Disaster Recovery Journal- Volume 18, Issue 4 - Fall 2005 Issue -Business Continuity Conundrum

Return to the
Fall 2005 Issue

DISASTER RECOVERY
JOURNAL

P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276
Fax: (314) 894-7474
Internet www.drj.com
E-mail drj@drj.com

PUBLISHER &
EDITOR-IN-CHIEF
Richard L. Arnold, CBCP
richard@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

MANAGING EDITOR
Jon Seals
jon@drj.com

COPY EDITORS
Richard Sandhofer
richards@drj.com
Pamela Clifton
pamelaclifton@hotmail.com

ADVERTISING
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
mercedes@drj.com

CIRCULATION
Laura Baugh
laurab@drj.com

EXECUTIVE COUNCIL
Jeff Dato, MBCP, KPMG
John Jackson, J Albright Advisors
Edward Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting
Pat McAnally, SunGard Availability
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard

INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity
Phone: 0161-237-1007
thomh@tempus.demon.co.uk

Australia: Anthony J. Harvey
Journal of Business Continuity
Phone: 0011-613-953-0055-8
fax: 0011-613-953-0528
sector@notability.com.au

Japan: Shinji Hosotsubo
Quake Japan Co., Ltd.
Phone: 03-3215-2880
fax: 03-3215-2881

Brazil: Jose Carlos Ferreira
Disaster Recovery Mercosul
Phone: 55 11 3666-9506
conc2000@uol.com.br
www.drms.com.br

Click Here for a Printable Version

Business Continuity Conundrum

More Data at Risk with Less Time for Protection and Recovery

By VICKIE MALIS

There are two types of companies. Those that have already experienced a serious data loss and those that will. It’s just a matter of time.

Unfortunately, most companies think their existing data storage and back-up plans will protect them from massive data loss. Too often companies are caught unprepared or unaware of a hole in their process. When faced with data loss or corruption, the back-up archive is one of the most appreciated and loved objects in the entire universe. However, if backups only extend to the perimeter of the enterprise data center, a rude awakening may not be far off.

While we suspect this is true, we’re still faced with a perplexing problem: We’re now being forced to go beyond tradition enterprise data center backup – capturing users files on PCs, file servers, and various other forms of distributed and unstructured data – but we haven’t necessarily been given more resources or more time to do so. Effectively, we have more to do and less time to operate in to be sure our organizations can fully and quickly recover from a data-loss disaster.

Faced with this conundrum it’s especially important that to understand some of the problems you face in protecting and recovering your organization’s harder-to-capture-and-restore information – not the data in the enterprise data center – it’s safe to bet you’ve already got that covered. We’re referring to your distributed data. The vital, yet mostly unstructured information stored throughout the company on employees’ laptops and desktop PCs, and on distributed and remote file servers. Thanks to new corporate governance and more comprehensive disaster recovery plans this typically harder-to-capture-and-restore distributed data now must be considered and covered by your backup and recovery processes.

What follows will help you understand the problems you face in making distributed data – PC data in particular – part of your recovery capabilities and give you a sense for what to look for in a comprehensive solution.

All Important Data is No Longer Centralized
Corporations have steadily moved critical applications and data from the mainframe to servers and now to desktop and mobile PCs. Key revenue-generating employees are increasingly reliant on PCs as the primary tool for productivity in their jobs and are constantly creating information assets that only exist on those PCs. At every company, from the smallest SoHo to the Global 2000, as much as half of vital data is stored on individual PCs, with little or no formalized or automated protection.

In addition, according to industry reports, the rate of failure for laptops is as high as 20 percent in the first three years of use and every year insurance statistics show that about 10 percent of all PCs are lost or stolen. When a PC fails, especially a mobile worker’s laptop, user productivity can be halted for days until it’s restored. Furthermore, the total cost of ownership for a PC now has companies spending thousands each year to keep a single computer operational. With mobile computing use on the rise, IT staffs are facing heightened pressure to provide support solutions for remote workers. Without the PC (whether lost, stolen, or compromised by a virus or corrupted file), employees are unproductive and companies lose money.

