Earlier this month, I posted an article about data loss due to natural disasters. With the impending Hurricane Earl paying New England a visit this evening, I figured now would be a great time to reiterate the importance of having a backup disaster recovery system in place.
Although the major cause of data loss is due to human error combined with the fact that naturally occurring disasters only account for roughly 3% of all data loss; it is important to note this form of data loss is the most severe.
Lightening Doesn’t Strike Twice
Park Oskar, a freelance writer for StellarInfo.com, posted an online article in September of 2006 profiling the different types of non-human data loss. He recommends keeping data in an offsite backup as it is “statistically unlikely for natural disasters to occur in two locations simultaneously.
Utilizing the Cloud (No Pun Intended)
Oskar’s article was published four years ago. Since then, the Cloud has become a viable option for seamless offsite data backup. As part of your organization’s Backup Disaster Recovery (BDR) program, you can set up a Cloud to send data offsite continuously.
One of the major benefits of utilizing the Cloud is that it can be accessed anywhere via an internet connection.
Always Be Prepared
So say for instance (Worst Case Scenario here) Earl’s winds damages your office. Some of your equipment is ruined and you can’t work in the office until repairs are made. Luckily because your data is backed-up in the Cloud, you can access the Cloud from your home computer and within minutes, it is business as usual.
Again, even though the probability of losing data due to an “Act of God” is incredibly slim, the aftermath of such an event can be detrimental to an organization. In this case, it is better to be safe than sorry.
Store Non-Critical Data For Less Using Reduced Redundancy
One of the biggest players in the cloud computing industry is Amazon Web Services (and yes - they are related to the other "big" Amazon.com). One of their flagship products, Amazon Web Services Simple Storage Service (Amazon S3) is a public cloud data storage system. Recently, Amazon launched a new lower-cost option called Reduced Redundancy Storage (RRS) making an already flexible storage system, even more scalable for customers.
RRS enables customers to lower costs by option to store their data at lower levels of redundancy than in the standard S3 version. Due to the fact that RRS stores objects on multiple drives and that it doesn't replicate objects as often as the standard S3, it is even more cost effective.
Using RRS
RRS is not an option for critical data, but for excess files that need to be stored for compliance or archival purposes. Examples include: old CAD files, completed project data, or even document scans. Anything that isn't mission-critical can be stored (at a lower price point) using RRS.
Alexander Straffin, a Senior Help Desk Associate and Virtual Infrastructure Manager at NSK Inc,
If there is one thing I've learned from being in this industry, it is that there is no such thing as a "one size fits all" solution. Every company has its own set of specific needs and challenges. Amazon knows this, and their awareness is evident with the release of this option. They are certainly heading in the right direction by adding levels of service, and degrees of redundancy. It enables us, as IT service providers, to offer more versatile technical implementations while keeping recurring costs down. The majority of our clients don't need such high levels of redundancy with their data. Our clients tend to care much more about their bottom-line. A 30% reduction in monthly costs is VERY attractive, especially since their SLA remains the same. I feel there will be a lot of businesses that will opt for RRS
2009 Data Loss: Overlooking Important Points When Viewing Statistics
The end of a year is a time to look back and reflect on positive and negative incidents that have occurred in the past 12 months. Some people make a more general, qualitative assessment about performance, and others look at hard numbers and come to conclusions that way. Although there are many different ways of analyzing performance, it is important to ask yourself if the paradigm you’re using to assess improvement in any situation is hiding another truth. This applies all business matters, but right now we’ll focus on business IT. To demonstrate this concept, we’ll use the following example.
This year, as far as the number of data breaches is concerned, may seem like an improvement when we view last year’s numbers (2008). However, as Andy Greenberg points out in Forbes.com's November 24, 2009 article, The Year of the Mega Data Breach, it’s superficial to assume that data loss has decreased this year. This is a great observation. This is mainly because, according to Greenberg, “the number of personal records that were exposed [in 2009]--data like Social Security numbers, medical records and credit card information tied to an individual--that hackers exposed has skyrocketed to 220 million records so far this year, compared with 35 million in 2008.”
Forbes notes that the statistics at the Identity Theft Resource
Center indicate a 50 percent drop in overall data breach incidents since last year. Now here is the important part: This percentage refers to the number of events, NOT the
amount of personal data affected.
