320 likes | 438 Views
Dealing with the “Gotchas” of Backup & Recovery. Rebecca Levesque 21 st Century Software, Inc. The hidden impacts of recoverability. How can we make informed decisions with respect to D/R? What can we do to enhance organizational support?. The “Gotchas”. Runaway Data Expansion
E N D
Dealing with the“Gotchas”of Backup & Recovery Rebecca Levesque21st Century Software, Inc.
The hidden impacts of recoverability. • How can we make informed decisions with respect to D/R? • What can we do to enhance organizational support?
The “Gotchas” • Runaway Data Expansion • Shrinking Backup Window • Budget Restrictions • Over-reliance on Technology • The Human Element • Regulatory Compliance
#1 Runaway Data Expansion • Analysts estimate that the data we store is growing 125% annually. (Source: Meta Group) • As the cost of disk storage drops, the amount of data we store increases at an even greater rate. (Source: IBM) • People aren’t giving much thought to what they store and for how long.
#2 Shrinking Backup Window • “The time available for traditional backups is gone or has been greatly reduced”. (Source: ComputerWorld) • It is becoming increasingly difficult to complete a days processing in 24 hours. • Hardware solutions are deployed, masking, not managing the problem.
# 3 Budget Restrictions • The need to find the right balance ofbudget vs. risk. • “IT is being asked to do more with less — specifically, to reduce its budgets, often, without sacrificing service quality.”(Source: Gartner Group) • “Reducing IT operations budgets is considered by many enterprises as a way to find new money to invest in new projects.”(Source: Gartner Group)
This Could be a Very Costly Practice • The average costof downtime as afunction of idle laboris $1,010,536/hour.(Source: Meta Group Study) • A service interruption could cost a Bank between $60,000 and $250,000 a minute. (Source: U.S. Banker)
And there’s the Cost of Lost Business • Almost 2/3 of companies who suffered a disaster, lost business. • 16% lost between $100,000 and $500,000 per day. • 26% admit they don’t know how much they lost each day.(Source: AT&T - IAEM Study, August 2005Disaster Planning in the Private Sector: A Look at the State of Business Continuity in the U.S.”)
#4 Over-reliance on Technology A June 2005 report published by the Gartner Group, states that: “Most disaster recovery plans remain just plans because they are focused on the worst case rather then targeting the most-likely failure scenarios.”
Over-reliance on Technology • Current deployment is synchronous and/or asynchronous mirroring. • Rolling disasters are rarely taken into consideration. • Recovery from everyday problems can be a disaster in itself.
# 5 The Human Element • 80% of the processing disruptions experienced by most companies are due to people or processing errors. (Source: Gartner Group) • But corporations focus their attention on catastrophic events. • Don’t underestimate the disruption that can result from a “little” problem. • $50,000 is the average hourly cost per megabyte to re-create and restore data.(Source: Contingency Planning Research)
Exposure During Backup/Recovery • Controlling and managing backup and recovery operations is labor intensive. • 60-70% of storage management effort is devoted to backup/recovery.(Source: Meta Group) • But decisions are made based on limited information.
#6 Regulatory Compliance Faced with an array of regulations and knowing that more will follow, corporate executives have turned to IT to support compliance at the business and IT levels. • Compliance is an ongoing requirement and not a one-time problem. • Need to understand your data, how it is used, and where it is located. • An audit trail to confirm that the data is safely protected is a requirement. • Backup & recovery procedures must be documented and tested regularly.
Compliance Investment (Source: CIO Executive Board Research) Cost of Compliance Companies will spend $5.5 billion to meet Sarbanes-Oxley requirements - $1 billion will be spent on IT.(Source: AMR Research) More than one-third of enterprises underestimated their compliance costs.(Source: CIO Magazine) Compliance is not optional, compliance is not trivial, compliance has a cost, and it can be a bitter cost!
