well, let's look at that. 180 00:08:09,840 --> 00:08:11,680 What are the critical things that you have 181 00:08:11,680 --> 00:08:12,520 in your business? 182 00:08:12,520 --> 00:08:14,000 Are do you make stamps? 183 00:08:14,000 --> 00:08:17,400 Do you have strictly a technical deliverable? 184 00:08:17,400 --> 00:08:18,240 What is that? 185 00:08:18,240 --> 00:08:19,960 And if I didn't have it, 186 00:08:19,960 --> 00:08:21,640 what does it take to get that back up, right? 187 00:08:21,640 --> 00:08:24,320 So one of the things Scott kind of got into 188 00:08:24,320 --> 00:08:28,480 is what is the physical cost of that downtime look like? 189 00:08:28,480 --> 00:08:31,160 And we'll do a deeper dive on this, 190 00:08:31,160 --> 00:08:33,160 but those would be various things like, 191 00:08:33,160 --> 00:08:35,680 what is the reputational impact? 192 00:08:35,680 --> 00:08:38,320 What does it look like if I can't do transactions? 193 00:08:38,320 --> 00:08:40,920 Point of sale system is offline, you name it, 194 00:08:40,920 --> 00:08:42,240 it's a variety of different things, 195 00:08:42,240 --> 00:08:45,240 and you do need to look at those individually and say, 196 00:08:45,240 --> 00:08:47,760 what does it mean to me if I don't have that? 197 00:08:47,760 --> 00:08:52,040 Could I live without my accounting package for 24 hours? 198 00:08:52,040 --> 00:08:52,880 Maybe. 199 00:08:52,880 --> 00:08:57,880 Yeah, I agree with everything Todd and Scott have said. 200 00:08:58,760 --> 00:09:01,800 There's most of the time when I see the confusion 201 00:09:01,800 --> 00:09:02,640 around this as well, 202 00:09:02,640 --> 00:09:05,680 just cause I don't wanna rehash anything guys have just said, 203 00:09:05,680 --> 00:09:06,520 I'll move on. 204 00:09:07,840 --> 00:09:09,280 When I see confusion around this, 205 00:09:09,280 --> 00:09:12,480 it tends to be because there isn't that kind of breakdown 206 00:09:12,480 --> 00:09:13,280 that's been mentioned, 207 00:09:13,280 --> 00:09:15,960 you haven't gone through and defined everything, 208 00:09:15,960 --> 00:09:20,400 or it's because everything is being done a specific way. 209 00:09:20,400 --> 00:09:22,840 If you're running two servers in your system, 210 00:09:22,840 --> 00:09:26,640 that do all of the things that your business requires, 211 00:09:26,640 --> 00:09:29,680 the RTO and RPO for you is gonna be different 212 00:09:29,680 --> 00:09:33,720 because you don't have to worry about the individual systems. 213 00:09:33,720 --> 00:09:36,000 At the same time, if one thing goes down, 214 00:09:36,000 --> 00:09:37,000 everything goes down. 215 00:09:38,240 --> 00:09:40,760 Restarting one server requires restarting 216 00:09:40,760 --> 00:09:42,520 every other process you're using. 217 00:09:43,400 --> 00:09:45,920 Best practice says that every server should have 218 00:09:45,920 --> 00:09:48,080 a single purpose for what it's running. 219 00:09:48,080 --> 00:09:49,720 And when we think about it from that perspective, 220 00:09:49,720 --> 00:09:52,680 the RTOs and RPOs become a lot clearer 221 00:09:52,680 --> 00:09:55,560 because we have categorized everything we have in our system, 222 00:09:55,560 --> 00:09:58,280 we've defined what everything is doing. 223 00:09:58,280 --> 00:10:01,240 And so those machines are individual points 224 00:10:01,240 --> 00:10:03,120 that can be restored. 225 00:10:03,120 --> 00:10:05,480 Sorry, they have individual points where they can be restored, 226 00:10:05,480 --> 00:10:07,680 they're all being backed up separately, 227 00:10:07,680 --> 00:10:11,080 so that we know exactly how long that time is 228 00:10:11,080 --> 00:10:15,880 from when, if there is that breakdown at say 12 o'clock. 229 00:10:15,880 --> 00:10:18,040 If each of them has a different backup schedule, 230 00:10:18,040 --> 00:10:21,760 we know how much data has been lost prior to that 231 00:10:21,760 --> 00:10:23,400 for each service we're using, 232 00:10:23,400 --> 00:10:25,200 whether that's accounting software, 233 00:10:25,200 --> 00:10:27,920 whether that's your internal timekeeping software, 234 00:10:27,920 --> 00:10:30,800 whatever it is, if they're properly segmented 235 00:10:30,800 --> 00:10:35,880 and then organized and tracked this way with an RTO and RPO, 236 00:10:35,880 --> 00:10:38,960 you'll be able to see exactly how critical each of these is 237 00:10:38,960 --> 00:10:41,240 to you and instead of it being a chunk of change 238 00:10:41,240 --> 00:10:42,600 to make sure no matter what, 239 00:10:42,600 --> 00:10:44,960 everything's up 100% of the time, 240 00:10:44,960 --> 00:10:47,920 maybe we can just focus on a couple of services 241 00:10:47,920 --> 00:10:50,040 being up 100% of the time. 242 00:10:50,040 --> 00:10:53,600 Or we can focus on getting certain items restored 243 00:10:53,600 --> 00:10:55,640 far quicker than everything else. 244 00:10:57,520 --> 00:10:59,360 Yeah, I guess one thing that I'd throw in 245 00:10:59,360 --> 00:11:02,000 at the beginning of this is, 246 00:11:02,000 --> 00:11:04,360 I think it's pretty safe to say in today's environment 247 00:11:04,360 --> 00:11:08,120 you have backups of your core systems, everybody does. 248 00:11:08,120 --> 00:11:11,240 And Matthew started to allude to this a little bit too, 249 00:11:11,240 --> 00:11:14,680 is more than likely somebody at some point 250 00:11:14,680 --> 00:11:18,000 has decided what the backup schedule is. 251 00:11:18,000 --> 00:11:20,520 And Scott kind of alluded to this, it could be, 252 00:11:20,520 --> 00:11:21,640 traditionally it used to be, 253 00:11:21,640 --> 00:11:23,520 I'm gonna do an incremental backup, 254 00:11:23,520 --> 00:11:26,240 which is anything that's changed over the last 24 hours. 255 00:11:26,240 --> 00:11:27,600 And then at the end of the week, 256 00:11:27,600 --> 00:11:29,120 you'd say I'm gonna grab everything 257 00:11:29,120 --> 00:11:30,720 because nobody's working. 