Data protection/cyber security concept with lock

A Three-step Assessment Guide

Data is your company’s most valuable asset. Without it, you don’t have a company at all. Even so, many enterprises do not dedicate the resources needed to ensure their data protection strategy and solutions are covering them effectively. More often than not, I see considerable lag time between when enterprises invest in new technology and when they invest in an appropriate solution to protect it. This gap is a perilous window during which data is ripe for theft, corruption and/or loss.

Moreover, the continued evolution of IT infrastructure technologies, whether on premise or in the cloud, means that old-fashioned data protection approaches—such as streaming everything to tape—are now futile. IT organizations are rapidly evolving to increase efficiency through virtualization and on-demand capabilities, and to reduce administrative burdens through orchestration and automation. How does a business ensure its data protection solutions are effective and able to adapt alongside these new systems? It begins with a three-step assessment process:

  1. Evaluate what you have and whether it is working
  2. Map out business requirements and explore protection options that align to your objectives
  3. Analyze key components of today’s solutions in depth

While only three steps, assessing data protection and tools is a sizeable job. For that reason, I have created this three-step assessment guide to help evaluate the data protection you have, what capabilities you should consider and what you absolutely cannot forget.

Step 1. The Evaluation: Does What You Have Work?

As you inventory your current data protection solution, start by going back to the basics: SLAs (service level agreements). If you haven’t done so in a while, it’s time to re-evaluate and understand how your SLAs are tying back to your data protection schema. Here is how it’s done:

  • Ensure you have a complete understanding and inventory of the business’s current SLAs.
  • Map your business SLAs into applications and supporting infrastructure.
  • Define your application tiers, RPO (Recovery Point Objectives) and your RTO (Recovery Time Objectives).
  • Map your applications, and the resources behind them, into the appropriate application tier.
  • Define your application interdependencies to ensure that your recovery tasks are lined up to recover all infrastructure components needed to bring critical applications up.
  • Determine where your backup solution fits into your total protection or DR scheme. (Note: More often than not, if you have aggressive RTOs/RPOs for your Tier 0/1 applications, you are relying on some sort of replication as a first line of defense in the case of a major failure. Since a backup solution is typically only one piece of a total business continuity/disaster recovery strategy (along with some sort of replication), try to define the application tiers for which your backup solution is intended to be the primary means of recovery.)
  • Assess whether your current implementation of your data protection solution is meeting all of your SLAs.
  • If you aren’t effectively meeting SLAs, determine whether or not your current solution has the potential to meet them by utilizing it differently than you are today.
  • If not, it’s time for Step 2: exploring what data protection capabilities are available and right for your business and technology environment.

Step 2. Explore the Capabilities of Today’s Solutions

The essential core of effective data protection is a backup solution that offers rock-solid stability, scalability and fast recoverability alongside a cohesive DR workflow. However, to address rapid change and the complex challenges facing IT infrastructure today, data protection solutions can and do offer more, such as:

  • Intelligent backup – enabling automated, faster backup systems that reduce strain on the production infrastructure
  • Automation and integration – intelligent backup through integration with hypervisors and database workloads
  • Integration points into cloud providers – delivering access to cloud providers for lower cost offsite storage or utilizing the cloud for DR
  • Instant restore – ensuring a business is quickly back on its feet
  • Cost containment – reducing cost through intelligent deduplication
  • Simplicity – moving towards convergence of HW and SW to create a singular solution covering all facets of IT infrastructure and eliminating point solutions
  • Self-service – deploying VM admins and DBAs to manage backups and restore while still allowing control and visibility for the backup admin
  • Snapshot integration – rapidly protecting assets but also enabling backup and cataloging of those snapshots onto secondary storage
  • Data analytics – helping businesses manage data more efficiently by identifying stale and duplicate data to reduce unnecessary business costs
  • Simplified architecture – leveraging web-scale platforms that use building block methodology to enable powerful scalability in a more efficient, simplistic manner
  • Copy data management – utilizing backup images to quickly spin up space-optimized, golden copies, empower developers with data access and eliminate resource- and cost-draining multiple full copies of data

At this point in your data protection assessment, it’s important to determine which of these features are important to your business and which are nice to have. Not every solution will offer every capability so build a list of what you need, identify strong options and then move on to Step 3 where in-depth solution analysis is required.

Step 3. Analyze Specific Features in Depth    

Once you have determined the essential capabilities and features needed for your data protection solutions, it’s time to take the analysis even further. Again, core competencies such as stability, scalability, recoverability, and high availability should be at the very top of your list by default in evaluating a data protection solution. We won’t delve into those features further here, but they should definitely be vetted. Your list of additional features to investigate further will vary based on your business objectives; however, two areas we often see businesses exploring are automation and cloud.

  • Automation considerations – For most solutions today, deep integration at the hypervisor layer is table stakes, which provides automated and efficient VM protection. Ensure you’re utilizing hypervisor-based backup methodologies, which will reduce strain on your infrastructure by:
    • Intelligently transferring only dedupe blocks that have changed
    • Reducing your administrative burden through automated discovery and protection of VMs
    • Improving recoverability by allowing you to instantly restore a whole VM or granularly restore an object or file within a VM
    • Getting you out of the game of putting an agent on each VM like you would a physical server

It’s also important for data protection solutions that are effectively stretching automation beyond just protecting VMs. Many solutions now are automating protection of databases like SQL and Oracle. Instead of having to manually ensure you’re placing new database instances in a protection policy, they utilize intelligence between the backup application and databases to automatically protect new instances. This will reduce risk and administrative burden at the same time.

  • Cloud considerations – Most companies are looking to utilize the cloud in some fashion, whether public, private or hybrid. If that is the case for your business, make sure your data protection solution integrates well with the providers you’re looking to utilize and the way you’re looking to use the cloud. If you’re looking to utilize the cloud as a place for your secondary copies of data offsite, make sure your solution has the appropriate plugins to utilize cloud storage effectively (space optimized) and intelligently (send only changed blocks to the cloud). If you’re actually running workloads “in” the cloud, that operation needs to be protected as well. Choose a data protection solution that can effectively protect your cloud workloads.

When it comes to leveraging the cloud as a secondary DR site, it’s important that you understand not only how a solution gets data up to the cloud but also what the recovery scenario looks like once in the cloud. It’s critical to investigate how the solution effectively handles restoring VMs into the cloud to run your workload in a DR scenario and how you convert back to running on premise.

Protection Is Complex, but Critical

Data protection is complicated, but for very good reasons. At some point, every business will have a loss or corruption of data, a ransomware incident, or an infrastructure mishap that could drastically effect operations and productivity. Data protection is not a costly insurance policy that doesn’t really “give back.” It’s an essential operational tool of the digital age and one you must select and implement with care. The work you do today is essential to creating a data protection solution that can support your business as it races into tomorrow.

To learn more about data protection assessment and solutions, contact IDS.