• Home
• Articles Archive
• Features List

• Media Pack
• Contact Us
• Subscribe

FALLING THROUGH THE SAFETY NET

From STORAGE Magazine Vol 5 No 01 - January/February 2005

With the focus increasingly on compliance and the appropriate storage of proliferating data, is enough attention being paid to the backup and restore sequence? Ray Smyth reviews its place within a comprehensive storage strategy.

With so much attention being paid to compliance and security, is your organisation truly safe in its basic, day-to-day operations? A recent survey by Star asserts that the DIY approach to backup is blamed for one in four firms experiencing permanent data loss.

The burgeoning remit for storage is causing an inevitable blurring of the lines between activities embracing backup, disaster recovery and business continuity, and the new pressures, including compliance. With such a tough focus on improving corporate governance, is data backup being overlooked? In fact, it’s not about backup of data, as that is only half the story. It is about backup and recovery.

Taking care of data has come a long way. For many years, lobbing a tape in a streamer was the last thing the IT manager did before leaving for home. In the morning, the tape would be safely placed in a box in the back of the company car and the job was done. In general, no effort was made to verify the backup and a trial restore was not even thought of; it was very much a ‘going-through-the-motions’ exercise.

The data backup requirements of any organisation are determined solely by its needs; they are not restricted by the availability of technology or indeed driven by it. The choice is such that the precise solution your organisation requires can be built. Great! Well only if you REALLY understand the data needs of your organisation. Andy Maurice of Iron Mountain says that “using a service like their electronic vaulting can provide an organisation with access to the best advice, articulated in the right business solution”.

Among the choices to be made is the media type and this will depend upon your needs. Disks, in my view, offer a very attractive option. The price is falling as SATA takes hold and it is very easy to scale available storage with a SATA RAID, for example. Tape, however, offers something not currently available with disk – the ability to physically take data off site to a secure vault. Don’t ignore the security risk here, though. Inevitably, these are complimentary technology options. In considering the choices, it is just as important to consider the time to backup, as it is the recovery time objective.

As Jason Phippen of Brightstore points out, “something like 91 per cent of recovered data was created in the last 24 hours”. By spending some time reflecting on that, and allowing it to drive your backup and recover strategy, business alignment can be quickly achieved. As Phippen stresses, “the objective is to recover”.

The bank that backed up everything reinforces this; they had more than 800 tapes to search for one piece of data. This could take an unrealistic amount of time and certainly will not offer good service.

In the PDP (pre data proliferation) era of the last century, there was not much need to consider what to back up; the answer was everything. Today, as data is created at unprecedented levels, it would be folly to continue this. FOCUS; what are you trying to achieve? You want to be able to recover a system or part of a system after it fails. Your archiving and legislative requirements should be met within your compliance strategy, not backup. As an example, if you are backing up a transactional system, such as a CRM solution, you can improve recovery time through an incremental backup strategy. That is, against a backed-up base line or snapshot (perhaps every minute) of the changes you make. This means that, post an outage, you might restore just the last fifteen minutes of changes. Such a technique will not only reduce operational impact, but prevents duplicate data being stored, with the attendant benefits. It also provides an infinite backup window, as ‘live’ backup will not impact user performance.

In contrast with, for example, end user data, an equally intelligent approach can be applied. This is even more important when considering that some of this data may be held and created remotely. Again, the incremental approach allows two cells in a spreadsheet to be uploaded to a backup destination, as opposed to the entire workbook.

Brightstore’s Phippen adds that “a high volume of data is common” and consequently advocates the single-instance storage of such data which saves space, time and money.

In examining the requirements of your organisation, you must consider security. Two obvious areas are access and infection prevention. Modern backup solutions allow for data to be encrypted to backup, thus almost rendering the data useless to a would-be thief. In addition, operational process should ensure that all data is scanned and cleaned prior to backup. Who wants to introduce a nasty virus as part of a recovery exercise?

