Data protection SLA's: measuring their effectiveness - Storage Networking

Computer Technology Review, August, 2002 by Lynne VanArsdale

Payback measures often drive IT investment, especially in difficult economic environments. Yet payback on investment in service levels remains hard to measure, especially for the most common organizations: small businesses, workgroups and small departments. This article is the fourth in a series of five articles addressing creation and maintenance of simple, effective, data protection service-level-agreements (SLAs). These SLAs are designed to reduce business risk, improve operations and encourage growth of the "common organizations." The previous three articles presented motivation and methodology for creating the SLAs, planning techniques for creating an infrastructure to support the SLA, and an approach for implementing support for the SLA, based on the chosen infrastructure design. This penultimate article shows techniques for measuring payback on the resources and time employed to create and support the SLA.

The first task in assessing payback is identifying measurable business value related to the services laid out in the SLA. Categories of business value related to data protection service levels include inherent data value, worker productivity, customer satisfaction, and corporate/market confidence. Maximizing business value associated with data protection SLAs involves optimizing business expenditures (e.g. enabling good cost/benefit decisions, and avoiding probable business loss). The basic approach in each of these cases is to regain some of the probable business value losses due to data unavailability (see Figure).

SLA Payback Measures Depend on How Data Protection Perceived

Measuring payback based on inherent data value makes the most sense in companies where business information is the most important corporate value. Examples of such companies are financial-research information providers or Internet-based companies. Payback calculations, in this case, involve quantifying the value of each data set as a function of time. It also involves estimating the probability of not being able to realize value of each data set. The first article in this series illustrates how these quantities can form the basis for designing the SLA, in terms of probability of data loss and the impact of that loss. If the impact was expressed in monetary terms, monetary business value of protecting each data set can be expressed as PB = [PL--PDP] x MVI, where PB is the payback, PL is the probability of a detrimental event occurring, PDP is the reduction in that probability due to data protection service levels, and MVI is the monetary value of the impact of losing access to that data set. Note that PL, PDP, and MVI are all a function of the amount of time the data is unavailable (t).

To illustrate the use of this equation, take the example of a data set backup that is only kept offsite after one day. Assume the probability of requiring access to that offsite backup in any given year is 1%. Note that this 1% probability is based on the likelihood of needing the backup, as well as the likelihood that the backup is offsite. Assume also that the time it takes to recover from an offsite copy is 12 hours, and the impact of not having access to that data is $10,000 of revenue per hour. The first term in the payback equation would equal: 1% x 12 hours x $10,000/br, or $1,200.

A data-protection scheme that deploys a library to allow more backups to be kept onsite longer might reduce the probability of requiring access to offsite copies to 0.01% and set the probability of having to recover from a local copy to 0.5%. Assume the time to recover from a local backup is 1 hour. The second term then becomes (0.01% x 12 hrs. 0.5% x 1 hour) x $10,000/hr. = $62.

The payback, for that data set, of deploying such an automation solution would then be $1,200 - $62 = $1,138 of revenue per year.

If the value of each data set is not expressed in monetary terms as a function of time, estimates require associating the impact of data set unavailability with assets, debt, revenues, and/or expenses. To illustrate this kind of estimate with an example, the impact of losing access to a database for an hour might be expressed in terms of the average revenues and/or cost savings generated through use of that database, per hour. Often these kinds of assessments are difficult, but estimates can come from interviewing a variety of stakeholders.

Measuring payback for data protection environments where worker productivity is the key value is common for manufacturing plants. In this case, payback can be measured by the number of hours a worker is productive on the job, or, more comprehensively, the number of units produced over time. A simple calculation that can be used for payback in this case is PB = (PDA - PDU) (PWDP - PWODP), where PB is payback in terms of productivity (worker hours, units produced, etc.), PDA is productivity on the job when data is available, PDU is productivity when data is unavailable, PDP is the probability of data being available with data protection, and PWODP is the probability of data being available without data protection. For example, if worker productivity is 6 hours per day with data availability and 1 hour without data availability, and data protection increases the probability of data availability by 50%, then payback is 2.5 hours per day.