320 likes | 500 Views
Risk Management and Data Security Business Challenges with Managing Data. Rob Hockey European Tivoli Storage Technical Consultant. Risk Management. Risk Management vs. Business Performance. Governance and Compliance now necessary and maturing New IBM CFO Studies show:
E N D
Risk Management and Data SecurityBusiness Challenges with Managing Data Rob Hockey European Tivoli Storage Technical Consultant
Risk Management vs. Business Performance • Governance and Compliance now necessary and maturing • New IBM CFO Studies show: • Need for organisation wide span of control • Global integration of information and processes • Fast decision making based on knowledge and accurate information about business performance • Information (data) influences decisions to change and require IT flexibility
Balance of risk management vs. business performance with integrated finance organisation Requires common data structures, systems and analysis CFO Study 2008 • 50% of companies have global standards already
Governance, Risk and Compliance Challenges • Increasing Compliance Requirements • Hundreds of initiatives already • Improved monitoring and control needed to manage risk • Increasing Complexity • Disparate technologies and infrastructures fragment and hamper compliance efforts – Silo issue • Linking infrastructure-level to business-level compliance is desirable but challenging • Increasing Cost • Lack of predictability and visibility across complex infrastructures drives rapid cost inflation • Failure to achieve compliance or to prevent security breaches can impose enormous costs 43% of CFOs think that improving governance, controls and risk management is their top challenge Source: 2006 CFO Survey: Current state and future direction, IBM Business Consulting Services
Ineffective IT Governance Causes Business Pain Examples of Ineffective IT Governance IT and Business Pain Points IT budget doesn’t support every approved business unit investment Operating units with funded investments perceive IT as unresponsive Impossible to compare options or to collate information to support decisions Investment proposals are inconsistent or data is held in a variety of systems No knowledge of where the money is being spent, or the value being derived IT resources are being used on a large number of small untracked activities Projects managed with a variety of systems and varying levels of maturity Cannot effectively review portfolio status in order to understand risk, cost or value Disconnect between investment proposals and benefits realisation Not able to hold business sponsors to account for the delivery of benefits
Storage challenges driven by multiple sources “Buying more hardware” is no longer the answer; it now requires a comprehensive information centric approach Demand shorter recover times and greater availability Line of Business IT Manager Chief Compliance Officer Legal Officers Security Officers CFO Manage explosive growth in storage and IT complexities Enforce data retention regulations Require quick access to active archived data for e-discovery Protect data from loss or theft Reduce labour costs
Visibility: View storage capacity, utilization, performance and resource configuration to optimize use and availability Control: Control storage management costs by more effectively leveraging capacity and tiering of information storage resources Automation: Automate data protection and retention based on policies, automate provisioning or configuration changes and automate data migration Storage Management OverviewOptimizing storage infrastructure for business continuity and compliance Data Protection Protect business critical application data ensuring rapid recovery, data reliability and integrity Prevent legal exposure through data encryption and key management Storage Resource and Infrastructure Management Enable visibility and automate control through centralized management and automated provisioning Optimize storage performance and capacity utilization, lowering costs and improving service levels Information Retention and Lifecycle Management Keep information at the most efficient and cost effective tier for the current stage of its life Keeps copies of active or inactive data for long-term storage for regulatory or bookkeeping requirements
Goals Backup and protect critical applications and files to enable quick and automatic data recovery Set data protection policies that align with data availability service levels of the applications Include data recovery analysis in a comprehensive disaster recovery plan Store backup copies in a hierarchy of lower-cost storage Easily manage backup and recovery across disk and tape from a single point of control TSM Client Products Application Protection • TSM for Mail • TSM for Databases • TSM for Enterprise Resource Planning (ERP) • TSM for Microsoft SharePoint Application Protection Bare Machine Recovery • TSM for System Backup and Recovery (AIX) • Cristie Bare Machine Recovery LANSANWAN Advanced Replication • TSM for Advanced Copy Services (IBM FlashCopy) • TSM for Copy Services (Microsoft VSS) Disaster Recovery Space Management, Archiving, CDP • TSM for Space Management • TSM HSM for Windows • TSM for Storage Area Networks (SAN) • Tivoli Continuous Data Protection for Files Hierarchical Storage Management Data ProtectionEnsure data and business continuity in a cost effective manner IBM solutions • Tivoli Storage Manager family • Tivoli Continuous Data Protection for Files • Business Continuity for Service Level Protection
Data Protection Business Continuity for Service Level Protection + Most Critical • Business Service based SLAs • Replication and Virtualization • Best Practices and Implementation Services Service Level Protection • Application Recovery Based SLAs • Application/Storage Discovery • Best Practices and Implementation Services Application Value/Criticality • Resource Based Service Level Agreements (SLAs) • Backup/Restore, Bare Machine Recovery • Best Practices and Implementation Services Less Critical Hours/Days Minutes Recovery Goals IBM and its Partners have capabilities to meet the full continuum of Service Level Objectives
