2010 data protection best practices


Published on

On one side, they’re arguably the most important task of every
IT professional. Protecting your company’s most critical data
really means protecting your company itself, and therefore your
own livelihood. But on the other side, backups are so often
accomplished using technology that hasn’t evolved much past
the reel-to-reel days. In 2010, most IT organizations still find
themselves clinging desperately to ancient tape-based technologies;
technologies that indeed back up data, but do so slowly,
painfully, and sometimes with catastrophic failure.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2010 data protection best practices

  1. 1. Cloud? Tape? Hybrid? 2010 Data Protection Best PracticesBackups are a curious paradox, are they not?By Greg Shields On one side, they’re arguably the most important task of every IT professional. Protecting your company’s most critical data really means protecting your company itself, and therefore your own livelihood. But on the other side, backups are so often accomplished using technology that hasn’t evolved much past the reel-to-reel days. In 2010, most IT organizations still find themselves clinging desperately to ancient tape-based technol- ogies; technologies that indeed back up data, but do so slowly, painfully, and sometimes with catastrophic failure. Why has this paradox become so ingrained into our industry’s collective consciousness? Why have backups’ best practices so long involved tactics that don’t really align with today’s datacenter needs? One source just might be the technologies themselves. Sponsored by www.ironmountain.com/cloudrecovery 1
  2. 2. Thankfully, there is a better way. And that way doesn’t necessarily get rid of your existinginvestment in tapes. Rather, it arrives as an augmentation to tapes, giving you all the featuresyou’ve long desired while retaining the quiet comfort of their physical media.That better way is called hybrid backups. And to best understand how it will dramaticallyimprove your data protection, let’s look at some evolutionary changes in backup technologythat you might not know about. Along with those changes, you’ll learn a bit about today’sbest practices in correctly aligning your backup technologies to your restore needs. D2T - Yesterday’s Approach to BackupsUp first is the Disk-2-Tape story that you already know about. Starting here is important indrawing a comparison with backups’ most recent evolutionary leaps. Tape backups have servedthe IT industry for virtually all of its long history. Getting files onto tape has been a major task ofevery IT organization since the introduction of data itself.Yet tape backups are no longer sufficient for today’s datacenter needs. Think for a minute howan exclusive focus on tape backups can actually hurt the datacenter:Data storage continues to grow, as do backup windows. In times not long past, backupwindows weren’t a big problem. Knowing that your backups completed between the hours of3:00 AM and 5:00 AM was a functional solution because most people simply weren’t workingduring those hours. That’s no longer the case today. Users work from home, in different timezones, and in different parts of the world. www.ironmountain.com/cloudrecovery 2
  3. 3. At the same time, the amount of data to be backed up just keeps growing. With it comes a similar increasein the size of backup windows. As you know, tape backups require windows of time to complete. This is thecase because their operation seeks to capture the changes in data that have occurred over that set period oftime. Often just a day in length, but sometimes even longer, backup windows need a time period when dataremains relatively unchanged so that data can be contiguously copied to tape media.Today’s datacenter needs, however, are maturing to the point where windows are no longer appropriate.Knowing that you’ve got a copy of yesterday’s data isn’t good enough. Even a 24-hour loss of data could becatastrophically costly to your business operations. Instead, you need a constant and continuous copy ofright now’s data, something you simply can’t get with tape.Tapes are linear-read/linear-write. Using tapes, you can’t get that constant and continuous copy of rightnow’s data because data takes time to be written to tape. Tapes write data in a linear fashion, copying filesfrom disk as “the tape” in that tape passes over its head. While today’s tapes are growing ever faster in howquickly they can transfer data, their actions still consume time at a linear rate. The more data you’ve got toback up, the larger your backup window must be.The linear-read/linear-write format of tapes also makes them highly inefficient in backing up data thatchanges only slightly from window to window. For example, a file that is backed up to tape and then latermodified must be backed up again in full at the next backup. This is the case