Jeff Vail
Jeff Vail

Disaster Recovery’s Top 5 Challenges

The increasing reliance on information technology (IT) means that organizations are also more vulnerable to system downtime. Today’s global markets also require IT systems to be available around the clock, since employees are always working. Any downtime in this operating environment quickly results in problems such as decreased productivity, reduced revenue, lost brand value and compliance issues.

Most organizations don’t deal effectively with the possibility of disaster recovery. Senior executives often consider it to be an IT problem, leaving it to the IT department to fix. This paradigm typically leads to the development of many tactical solutions to disaster recovery without a guiding strategy. However, disaster recovery is a business problem that requires a business approach to solve. The top five challenges in disaster recovery include the following issues:

  • Business needs
  • Downtime tolerance
  • Recovery time
  • Budget
  • Risk assessment

Business Needs

The general goal of disaster recovery is to keep the business running, regardless of the circumstances. It should be driven by business requirements rather than IT capabilities, meaning that you must prioritize business processes before you can implement disaster recovery (DRP). Depending on the organization, the most important process may be the online ordering system, e-mail capability, the SharePoint platform, or any other business-critical platform or application. Identifying these processes ultimately requires input from your business users.

Downtime Tolerance

An effective DRP also requires you to assess each application’s sensitivity to downtime. This information indicates the likely consequences of downtime in each area and provides the foundation for the DRP. Analysts use two metrics to measure downtime tolerance, including recovery point objective (RPO) and recovery time objective (RTO).

RPO is the amount of data that an application can lose before the loss becomes a significant problem for your organization. In other words, it’s the point in the past to which your DRP must recover data. RTO measures an application’s importance to current business operations. An application with a large RTO means that you have more time to recover the application before the organization will be significantly affected.

Recovery Time

An organization’s DRP often fails to describe what should happen once the backup media leaves the data center. However, it’s essential to know how to recover data after the disaster. The mere fact that you can access backup data off-site doesn’t guarantee that you will be able to recover your applications quickly enough to satisfy users. This capability also requires access to equipment that can restore the data or adequate bandwidth to restore the data from a cloud service provider.


Organizations often assign a budget to the DRP before they determine the financial risk of data loss and downtime. However, you must quantify the value of the data you could lose in an outage before you can determine what you should spend to avoid those losses. These losses should also include the financial penalties for failing to comply with government regulations.

Risk Assessment

Risk assessment involves identifying the specific events that qualify as a disaster, which is highly dependent upon the organization and geography. Natural disasters such as earthquakes and hurricanes are reasonable possibilities only in certain areas, while the risk of a network failure is more specific to the organization. It’s also important to realize that small losses caused by a particular problem can add up quickly when that problem occurs frequently.

To learn more about what Wavestone US can do for your company, click here

Jeff Vail
Chief Executive Officer

As CEO, Jeff leads Wavestone US’ team of experienced consultants and plays a pivotal role in strategy development and execution for the firm. He is a top advisor and thought leader on Wavestone's range of services, spanning IT strategy, run optimization, and IT service management. With more than 20 years of experience in executive leadership functions, he has a deep understanding of what is takes to solve IT’s biggest problems: aligning with the business, lowering costs, and increasing speed and impact.

Laying the Foundations: The 4 Core Competencies of Effective Cloud Solutions Security

Sep 21, 2023

Implementing effective cloud solutions security is complex. Solution security architectures must be initially done with minimal mandated standards, then built progressively, with additional layers of security built on foundational capabilities. In this first of a 3-part series on safeguarding cloud solutions, we examine the 4 foundational capabilities of effective solutions security and best practices to implement them.

Wavestone Named to Forbes World’s Best Management Consulting Firms 2023 List

Sep 19, 2023

Forbes has once again recognized Wavestone in its annual “World’s Best Management Consulting Firms 2023” list. Read our blog for more information about the ranking and Wavestone’s award-winning business and technology consulting services.

Have a Question? Just Ask

Whether you're looking for practical advice or just plain curious, our experienced principals are here to help. Check back weekly as we publish the most interesting questions and answers right here.

Ask Wavestone