258 00:11:30,720 --> 00:11:33,800 That has changed over the years, technology has changed, 259 00:11:33,800 --> 00:11:37,160 the ability to do backups is significantly different 260 00:11:37,160 --> 00:11:39,520 than it was even five, 10 years ago. 261 00:11:39,520 --> 00:11:44,520 And so what's in place currently will vary, 262 00:11:44,680 --> 00:11:47,600 but there is something currently in place. 263 00:11:47,600 --> 00:11:49,880 What we typically find is that most organizations 264 00:11:49,880 --> 00:11:53,440 have not got to a very mature process yet. 265 00:11:53,440 --> 00:11:56,680 So when Scott's getting into, I'm passionate about this, 266 00:11:56,680 --> 00:11:58,560 the reason why he's passionate about is, 267 00:11:58,560 --> 00:12:00,080 you go into an organization, say, 268 00:12:00,080 --> 00:12:01,040 what does your backup look like? 269 00:12:01,040 --> 00:12:02,960 And they're like, well, if it fails, I just restore. 270 00:12:02,960 --> 00:12:04,440 That's the end of the conversation. 271 00:12:04,440 --> 00:12:07,320 So there is something there, there is something in place, 272 00:12:07,320 --> 00:12:10,640 but digging in deeper is what the next steps are, 273 00:12:10,640 --> 00:12:13,000 which is again, why we're here today. 274 00:12:13,000 --> 00:12:13,840 Yeah. 275 00:12:13,840 --> 00:12:16,560 And as part of that, I kind of feel like if, 276 00:12:16,560 --> 00:12:17,960 like we're having this conversation, 277 00:12:17,960 --> 00:12:20,680 and if it's something you haven't heard before, 278 00:12:20,680 --> 00:12:24,040 know that this conversation, maybe not with this language, 279 00:12:24,040 --> 00:12:26,360 but it's been made, this decision has been made. 280 00:12:27,400 --> 00:12:30,200 Your restore times may be 24 hours, 281 00:12:30,200 --> 00:12:32,640 it may be three to seven days, 282 00:12:32,640 --> 00:12:35,360 but someone's made this decision, 283 00:12:35,360 --> 00:12:38,240 maybe subconsciously or just on what's available 284 00:12:38,240 --> 00:12:41,360 to allow these items to be brought back. 285 00:12:42,840 --> 00:12:45,040 So even though you haven't defined it and said, 286 00:12:45,040 --> 00:12:46,920 this is what we want it to be, 287 00:12:46,920 --> 00:12:50,200 the resources that have been allocated to your IT, 288 00:12:50,200 --> 00:12:52,080 define this already. 289 00:12:52,080 --> 00:12:53,520 And it's about making sure that aligns 290 00:12:53,520 --> 00:12:55,240 with what we actually want. 291 00:12:55,240 --> 00:12:56,080 Right. 292 00:12:56,080 --> 00:13:00,200 It so often becomes less of a technology conversation 293 00:13:00,200 --> 00:13:03,320 and much more of a business risk discussion 294 00:13:03,320 --> 00:13:06,800 in the same way that a business would analyze its risk 295 00:13:06,800 --> 00:13:11,120 related to security of their building, 296 00:13:11,120 --> 00:13:14,640 things like that, other insurance related risks 297 00:13:14,640 --> 00:13:16,160 from a business perspective, 298 00:13:16,160 --> 00:13:18,680 this becomes one of those things. 299 00:13:19,920 --> 00:13:24,000 I would recommend that business owners, stakeholders, 300 00:13:24,000 --> 00:13:28,080 don't wait for technology to drive this type 301 00:13:28,080 --> 00:13:29,160 of a conversation. 302 00:13:29,160 --> 00:13:32,480 They absolutely should be having this conversation 303 00:13:32,480 --> 00:13:35,080 in within board and leadership type of meetings 304 00:13:35,080 --> 00:13:40,080 to address, flush out and mitigate that risk. 305 00:13:40,080 --> 00:13:45,080 An interesting dynamic to the way this has evolved, 306 00:13:46,520 --> 00:13:48,840 even over the course of the last five years, 307 00:13:48,840 --> 00:13:51,880 is that much more of our line of business 308 00:13:51,880 --> 00:13:53,760 or critical applications have migrated 309 00:13:53,760 --> 00:13:55,840 to a cloud type of an environment. 310 00:13:55,840 --> 00:13:59,560 In that case, this changes a little bit. 311 00:13:59,560 --> 00:14:01,600 In the past, where we might be concerned 312 00:14:01,600 --> 00:14:06,600 about redundant physical servers, redundant storage arrays, 313 00:14:06,600 --> 00:14:10,800 the redundancies associated with the capital, 314 00:14:10,800 --> 00:14:13,320 the CAPEX infrastructure that an organization 315 00:14:13,320 --> 00:14:17,760 has traditionally invested in changes when that workload, 316 00:14:17,760 --> 00:14:21,400 let's call it Salesforce or an accounting application, 317 00:14:21,400 --> 00:14:22,480 migrates to the cloud. 318 00:14:22,480 --> 00:14:26,560 Now, the area of risk becomes your connection 319 00:14:26,560 --> 00:14:28,160 to the internet, right? 320 00:14:28,160 --> 00:14:30,680 And so things like firewalls, 321 00:14:30,680 --> 00:14:32,320 things like internet connections, 322 00:14:32,320 --> 00:14:34,480 those become the single point of failure. 323 00:14:34,480 --> 00:14:37,080 That's where risk exists. 324 00:14:37,080 --> 00:14:40,000 And so addressing the RTO component, 325 00:14:40,000 --> 00:14:41,680 the recovery time objective, 326 00:14:42,720 --> 00:14:45,440 if you have one firewall and one internet 327 00:14:45,440 --> 00:14:49,920 and Comcast cuts the fiber out in the street, 328 00:14:51,920 --> 00:14:53,440 who knows at that point in time, 329 00:14:53,440 --> 00:14:57,680 we don't know how long the outage could occur for. 330 00:14:57,680 --> 00:14:59,720 So that's kind of the nature of how some of that, 331 00:14:59,720 --> 00:15:01,080 I've seen that changing. 332 00:15:01,080 --> 00:15:02,480 Those are some of the conversations, 333 00:15:02,480 --> 00:15:05,880 again, I've been having with our customers. 334 00:15:06,720 --> 00:15:08,200 Yeah, I think that was really good stuff too. 335 00:15:08,200 --> 00:15:10,080 We did talk about better planning 336 00:15:10,080 --> 00:15:11,720 at the very beginning of the podcast 337 00:15:11,720 --> 00:15:13,520 as we were doing our transition. 