Backup technologies, as they relate to the actual hardware and software involved in the backup process, have and continue to improve - more density, faster robotics, etc. etc. - it's an extensive list. However, what has not changed much over the last year is the actual "process" of backup execution.
The process hasn’t changed much in over a decade, it’s a well tuned systematic process of incrementals, fulls, swapping tapes, sending tapes off-site, etc. As prices for the backup technology have dropped overall, their has been a lack of attention paid to the actual cost of data stored on tape, but the cost today, is being fueled by a completely different rationale - compliance.
{For the purpose of this discussion let's define compliance simply as governance of data as it relates to an organizations legal and regulatory liabilities or requirements}
It’s no longer prudent to keep data that may be subject to discovery in a billion dollar class action lawsuit locked away, safe secure, and accessible on a tape - just waiting to be "discovered" by lawyers who know how to ask for the information.
So, what does that mean to today's backup approaches?
I don't know a single systems administrator that will put his job at risk by not backing up their e-mail stores, just one example of content.
But what's the risk to keeping millions of e-mails lying around on backup tapes?
Well Morgan Stanley was just fined 1.4 billion dollars. That should be reason enough to call together all the departmental CIO's and business unit heads and talk about how the organization is executing backup today.
I have some concrete ideas and practices which involve the use of archival technologies in relation to backup for securing and protecting data in a manner that delivers more protection with respect to risk.
It’s an interesting dilemma that requires a fresh look at process, existing and new technologies, and how they can be re-deployed to meet both the old and new challenges facing today’s corporations.
Every IT manager should evaluate how and what data is being written to tape, how it is being stored, where, how many copies, and what is the destruction policy in relation to legal or regulatory requirements and or corporate policies which are well documented.
Comments