Modern storage solutions demand a comprehensive and high-function management solution. It is only management by exception that is going to work. It should ideally be capable of at least providing management data to your storage or network management solution, to indicate errors and policy breaches that require attention. If you take one step farther, backup is a service provided by IT to all lines of business, so what if the FD wants to be assured that the department’s month end has been successfully backed up?

In considering backup in a modern business environment, a reliable service may be more of an overhead that can be realistically justified. A modern approach to outsourcing may help, as it can satisfy all the objectives of security, restore time, integrity, etc. Such an approach cannot be executed as abdication, however. If anything, the need for a detailed strategy is more important, as it will be your single most important tool in managing your supplier.

Iron Mountain’s Electronic Vaulting (a disk-based service) is one such offering. “With 60 per cent of operational data being stored on a desktop or laptop architecture,” says Andy Maurice, “you cannot apply traditional methods of backup – this is an area of immense risk.”

This service operates on the incremental approach mentioned earlier. If, for example, there was a server crash, the service provider could restore the data of the last 15 minutes quite quickly, assuming the server can be restored to operation. This raises another important point on operational hardware; if the call centre CRM system is served from a single server, then it may be advisable to mirror it and back up from the mirror. This provides two platforms to which restores may be targeted, reducing the impact of hardware failure and expanding backup options.

Maurice points out that they help clients establish their backup strategy as part of their pre-sales service, which is vital to an acceptable outcome.

One further benefit of this service – and, I’m sure, more conventional solutions - is the ability of an end user to restore their own data easily, effectively, remotely and independent of scarce IT personnel. That sinking feeling of clicking ‘delete’ can now be a thing of the past with a modern backup solution. As you might imagine, Iron Mountain makes great play of its security measures and, for example, provides byte-level encryption, if required. The data is stored in a modern, highly secure data centre.

Deciding exactly what it is you call what you do is probably a semantic you need not worry about. Start with data as an asset – an information asset. You must fully understand the value of each data class to your organisation and its lifecycle. If loss of access to your call centre will cost you millions in downtime, any response must be that of disaster recovery and business continuity. You need to look at your data and assess the cost of loss or unavailability, and respond accordingly. Your strategy needs to protect your business and its stakeholders.

With the definition of data broadening in line with IP convergence (another proliferation driver), what should you back up? Well, put simply, that which your business cannot do without. But don’t forget about the non-data class of data, such as voice, video, image and sound. You probably don’t want to back up your staff’s MP3 files, but, if you are a hospital, you will want to back up CT images. Similarly, an IP-enabled call centre recording client calls will need to store and quickly retrieve calls accurately.

Sean Jackson of Backbone stresses the importance of selecting a solution that fits into your network architecture “and compliments it”. He also invites users to “back up more data with less technology”. Jackson also warns of large suppliers ‘giving away’ backup solutions - “they may back up, but will you get the solution and support your business needs?”, he asks. In considering an incremental approach to backup, you must also prevent the backup of the same data 20 times!

As part of a balanced strategy, you should schedule full and partial trial restores. Not many people do this, as they are afraid of bringing the system down. This is dereliction of duty. You have to know that your backups work and will allow your business to continue to function in the face of the most gruelling challenges.

Backup is not a necessary evil; neither should it be a knee-jerk reaction. It is but one component of a modern IT system and it is time to look at it in a new light. As Frederic Renard, of the French company Arkeia, points out: “Your backup solution must be robust enough to scale, smart enough to optimise use of available bandwidth, CPU, disk and tape and able to cope with ‘bare metal’ disaster - server down.”

If, operationally, backup has been the poor relation, the purchase by Quantum of the tape division of Seagate (Certance) and EMC’s acquisition of backup company Dantz would suggest the market is awakening.

In a nutshell, you must be certain that you can protect your organisation’s data assets and offer a realistic recovery service for all types of data failure and recovery.

Author Ray Smyth is from TBN ADVANTAGE, which mentors organisations to create leadership advantage in their IT, business services and customer management functions. He can be contacted at: RaySmyth@LeBiz.co.uk