338 00:15:13,520 --> 00:15:16,240 And cloud is an excellent conversation 339 00:15:16,240 --> 00:15:18,640 and we've got had podcasts on them in the past. 340 00:15:18,640 --> 00:15:20,280 One of the things I kind of wanted to drive 341 00:15:20,280 --> 00:15:21,360 into a little bit more, 342 00:15:21,360 --> 00:15:23,560 and I think this kind of helps expand 343 00:15:23,560 --> 00:15:25,520 on what we're talking about is, 344 00:15:25,520 --> 00:15:26,800 if you're looking at the cloud, 345 00:15:26,800 --> 00:15:29,200 almost every cloud provider will tell you 346 00:15:29,200 --> 00:15:32,680 that they have the three nines that are up 99.9, whatever, 347 00:15:32,680 --> 00:15:34,480 percent of the time, 348 00:15:34,480 --> 00:15:37,320 and kind of giving an idea of what that context is. 349 00:15:37,320 --> 00:15:38,360 That sounds amazing, right? 350 00:15:38,360 --> 00:15:41,200 But there is still downtime associated with that. 351 00:15:41,200 --> 00:15:44,440 That does not mean it doesn't go offline during the year. 352 00:15:45,560 --> 00:15:46,400 Yeah. 353 00:15:47,360 --> 00:15:48,720 And I think part of this, 354 00:15:48,720 --> 00:15:52,200 when we talk about something like the internet outage, 355 00:15:52,200 --> 00:15:54,120 we're talking about that whole process, right? 356 00:15:54,120 --> 00:15:55,720 So if you've got items in the cloud, 357 00:15:55,720 --> 00:15:56,920 your internet goes down. 358 00:15:56,920 --> 00:15:59,600 Hey, that's a different, that's a huge conversation 359 00:15:59,600 --> 00:16:00,600 at that point. 360 00:16:00,600 --> 00:16:02,440 Are you just gonna get a second internet line 361 00:16:02,440 --> 00:16:04,840 that you only use when you need it? 362 00:16:04,840 --> 00:16:07,440 Cool, there's that business conversation around it. 363 00:16:08,440 --> 00:16:11,600 But when it comes to finding those items, 364 00:16:11,600 --> 00:16:14,760 I tend to feel there's a significant amount of pushback 365 00:16:16,000 --> 00:16:19,600 in the less mature organizations around simply 366 00:16:20,560 --> 00:16:22,900 being aware of exactly what they have. 367 00:16:22,900 --> 00:16:27,900 They either focus on the physical hardware only, 368 00:16:28,180 --> 00:16:29,300 these are the machines we have, 369 00:16:29,300 --> 00:16:30,580 this is the servers we have, 370 00:16:30,580 --> 00:16:32,700 this is the stuff we have in the cloud, 371 00:16:32,700 --> 00:16:37,220 or they focus really on the certain applications 372 00:16:37,220 --> 00:16:41,220 that assist them in making money as an organization. 373 00:16:41,220 --> 00:16:43,540 So they're very good at tracking what they use 374 00:16:43,540 --> 00:16:46,700 for billing customers or tracking their services, 375 00:16:46,700 --> 00:16:48,140 their time in billing, 376 00:16:48,140 --> 00:16:51,220 but the apps that people use individually 377 00:16:51,220 --> 00:16:56,220 to maybe mark up PDFs or maybe there's a unique system 378 00:16:56,820 --> 00:17:01,380 that someone's using that is incredibly invaluable 379 00:17:01,380 --> 00:17:05,060 and critical to their work style 380 00:17:05,060 --> 00:17:06,860 that just isn't documented anywhere. 381 00:17:07,860 --> 00:17:09,940 Starting there is, in my opinion, 382 00:17:09,940 --> 00:17:11,820 the first thing you have to do 383 00:17:11,820 --> 00:17:13,380 if you've done a risk assessment 384 00:17:13,380 --> 00:17:14,340 or anything like that before, 385 00:17:14,340 --> 00:17:16,820 you should have this list already, 386 00:17:16,820 --> 00:17:18,580 but definitely take some time 387 00:17:18,580 --> 00:17:21,700 and don't worry about it being perfect. 388 00:17:21,700 --> 00:17:24,780 Focus more on getting as many things down as you can, 389 00:17:24,780 --> 00:17:27,860 speaking with every team, making sure they're listed. 390 00:17:27,860 --> 00:17:28,700 Right out the gate, 391 00:17:28,700 --> 00:17:30,340 I just had a conversation last week 392 00:17:30,340 --> 00:17:32,580 with someone who I'd spoken to about doing this 393 00:17:32,580 --> 00:17:34,820 and they realized there was four different tools 394 00:17:34,820 --> 00:17:36,940 that different individuals were using 395 00:17:36,940 --> 00:17:38,860 that all did the exact same purpose 396 00:17:38,860 --> 00:17:41,060 that they were paying for separately, 397 00:17:43,140 --> 00:17:44,620 all of which could just be turned down 398 00:17:44,620 --> 00:17:48,020 to one monthly charge for a single tool. 399 00:17:48,020 --> 00:17:50,060 Right out the gate, we're saving some money. 400 00:17:51,100 --> 00:17:52,140 Once you've done that, 401 00:17:52,140 --> 00:17:54,340 that's when the categorization comes in, 402 00:17:54,340 --> 00:17:56,540 defining how critical software is. 403 00:17:56,540 --> 00:18:00,180 And it seems like a lot of the time 404 00:18:00,180 --> 00:18:02,940 I'll see people do this hourly, 405 00:18:02,940 --> 00:18:04,220 they'll do it by a minute to minute, 406 00:18:04,220 --> 00:18:06,580 hour to hour, day to day standard. 407 00:18:06,580 --> 00:18:08,420 You can categorize them further. 408 00:18:08,420 --> 00:18:09,260 Once you've done that 409 00:18:09,260 --> 00:18:10,900 and kind of gone through these applications, 410 00:18:10,900 --> 00:18:13,140 said I need this service available to me 411 00:18:13,140 --> 00:18:14,900 within X amount of time 412 00:18:14,900 --> 00:18:17,780 or I start to see significant business losses, 413 00:18:17,780 --> 00:18:18,620 you can then say, 414 00:18:18,620 --> 00:18:21,620 well, if anything needs a less than three hour timeframe, 415 00:18:21,620 --> 00:18:24,100 that is a critical software. 416 00:18:24,100 --> 00:18:25,740 I need backups every three hours 417 00:18:25,740 --> 00:18:28,020 and I wanna be able to restore it within four hours, 418 00:18:28,020 --> 00:18:29,940 for instance, just as a general idea. 419 00:18:29,940 --> 00:18:32,340 You can define these numbers yourself. 