Our first blog of this series—which we hope you found informative—discussed how TCO (True Cost of Ownership) can affect your evaluation of data protection vendors. We also talked about how to identify the different elements you should include in your TCO analysis. The second criterion for selecting a Business Recovery solution? Evaluating reliability. But we offer a fresh take on how to evaluate this classic standard.
- TCO – True Cost of Ownership
- Investment Protection
- Vendor Ecosystem
- Security & Compliance
When you’re assessing a new IT solution, know that evaluating reliability means more than whether the product performs according to specifications. In this context, expand its scope to include the following:
- Product Performance
- Product Updates
- Product Stability
- Quality of Support
- Vendor’s Financial Stability
A reliable Business Recovery solution is one that not only performs as specified, but also has the necessary elements to support your business before, during, and after an interruption. What good is a product you can’t update to support the evolution of your IT environment? Do you really want to be caught spending more hours than originally estimated on product maintenance and tech support? Will the vendor that sold you the solution be around three, five, or seven years down the road to ensure your business is adequately protected? These are some of the questions you should ask in framing reliability as a key component of a serious evaluation process. Let’s explore each of the alpha-designated items above, individually.
The two most critical aspects of product performance for data protection and recovery solutions are Recovery Point Objective (RPO) and Recovery Time Objective (RTO). If a solution doesn’t perform to your specifications related to latest restore point —RPO — or to speed of recovery — RTO — chances are that particular solution won’t help the business when it’s most in need (i.e., after an IT outage or other unforeseen IT event). There are other performance-related dimensions to think about — ease of deployment, for example. After initial deployment, what’s the effort (and cost) required to add additional devices? If you migrate environments (physical to virtual, virtual to virtual, etc.) will the product support the new infrastructure, and will it continue to perform at a high level? View performance through the lens of accuracy and speed, yes, but also through the lens that proves the solution can adequately protect your business as your IT operations change or evolve. In fact, this mutifaceted view is one of the key differences between deploying a holistic Business Recovery solution and one that merely backs up your data.
IT tends to shift and morph its requirements parameters very quickly, in nearly any organization. This includes increasing use of virtualization technologies, steeling for rapid data growth, and responding to mounting pressures from business units to do more with less. Will your data protection solution be able to keep pace with the resultant change? Consider how easy and seamless product updates are to apply, and whether you have to take production systems offline — or more extremely, leave the IT environment unprotected — while you apply the latest patch or release. The more difficult and time-consuming a system upgrade is, the longer you may delay doing it. It’s only natural. But this type of delay can seriously compromise your business, if it jeopardizes the ability to recover data and applications. Ask the vendor to share their release schedule with you (annual? quarterly? monthly?) and study their past year from a product perspective, to see how significant updates ended up being “shipped” to customers and implemented. Were they just bug fixes or key improvements to help companies get better/faster recoveries? It’s also a good idea to be aware of upcoming releases plans on the vendor’s product roadmap.
You’ll always encounter bugs in software and IT system releases; there hasn’t been a software-based solution developed yet that is completely bug-free or that might not present a glitch sometime in the future. The question becomes: How often do these glitches occur, and how easy is it for you to spot and correct them? In data protection and recovery, you’ll encounter products that spit out log files that include hundreds of messages per minute — indicating a variety of situations. Some of these message collectives will contain cryptic codification, requiring research and extra support from the vendor. Others will only show you critical errors, yet may also alert you before something goes wrong. So a “product stability” definition can fluctuate by solution, requiring you to understand the product’s management interface, its ease of use, and especially its troubleshooting simplicity or complexity.
Quality of Support
We’ve all been there: Customer service reps that repeat the verbiage in their scripts, no matter what questions you have. Support lines that leave you hanging for nail-biting minutes, and callbacks that take hours. In the IT world, nothing is more painful than having to reach out to a vendor to resolve an urgent issue that’s beyond your capabilities. Multiple numbers to call, directories to navigate, and voice mails to leave. And when you do connect with a live person, he or she may not be able to pull up basic information about your company — requiring you to tell them, sometimes more than once, the whole story of your predicament. Evaluating a vendor’s technical support might not seem like it should be an upfront factor in deciding what technology you use, but IT leaders who have gone through several painful processes know it is of paramount importance. For Business Recovery solutions, the speed, technical aptitude, and availability of support personnel can determine whether you will or won’t meet your RTO in a given situation. Factors that affect the quality of technical support can include: physical location of the support team, hours of operation, and whether the team is supporting the company’s own technology or someone else’s (e.g. a vendor that combines products through OEM agreements might have to escalate technical requests to an original software developer — almost always lengthening time-to-resolution).
Company’s Financial Stability
You might be tempted to hone in on annual revenues as your deciding factor. And you may assume that smaller companies — just by nature of size and length of time offering products or services — are riskier than larger, established operations. To accurately paint a picture of a vendor’s stability to your CFO, you would do well to take into account not just revenues and size, but also cash flow, growth projections, whether the firm in question is public or private, and where they stand in terms of venture capital or private-equity investments. A small but fast company with plenty of cash in the bank can be less risky than a larger company that has a highly complex support framework, slow product delivery cadence, or simply may not have longterm commitment to the solution you need (think of Dell’s recent EMC acquisition announcement, for example).
As you can see, a product’s Reliability factor soars way beyond merely excellent product performance. Scoring high on all of the above-mentioned accountability factors will show you which providers you can rely on when you need assistance most. Stay tuned for Blog 3 in this series, focusing on Criterion #3: Investment Protection. Right now, get your essential guide to crafting a bulletproof Business Recovery plan, here.