Putting Data Protection In Its Place

Data Safe

The modern business is an always-on, 24/7 enterprise with workers dispersed across multiple locations. This has driven the need for modern IT services which, thanks to the advent of the cloud and IT-as-a-Service, can be delivered at any time to anywhere. It has also pushed the development of the modern data centre needed to power these services. Yet most of all, it has made starkly clear the fact that business continuity and protection of data in the modern world has to evolve.

Data protection as it stands has traditionally been built with the 9-to-5 business in mind. Whilst avoiding unplanned downtime during opening hours is crucial, the IT department would have available windows in which to fit any planned downtime. For instance, data protection and management processes to ensure business continuity could be carried out in a wide window; whilst the IT team could also implement and test upgrades without significantly impacting the business.

Out Of The Limelight

Simple data protection processes such as backup and recovery used to be seen as the final piece of a project. Something that would be last on the list in the planning stage, if it was included at all; and otherwise simply bolted on when the project is complete. Now that businesses are migrating to always-on datacenters for the next generation of business, it’s essential that organisations have a robust understanding of what they have and a rock solid ‘copy’ of their existing environment before they commence migration. If this vaulted as-is environment can then be used as the basis for migration planning – even better.

You need to be able to test and plan against ‘as-is’ to ensure that ‘to-be’ will be effective for your organisation. It is no longer the case that downtime, whether planned or unplanned, won’t have a direct effect on essential services. This, in turn, has changed the importance of data protection. From replication to backup and recovery, data protection and business continuity is crucial to the success of a modern business and needs to be one of the first considerations of any IT project or strategy.

Proper Planning Prevents Poor Performance

When implementing data protection as part of an IT project, there are many considerations to deal with, beyond choosing which backup and recovery solutions to use. To begin with, at the outset of any project four questions must be asked to identify the risks involved:

  • What would be the effect of services failing? If implementing a new email service, how would it impact the business to be without email for minutes, hours or even days?
  • What costs will data protection save? While preventing unplanned downtime is difficult to quantify to decision-makers, IT departments can demonstrate how a modern data protection strategy can also reduce planned downtime, proving data protection’s worth.
  • What is the maximum downtime the business could survive? What is the absolute worst-case scenario and what should a data protection plan be designed to prevent at all costs?
  • What is the maximum planned downtime that you will accept? For most modern businesses, this should be near zero but it is vital for setting SLAs and benchmarks for the business as a whole.

Reducing The Risks

Once an organisation has answered these questions, it will have an understanding of the risks facing an IT project, the benefits data protection will provide, and the level of performance it needs. With this information, it can build a data protection and business continuity policy into its IT project. More practical considerations will take over, which can be broadly split into three. First, there is how to minimise downtime. The team should be clear on the acceptable Recovery Time Objectives (i.e. how long downtime will last) and Recovery Point Objectives (i.e. how much data could be lost) for each part of the infrastructure behind the service.

It must then decide how much of that infrastructure will be replicated, in the event of a disaster, and how much will simply be backed up; increasing the chances of longer downtime and permanently lost data. In all cases, the team should ensure they are using techniques designed for modern data centres and IT services that can guarantee as near to 100% uptime as possible. Second, the team should consider how reliable its data protection is. Organisations should be able to validate each backup to ensure it is recoverable: after all, data protection is worthless if, when push comes to shove, the data cannot in fact be recovered. The strategy should also include unplanned downtime in its considerations.

For instance, how can an organisation avoid disruption when it needs to test and implement software upgrades? As virtualisation lowers the cost of IT infrastructure and storage costs fall, creating a separate, testing infrastructure could be one way of making sure that upgrades don’t cause more downtime than actual outages. Lastly the organisation must decide where it places its backups, and in what format. Do they stay on-premise or are they safer off-site? Are they in a private cloud; on public cloud storage; or is the backup itself operated as a service? Is legacy storage, such as tape, being used in any capacity?

Has the organisation considered a worst-case option and allowed for, essentially, a backup of its backups as a final failsafe? Again, the falling cost of virtual infrastructures and storage can make this a valid option. The final decision will depend on the individual enterprise and its overall needs and strategy; yet is no less important because of that. Whatever an enterprise’s answers to these questions are, the most important thing is that data protection becomes an intrinsic part of its IT strategy for each project. Without this, it will never be able to use modern IT services from a modern data centre with 100% confidence.

Ian Wells is the Regional Director for Northern Europe at Veeam. Ian is responsible for all aspects of Veeam’s business across the UK, Eire, Nordics, Benelux & Southern Africa. Prior to joining Veeam, Ian was at EMC where he held the role of regional sales director for UK and Ireland. In his previous role Wells was responsible for a specialist sales team offering data protection and unified storage solutions. Prior to this he held senior sales positions at companies including Attachmate, Mediapps, Lizardtech and Neon Systems.