420 00:18:32,340 --> 00:18:34,500 And then you can start categorizing everything you have 421 00:18:34,500 --> 00:18:37,300 within whatever these limits are for you. 422 00:18:37,300 --> 00:18:39,220 Then we start talking about how we can make sure 423 00:18:39,220 --> 00:18:40,780 those items are available to you 424 00:18:40,780 --> 00:18:44,220 within those timeframes as much as possible. 425 00:18:44,220 --> 00:18:47,420 And you start looking at the cost analysis 426 00:18:47,420 --> 00:18:50,260 of how much does it cost for us to be down 427 00:18:50,260 --> 00:18:53,020 versus how much we have to spend to make it not be down 428 00:18:53,020 --> 00:18:54,580 for extended periods of time. 429 00:18:55,580 --> 00:18:59,700 These are where the conversations really get intense 430 00:18:59,700 --> 00:19:01,780 because we give it that monetary value 431 00:19:01,780 --> 00:19:02,980 that we've talked about. 432 00:19:04,020 --> 00:19:05,220 And you start seeing, 433 00:19:05,220 --> 00:19:07,500 I've worked with organizations 434 00:19:07,500 --> 00:19:10,800 where an hour of downtime was a six figure sum loss. 435 00:19:12,780 --> 00:19:15,100 Suddenly trying to build a system 436 00:19:15,100 --> 00:19:18,500 that allows them to stay up to those three nines 437 00:19:18,500 --> 00:19:21,780 seems less expensive when their previous RTO, 438 00:19:21,780 --> 00:19:25,100 their previous RPO was close to six hours. 439 00:19:25,100 --> 00:19:28,580 So we're talking seven figure sums 440 00:19:28,580 --> 00:19:30,940 that they're losing over that six hour period. 441 00:19:32,340 --> 00:19:37,260 Maybe an additional two, $300,000 in hardware in the office 442 00:19:37,260 --> 00:19:39,420 isn't such a bad expenditure at that point. 443 00:19:40,740 --> 00:19:44,420 Right, so I'm just kind of wrapping that up a little bit. 444 00:19:44,420 --> 00:19:47,260 I mean, essentially it seems like it potentially 445 00:19:47,260 --> 00:19:50,580 may be complicated to say, what is that asset? 446 00:19:50,580 --> 00:19:52,900 How do I know what to put it as a criticality? 447 00:19:52,900 --> 00:19:54,540 How do I set them on a downtime? 448 00:19:54,540 --> 00:19:56,300 And you kind of alluded to it there. 449 00:19:56,300 --> 00:19:57,620 And in simplest terms, 450 00:19:57,620 --> 00:20:00,420 if I'm just gonna straight up boil that down is, 451 00:20:00,420 --> 00:20:04,420 what is the actual cost to the organization to have that down? 452 00:20:04,420 --> 00:20:06,900 And you can decide whether that metric is in minutes or hours. 453 00:20:06,900 --> 00:20:08,980 Most people would typically do it in hours, 454 00:20:08,980 --> 00:20:11,540 but what is the financial impact of having that? 455 00:20:11,540 --> 00:20:14,500 Again, I had mentioned in some organizations, 456 00:20:14,500 --> 00:20:17,180 a financial package may not be something that's huge. 457 00:20:17,180 --> 00:20:18,940 They may not do a ton of transactions 458 00:20:18,940 --> 00:20:21,980 and they can handle it outside the system for 24 hours. 459 00:20:21,980 --> 00:20:23,380 You've suddenly come up with, 460 00:20:23,380 --> 00:20:25,260 I know what my recovery point is. 461 00:20:26,260 --> 00:20:28,820 Or by comparison, as Matthew just alluded to, 462 00:20:28,820 --> 00:20:30,820 is in a system that he's talking about, 463 00:20:30,820 --> 00:20:33,420 my recovery point is much, 464 00:20:34,420 --> 00:20:36,660 and my time is much smaller than that. 465 00:20:36,660 --> 00:20:38,460 So I can start to put dollar figures to it 466 00:20:38,460 --> 00:20:39,900 exactly really quickly. 467 00:20:39,900 --> 00:20:41,940 There are some other things I mentioned in earlier too 468 00:20:41,940 --> 00:20:43,820 as reputational cost and so forth, 469 00:20:43,820 --> 00:20:46,660 but you can quantify these items 470 00:20:46,660 --> 00:20:49,260 by putting just together a handful of questions. 471 00:20:49,260 --> 00:20:51,180 What is the financial impact per hour? 472 00:20:51,180 --> 00:20:53,020 Is there a reputational hit? 473 00:20:53,020 --> 00:20:53,980 What does that look like? 474 00:20:53,980 --> 00:20:54,900 What does it cost us? 475 00:20:54,900 --> 00:20:56,260 Do we lose customers? 476 00:20:56,260 --> 00:20:58,940 Those kinds of the things that we should be focused on 477 00:20:58,940 --> 00:21:02,300 as we start to dig into RTOs and RPOs going forward. 478 00:21:03,380 --> 00:21:05,020 One thing I want to mention, 479 00:21:05,020 --> 00:21:07,820 because I don't think we've defined this yet. 480 00:21:08,660 --> 00:21:09,820 What is an asset? 481 00:21:09,820 --> 00:21:13,220 What is something that we care about when we're doing this? 482 00:21:13,220 --> 00:21:15,340 I heard a, for me at least, 483 00:21:15,340 --> 00:21:17,020 new definition of this the other day 484 00:21:17,020 --> 00:21:18,860 that has been breaking my brain, 485 00:21:18,860 --> 00:21:23,100 which is an asset is anything of value to the organization. 486 00:21:24,060 --> 00:21:25,540 So when we talk about this, 487 00:21:25,540 --> 00:21:27,540 you think of hardware, you think of software, 488 00:21:27,540 --> 00:21:29,780 you think of data, right? 489 00:21:29,780 --> 00:21:32,900 But it also means things like your website URL. 490 00:21:32,900 --> 00:21:34,500 We hear horror stories, right, 491 00:21:34,500 --> 00:21:37,820 of organizations forgetting to renew their domain name 492 00:21:37,820 --> 00:21:39,660 and suddenly someone else owns it 493 00:21:39,660 --> 00:21:42,660 because they weren't quick enough to renew it. 494 00:21:43,780 --> 00:21:45,340 We're talking about SSL certs 495 00:21:45,340 --> 00:21:49,900 so that your servers correctly make the connections 496 00:21:49,900 --> 00:21:51,820 in a secure way. 497 00:21:51,820 --> 00:21:56,100 Listing everything that the organization provides, 498 00:21:56,100 --> 00:21:59,740 organization considers to have value to its business 499 00:21:59,740 --> 00:22:01,580 is what's important. 