even if that modification is onlya single character. This inefficiency reduces the effectiveness of tapes while increasing the quantity of tapeyou’ll need to get everything backed up.Tapes are slow in backing up, slower to restore. Today’s faster tape technologies have improved thespeed of backups; however, that speed continues to be limited by the sheer mechanics of tape management.An individual file can be spread across multiple tapes, requiring swapping by hand or through a robot device.Fast-forwarding and rewinding through a tape to locate the correct data further lengthens restore time.Physical constraints are also a problem. Even worse is the situation where the data you need to restore is ona tape that’s been rotated offsite. Locating that tape, getting it to the datacenter, and loading it all add timeand inefficiency to the restore process.Tapes are physical items that can be lost, damaged, stolen, or destroyed. Finally, tapes by nature areintended to be portable items. They’re designed to be items that can be removed from backup devices and 5transferred to archive locations. Tape rotation offsite is a common activity, and a best practice in tape backuparchitectures. But offsite rotation and even daily handling itself introduces the risk for loss, damage, theft, 6and destruction.Today’s datacenters need better solutions that are always connected yet provide offsite replication forarchival purposes. www.ironmountain.com/cloudrecovery 3
  4. 4. D2D – The Start of Today’s Backup SolutionEach of the issues noted above are limitations to tapes’ ancient approach to today’s problems. Tapes willabsolutely protect your data, but you’ll be paying a high cost in doing so – both in labor as well as in risk.That’s why smart IT organizations are looking towards Disk-2-Disk backups as a superior solution. Diskbackups still back up data to an alternate location. The difference is that the alternate solution is an array ofdisk drives rather than a stack of tapes. Those disk drives can be located in the same datacenter as yourservers, or elsewhere on the network. A foundation for each of the technology evolutions discussed in thenext sections, disk drives solve many of tape’s problems right off the bat:Disk backups eliminate the entire concept of backup windows. Tape backups are forced to use thebackup window concept because of their change-oriented nature. A file changes, it needs to be backedup. Disk backups, on the other hand, operate quite differently. With disks, traditional file-by-filebackups are replaced by a file system filter driver that is installed directly to each backed up machine.This filter driver intercepts each and every call to a computer’s disk subsystem, noting the changeand instructing the disk backup system to replicate it elsewhere.Disks are random-read/random-write. Using a filter driver in this manner means that data is constantlybeing backed up as it changes. Every update to a file or folder is replicated to the backup device, at the levelof the individual change. These updates are written to disk in a non-linear fashion, which means no waitingfor an empty section of tape. Individual updates are simultaneously entered into a centralized database,enabling them to be reconstructed at will when restoration is necessary. Capturing data on a per-changebasis instead of a per-file basis significantly reduces the duplication of data that is contained within thebackup set. In short, every piece of data is immediately addressable whenever it is needed.Today’s disks are enormous, fast, and inexpensive. Disk backups took a long time to overtake tape ineconomy due to the initial high cost of large quantities of disk storage. That high cost is no longer a hurdle. www.ironmountain.com/cloudrecovery 4
  5. 5. Today’s disks are enormous, fast, and inexpensive. Disk backups took a long time to overtake tape in economy due to the initial high cost of large quantities of disk storage. That high cost is no longer a hurdle. With the cost of multiple-hundred gigabyte and even terabyte disk drives dropping to affordability, today’s disks provide a cost advantage that wasn’t available before. That affordability also comes with excellent performance as well. Disk-based backup solutions do not place a heavy reliance on disk performance for overall backup performance. Its low requirements for disk perfor- mance further highlights how inexpensive disk arrays can be used – or, in some cases, repurposed – for disk backups at a cost-effective price. Disks enable emails, files, and entire computers to be restored in the exact same manner. Best of all, disk-based backups also eliminate the reliance on backing up files and folders. Data can be treated as data. Recall how disk backups use a filter driver rather than individual file copies to backup data. This action can be taken a step further, combining it with application awareness. Application-aware backups enable a backup solution to recognize what kinds of things it is backing up: Emails versus rows in a SQL database, files on a disk share versus files in a SharePoint implementation, physical machines versus virtual machines. With application awareness, a disk-based backup solution’s per-change basis recognizes what each disk transaction means. It can log that change in the correct manner for later retrieval. And, most important, it means that an individual email, SharePoint item, or SQL database row can be restored just as easily as an entire computer.Protecting your company’s most critical data really means protectingyour company itself. www.ironmountain.com/cloudrecovery 5
