More than 70% of businesses experience downtime due to an IT outage at some point in their fiscal year. Many of these organizations experience several small IT interruptions that can translate to hours or even days of lost productivity. This, in turn, translates to real financial losses that can be directly linked to decreases in a company’s brand reputation, employee productivity, and sales revenues. Not to mention losses attributable to significant increases in unforeseen data recovery costs.

With so much at stake, it’s no wonder that when asked about the top data protection mandates from the organization’s IT leadership, most IT professionals report the following three:

  1. Increase reliability of backups or recoveries
  2. Increase speed/agility of recoveries
  3. Increase speed or frequency of backups

Source: ESG Research Report: 2015 Trends in Data Protection Modernization, Sept 2015

These key mandates underscore the need for rapid and reliable recovery, and also place pressure on IT leadership to ensure their data protection technology can deliver on business goals. So how should you go about evaluating what you currently have in place — and needed attributes when you are looking for a new solution? This post launches a series of five blog posts, through which we will give you the Top 5 Key Criteria for Selecting a Business Recovery Solution. The criteria are:

  1. TCO – True Cost of Ownership
  2. Reliability
  3. Investment Protection
  4. Vendor Ecosystem
  5. Security & Compliance

Throughout the series, you’ll notice that we don’t focus exclusively on technology features; we aim to take a broader view by considering elements that go beyond what a product can deliver, and exploring certain business characteristics of a hypothetical vendor.

So let’s start with the first criteria, TCO.

Understanding True Cost of Ownership

TCO is typically referred to as Total Cost of Ownership, but I like to call it “True Cost of Ownership,” as this verbiage implies an understanding of exactly what you are paying for when deploying a solution. The image that most associate with calculating cost of ownership is the traditional iceberg, because what you see above the water (i.e. the invoice you get from the vendor) is not a true representation of the entire floating block of ice (which includes the big chunk hidden beneath the water, i.e., additional costs incurred while/by using the solution).

The TCO calculation for data protection solutions includes the following items:

  • Upfront costs
  • Recurring costs
  • Additional fees
  • Setup time and costs
  • Maintenance and monitoring
  • Disaster Recovery Testing
  • RPO and File Recovery
  • RTO and Downtime

Upfront Costs include software licenses, hardware purchases, and service fees you have to shoulder in order to gain access to the solution. If deploying a server replication solution, for example, you will be charged licensing fees related to the server to be replicated (sometimes charged by the socket), the cost of a management console if that’s a separate product, and the fee for the target server itself, that’s designated for replication (unless you’ve placed one in reserve). If you set up the secondary server in a different facility or with a colocation / hosting provider, there will be additional upfront fees you will have to consider. As well, some vendors will require their own professional services team to take care of initial setup. If deploying a backup solution that requires a physical hardware appliance, the price you pay for the appliance will be included in your upfront costs. What about SaaS applications? There are typically monthly, quarterly, or annual fees you will have to consider. Understanding the cadence of the fee structure lets you accurately budget costs.

The good news: If you purchased a traditional software-based local backup product that gives you a license in perpetuity, you won’t have the burden of recurring costs directly associated with that license.

Additional fees are those that may not be clear in the vendor’s proposal or are not included as part of the “base package.” These costs could involve upgrades and technical support (is tech support part of the base package? Do you have to pay additional fees if you want faster response? Are there different support tiers you have to consider, with different fee structures?). In some cases, product upgrades that fall within the first year are covered or included in the base license, but in many cases upgrades become an extra fee the vendor might continuously charge, so that you are always running the latest version and accessing patches.

Setup time and costs relate to the initial configuration of the solution. No surprises here, right? Not always. Ask your vendor about setup fees, training fees, and onboarding and initial deployment charges. You’ll also need to calculate the person-hours required of your own staff to get the solution up and running.

Maintenance and monitoring costs are typically outside the vendor’s control, and have to do with the daily time and effort you and your team will expend to keep the solution running, troubleshoot eventual error messages, and monitor windows. Depending on the solutions you choose and use, these person-hour drains can dramatically impact your spend in this area.

Disaster recovery testing costs include two major components, as Disaster Recovery and data protection vendors deal with different events through varying models. In some cases, the vendor will request that you contact them directly and schedule DR tests. Other vendors may give you the ability to conduct DR testing yourself without any formal process — and the fees can vary from free (included with the base license) to hundreds or thousands of dollars for each server tested or hour of testing. The second component to factor in: your own internal costs. Do you have to take production servers offline when you execute DR tests? Will your staff have to perform tests during off-hours? Or do you have the ability to easily spin up sandboxed environments in the cloud for easy DR testing? The dollar amounts associated with your time and efforts can add up.

Recovery Point Objectives (RPOs) and file recovery costs are basically the dollars associated with meeting your desired Recovery Point Objectives, as well as your costs incurred to perform recovery operations. Some vendors will provide varying SLAs and cost structures to meet your RPO goals, while others will be limited only by your network speeds. If you have to purchase deduplication or WAN optimization software or hardware to achieve your RPO goals, these costs should be considered as part of the overall solution. Recovery operations can take minutes or hours depending on whether or not you have to request assistance from your vendor. And each product’s ease of use — or lack thereof — will also contribute to your internal person-hour calculations.

Recovery Time Objectives (RTOs) and downtime are two of the most critical dimensions of your overall TCO calculation. The speed with which you can get not just a server back online after an IT outage, but the entire network back into production, is of paramount importance. Calculating your cost of downtime will tell you how many hours you can afford, or how much money you will be losing for each hour of downtime. We’ve created a handy calculator at to assist.

A True Cost of Ownership calculation is a valuable starting point for understanding what a solution will end up costing you over time. It should be considered together with the remaining four criteria we will discuss in subsequent blog posts. Look for our second post on Reliability soon. Meanwhile, learn how to craft a holistic business recovery plan with our essential eGuide.


This website stores cookies on your computer to improve the website experience and improve our personalized services to you. To find out more about these cookies and our privacy processes please see our privacy policy. By clicking Accept you are granting permission for us to store this cookie. If you do not want us to install this cookie please close your browser window now.