Entium Technology Partners, LLC, LLC
Suite 50, P.O. Box 904
1288 Valley Forge Road
Valley Forge, PA 19482

Main: 610.415.7200
Fax: 610.415.7222
Toll Free: 888.757.2045

Sales and Marketing

General Information

Career Opportunities

Directions

White Papers

Getting Strategic About Data Protection

Ensuring the protection and access of critical information assets is one of the most important business challenges organizations face today?so important, in fact, that it is as likely to be discussed in the boardroom as it is in the data center. CEOs and CFOs put their organizations at risk when accurate records are not maintained. General Counsels experience punitive consequences when documents and e-mails are not recoverable during litigation. And CIOs feel the pressure when system meltdowns occur due to viruses and hackers.

Many existing data protection plans?whether to address disaster recovery, business continuity or day-to-day operations?have failed to keep pace with the changing business and technological environment. In the past, the major objective of a data protection plan was to restore data which became corrupted by a new software release or to retrieve data lost as a result of a hardware failure. If a disaster occurred such as a building fire, a remote "hot site" would be activated forcing users to wait while the backup system was set-up often utilizing archived tapes.

However, several factors have combined to bring the data protection issue to the forefront, including:

The increasing volume of data generated, used and stored by businesses
The near complete dependence of businesses on their data
Round-the-clock and around-the-world access to corporate data required by more businesses
The accessibility and vulnerabilities of data inherent in traversing the Internet and private networks
The dispersion of data to desktops, laptops, home offices and smart phones
The increasing demand by customers for up-to-the-minute account data and immediate resolution of problems with little tolerance for down time
The penalties imposed by government agencies, courts and shareholders when data is unavailable or compromised

To accommodate our on-line, real-time, 24/7 world, today's data protection plan must be designed to protect business-critical information assets and take into consideration two key concepts:

Time Value of Data
Time Value of Storage

Time Value of Data

The value of data changes with time. Some data is valuable for years, while conversely other data loses its value in hours. For example, client lists maintain their value; a project plan is valuable only until a new one is issued; while a "lets-do-lunch-today" e-mail is valuable for little more than half a day.

While all data must be protected and saved, an effective data protection plan takes into consideration the time-critical nature of business processes and the data on which they depend. Only by prioritizing business processes and identifying the critical data related to them can an organization structure a protection plan that ensures the most critical information gets the fastest and most secure protection available.

Incorporating the time value of data is critical to any successful data protection plan yet it is one of the most ignored and under-considered aspects of the planning process. Why? Because much of the work to determine the time value of data must be done outside the IT department and inside the business units.

Input from business unit leaders is essential, since they are the ones who use the information and know what data is essential to their operations. Too often, the business units have not participated in the process nor allocated budget or staff towards data protection planning. This is because business unit leaders often think IT already knows their priorities. They make the assumption that the IT department knows which files the different business units use, what information is contained within the files and why they are important. Years ago that may have been true, but in today's data-saturated environment, it represents a huge leap of faith.

Input from the General Counsel is also essential, since meeting the data requirements created by legal discovery and government regulatory mandates are important components of good corporate governance. Incorporating these requirements into the data protection plan reduces compliance costs and mitigates business risk.

Time Value of Storage

In many enterprises, the lack of a prioritized hierarchy of data is a serious obstacle to maximizing an effective protection plan. Not all storage is created equal?information access speeds and cost varies, so it is prudent to establish a hierarchy of storage systems to match high-speed storage with time-critical data, and lower cost disk-based image or tape-based storage with less time-critical data. This maximizes the accessibility of data while minimizing the cost.

The most time-critical data requires the fastest (highly accessibility), most secure storage through real time data replication, or data mirroring as it is commonly called. With data mirroring, data is written to two or more systems simultaneously. If, for any reason, one system becomes unavailable, the second system can take over in seconds. Data mirroring is used most often for online databases housing data that must remain accessible at all times.

Mirroring technology is an important addition to a data protection plan because it provides the safety net a company requires to continue working after a disruption occurs, such as power outages and hardware failures that occur during the business day and affect a single organization?the types of disruptions customers tolerate least. Further, by continuously mirroring data to a system at one or more remote sites, an enterprise can protect itself against local and regional disasters. This remote mirroring approach greatly lowers the risk of losing data, versus reliance on physical tapes that are either reused, moved from one location to another, or improperly stored.

Additional technologies such as a document management (DM) and records management (RM) systems are important components for protecting the unstructured documents that exist throughout the enterprise. A document management system provides a centralized repository with authorization and version controls and audit trails to secure the integrity of your documents. Any selection of a DM system should include the ability to add-on records management capabilities to automate data retention policy and classification standards. This provides the organization with inception to disposition tracking of unstructured information as well as the ability to quickly find information across the entire enterprise.

Many DM systems provide the ability to assign less frequently accessed information to secondary storage systems. This greatly furthers the data protection paradigm by permitting the classification of data not only by its time value but also by its storage value.

Introducing new technologies into the data protection plan does not mean that tape back-ups will disappear any time soon. Tape storage still has a place in the enterprise and it is better suited for long-term (1-2 years) archiving of data, so it too needs to be included in a data protection plan. However, given the advantages of newer technologies, i.e., the cost and speed of disk drives, the immediacy of data mirroring, and the efficiency of document management, tape usage should be supplemented by the newer technologies.

Acceptance and buy-in of these concepts is always the critical success factor. Often it takes a mandate from the top of the organization (Executive Management) to ensure that all departments allocate the staff and time required to developing an effective data protection plan. Tactical steps may include the IT department assigning business analysts to the business units. Increasingly, it takes an experienced consultant to efficiently guide the business units through the prioritization process, analyze the data requirements, and see that the project gets completed.

Given the demands of the online, real-time, 24/7 environment in which we live, companies need to update and implement their programs in order to keep their data available, secure and compliant.

This article was written by George Broadbent. For more information, contact Entium Technology Partners at (888) 757-2045.

Entium Technology Partners develops and implements life-cycle information programs that ensure compliant business rules and standards for all company records regardless of media type. These information programs control the creation, processing, maintenance, distribution, storing, and disposing of all corporate documents and records by combining information policies, processes, and procedures with the appropriate technology tools. Our solutions will allow enterprise-wide access to corporate documents and records while meeting internal security and business continuity needs.