  6. 6. D2D2T – Benefitting from Disks and Preserving your tape investment Disks obviously have a set of benefits that go far beyond what you’ve seen with your tape backup investment. Immediate restorability of data from individual items to entire computers is a fantastic risk reduction. Elimi- nating duplicated data represents great cost savings. Yet you probably still have a strong investment in tape backups, one that would be difficult to just throw away. It is also worth mentioning that tape backups aren’t all bad. They’ve served our industry for most of its early years, and can continue to provide value for your archival needs. D2D backup solutions today provide exceptional improvements to backup and dramatically reduce restore time; however, disk-based backups alone suffer from limitations in their ability to truly archive data. Your business today in actuality has two different requirements for data preservation: Requirement #1: Assured and timely restorability. Your business requires the capability to successfully restore data in a timely fashion. This includes not only file-based data, but also application data such as individual emails, database records, and even entire computers. Accomplishing this goal is well served through a disk-based backup solution that can enhance the process as detailed above. Requirement #2: Long-term data archival. Whether your business falls under the purview of regulatory compliance or not, you need the ability to store copies long term. Those long term copies can be for historical purposes, or to simply preserve the actions and activities of your company over time. While entirely possible to store via disk-based backups, these long term copies are perfectly suited for tape-based backups. The combination of these two needs highlights the importance of considering multiple approaches in your overall data preservation policies. Disk-based backup solutions are perfectly suited to be inserted between your servers and your existing tape infrastructure. From that position, a disk-based backup solution can handle the day-to-day operational needs for data preservation. Following along behind is the tape-based backup solution, essentially “backing up the backup solution” for archival and long-term storage purposes.There is a better way…and that better way is called hybrid backups. www.ironmountain.com/cloudrecovery 6
  7. 7. D2D2C – A Solution for Eliminating Tapes EntirelyBackup technologies are indeed evolving at a dramatic pace, one that matches today’s cloud-basedinfrastructures. It is exactly within that cloud infrastructure where the most revolutionary of backupand archival solutions are finding a home. Disk-2-Disk-2-Cloud has quickly matured to become a viableoption for many organizations who wish to eliminate the administrative cost and risk of tapes entirely.In a D2D2C architecture, locally-homed disk-based backups are used to handle the daily operations of systembackups. These disk-based backups are no different than those discussed above, and enjoy all of the benefitsgained through the move away from tape.Different here is in how the backups are themselves backed up. Unlike D2D2T, which preserves a company’stape infrastructure, D2D2C instead offloads the archival responsibility to a cloud service on the Internet. Thatcloud service, hosted by a top-tier partner and enjoying levels of security above and beyond traditional offsiterotation, immediately becomes a trusted location for the secondary storage of data. Protected, encrypted,authenticated, and available anywhere with an Internet connection and the correct security controls, yourdata now becomes pervasively available. You also gain a set of benefits not easily attainable inside yourown datacenter:Entire site data protection. In the worst of catastrophes, companies have lost entire datacenters. Whetherdue to naturally-occurring events or outside influences, protecting your data means keeping it safely archivedin secondary locations. Cloud-based solutions provide that secondary location. At the same time, they alsoprovide cloud-based restore capability. In the case of an entire-site loss, your data as well as the serversthat host it can be quickly transferred over