500 00:22:01,580 --> 00:22:04,540 Where does this kind of separate things for me? 501 00:22:04,540 --> 00:22:07,620 Maybe you have 10 to 15 keyboards out the back, 502 00:22:07,620 --> 00:22:10,020 so you don't care about keyboards 503 00:22:10,020 --> 00:22:14,300 as an asset of value to the organization. 504 00:22:14,300 --> 00:22:15,980 Just don't track them. 505 00:22:15,980 --> 00:22:16,820 That's fine. 506 00:22:17,820 --> 00:22:20,020 That's the distinction you get to make with this 507 00:22:20,020 --> 00:22:23,900 is are we going to worry about the cost of this product 508 00:22:23,900 --> 00:22:25,780 or the cost of this item, this data, 509 00:22:25,780 --> 00:22:30,780 this hardware long-term and track it within our system 510 00:22:30,780 --> 00:22:33,260 that we define replacement costs for? 511 00:22:34,380 --> 00:22:37,220 If it's in there, yes, you should be doing this for it. 512 00:22:37,220 --> 00:22:39,500 You should have an RTO and RPO. 513 00:22:39,500 --> 00:22:43,100 Some of them may be incredibly long lead times. 514 00:22:44,100 --> 00:22:46,500 I'm not sure if, maybe webcams are on your list 515 00:22:46,500 --> 00:22:50,020 but you don't need one to be replaced that same day. 516 00:22:50,020 --> 00:22:53,020 It may be there's a six month lead time on that. 517 00:22:53,020 --> 00:22:54,340 But we're trying to make sure 518 00:22:54,340 --> 00:22:57,140 that you've defined what's important to the organization 519 00:22:57,140 --> 00:22:59,540 first, those are your assets, 520 00:22:59,540 --> 00:23:04,540 and then your RTO and RPO relate to how quickly you replace them 521 00:23:04,540 --> 00:23:08,460 and how much of their data or their usage 522 00:23:08,460 --> 00:23:13,460 is backed up and retrievable over that same time period 523 00:23:13,980 --> 00:23:14,820 and prior. 524 00:23:16,460 --> 00:23:18,100 That for a manufacturing organization 525 00:23:18,100 --> 00:23:19,700 might be a machine on the floor. 526 00:23:19,700 --> 00:23:20,540 Yeah. 527 00:23:20,540 --> 00:23:21,380 Right? 528 00:23:21,380 --> 00:23:23,300 I mean, there's lots of different ways to look at this 529 00:23:23,300 --> 00:23:28,300 and the traditional 100 year old manufacturing organization 530 00:23:28,300 --> 00:23:31,180 that spends millions and millions of dollars 531 00:23:31,180 --> 00:23:33,300 per machine that makes their widgets 532 00:23:33,300 --> 00:23:36,100 has parts for that machine. 533 00:23:36,100 --> 00:23:39,140 They've got support and service for that machine. 534 00:23:39,140 --> 00:23:40,580 They may even have an employee 535 00:23:40,580 --> 00:23:44,420 who's a support service champion for that machine. 536 00:23:44,420 --> 00:23:46,140 Those are the same kinds of lenses 537 00:23:46,140 --> 00:23:48,020 we need to look through when we think about data 538 00:23:48,020 --> 00:23:48,980 and applications. 539 00:23:49,940 --> 00:23:51,260 That's a great point. 540 00:23:51,260 --> 00:23:55,260 We sometimes forget the operational cost of it 541 00:23:55,260 --> 00:23:58,020 when it comes to the individual, right? 542 00:23:58,020 --> 00:23:59,660 Because you're probably, in some cases, 543 00:23:59,660 --> 00:24:02,420 I'm thinking of medical labs coming to us 544 00:24:02,420 --> 00:24:04,660 in medical labs coming to mind straight away. 545 00:24:04,660 --> 00:24:07,420 There are individuals who are literally paid to sit there 546 00:24:07,420 --> 00:24:09,940 and make sure everything's going according to plan 547 00:24:09,940 --> 00:24:12,460 to be available if something goes wrong. 548 00:24:12,460 --> 00:24:14,300 Sometimes there's more than one 549 00:24:14,300 --> 00:24:19,300 and they're being paid completely valid amounts of money 550 00:24:21,700 --> 00:24:25,820 for what the loss of what the value is 551 00:24:25,820 --> 00:24:27,220 for what they're doing, 552 00:24:27,220 --> 00:24:30,340 but they may not do anything throughout that day. 553 00:24:30,340 --> 00:24:34,780 So that RTO and RPO has been assigned to the products 554 00:24:34,780 --> 00:24:36,940 and the service that's being completed 555 00:24:36,940 --> 00:24:40,740 and that individual has been put up as the solution to that, 556 00:24:40,740 --> 00:24:42,860 to minimize those numbers. 557 00:24:42,860 --> 00:24:46,580 It's not always just we need a secondary location 558 00:24:46,580 --> 00:24:48,700 to go to if something happens to our primary location 559 00:24:48,700 --> 00:24:50,940 or we need backup service in case that's necessary. 560 00:24:50,940 --> 00:24:53,380 It's every tool you can come up with 561 00:24:53,380 --> 00:24:55,500 to make those numbers as low as possible. 562 00:24:55,500 --> 00:25:00,100 I'll shift a little bit. 563 00:25:01,220 --> 00:25:04,180 When we think about what I was referring to earlier 564 00:25:04,180 --> 00:25:07,420 and the internet being the single point of failure, 565 00:25:07,420 --> 00:25:08,620 we only have one firewall, 566 00:25:08,620 --> 00:25:10,540 we only have one internet connection. 567 00:25:10,540 --> 00:25:14,940 Some organizations have been able to navigate 568 00:25:14,940 --> 00:25:19,940 the remote work scenario very, very well due to the pandemic. 569 00:25:21,820 --> 00:25:24,060 And that has added a component to this. 570 00:25:24,060 --> 00:25:25,620 Well, if our internet goes down 571 00:25:25,620 --> 00:25:27,940 and all of our applications live in the cloud, 572 00:25:27,940 --> 00:25:29,980 there's an enormous amount of mobility 573 00:25:29,980 --> 00:25:32,860 that comes into that scenario. 574 00:25:32,860 --> 00:25:35,820 Well, our applications are in the cloud, 575 00:25:35,820 --> 00:25:37,300 our people can be very mobile. 576 00:25:37,300 --> 00:25:38,500 Everyone's got laptops. 