It’s important to be aware of the assumptions made based on the more obvious statistics in any situation. Sometimes you have to dig deeper for meaning in those large statistics and analyze the wording. Ask yourself if the words used to describe a statistic lead you to believe something other than getting at the core of whatever issue you face.
This post is in response to Forbes.com’s 11/24/09 article, The Year of the Mega Data Breach,
by Andy Greenberg.
Written by Melissa Cocks, NSK Inc.
Data Backup
It is not a good day at work for you when you realize you have lost an important document that you worked on for hours, or when you realize your hard drive has been completely wiped out. The importance of data backup may seem a bit repetitive at this point, but it does take more effort to replace the data once it is gone than it takes to back it up.
First off, you should have a backup schedule. You should also think about how you’re going to implement it. Will you hire someone to do continuous backup for you? Maybe you’ll just use backup tapes. Backup tapes may seem like a perfectly fine idea to you, but you need to keep in mind that if a disaster strikes on site, no electronic device will save your data unless it is in a remote location.
Continuous backup is a process by which your data is constantly backed up by frequent ‘snapshots.’ Remote backup
is a process by which your data is maintained off site without having to manually transport your data. Manual transportation has proven time and again to be an unsafe measure. You may want to consider continuous remote data backup for your company to ensure the best security of your information.
Other measures to take include keeping your computers in cool, dry, areas that are free of dust. Use a generator – if there’s ever a power outage, you want your computer to stay on so that data doesn’t disappear because you didn’t get the chance to save it. In addition, antivirus software is essential for keeping your computer’s system healthy and decreasing your risk of losing data.
Written by Melissa Cocks, NSK Inc.
Summary
A recent study discovered that, of companies experiencing a "major loss" of computer records, 43 percent never reopened, 51 percent closed within two years of the loss, and a mere 6 percent survived over the long-term[1] For small and medium-sized businesses (SMB's) in particular, these statistics suggest the necessity of crafting a Business Continuity Planning (BCP) strategy grounded in a robust data backup and recovery solution.
Unlike enterprises, many smaller companies cannot afford optimal in-house strategies and solutions in service of BCP. These companies are consequently at an elevated risk of being put out of business due to any major loss of data. Loss of data could mean emails lost, accounting data lost, patient or client files lost, company records lost, client legal records or orders lost and so on. This white paper evaluates the scope of BCP for smaller companies, by examining their challenges, range of existing solutions and their drawbacks. We'll also discuss how our solution overcomes commonly faced challenges to offer the most comprehensive solution out in the marketplace.
Business Continuity Planning for Small and Medium Size Businesses
BCP is the blueprint for how businesses plan to survive everything from local equipment failure to global disaster. Data-oriented BCP, an indispensable component of business planning regardless of organization size, poses the following challenges. Smaller businesses generally lack the in-house IT resources to achieve these demanding planning, technical and process requirements. Therefore, many SMBs either neglect to implement any data-oriented business continuity plan or else approach data backup and recovery in a sporadic, rudimentary fashion that fails to conform to the best practices of BCP.
Understanding the risks of not having a plan in place:
- Understanding Regulatory Compliance requirements in your industry. Regulations such as the Healthcare Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA) and other laws- state and federal.
- Understanding how to mitigate the risk of losing vital business data, such as customer records.
- Being aware of the environmental hazards that the business infrastructure is exposed to due to your geographical location.
- Estimating time it would take to build the business back if disaster strikes without having any BCP in place.
- Understanding ROI for having a BCP in place.
Technical Challenges:
- Identify the lowest-cost, highest-performance data backup medium (tape or disk) based solution and keeping abreast with the latest and greatest in the industry.
- Ensure that all backed-up data is encrypted and otherwise safeguarded from theft.
- Ensure that backed-up data can be restored to different kinds of hardware.
- Ensure that data backup continues even during active recovery phases.
Operational Challenges:
- Identifying what data to back up.
- Identifying how frequently to back up and related costs and ROI.
- Retain the ability to recover not only the most recent data, but also data from older time horizons, such as past quarters and years.
- Retain the ability to monitor and manage the integrity of ongoing data backup processes so that backup failures can be diagnosed and remedied before adversely impacting the BCP lifecycle.
- The need to hire Staff who can understand, design, implement and keep a BCP running 24/7 and be available to get business back in action after disaster strikes.
