Canada needs to back up on its back-up

You never know when trouble may hit — a freak thunderstorm could take out your data centre, or a hacker might infiltrate your infrastructure. The enterprise has caught on to the importance of backing up data, redundancy, and fool-proof disaster recovery plans, but when do you stop backing up? With storage capacity growing at around 50 per cent per year, it’s important to safeguard your data, but at what point does the cautious Cassandra become the overly Nervous Nelly?

Do you really need that?

“I don’t know if there is such a thing as too much back-up, but it’s what’s included in the back-up that’s the problem,” said Warren Shiau, a senior associate with the Toronto-based research firm, The Strategic Counsel. The trouble is, he said, that people tend to include static data in their back-ups, which leads to a bulk of non-changing information clogging up your system that could be safely shuffled off to an archiving solution instead.

“They haven’t segregated the data,” said Shiau.

Temptation is to blame when it comes to backing up too much. “As the cost of storage goes down,” said David Senf, IDC Canada’s director of security and software research, “companies figure, ‘Why not back up everything?’” This is reflected in the skyrocketing figures in the storage software market. According to Senf, the market will grow by eight per cent in 2007 (three per cent above the overall software growth rate of five per cent), raking in sales of $400-million.

But the key to the right amount of back-up is just storing active, in-production data, according to Shiau. That way, if a recovery is needed, the process won’t be slowed by reams of unnecessary data.

“You need to change some of your fundamental assumptions about what to back up. It’s important to challenge these assumptions,” said Rob Lunney, Western Canada district sales manager for Hopkinton, Mass.-based storage vendor EMC.

Classification 101 When it comes to making hard data choices, the Information Technology Infrastructure Library (ITIL) can come in handy, said Lunney. “It offers best practices for data classification,” he said. This is, in fact, an area where companies could set themselves apart from the competition. According to Senf, ITIL, heralded as the next big thing a few years ago, has yet to make a significant dent in Canadian storage practices.

Companies need to assign value to different information by studying where the information is, where it goes, what it does, and what the service levels are, said Lunney — and that it can be backed up appropriately, both in terms of frequency, amount and location.

Said Jon Bock, senior product marketing manager with Palo Alto, Calif.-based virtualization vendor VMWare: “People need to tier their requirements in terms of frequency. Constantly back up only things that are Tier-1 — things that will cause the business to suffer harm if lost.”

By moving non-critical information from Tier-1 to mid-range tiers, said Lunney, “you can save 30 to 35 per cent in storage costs.” Said Shiau: “You need to make sure you have active data requirements. Only things with lots of write overs and lots of recovery cycles.” And how do you ensure that static data doesn’t make it into your back-ups? Policies!

Crafting those pesky policies

There seems to be a lack of stringent data policies among the majority of Canadian companies, said Senf. “Most companies don’t have policies on what types of data to back up. Their governing policy is, ‘Well, back up everything.’”

Bock said that, to hammer out successful back-up policies, an IT manager needs to avoid falling for the “Oh, but I need that” excuse from workers when it comes to getting rid of their three-year-old e-mails or holding on to that Word memo from last week. A good guideline to follow, said Bock, is to consider what kinds of backed-up data have actually been retrieved in the past.

IT managers then need a firm sit-down with upper management and they should ask, “How much data can we afford to lose? How up-to-date do we need to be?” Also, factor in any compliance requirements you may have (finance, health care, retail, manufacturing, government and others).

It’s important to work with the business side of the enterprise to work out a healthy compromise on the money issue. Said Bock: “What resources do you have available? Here’s where there’s kind of a trade-off on what to keep. The potential money loss versus the cost of keeping the particular data.”

It’s also important to make sure you have a reliable (and relatively speedy) way to access all the different kinds of data and, Bock said, include regular trial runs in the policy: “Get your system up and running and take a look at it.”

Uh-oh A

ccording to Senf, very large enterprises and those governed by mandatory compliance often have a healthy back-up structure in place, but the majority of Canadian businesses, from the SMBs up to the enterprise level, are mostly backing up too much information, and the wrong kind (or sometimes, not enough). He said, “I don’t see Canadian businesses in general creating (back-up) policies; classifying data by value; establishing and enforcing policies that help distribute data to the right places at the right times; making backed-up data easily accessible; or archiving or disposing of it when they should.”

On the horizon

There are frequently emerging technologies nowadays that aid IT managers in their backing up of enterprise data. They include incremental back-ups, and de-duplication technologies, both of which aim for a smoother, more efficient process.

Virtualization is also giving back-up momentum as, Bock said, the technology allows you to back up the operating environment as data that can be installed on any hardware.

But, according to Senf, Canada’s data could be in trouble. In tandem with companies’ not classifying and selectively backing up data, the temptation of ever-increasing storage capacity at cheaper cost will outpace any new storage smarts. Said Senf: “I can only see it getting worse from here.”

Related Download
Revealing Security Performance Metrics Across Major World Economies Sponsor: BitSight
Revealing Security Performance Metrics Across Major World Economies
Learn how understanding the global cyber threat landscape can help evaluate the potential risks of doing business in certain nations in this report.
Register Now