577 00:25:38,500 --> 00:25:40,660 We did away with the desktop long ago. 578 00:25:40,660 --> 00:25:42,460 They can pick up their laptops, they can go home, 579 00:25:42,460 --> 00:25:43,980 they can go to a coffee shop, 580 00:25:43,980 --> 00:25:46,340 they can do some things from their phone. 581 00:25:46,340 --> 00:25:51,340 Those present potential recovery scenarios 582 00:25:51,340 --> 00:25:54,700 in the event that, again, we're talking about 583 00:25:54,700 --> 00:25:57,980 an internet outage at the organization's location 584 00:25:57,980 --> 00:25:59,020 where its people are. 585 00:25:59,020 --> 00:26:03,700 However, I think to say that out loud is kind of one thing 586 00:26:04,860 --> 00:26:07,740 and then to expect it to happen as another 587 00:26:07,740 --> 00:26:12,420 should the fiber get cut underneath the ground 588 00:26:12,420 --> 00:26:14,700 out beside the building and all of a sudden, 589 00:26:14,700 --> 00:26:18,740 there's no internet to stop everybody from working, 590 00:26:18,740 --> 00:26:20,860 get them up, instruct them to go home, 591 00:26:20,860 --> 00:26:22,820 instruct them to go to another location. 592 00:26:24,700 --> 00:26:28,780 Sounds good, but we all know that along the way, 593 00:26:30,500 --> 00:26:32,740 on the way home, things may happen, 594 00:26:32,740 --> 00:26:34,940 there's still a significant amount of disruption 595 00:26:34,940 --> 00:26:36,740 in that process, right? 596 00:26:37,620 --> 00:26:39,900 I certainly trust people to go home 597 00:26:39,900 --> 00:26:41,060 and continue to their workday, 598 00:26:41,060 --> 00:26:44,100 but some people may take an extended lunch. 599 00:26:44,100 --> 00:26:46,780 Some people might not be as comfortable with 600 00:26:46,780 --> 00:26:50,300 or make an easier transition from the office 601 00:26:50,300 --> 00:26:52,580 to their home location to continue to work. 602 00:26:52,580 --> 00:26:57,580 So, well, the idea that the cloud brings 603 00:26:57,660 --> 00:27:01,580 that portability to the organization, 604 00:27:01,580 --> 00:27:04,260 there still is some people process there to say, 605 00:27:04,260 --> 00:27:07,500 okay, the internet's out, everybody go home and work. 606 00:27:07,500 --> 00:27:09,780 How much do we trust that? 607 00:27:09,780 --> 00:27:13,220 How well is that going to work for our organization? 608 00:27:13,220 --> 00:27:15,780 It's not a bad idea to think about an exercise 609 00:27:15,780 --> 00:27:17,060 that tests that. 610 00:27:17,060 --> 00:27:20,260 What do we know about people's ability to work from home? 611 00:27:20,260 --> 00:27:23,220 And so then that connects us back to, 612 00:27:23,220 --> 00:27:27,180 is it just worth the investment in an additional firewall, 613 00:27:27,180 --> 00:27:30,940 another internet connection to make up for an outage 614 00:27:30,940 --> 00:27:32,380 in either one of those scenarios 615 00:27:32,380 --> 00:27:34,580 where we're very dependent on the internet? 616 00:27:35,500 --> 00:27:39,700 Yeah, and we have multiple scenarios obviously where, 617 00:27:40,940 --> 00:27:42,740 I mean, right out the gate, 618 00:27:42,740 --> 00:27:45,860 I've been called paranoid multiple times during this, 619 00:27:45,860 --> 00:27:50,420 and not during this podcast, but others, 620 00:27:50,420 --> 00:27:54,580 and part of that is preparing for those worst case scenarios, 621 00:27:54,580 --> 00:27:56,340 is a large part of what this is. 622 00:27:56,340 --> 00:27:57,460 No, we don't wanna think about it, 623 00:27:57,460 --> 00:27:59,620 but hey, let's mitigate it just in case. 624 00:27:59,620 --> 00:28:02,300 Natural disasters, someone cutting cables, 625 00:28:02,300 --> 00:28:06,260 whatever it is, it may happen, right? 626 00:28:07,940 --> 00:28:11,340 Because just someone working on the street outside 627 00:28:11,340 --> 00:28:14,420 can have an impact to people getting into the building, right? 628 00:28:14,420 --> 00:28:19,420 Work from home scenarios, test restores, 629 00:28:20,700 --> 00:28:23,260 disaster recovery and business continuity plans 630 00:28:23,260 --> 00:28:24,660 play into this very heavily, 631 00:28:24,660 --> 00:28:26,780 but I talk about them enough. 632 00:28:26,780 --> 00:28:29,380 So if you have more questions, let us know. 633 00:28:31,820 --> 00:28:33,660 The thing for me that comes from that, 634 00:28:33,660 --> 00:28:34,500 because Scott's right, 635 00:28:34,500 --> 00:28:37,340 we should as much as you can test these policies, 636 00:28:37,340 --> 00:28:39,020 test these plans you put in place, 637 00:28:39,020 --> 00:28:41,980 figure out where there's deficits in what you're doing. 638 00:28:41,980 --> 00:28:46,940 And right out the gate, first question you can ask is, 639 00:28:46,940 --> 00:28:48,580 hey, if this goes down, 640 00:28:48,580 --> 00:28:52,180 if this tool was unavailable because of any reason, 641 00:28:52,180 --> 00:28:54,700 how long would it take to come back up? 642 00:28:54,700 --> 00:28:56,220 Ask your internal IT. 643 00:28:56,220 --> 00:29:00,980 I mean, ask CIT if we're your internal, if we're your IT. 644 00:29:00,980 --> 00:29:05,700 Ask us, because we have numbers on what we believe 645 00:29:05,700 --> 00:29:07,220 we can get that done to you, 646 00:29:07,220 --> 00:29:09,540 we can how quickly we can do that for you. 647 00:29:09,540 --> 00:29:12,020 If you have goals in mind, 648 00:29:12,020 --> 00:29:15,220 then your internal IT or your external IT 649 00:29:15,220 --> 00:29:18,220 will work with you to come up with what those numbers are now 650 00:29:18,220 --> 00:29:20,380 and do what they kind of bridge that gap. 651 00:29:21,500 --> 00:29:24,500 Oftentimes it is a budgetary item 652 00:29:24,500 --> 00:29:28,780 where maybe it just needs a little bit more money thrown at it. 653 00:29:28,780 --> 00:29:30,380 So by doing these RTOs and RPOs, 654 00:29:30,380 --> 00:29:33,220 you can find out if that's beneficial to the organization. 