Enterprise wide backup: a checklist
By Alexander Eiríksson, COO, SecurStore.
Data management is entering a new era. No matter the size of your organization, the cloud has suddenly opened a wealth of IT options. Storage is one such area being influenced by the cloud and arguably, it is the most critical part of any business today. A company without access to its data will struggle to exist which, as a result, pushes IT business continuity to the top of every IT department’s agenda. However, before a company jumps to the cloud, it is crucial that an enterprise-wide backup plan is initiated.
Understanding the technology behind online storage will help a company use the cloud to its full advantage and alleviate any fears or issues that might exist. Like any part of IT, poor planning and a lack of strategic thinking can result in a troublesome implementation and the company struggling to cope with data demands. On top of that, the market space is changing – backing up your data alone is not enough. It has to be secure, follow governmental legislation and fulfil compliance requirements.
So now the decision to trust the cloud with your data has been decided, what can you expect? We are being constantly told that online backup is safe, reliable, scalable and cost effective. These benefits are definitely convertible, but only if the enterprise actively outlines its backup plan to the provider. With data growing at an exponential rate and bandwidth constantly increasing in its capabilities, the cloud beckons all with its strong storage environment. Without the right thinking for current and future data requirements, the business’ critical documents, and itself, can be put at risk.
Planning for continuity
Let us take security as a jumping point – what does a business need to ensure is in place when constructing an enterprise-wide backup strategy? The first thing is encryption and ensuring that the data protection that exists is secure enough. This is especially true with the recent explosion in mobile devices and the potential safety issues that come with them.
For example, a competent plan will see the data compressed and encrypted (256-bit AES). A personal key is created by the business during the installation stage which the backup provider never knows. The only time data is unencrypted is in restoration at the business’ site. The cloud has enabled businesses to think of a world outside of their walls – knowing that remote data is as securely backed up as internal data is a great advantage for an IT department.
For data compliance reasons, the plan should also include a backup solution that has full certification to the ISO 27001 security standard. This should be in place across the organization and cover every data store once backed up online.
Automatic backups should be in place to ensure that the data held is of the most recent variety and if for some reason the data is too large for the bandwidth available, negotiating a LAN restore plan by the provider’s backup engineers should alleviate any connectivity roadblocks. Finally worth implementing is an in-depth classification of the criticality of the data to ensure if a restore does occur, only the most important data for business operations is initially restored. The rest can be scheduled for restoration at a later date.
Obviously it goes without saying that the data should be backed up to the cloud on high performance disk technology that is replicated to a failover site at another location. This will ensure that an enterprise is capable to agilely return to business in the event of a disaster. Complementing this is the ability to backup to any level of granularity that is required. This could mean a workstation’s entire registry or a network of machines – in contrast a single file or email is equally easy to protect. Laying out the exact backup requirements before implementing a system is crucial, especially for an organization that occupies multiple sites.
Supporting, not hindering the enterprise
Already mentioned is de-duplication which exists to prevent the unneeded storage of identical data. Having the option to move non critical data to alternative storage layers can also help backup expenditure as well as general storage efficiency. In the case of recovery, second tier storage does have longer restoration times, but because the data has already been defined as non-critical, this should not cause any major issues. It is also worth storing snapshots of the data for compliance reasons – these can be stored and replicated off-site for equal protection.
Every enterprise has different requirements. The number of company sites, workstations and amount of data requiring backup varies, but there is a common strategy that runs through enterprise backup plans. It needs to be automated, have fully certified security measures and overall, simplify the backup procedure. Without the above, network complications will arise, data inconsistencies will occur which in the end, can be damaging to the business. An enterprise wide backup plan does not have to be complicated; it merely has to be designed with the cloud in mind.
Author: Alexander Eiríksson, COO of SecurStore
•Date: 3rd March 2011 • Region: World •Type: Article •Topic: IT continuity