the Internet to a secondary location. Leveraging strong andmulti-factor authentication as well as encryption in transit, data traversing the wire remains secure on its wayto archival. Protective measures at the cloud services location further secure that data through data isolation,activity monitoring, and further layers of redundancy.Conversion of CAPEX to OPEX. A tape investment is also a capital investment, one that occasionally incursunexpected costs. Those costs can be challenging for companies with restricted budgets. A better solution canbe the conversion of tape’s capital expenditure into a cloud services’ recurring and predictable operationalexpenditure. Cloud services eliminate the risk of unexpected expenses while providing a recognizable andpredictable cost that fits well into budgeting guidelines.A scope of infrastructure you can’t build yourself. Cloud services are financially feasible in part dueto economies of scale. By aggregating the backup and restore needs of multiple customers into a highly-engineered and specifically-designed solution, cloud services can provide a level of infrastructure you simplycan’t build in your own datacenter. Many cloud services provide advanced protection measures such asunderground data storage, multiple levels of access control, multi-factor and strong authentication, andactivity monitoring that ensures only the right set of eyes see your sensitive data. www.ironmountain.com/cloudrecovery 7
  8. 8. The Hybrid Approach – Consolidating Disk, Tape, and CloudThis entire introduction paves the way for backup’s greatest evolution, one that integrates the benefits of D2Dwith both tape and cloud backups. This everything-to-everyone model is called the Hybrid Approach.The Hybrid Approach uses today’s technologies to gain the best of all worlds. Some data simply doesn’tmake sense for Cloud backup. Perhaps that data is limited by regulation, by security policy, or falls underspecial data ownership requirements. Some data sets are too large or change too rapidly to be efficientlybacked up to the Cloud. In these cases, Cloud services might not make the best sense for certain sets ofdata. In those cases, retaining your existing tape backup infrastructure can be an excellent extension ofits operational lifecycle.Other data fits perfectly in the cloud backup approach, providing the highest levels of protection incombination with worldwide restorability. The hybrid approach right-sizes the best-suited technologyto your data retention needs. Leveraging an integrated toolset that enables tagging data to the correctlocations, software that uses the Hybrid Approach creates a single location where all data is backed up,cataloged, access controlled, and eventually restored. www.ironmountain.com/cloudrecovery 8
  9. 9. Iron Mountain CloudRecovery is the Hybrid ApproachIntegrated with Microsoft’s System Center Data Protection Manager (DPM) 2007 SP1 and 2010 releases,Iron Mountain CloudRecovery is a one-stop solution for implementing the Hybrid Approach in your datacentertoday. Its services provides full-data protection for files and folders, as well as Microsoft applications such asHyper-V, SharePoint, Exchange, and SQL Server.Iron Mountain CloudRecovery extends DPM 2010 by providing an offsite backup location that isburied deeply underground and protected through multiple and layered security mechanisms.Microsoft DPM 2010 provides the workflow framework in which data is tagged for primary diskbackup as well as secondary backup to either the Cloud or to a local tape backup device. UsingIron Mountain CloudRecovery and Microsoft DPM 2010, any application, file share, or entirecomputer can be backed up and archived offsite for as few as thirty days or as many as sevenyears. Through DPM 2010’s central console, data in primary storage or in onsite or offsitesecondary storage can be seamlessly restored to any server at any time.For more information, check out: http://www.ironmountain.com/cloudrecoveryCopyright © 2010 Concentrated Technology. All rights reserved. Greg Shields is an independent author, speaker, and IT consultant, as well as a Partner and Principal Technologist with Concentrated Technology (www.ConcentratedTech. com). With 15 years in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft OS, remote application, systems management, and virtualization technologies. He is a Contributing Editor and columnist for TechNet Magazine and Redmond Magazine, and serves as the Series Editor for Realtime Publishers, the world’s lead- ing provider of high-quality content for the IT market. Greg is a highly sought-after and top-ranked speaker for both live and recorded events, and is seen regularly at conferences like TechMentor Events, Microsoft Tech Ed, VMworld, and more. He is a multiple recipient of Microsoft “Most Valuable Professional” award as well as VMware’s vExpert award. www.ironmountain.com/cloudrecovery 9