Making the Case: How to Prove Data Protection’s Business Value to Your CFO



Dave LeClair copyby Dave LeClair

A CFO’s primary responsibility is to manage the financial risks of his organization. Since there is tremendous financial risk associated with data loss and downtime, you would think getting your CFO to sign off on data protection and business continuity technology would be easy, right? The reality is that it’s not.

Let me go on record and say that some CFOs do grasp the direct correlation between data protection and a company’s financial risk, and IT pros working for them should consider themselves lucky. But unfortunately, many CFOs today are too focused on minimizing costs at the expense of risk mitigation. These are the CFOs that believe traditional, existing backup practices are adequate, and their IT counterparts no doubt encounter trouble selling them on additional data protection, disaster recovery and business continuity solutions that are critical to the business, its reputation and the bottom line.

Sell Data Protection Using the Insurance Metaphor
If you want to sell data protection technology to your CFO, you have to speak his language – and that language revolves around dollar signs. Insurance is a type of financial risk management that aligns perfectly with the primary responsibility of a CFO. Fundamentally, insurance is a risk transfer mechanism; by definition, it’s the act of protection against loss, arising in specified contingencies, in consideration of a payment proportionate to the risk involved. Demonstrating how data protection can be thought of as a type of insurance against financial risk – an expense intended to protect the corporation from data loss or downtime, and their associated costs – will resonate with your CFO and help you make a strong business case, provided you do it in a concise and compelling manner.

The consequences of data loss and downtime can be dire, and it happens more often than one would think. Aberdeen Group has estimated that the average cost for an hour of downtime is approximately $163,000. For larger organizations, that cost skyrockets to $600,000. In 2014, DRBenchmark.org surveyed IT professionals and found that more than 36 percent of organizations had experience extended downtime of applications during the past year, with reported losses ranging from a few thousand to millions of dollars. Additionally, 20 percent indicated losses ranging from $50,000 to more than $5 million. Beyond the immediate financial impact of data loss and downtime, both of these events can result in a loss of customers, reputational damage and corporate liability, all of which carry long-term associated costs.

Data loss costs vary by industry and company size. Deployed technology (physical servers vs. virtual vs. cloud) and amount of data managed introduce additional variability. While there is no exact science to determine what data loss and downtime will cost your organization financially, some analyst firms, such as Enterprise Strategy Group, have created specific calculators to approximate downtime cost.

IT managers can use these tools to determine the estimated cost of downtime for their organization and then use that data to cost justify the data protection solutions in question. Is the downtime cost more than or equivalent to the cost of your data protection solution? If so, investing in the technology just makes good financial sense. And no CFO can argue with a solution that will save them money.

Support Your Argument with Optimization
To further drive home your argument for advanced data protection and business continuity offerings, demonstrate to your CFO how they can optimize capital expenditure (CAPEX), operations expenditure (OPEX) and productivity.

1) Optimizing capital expenditure

CAPEX are funds used to acquire or upgrade physical assets. Every CFO is focused on the optimization of capital expenditure as budgets are tight, if not fixed.

IT managers can convince CFOs that they are focused on optimizing capital expenditure for data protection by only buying what they need today. In other words, don’t buy ahead of your backup capacity needs, or look at hybrid cloud offerings that have extensions to third-party clouds to provide flexible capacity for additional retention. Purchasing a scalable backup solution will prevent you from spending a lot of money on additional backup capacity in the form of raw storage.

Another way to optimize capital expenditure is to make primary storage spending as lean as possible. There are many solutions on the market to meet this criteria – centralized storage, network attached storage (NAS), storage area networks (SAN) and cloud storage.

Cloud computing is a particularly compelling answer to reducing CAPEX since most cloud expenditures are billed as OPEX. By moving backups needed for regulatory requirements or long-term retention to the cloud, IT managers can purchase a smaller amount of local storage for backups and save CAPEX costs.

2) Optimizing operations expenditure

OPEX are costs incurred in normal business operations. Labor cost is often a large portion of OPEX. Depending on the industry, staffing can be as much as 80 percent or more of OPEX.

When giving your CFO the rundown of why your data protection solution is warranted, make sure to emphasize how it will save personnel time and reduce the company’s overall labor expenses. Data protection solutions that will save you maximum time and take up minimal resources are those that are: 1) radically simple to use 2) yet, comprehensive, all-in-one offerings, eliminating the need for IT to cobble together and manage disparate point solutions and 3) flexible, so you can respond to changing data center and data protection needs with ease and agility.

3) Optimizing productivity

Achieving productivity optimization goals entails drawing on both capital and operations expenditures. Effective data protection is measured using recovery point objectives (RPOs), or the amount of work lost as a result of data loss or downtime, and recovery time objectives (RTOs), the total amount of time it will take before employees can effectively use IT assets after a data loss event. Together, RPOs and RTOs define the amount of time – and work – that will be spent to recreate data in the event of an outage and disruption in business operations. Deployed correctly, data protection solutions should increase productivity through a reduction in operations cost when a data loss event actually occurs. And, if you select a cost-effective data protection solution, it will mean lower capital expense.

The Result is an Iron-Clad Business Case
There’s no sure-fire way to convince your CFO that data protection is vital to reducing the financial risk to your company. But, by using the insurance metaphor and a downtime cost calculation, and illustrating a plan to optimize CAPEX, OPEX and productivity, you will make a compelling business case. Most importantly, show your CFO that you understand the financial side of data protection, and they’ll have a hard time saying no. You’ll get the technology that provides you with peace of mind knowing data and systems are protected, and your company will mitigate risk – a win-win for all involved.

Dave LeClair is the vice president of product marketing at Unitrends.

 

Leave a Reply

WWPI – Covering the best in IT since 1980