MDisk MDisk MDisk VDisk VDisk VDisk TotalStorageProductivity Center SAN Volume Controller Storage Resource and Infrastructure ManagementLeverage enterprise visibility and virtualization to support application and business service levels SSPC Console • Goals • Discover and visualize the storage environment to identify imbalances • Reconfigure SAN resources to better align storage with business needs • Reclaim/consolidate storage space • Virtualize storage resources to simplify management and improve utilization • Migrate data between arrays without disruption • Enable changes to the physical storage with minimal or no application disruption Host Host Host SAN IBM solutions • TotalStorage Productivity Center (TPC) • System Storage Productivity Center (SSPC) • System Storage SAN Volume Controller (SVC) Physical Storage
Storage Resource and Infrastructure Management TotalStorage Productivity Center • TotalStorage Productivity Center for Data • Data collection and analysis, file systems and databases • Reporting, chargeback and quotas • Automated actions and asset reporting • SAN Configuration Planners with best practices guidance • TotalStorage Productivity Center for Fabric • SAN topology display and management • Event reporting, performance reporting and Zone control • Heterogeneous fabric support (Brocade, Cisco, McData) • TotalStorage Productivity Center for Disk • Disk subsystem management • Performance impact analysis - IBM and heterogeneous storage • Change Configuration Management • Storage provisioning—IBM and heterogeneous storage • Advanced performance management—IBM DS4000/6000/8000/SVC • TotalStorage Productivity Center for Replication • Centralised management for IBM Copy Services • Integration with TPC SE for Reporting • Includes DS8000, DS6000, ESS800, SVC and zOS environments SE SE = Standard Edition
Storage Resource and Infrastructure Management System Storage Productivity Center • Industry’s first heterogeneous SRM appliance • Powered by IBM’s flagship SRM software, TotalStorage Productivity Center (Basic Edition): • Base discovery, topology, data collection, and configuration functions • Manage a heterogeneous array of storage devices in context of the larger environment • Required for IBM Storage Systems (DS8000 and SVC) • Easy upgrade to TotalStorage Productivity Center Standard Edition • Further simplify and reduce operating costs of storage management infrastructure • Integrated with TSM, SVC and CCMDB
Storage Resource and Infrastructure Management SAN Volume Controller Make changes to the storage without disrupting host applications Virtual Disk Virtual Disk Virtual Disk Virtual Disk SAN Manage the storage pool from a central point SAN Volume Controller Apply common copy services across the storage pool Advanced Copy Services Storage Pool Combine the capacity from multiple arrays into a single pool of storage HP DS8000 HDS EMC DS4000
Information Retention and Lifecycle ManagementTiered storage management for cost and compliance management Goals • Implement and enforce retention policies to comply with regulations • Leverage lower cost tiered storage environments for lower valued or inactive data • Address compliance requirements by protecting information held in non-erasable, non-writable storage • Improve application or file system performance and shrink backup windows by reducing data size Applications Email Files Content DB ArchivingApplication CommonStore FileNet / ECM Optim Archive / HSMInfrastructure TSM SSAM IBM solutions • Tivoli Storage Manager • System Storage Archive Manager (SSAM) • DR550 (includes SSAM) • Information Management offerings: • CommonStore • FileNet / IBM Content Manager • Optim (Princeton Softek) ArchiveHardware Tape DR550
DB2 SQL Server Information Retention and Lifecycle Management DR550 with SSAM Part of an Information Retention and Lifecycle Management Solution 3. Policy-based non-erasable, non-rewriteable storage system 1. Business application 2. Generic content management application DR550 SSAM* API and Gateway IBM CommonStore P8 Email Manager * SSAM: System Storage Archive Manager (TSM for Data Retention)
What Does This Mean For Storage Management? • Governance requires: • People and resource management controls, policies and responsibilities • Privacy and security of customer data • Internal and external SLA management • Departmental organisation and Business Process Management • Risk Management requires: • Business Continuity for IT Systems • Data Security and Availability • Data Archiving and Resource Optimisation • Compliance requires: • Regulations and Data Retention Policies and Responsibilities • Information and Data Lifecycle Management • Managing Data Growth and Data Deletion
Data Security – More Than Just Backup • Data Encryption • Data Shredding • Business Continuity • Reliable Backup and Recovery • Data Archiving for Regulatory Compliance IBM Storage Management solutions from the IBM Tivoli Storage Manager family
Data Security Technology Trends • New Challenges requiring new technologies and solutions • Disk to disk backup • Replication and mirroring • Continuous Data Protection • Rapid data recovery • Application aware solutions • Data deduplication – Diligent VTL • Virtualisation – SAN Volume Controller
The Problems FilesX Solves • Elimination of “backup windows” and manual backup/restore processes • Eliminate tape in remote/branch office • Immediate recovery from any type of data loss • User error (deleted files, folders) • Software errors and virus attacks (corrupted databases) • Hardware failure (disk or system crash) • Disasters (lost local or regional facilities) • Microsoft Exchange Recovery • Individual Mailbox Restore • Instant end user recovery • Secure transfer of data between Primary and Disaster Recovery sites • Bare Machine Recovery to dissimilar hardware Causes of Data Loss