655 00:29:33,220 --> 00:29:38,220 Starting with, here's all the things that can go wrong, 656 00:29:38,220 --> 00:29:40,220 is my favorite way to do it. 657 00:29:40,220 --> 00:29:42,220 But that's not beneficial to a lot of people. 658 00:29:42,220 --> 00:29:45,220 I know some people prefer to go the route of, 659 00:29:45,220 --> 00:29:49,220 how important is this and then build down from that, 660 00:29:49,220 --> 00:29:51,220 rather than being paranoid first, 661 00:29:52,220 --> 00:29:54,220 which I'm sure is a valid way to do it. 662 00:29:54,220 --> 00:29:58,220 I'm in security, so paranoid at the first is where we start. 663 00:29:58,220 --> 00:29:59,220 Yeah. 664 00:29:59,220 --> 00:30:03,220 As we dig into this, I know we kind of talked about 665 00:30:03,220 --> 00:30:07,220 in a lot of ways there are various levels of risk, 666 00:30:07,220 --> 00:30:09,220 right, and that will largely impact 667 00:30:09,220 --> 00:30:11,220 how quickly we want to recover. 668 00:30:11,220 --> 00:30:14,220 There are a lot of different ways you can go about that. 669 00:30:14,220 --> 00:30:16,220 There's, and we can dig into this. 670 00:30:16,220 --> 00:30:18,220 You guys can tell me whether it makes sense to do it or not, 671 00:30:18,220 --> 00:30:21,220 but you can have like mirrored sites for an example, 672 00:30:21,220 --> 00:30:23,220 you got a hot recovery, 673 00:30:23,220 --> 00:30:25,220 so the intent of staying up for a while, 674 00:30:25,220 --> 00:30:27,220 you can go to the website, 675 00:30:27,220 --> 00:30:29,220 so the intent of staying up all the time, 676 00:30:29,220 --> 00:30:31,220 it's essentially what we're doing 677 00:30:31,220 --> 00:30:33,220 when we throw something into the cloud. 678 00:30:33,220 --> 00:30:35,220 But those things that are not quite as critical, 679 00:30:35,220 --> 00:30:39,220 you still have the ability to decide how you want to recover to them. 680 00:30:39,220 --> 00:30:41,220 At one of the, at the beginning, 681 00:30:41,220 --> 00:30:43,220 I kind of alluded to a lot of people will say, 682 00:30:43,220 --> 00:30:44,220 well, we just want everything up all the time, 683 00:30:44,220 --> 00:30:46,220 which I agree with me too, 684 00:30:46,220 --> 00:30:48,220 that gets back to the paranoid thing. 685 00:30:48,220 --> 00:30:51,220 But the reality is, if everything went down, 686 00:30:51,220 --> 00:30:52,220 you will have to pick. 687 00:30:52,220 --> 00:30:55,220 How do I decide what's the most important thing to do? 688 00:30:55,220 --> 00:30:59,220 So, informally, every organization knows what that is, 689 00:30:59,220 --> 00:31:01,220 because when push comes to shove, they'll go, 690 00:31:01,220 --> 00:31:03,220 okay, well, if you made me pick, I would pick this, 691 00:31:03,220 --> 00:31:05,220 although I'll resist you every step of the way, 692 00:31:05,220 --> 00:31:07,220 but now that I have to, I can do that. 693 00:31:07,220 --> 00:31:10,220 Eventually, you can get to a point where you say, 694 00:31:10,220 --> 00:31:13,220 in this particular instance, all I really need is, 695 00:31:13,220 --> 00:31:15,220 you can do whatever term you want to do, 696 00:31:15,220 --> 00:31:17,220 is I just need a cold system I can restore to, 697 00:31:17,220 --> 00:31:20,220 or spare, or whatever the case may be. 698 00:31:20,220 --> 00:31:22,220 So the question for you guys is, 699 00:31:22,220 --> 00:31:23,220 do you want to go down that path too 700 00:31:23,220 --> 00:31:25,220 and talk about what that looks like? 701 00:31:25,220 --> 00:31:27,220 You started to allude to the acceptable recovery. 702 00:31:27,220 --> 00:31:30,220 There is a flat out cost where someone will eventually say, 703 00:31:30,220 --> 00:31:32,220 nope, it's just way too much. 704 00:31:32,220 --> 00:31:37,220 I will not pay that to get this email server back up and running. 705 00:31:37,220 --> 00:31:39,220 Yeah. 706 00:31:39,220 --> 00:31:43,220 Todd, I heard you say something that's important, 707 00:31:43,220 --> 00:31:45,220 and I know we're coming up on time. 708 00:31:45,220 --> 00:31:48,220 And that was everybody inherently kind of knows in their mind 709 00:31:48,220 --> 00:31:51,220 what they think that recovery time objective is, right? 710 00:31:51,220 --> 00:31:53,220 And I think you're right. 711 00:31:53,220 --> 00:31:57,220 Overwhelmingly, I have sat in too many meetings 712 00:31:57,220 --> 00:32:00,220 where there was an assumption that was made by the business, 713 00:32:00,220 --> 00:32:02,220 right, by business leadership that said, 714 00:32:02,220 --> 00:32:05,220 well, we just kind of thought IT had that figured out for us. 715 00:32:05,220 --> 00:32:09,220 They just knew that, you know, we want zero downtime or whatever, 716 00:32:09,220 --> 00:32:11,220 right? 717 00:32:11,220 --> 00:32:16,220 And IT didn't know that because the conversation hadn't taken 718 00:32:16,220 --> 00:32:18,220 place. 719 00:32:18,220 --> 00:32:20,220 They hadn't sat together in a room, 720 00:32:20,220 --> 00:32:23,220 and they had to get the technology and the business together 721 00:32:23,220 --> 00:32:28,220 and said, this is our expectation for recovery times, 722 00:32:28,220 --> 00:32:32,220 for outage, and then give technology an opportunity to say, 723 00:32:32,220 --> 00:32:37,220 well, you know, I hear you say two hours, the reality is eight. 724 00:32:37,220 --> 00:32:41,220 And so we then, the business, need to understand the investment 725 00:32:41,220 --> 00:32:46,220 required to shore up that six hours and to get that truth out 726 00:32:46,220 --> 00:32:50,220 of the world. So everybody, technology, up through business 727 00:32:50,220 --> 00:32:52,220 unit leadership and senior leadership understand what the 728 00:32:52,220 --> 00:32:55,220 realities of those things are. 729 00:32:55,220 --> 00:32:58,220 Yeah, I think one of the other potential pitfalls there is, 730 00:32:58,220 --> 00:33:02,220 is business and IT are not talking the same language. 