Before You Store Your Data, Think About How To Get It Back

Think About Data Backup

Data backup and storage is the IT equivalent of tidying up at the end of the day. Putting all your information away neatly so you know it is accounted for, secure and easy to find again. An unlikely topic, you would imagine, for strong opinions and lively debate. Yet that is exactly what it has become ‒ and for good reason.

Every day more data is handled by more employees who are spread across multiple locations and use a variety of devices. This increases the vulnerability of information. The solution for many organisations is to implement a centrally controlled data back-up and storage plan from the range of options available.

And this is where the debate can become heated. In the red corner are the cloud converts, those who are quick to point out that ultimately all hardware-based backups will fail, and that nothing offers the same storage capacity, flexibility and ease of access. Over in the blue corner, we find those who approach the cloud with more caution. They can point to a growing evidence base such as the recent Symantec study that shows 68 per cent of companies have been unable to recover data stored in the cloud, and to the fact that Forrester urges companies to back-up all cloud-stored data.

The reality of the workplace is complex. IT departments need to prioritise limited budgets and work with legacy IT infrastructure as they build confidence in the security and benefits of an established cloud provider. In many cases this leads to a hybrid data back-up and storage system that include onsite servers for the most active, business critical or confidential information, and securely stored offsite tape and disc as well as the cloud for less essential or dormant data.

The result is tidy, cost-effectively managed and protected information and an IT team released to add more value elsewhere. At least, that is, until employees start asking for data they have lost or can’t access. The effort required to meet these requests has caught many IT professionals off-guard.

Earlier this year my company undertook a series of in-depth interviews with senior IT professionals in France, Germany, the Netherlands, Spain and the UK. The conversations revealed that some firms are witnessing year-on-year increases of up to 60 per cent in demands for data retrieval, as employees try to find documents they have accidentally deleted or misfiled, or they want to view access-controlled, centrally stored business data.

Getting the data back can be frustrating (particularly when the creator can only vaguely remember what the subject or content was), complicated and time-consuming, and sometimes requires the involvement of an outside expert. For example, in businesses where data represents a significant competitive differentiator and demands for confidentiality are high, such as those in the pharmaceutical sector, employees are not allowed to keep business information on their PCs but have to formally request access to the data, which is then given on a time-limited read-only basis. This can result in a flood of daily retrieval requests.

Not all retrieval requests are internal. A growing number of requests are external and related to eDiscovery for legal, compliance and law enforcement purposes. Failure to retrieve and present the required data quickly is simply not an option.

Companies need to ensure that ease of data retrieval is factored in to their overall backup and storage plan. The best approach is a tiered one, with information ranked from records that are likely to be requested frequently, such as customer data or patient records, to those which may be required only once if at all, such as insurance policies. The former can be stored on servers close at hand, while the latter can be clearly indexed and stored off site, perhaps with an external provider, for rapid retrieval if required. This blended approach will maximise the benefit to the business while minimising the impact on IT resources and the risk to data.

Tidying data away and getting it out again may seem peripheral to the exciting things you do with the information once you have it – but if you don’t get those two stages right, the bit in the middle can’t happen either. Backup, storage and retrieval is as business critical as the actual data.

Christian Toon 3

In his role as head of information risk at Iron Mountain, Christian Toon is the functional lead responsible for developing and implementing information assurance policy standards, goals and strategy within the private and public sectors, so that the confidentiality, integrity and availability of customers’ information assets are preserved. He has a wealth of experience in the industry, having previously held the role of compliance and information security manager at Iron Mountain.