FilesX Complements Tivoli Storage Manager Enterprise Data Centre Mid-Market and Remote Offices FilesX Fast (near-instant) Recovery Deep protection of mission-critical applications Near-zero data loss FilesX Disk-based protection of distributed data Strong Windows, VMware and Microsoft Exchange capabilities Block-level CDP Simple to set up and use Cost-effective Continuous Data Protection (CDP) Tivoli CDP for Files File-level CDP for desktops/laptops and mobile workers Tivoli Storage Manager family Lowest TCO and ROI for data centre backup Extensive support for removable media (tape) Broad OS platform support Very large database (VLDB), application and SAP protection Hierarchical storage management Disaster Recovery management Superior scalability Together delivering a more complete solution Scheduled Protection
CDP • Real-time backup from laptops and desktops to remote offices • Flat files only • FilesX • Disk to disk data replication / recovery • Application aware CDP • IMR • Disaster Recovery • Tivoli Storage Manager • Backup / Restore, Archive / Retrieve, HSM, CDP and more • Incremental forever • Policy based • True enterprise DR • Scale out and scale up • Many OS and applications supported • Disk, tape and optical storage • Extremely robust • Protection • Block-level, incremental-forever • Application-aware • Policy-based capture schedule • CDP when needed • No backup window required • Recovery • Granular – any data object • File, mailbox, tablespace, volume • Any recovery point • Instant recovery of data for instant access • Full background restore • Disaster Recovery • Disk to disk data replication / recovery • Bandwidth and storage efficient • Data differencing • Compression • Encryption FilesX Server FilesX Server FilesX Server Enterprise Wide Architecture:FilesX with TSM and CDP HQ / Data Centre App / File Servers Tivoli CDP for Files for laptops and desktops TSM Server Backup Remote Office Replication Replication App / File Servers Off-site Vaulting Disaster Recovery Site Replication
Xpress Restore CDP Edition Comprehensive data protection solution Disk-based, block-level, incremental-forever technology Near-instant restore of data from any point-in-time, anywhere in the environment Disaster Recovery built in, with Policy-based “selective replication” for off-site recovery and highly efficient use of WAN and storage resources Xchange Restore Rapidly recover any e-mail object: message, attachment, calendar entry, contact, tasks, notes Near-instant access provides for data mining and unobtrusive testing of production environments Xpress Restore Bare Machine Recovery Restore OS volume on dissimilar hardware in minutes Cost-effective business continuance and server migrations Benefits Eliminates the need for “backup windows” Helps improve Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) of critical applications Provides near-instant recovery and rapid access Recovers only the data assets you need Reduces storage related costs through data reduction Helps reduce the risks of losing critical data Attributes Easy to install and manage Network and storage efficient Application-aware: Exchange and SQL Server Scalable from small to large environments Integrates easily with tape solutions (e.g. TSM) Current FilesX Offerings
Xpress Restore:Protects Mission-Critical Applications and Files • Protection • Block-level, incremental-forever • Windows Applications and Filesystems • Exchange, SQL Server, Oracle, SAP and more • VMware support • Lightweight client • No backup window required • Policy-based capture schedule • CDP on Demand™ • Recovery • Granular – any data object • File, folder, volume, system • Point-in-Time rollback • Instant Restore • Instant access, background restore • Recover Anywhere™ • Branch, DR site, Data Centre • Cost Effective • Eliminates the need for tape backup in the remote office Adaptive protection: Dial up the level of protection your application or fileserver requires
Xchange Restore:Individual Mailbox Recovery (IMR) • Very fast restore of individual mailboxes or mail items (messages, contacts, calendar) via “instant restore” • GUI facilitates easy selection of items for restore • Mailboxes or mail items can be viewed or copied without Exchange or Xpress Restore servers • Intact items can be restored from corrupted database backup FilesX Xchange Restore Microsoft Exchange 2000 / 2003 / 2007 GUI Interface Exchange Server IMR Module Data is extracted from .edb files in mounted snapshot Exchange Database Volume Snapshot Xpress Mount .edb files .edb files FilesX backup
Visibility Control Automation FilesX and TSM:The Complete Solution across the Extended Data Centre FilesX Centralized management Policy based capture schedule Instant Recovery Application Aware Continuous Protection Patented Technology Ready for Tivoli Granularity Integrated Solution One Vendor IBM Global Services IBM Storage Hardware VTL’s Incremental Forever Storage Hierarchy Policy Based Admin. Disaster Recovery Management Industry leading tape optimization Tivoli Storage Manager
Summary • Companies are developing more integrated business models • Requires IT flexibility • Good Governance and Risk Management is essential • Requires control of IT projects and operations • IBM Storage Strategy is targeted at delivering Integrated solutions: • for Visibility, Control and Automation • for maximum automation and productivity of the storage infrastructure • that enable business flexibility • which tie in with Service Management requirements • New technologies to support data security requirements, such as: • Managing data outside of the Data Centre • Meeting tougher RPO/RTO requirements • New snapshot and replication solutions