731 00:33:02,220 --> 00:33:05,220 IT may have felt like they communicated what that cost 732 00:33:05,220 --> 00:33:08,220 would be to get a different setting, and vice versa, 733 00:33:08,220 --> 00:33:10,220 right, the business is saying, well, you should have known 734 00:33:10,220 --> 00:33:14,220 obviously this is the case, and you're not always in alignment. 735 00:33:14,220 --> 00:33:16,220 So at a minimum, having the conversation and making sure 736 00:33:16,220 --> 00:33:18,220 that you're aligned is definitely going to be the right step. 737 00:33:18,220 --> 00:33:20,220 I know we talked about a risk assessment at the beginning, 738 00:33:20,220 --> 00:33:24,220 and quite frankly, it is the beginning to most powerful 739 00:33:24,220 --> 00:33:26,220 conversations. You got to understand where you are. 740 00:33:26,220 --> 00:33:28,220 If you don't know where you are, you don't know where you're 741 00:33:28,220 --> 00:33:30,220 going. 742 00:33:30,220 --> 00:33:33,220 Yeah, I'll say this, and I've mentioned this previously, 743 00:33:33,220 --> 00:33:36,220 but I think you've hit the nail on the head for how I think 744 00:33:36,220 --> 00:33:40,220 about it, which is that Aoteo and Apio is a business conversation. 745 00:33:40,220 --> 00:33:45,220 And at least in my experience as someone who didn't start out 746 00:33:45,220 --> 00:33:48,220 with that business mindset, I distinctly remember that moment 747 00:33:48,220 --> 00:33:51,220 where I started to think that way, because it was the moment 748 00:33:51,220 --> 00:33:55,220 that I started getting senior leadership to listen and understand 749 00:33:55,220 --> 00:33:58,220 what I was actually saying, because it wasn't just, hey, 750 00:33:58,220 --> 00:34:00,220 here's this cool tool that's going to make my life easier. 751 00:34:00,220 --> 00:34:03,220 It was, here's this cool tool that's going to save the 752 00:34:03,220 --> 00:34:07,220 organization time and money, which is such an obvious 753 00:34:07,220 --> 00:34:11,220 distinction now, but really took me a while to get there. 754 00:34:11,220 --> 00:34:14,220 And oftentimes when you see that, when you see that or feel an 755 00:34:14,220 --> 00:34:19,220 excessive amount of burnout from internal IT, I tend to think 756 00:34:19,220 --> 00:34:22,220 it's because of that disconnect. 757 00:34:22,220 --> 00:34:25,220 They're taking on things that they think are meant to be 758 00:34:25,220 --> 00:34:28,220 completing these tasks or being told they can't do them 759 00:34:28,220 --> 00:34:31,220 because of that. So, I completely agree that having that 760 00:34:31,220 --> 00:34:34,220 communication open from the business side first with this 761 00:34:34,220 --> 00:34:39,220 RTO and RPO can really change that conversation, open that 762 00:34:39,220 --> 00:34:43,220 communication easier, and find where those gaps are that, 763 00:34:43,220 --> 00:34:46,220 again, were maybe just assumptions that it would work a 764 00:34:46,220 --> 00:34:51,220 certain way. And the explanation that came from someone else 765 00:34:51,220 --> 00:34:54,220 trying to make it work better just maybe wasn't expressed in 766 00:34:54,220 --> 00:35:00,220 the way that worked for the leadership team or vice versa. 767 00:35:00,220 --> 00:35:03,220 Yeah, just to kind of summarize that is, I think the way that 768 00:35:03,220 --> 00:35:06,220 I phrased it was you informally know what it is, right? 769 00:35:06,220 --> 00:35:08,220 Push comes to show if you'll be able to figure it out. 770 00:35:08,220 --> 00:35:12,220 This process takes it from informal to formal. 771 00:35:12,220 --> 00:35:16,220 Yeah. 772 00:35:16,220 --> 00:35:21,220 We've covered a lot today and I feel like there's so much more. 773 00:35:21,220 --> 00:35:24,220 I just wanted to give you guys an opportunity if there's 774 00:35:24,220 --> 00:35:29,220 anything we didn't cover that you really wanted to say here 775 00:35:29,220 --> 00:35:32,220 in today's podcast. 776 00:35:32,220 --> 00:35:35,220 I'm going to start with a question for you. 777 00:35:35,220 --> 00:35:38,220 What's the RTO and RPO a fun? 778 00:35:38,220 --> 00:35:41,220 This is fun to do. 779 00:35:41,220 --> 00:35:43,220 We should have started there. 780 00:35:43,220 --> 00:35:47,220 It's just fun. 781 00:35:47,220 --> 00:35:50,220 Yeah, I mean, I would say it's critical, right? 782 00:35:50,220 --> 00:35:53,220 If it isn't clear at the beginning of the meeting, by the time 783 00:35:53,220 --> 00:35:56,220 we're done, you should hopefully have made the connection that 784 00:35:56,220 --> 00:35:59,220 just assuming is insufficient, you do need to do the deep dive. 785 00:35:59,220 --> 00:36:02,220 You do need to do the formal planning and you do need to write 786 00:36:02,220 --> 00:36:05,220 that down and make sure that what you've got in place can meet 787 00:36:05,220 --> 00:36:07,220 what your expectations are. 788 00:36:07,220 --> 00:36:12,220 Otherwise, unfortunately, you're set up for a bad day. 789 00:36:12,220 --> 00:36:15,220 Yeah, and we want only good days. 790 00:36:15,220 --> 00:36:18,220 So assessment, planning, knowing what you have. 791 00:36:18,220 --> 00:36:21,220 If you ever need help, you can always reach out to us. 792 00:36:21,220 --> 00:36:24,220 Thank you, Todd, Scott and Matthew for joining us today. 793 00:36:24,220 --> 00:36:28,220 If you enjoyed this podcast, please like and subscribe. 794 00:36:28,220 --> 00:36:31,220 If you want to know how you're feeling about us and these subjects, 795 00:36:31,220 --> 00:36:33,220 if you have a topic you'd like us to discuss, 796 00:36:33,220 --> 00:36:38,220 reach out to us at info at cIT-net.com 797 00:36:38,220 --> 00:36:43,220 or head out to our website, cIT-net.com, slash, podcast. 798 00:36:43,220 --> 00:36:59,220 Thank you for joining us.