Traditional Solution vs. Emerging Technology
Implementing a data-oriented BCP strategy first requires designation of a specific data storage medium. Magnetic tape and disks are the two leading media for data backup storage. While magnetic tape is currently dominant, analyst Dave Russell of Gartner believes that "Recovery will move to online disk-based storage in the future. This will cause a major shift in the backup market during the next four to five years."[2]
Smaller Companies in particular will benefit from the shift, as recent advances in design and manufacturing lower the total cost of disk-based storage in terms of storage per bit. Falling prices, combined with the various performance advantages that storage industry analysts cite, render disk increasingly attractive. Gartner Group highlights the suitability of disk for these organizations by explaining that, "The need for high-performance online recovery of data, combined with the availability of low-cost disk arrays, has influenced enterprises and small and midsize businesses to adopt a disk-based approach for backup and recovery."[3]
Tape, in contrast to disk, is physically delicate and easily compromised by environmental factors such as heat, humidity, and magnetic interference. Moreover, tape cartridges must be replaced frequently (every 6-12 months). Tape's innate sensitivity contributes to high failure rates, with analysts estimating that anywhere from 42 to 71 percent of tape restores fail. Even when magnetic tape backups are successful, tapes themselves are subject to loss or theft, and may be in the possession of an employee or vendor unable to reach a recovery site. Thus, even when physical backup and restoration processes succeed, tape may not prove to be as timely and appropriate a medium for data storage as disk. Time is a crucial consideration because each hour of server, application, and network downtime endured until data restoration comes at a high cost, especially to smaller businesses.
Analyst Jon Oltsik of Enterprise Strategy Group also points out that tape is seldom encrypted, compounding the destructive impact of tape theft: "Very few people encrypt backup tapes, which means that they rely on the security of the backup and off-site rotation process."[4] Magnetic tape encryption, unlike disk encryption, has historically been too costly for all but large enterprises: "Encryption of any data that is leaving the security of the data center, in transit, has always been an option, unfortunately, a very expensive option," explains Clipper Group.[5]
Disk offers not only lower cost encryption but also other advantages. In contrast to tape, "disks are more durable, last longer, withstand more overwriting and you don't need to clean any heads," according to Rinku Tyagi of PCQuest. Additionally, "When it comes to backing up using disks, they are easier to manage. Disk backup systems include management tools, often browser-based, for you to easily configure settings and check status from anywhere."[6]
HP enumerates other advantages of disk storage, noting that "Data is backed up to disk much faster than tape, which translates to less impact on production server availability. Disk is also a more reliable media than tape and less prone to error, which translates to less failed recoveries."[7] Clipper Group believes that the superior speed of disk storage is an enduring advantage: "High performance disk will always be the choice for online applications that require fast access."[8]
While disk offers advantages over tape, it is not a universal remedy. After installing disk technology, Companies will still be responsible for monitoring and managing backup processes, encrypting and safeguarding backed up onsite and offsite data, restoring data to new hardware, and other functions. Without implementing a layer of governance over disk-based data backup, these Companies court the danger of failed backups and delayed restoration of data, thereby jeopardizing their chances of successful recovery from major data loss.
Smaller Companies unable or unwilling to invest in the human expertise and infrastructure support systems necessary for data-oriented BCP can leverage our data backup and recovery solution, which removes cost and complexity burdens from your staff.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A Complete Solution that addresses all of your BCP Needs - PAVIS
References
[1] Cummings, Maeve; Haag, Stephen; and McCubbrey, Donald. 2003. Management information systems for the information age. http://highered.mcgraw-hill.com/sites/0072935863/information_center_view0/.
[2] Russell, Dave. 2007. Recovery will move to disk-based, manager of managers approach by 2011. Gartner Group. http://www.gartner.com.
[3] Russell, Dave. 2007. Recovery will move to disk-based, manager of managers approach by 2011. Gartner Group. http://www.gartner.com.
[4] Jon Oltsik, quoted in Shread, Paul. 2005. Bank's tape loss puts spotlight on backup practices. Internetnews.com. http://www.internetnews.com/storage/article.php/3486036.
[5] Reine, David. 2007. Security for small data centers-right-sizing tape encryption. Clipper Group. http://www.clipper.com/research/TCG2007036.pdf.
[6] Tyagi, Rinku. 2006. What's for your backup: Disk or tape? PCQuest. http://www.pcquest.com/content/technology/2006/106092501.asp.