What is a mission-critical application?
A mission-critical application is a software program or suite of related programs that must function continuously for a business or business segment to be successful.
Even brief downtime of a mission-critical application is likely to have negative financial consequences. In addition to lost productivity, a mission-critical app's failure to function may also damage the business' reputation.
Examples of mission-critical applications vary from industry to industry. For example, an ambulance company might consider an automatic vehicle locator app mission critical, but a plumbing business using the same software might characterize it as important but not essential.
Characteristics of a mission-critical application
An application is mission critical if it is essential to business operations. Mission-critical applications should not experience any downtime when end users are likely to use them. There are many possible mission-critical IT services, and the importance of various systems differs from ecosystem to ecosystem.
Architects, developers, testers, IT operations teams and other staff supporting mission-critical applications must value stability and availability. Example strategies for ensuring continuous operations include maintaining redundant copies of an application as well as the IT systems and data center infrastructure on which it runs; performing hot backups; and using duplicate staging and production environments for thorough testing.
Mission-critical vs. business-critical applications
By labeling applications and workloads, IT teams can prioritize each element of an application for updates, troubleshooting and maintenance.
Common labels include mission critical, business critical and low priority, but there is no widely agreed-upon critical tier list. An enterprise and a startup, for example, might categorize applications completely differently. Similarly, companies in one industry vertical might categorize more applications as mission critical than companies in another.
Unlike a mission-critical application, a business-critical application is important to a company's operations, but its failure will not prevent the overall organization from functioning at a basic level. A business-critical application outage hinders productivity or user experience, but not to the same degree as the failure of a mission-critical application. Users can turn to alternatives while IT restores service.
An extended business-critical application failure can cause serious financial losses for an organization. However, a business-critical system can be down for a small amount of time, such as a matter of hours, without seriously damaging the business or its revenue.
Noncritical, or low-priority, applications can remain unusable or at low performance after a failure for days or weeks with only a minor effect on the IT environment or business. Examples of noncritical applications include rarely used business applications and applications that simply make other tasks easier to accomplish.
Redundancy and support for mission-critical IT setups
When deploying mission-critical software, IT administrators must determine exactly what support is necessary to ensure the application can function under suboptimal circumstances. Businesses should evaluate their technical requirements for resilience and application availability, as well as their requirements for return on investment and cost.
For example, a server that supports day-to-day operations should have multiple redundant power supplies and backups. If a data center loses power, a backup power supply can keep all the mission-critical systems online with minimal interruption.
Depending on the company's budget and physical data center infrastructure, mission-critical applications require at least N+1 redundancy, where "1" represents an additional backup component. This number increases when more backup components are added to the system -- for example, two backup components indicate N+2 redundancy.
Copies of an application can provide the same kind of redundancy for mission-critical services. For example, a N+1 redundant server has an additional server configured to the same specifications as the normal application to take over the workloads if the app fails.
Frequent and automated backups ensure any mission-critical application's configuration and updates are preserved in the event of a service degradation or outage, thereby protecting applications from corruption or deletion.
IT administrators often tier their disaster recovery plans to prioritize restoring mission-critical applications. Admins might also choose to update mission-critical applications less frequently than lower-priority applications to reduce the risk of introducing potentially problematic changes.
Help desk support -- either 24/7 or 9-to-5 -- is another way to ensure the availability of mission-critical computing and applications. The designations 24/7 and 9-to-5 refer to work week hours for the help desk. Mission-critical hardware or software should have 24/7 help desk support, whereas less critical services might only require help desk coverage during typical office hours.
Cloud hosting for mission-critical applications
The IT industry is embroiled in a debate about the merits and dangers of hosting mission-critical applications in the public cloud. Although many companies use cloud storage to provide redundancy for their mission-critical apps, whether to actually host mission-critical apps in the cloud remains controversial.
This decision should be made on a case-by-case basis depending on the size of the organization, the perceived risks and the application specifics. The choice depends on many variables, including regulatory compliance, security, performance and availability. Regulatory factors to consider include government obligations or laws that restrict where applications and data can be hosted and stored.
Public cloud technology has matured in the areas of security, performance and availability since its inception. As public cloud service providers (CSPs) such as Amazon Web Services (AWS), Google Cloud and Microsoft Azure grow larger and increase their capabilities, the security of cloud hosting has become less of a concern.
In some cases, an organization can save money by relying on a CSP's security services rather than investing in specialized tools and staff. Some organizations prefer to control the entire IT infrastructure for mission-critical applications to ensure the availability of resources for optimal performance. Others turn to CSPs, specifying the capacity and scalability required while leaving the CSP to manage infrastructure and resources.
Another major factor for organizations thinking of moving their mission-critical applications to the cloud is availability, which refers to the CSP's ability to keep services up and running. Large public CSPs promise high availability -- over 99% uptime -- which might be superior to the capabilities of individual IT organizations running data centers. However, if a public CSP's services become unavailable, user organizations cannot resolve the issue.