Protecting An Organization’s Most Important Asset
There are four primary assets needed to effectively operate an information system – facilities, hardware, network and data. In the unfortunate event of a disaster, hardware and networks can be replaced, and facilities can be moved to a new location. In fact, with the exception of data, virtually every company system asset is replaceable.
Every organization has a core set of data which it depends upon to be there when needed. Whether it is payroll information, customer records, valuable research, financial records or e-mail files, all corporate data is valuable and vulnerable to loss or irreparable damage. Data loss can result from any number of factors, such as:
• Human error;
• Operating system or application software bugs;
• Hardware failure;
• Fire, smoke or water damage;
• Power outages;
• Employee theft or fraud;
• Man-made disasters such as sabotage, hacking or viruses;
• Natural disasters such as earthquakes or hurricanes.
Any one of these factors can cause data loss, and the results can be catastrophic. It can result in the loss of irreplaceable information or files that may take hundreds of hours and thousands of dollars to recreate. For today’s organizations, the loss of its most important corporate asset can have an incredibly negative impact in real dollars, lost opportunity, customer dissatisfaction, shareholder insecurities and overall corporate image. Regardless of the cause, data disruption and loss poses a significant risk for any business.
So what must companies do to preserve their data? To protect data, a corporation must have a plan that incorporates the following three components:
Backup: This is the process of copying important data and maintaining duplicate copies for restoration in case of data loss or damage. A variety of file versions are necessary to ensure that it is possible to restore the most recent usable copy of the data required. Protecting data backups off site is a necessary precaution for disaster recovery, and multiple generations of backups provide the ability to recover to a particular point in time.
Archive: Archiving involves copying disk file systems and placing the copy (usually on tape) into long-term storage. Archives create a legally acceptable business history and can also be used to free up hard disk space by allowing users to create an off line version of static data or files and delete the online copy.
Recovery: Recovery is the process of recovering from an outage or disaster. In off site vaulting of data, backup media is protected in a remote, secure location as part of the tape rotation scheme. This off site media is available for system recovery if the on site media is lost or damaged in a disaster.
Today, you don’t need to be one of the largest corporations in the world to have a best-in-class data protection strategy that incorporates all these components. Later in the article, we will discuss the newer options available to organizations today that don’t tax resources or budgets as much as the more traditional data protection solutions of the past. But first, let’s discuss how data protection is one aspect of ensuring a company’s long term viability – through business continuity.
Planning For The Worst
According to a late 2001 survey by Gartner, technology purchasing decision makers cite disaster recovery and business continuity among their top five priorities. Business continuity is the process of providing for the continuation of critical business services regardless of any event that may occur. This means ensuring continuity of an organization’s data, as well as its Web, database and file servers and all of its business-critical applications. A business continuity plan is a critical aspect of an organization’s risk management strategy and is instrumental to its survival, should disaster occur. A comprehensive business continuity plan will help:
• Protect and secure data;
• Shorten disaster recovery time;
• Improve organizational resilience;
• Reduce risk and exposure to loss;
• Decrease downtime;
• Enable compliance with regulatory and legal requirements.
The objective of business continuity planning and data protection specifically is to minimize the impact to an organization in the case of an outage, interruption or disaster. So the question remains, how do organizations deal with the new urgency around issues of business continuity and data protection? Are there any options available for companies that don’t have the resources of the Fortune 500 and can’t afford to have redundant systems or data centers? These companies may not have as many resources, but they have just as much to lose if their data is lost or their servers go down. For companies with an eye on the bottom line, managed service providers offer an alternative solution.
DR For The Rest Of Us
For businesses that don’t maintain large data centers or IT staffs, data protection and business continuity is often cumbersome and error prone. By some estimates, more than half of these 25 million U.S.-based businesses do not fully back up data or recover business data after a server crash.
Even companies that have data protection and business continuity plans in place often do not do an adequate job simply due to lack of resources. Many do not have sufficient IT staff to handle the various aspects of data protection to adequately prepare for disaster recovery. In addition, traditional batch-style, tape-based backup has been, and continues to be, a costly, labor-intensive process with frequent manual intervention and great potential for error. As a result, some organizations end up performing bulk server backup when they can, and store tapes off site even less frequently. In the event of an office fire or some other disaster, these companies are often left trying to recover their businesses using data that is weeks, or even months, out of date.
Advances in data replication and security technologies, combined with reduced bandwidth costs allow managed service providers to offer online backup, recovery and electronic vaulting services to businesses who have limited IT resources. Managed service providers offer data protection services remotely – including continuous online data backup, recovery and electronic vaulting. Unlike traditional methods of data protection where data is typically backed up every 24 hours at best, managed service providers offer continuous data backup, safeguarding an organization against data loss and helping them immediately recover and restore lost data in the event of a disaster.
By using a managed service provider, organizations still retain front-end control of their data protection operations, while handing off such burdensome back-end tasks as server backup and device maintenance, tape management and off site removal and storage. Other benefits of using a managed service provider for data protection and continuity include:
Simple and low-risk data removal: Data is no longer at risk of not being removed or mislaid during the removal process. A managed service provider utilizes low-cost Internet connections through a secured network connection to a backup server located in a protected off site data center vault, so data is automatically and immediately sent off site. Tape damage or mishandling as well as transportation issues are completely eliminated.
Safe and accessible data archiving: By using a managed service provider, data is never in an unsafe environment and is always accessible. A managed service provider addresses concerns over improper storage by protecting data off site in a secure data center.
Reliable data recovery: Problems surrounding recovery including reliability of restores, inaccessibility of current data and the speed of recovery, are eliminated by using a managed service provider.
Ease of manageability: Managed service providers allow customers to manage their data protection process through a personalized Web management interface, so they can view the status of their data and initiate recovery from anywhere – through any Web browser. While the service provider assumes responsibility and automates back-end functions, users retain overall control of their data protection by creating customized backup policies, checking status and initiating restore operations whenever needed.
Gartner estimates that two out of five companies that experience a disaster will go out of business in five years. Given the current world conditions and the volatile economic environment, companies today cannot afford not to have a data protection and business continuity strategy as part of their overall disaster recovery plan. With the new urgency surrounding these issues, managed service providers offer companies who may not necessarily have the resources of the Fortune 500, a solution that won’t overburden their internal resources or tax their budgets, but will give them the protection and reliability that they need.
Chris Midgley is the co-founder and chief technology officer of LiveVault, a leading provider of fully managed online data backup and recovery services.