Given this information, the operational importance of PC availability and data integrity is clearer than ever, yet most companies do not have an automated information protection and recovery program for their employees’ PCs and laptops. In a sense, PC data protection is often the overlooked stepchild. Not addressing the issue means that a company is setting itself up for a data-loss disaster.

If there is no PC-centric disaster recovery plan in place, a relatively common PC problem such as a corrupted file or virus strike could mean the loss of months of work and hundreds of key documents. Companies need technology solutions that will get them back up and running as quickly as possible. Lost time and lost data means lost productivity and reduced ability to generate revenue. Smart, successful companies have paid attention to this and are intensifying their efforts to keep PCs running, while at the same time protecting the valuable corporate information that resides on these important devices.

How Are Enterprises Protecting Their Most Valuable Asset?
Unfortunately, many companies think they’re fully protected by asking employees to save to the server, or by backing up data via some local medium (like zip drives or CD-ROMs). While these solutions can work, they have significant drawbacks. Research shows that employing a voluntary backup system for user convenience is not enough; users will not make regular or sufficient backups. They simply don’t take the time to save to network servers or local media, and the critical information in their files isn’t being backed up, setting the stage for a large-scale data-loss disaster. In the past, companies have adopted the following precautions to keep their data secure:
Backing Up to a Network Drive
This policy-based system requires users to place their important data on a networked drive where a copy of all user files resides on a server. This process can be semi-automated by telling users to store data in specific folders such as “My Documents” and backing that folder up. While this is a means of protection, it requires users to change their behavior, which rarely happens. Also, if the user does not put the stored information in that specific folder, it will not be protected in the event of a disaster. While this process can protect some of the data that exists on PCs, it has been almost universally ineffective at protecting all vital data.
This situation can be improved when organizations automate the process of file server backup, but this alone isn’t a comprehensive approach. A combination of automated PC and server backup is the only way to reliably protect and recover the vast majority of users’ distributed data.
Personal Backup Devices
Other organizations have attempted to manage this data security process by supplying their employees with zip drives or other personal back-up devices. This works when a user remembers to manually initiate the backup by inserting the tape and starting the backup application, followed by managing and archiving their individual tapes. This is highly inconvenient for the mobile user as they must carry additional equipment such as tape drives, tapes, and connecting cable. Most users only take one copy and often store it locally, leaving them vulnerable to physical disaster and theft.
Most enterprise information, security, and disaster recovery plans are woefully inadequate with respect to distributed data protection. While many organizations have implemented server backup/recovery processes, desktop/mobile backups are not as universal, leaving companies exposed to the possibility of significant data-loss disasters.
An effective automated PC or distributed file server back-up solution will offer the following capabilities:

Completely Automatic Backup – Backup software that finds and transparently captures data on each PC or file server. Users need a system that reduces, encrypts, then efficiently transmits and stores the data on a central server – all this without user intervention or interruption.
24/7, 365 Access – In today’s mobile culture, it is important for users, especially mobile or remote workers, to be able to retrieve files via any Web browser, resulting in anytime, anywhere access to important data. This is especially important in the face of a disaster.
Self-Healing – Automated PC or server self-healing can eliminate data, application, registry, and system configuration problems due to virus, corruption, or any other reason, in real-time.
Maximize Storage and Bandwidth – Back-up solutions must maximize storage by copying only new or changed files rather than those already protected and unchanged. This also should dramatically reduce your back-up times.

The best back-up solutions are automatic, secure, and extend beyond the server to include distributed data stored in enterprise PCs. A successful desktop/mobile PC data protection solution will protect a greater part of a company’s information, reduce the drain on IT staff, maximize the use of a company’s storage capacity and bandwidth, and increase employee productivity by giving them a simple, quick way of accessing data, any time, anywhere.

If executed properly, you absolutely can protect more data in less time and make your business continuity conundrum a lot less complex in the process.

Vickie Malis is vice president of product management for Iron Mountain Data Protection. Her role includes shaping Iron Mountain’s portfolio of PC and server backup and media vaulting services. Iron Mountain is a worldwide leader in records and information management.