Companies of all sizes need to protect and access their data. But all too often they find themselves adrift when it comes to recovering data, pushed into a reactive mode that is not only costly and time consuming, but can jeopardize business. That said, businesses of all sizes should take a proactive approach to data protection to intelligently prepare for the inevitable recovery demand, instead of just hoping for the best.
Different approaches to be proactive
Small and medium businesses (SMBs) and mid-sized enterprises have some common issues. Both segments are threatened by data loss, both need to proactively address data protection and both find themselves trying to manage distributed data and remote offices. However, SMBs and enterprises have some significant differences. While it might be tempting to consider the operational issues, enterprises should focus on the strategic.
The enterprise: strategic planning
The two primary drivers for data protection in the enterprise are compliance and the value of corporate information. Compliance covers everything from regulatory compliance to industry compliance to corporate governance to litigation.
It is a company’s responsibility to save and be able to recover requested information quickly and completely. It is also required that a company can discover certain data to comply with requests, and courts look askance on any and all excuses and the consequences can be costly and severe. The business value of corporate information is immense in large businesses because if data has business value, it must be protected, discoverable and kept available.
With compliance and business value the primary drivers for protecting data, the enterprise must institute procedures and strategies for both short-term and long-term storage. Short-term storage represents the critical time period for newly backed up data, which should be kept immediately available and recoverable in case of data loss. Long-term storage covers disaster recovery requirements and archived data that must be kept protected and accessible for compliance and business reasons. Actual time periods will differ by the business and the nature of the data.
Short-term recovery
Short-term recovery should cover immediate access to backup tapes, reducing the recovery point, and using disk as the primary backup target instead of tape.
Keep 72 hours worth of data on disk. Operational recovery (recovery of deleted or corrupted files) is the name of the short-term game. It is prudent to keep 72 hours worth of backups on disk in order to reduce recovery time objectives for active data. Most recovery done by IT is performed on data that has been backed up in that 72 hour period. Once data ages past 72 hours, it can move to nearline or even offline media depending on its nature and access needs.
Reduce the recovery point objective. If the IT department is doing a nightly backup, then a data loss can lose up to 24 hours of information. Snapshot technology is crucial to reducing recovery point objectives and is capable of bringing the objective down to nearly zero through new technologies providing continuous protection. Not all applications need this level of recovery, and for some businesses a 24-hour recovery point is perfectly acceptable. But the more critical the application and more frequent the updates, the shorter the recovery point should be.
Use disk as the primary initial target. Some companies have adopted virtual tape libraries, which have the advantage of backing up at disk-based speeds without having to change tape backup procedures, policies and applications. However, virtual tape libraries store tape images, which negatively impacts individual file recovery. By backing up to disk (not virtual tape), companies are able to use disk’s considerable recovery advantages, including simultaneous multiple operations like reads and writes, faster access and granular recovery options instead of scanning through tape images. Changing over to true disk backup will take an initial investment of money and time, but disk’s tremendous advantages will in the long term trump any momentary inconvenience.
Long-term protection
Long-term storage covers both disaster recovery scenarios and long-term storage protection for compliance or historical value.
Disaster recovery might require adding distance via replication to a DR site or physically