When you write a service-level agreement with one of the groups in your company, how do you make sure that the value they place on the data they leave under your control actually corresponds to the data's true value to your firm?
Many of us contend with a group of department heads, each of whom feels all the data that their department uses is critical to the well being of the company. When you meet people like this you may find yourself dealing with what is as much a psychological issue as an IT problem. Tell a department head that his departmental data is of lesser value than the data from another department and he may think that you're saying his department is of lesser value than another and, by extension, that he too is not as important as some of his colleagues.
If putting yourself between a department head and his psyche is not exactly what you had in mind when you asked your company's management to define service levels for their data, then perhaps the following may be of some use.
The Storage Networking Industry Association (SNIA), through the work of its Data Management Forum, provides a useful set of guidelines for defining the value of data. Its schema classifies five different classes of data according to the degree by which they must be accessible, available and protected. In other words, data value is defined by how much importance that data has to the running of the company.
The five classes are defined as "mission critical" (where data must be available 9.999% of the time - the "five-nines" level of protection that we hear so much about), "business vital" (99.99% availability), "mission important" (99.9%), "important for productivity" (99%), and "not important to operation" (90%).
Recovery time objectives (RTO) are defined as the maximum time allowable for recovering data. Thus, for mission critical data the RTO (taken as .00001 of the total year) is 1.5 minutes; for business Vital data the RTO is 15 minutes; for mission important data the RTO is two hours; for data important for productivity the RTO is one day; and for data not important to operation to RTO is one week.
Rather than asking the various stakeholders in your organization how vital their data is (and probably finding out that everyone claims "mission critical"), ask them how soon they need their recoveries to occur. If they can wait 15 minutes, the odds are pretty good that they (and you) will appreciate the savings that can be applied. This is a fine way to implement an SLA.
Mike Karp is senior analyst with Enterprise Management Associates, focusing on storage, storage management and the methodology that brings these issues into the marketplace. He has spent more than 20 years in storage, systems management and telecommunications. Mike can be reached via e-mail: firstname.lastname@example.org.