We’re sometimes all too easily impressed by a few acronyms, like MTO, RTO and others in business continuity. It’s easy enough to find out what they mean, either from this site or elsewhere, but the real issue is whether that’s the point. Let’s explain. MTO stands for maximum tolerable outage, and RTO is for recovery time objective. The problem starts with the word “outage”: the notion of “working or not working”, “on or off”, “1 or 0”, and so on. Is DR being exposed to dangerous oversimplification?
It’s true that some disasters can stop a business in its tracks, whether we’re talking about floods or server crashes. But other disasters that are more insidious can finish a business off as well. It just takes more time. Thinking of a disaster as something binary (on or off) with MTO and RTO doesn’t allow for a whole range of situations that need resolution, but that can’t be categorised like this. Yet we still live in an analogue world. Even the binary “ones and zeroes” world of IT can be confronted with a “brownout” instead of a “blackout”, where power doesn’t fail, but simply fluctuates enough to cause problems.
MTD or maximum tolerable degradation doesn’t feature in texts on disaster recovery. While it’s not being put forward as the definitive terminology to adopt, the goal is to draw attention to the fact that disaster recovery planners should be aware that MTO, RTO and so on aren’t the whole story. Lingering problems can kill businesses off as surely as sudden catastrophes, and worse still, they’re more difficult to detect and for that reason more difficult to remedy. Perhaps “next generation DR” will extend to brownouts and “deaths by a thousand cuts” to go beyond simple blackouts and binary “on or off” outages.