Some Practical Suggestions to Deal with the “Gotchas”
Dealing with Runaway Data Expansion • In the typical organization, only 40% to 60% of the stored data is required for recovery. • Backup just what needs to be backed up, not everything is required. • Manage your data, don’t just mask the problem with technology. • Maximize existing technology.
Dealing with Shrinking Backup Windows • Use tools that allow for intelligent decisions. • Deploy technology selectively using this knowledge that will meet RTOs/RPOs
Dealing with Budget Restrictions Keep costs in line by incorporating efficient backup practices: • Optimize media utilization. • Minimize handling, transportation & vaulting expense. • Automate the backup process. • Find the right balance of cost vs. risk. • Show your value.
Dealing with Over-reliance on Technology Don’t expect a single technology to meet all needs, each has its own strengths & weaknesses.
Pros & Cons of Mirroring/Replication • Pros: • Good for restartability • Excellent high-availability protection • Asynchronous implementation overcomes the 20 mile limitation • Cons: • Expensive • Limited recovery protection • Batch recovery requires known sync point • Subject to “rolling disaster” corruption • “Moving forward in time” data • Mirroring/Replication is only a subset of your data • Tape data (all of it)
Rolling Disasters • Unplanned events that occur over the span of minutes or hours. • Not all systems, storage or network connections fail at precisely the same moment. • Components fail independently, resulting in corrupted or unusable data. • Both synchronous & asynchronous mirroring susceptible. • Examples are terrorist attacks, earthquakes and floods. (Source: Storage Network Industry Assoc.)
Disaster Recovery Myths 1 • Longer distance means better disaster protection. • There is no hard fast rule of distance. • Greater distance lessens risk of disaster effects at alternate site. • But too much distance increases risk of broken links, line failures, and additional travel cost. (Source: Gartner Group)
Disaster Recovery Myths 2 • One copy of mirrored data at the recovery site is sufficient. • If synchronous mode is suspended and then activated, updates will be sent sequentially, not in the order they arrived at the primary site. • Starting resynchronization will compromise the consistency of remote data until resynchronization is complete. • Disruption at this time will result in a lack of consistency and data integrity at remote site. (Source: Gartner Group)
Pros & Cons of Virtual Tape Systems • Pros: • Faster than magnetic tape • Transparent operation • Cons: • Still requires transfer to tape • VTFM • May require additional equipment at recovery site • Virtual tape has same fail back requirements as real tape
Pros & Cons of Snap/Flash Copy • Pros: • Quickly freezes point-in-time data image • Minimizes processing schedule disruption • Cons: • Can create synchronization issues • Still requires backup to removable media • Difficult to recover individual files • Doesn’t consider tape data
Pros & Cons of Traditional Tape Backup • Pros: • Perceived as simple • Cost effective • Recovery depending upon RTO/RPO • Cons: • In-stream application level • Synchronization issues • Full disk • Disrupts processing schedule • Too much data, too little time • Incremental • Time consuming recovery • Recovery versus restart, depending upon RTO/RPO
Dealing with the Human Element The Gartner Group says, “Many companies mistakenly think there is one overall DR plan, regardless of the type of incident or crisis.” • In recovery situations, many decisions are made with limited information. • A multi-tiered recovery plan is just as important as multi-tiered technology. • Automate the tasks wherever possible to avoid potential human error.
Dealing with Regulatory Compliance • GLB – Personal Financial Information • Section 505 specifically emphasizes “physical and technical” safeguards to protect data • HIPAA – Patient Medical Information • Specifically requires ability to recover lost or corrupted information (§164.310) • Sarbanes-Oxley – Public Companies • Section 404 requires management to assess the effectiveness of internal controls over financial data • Basel II – International Banking • Cautions about the over-reliance on technology
Compliance has Resulted In • More work • More complexity • More distraction • More expense
Common Elements to All • Comprehensive data protection • Effective disaster recovery • Adequate audit trail • Enforced predefined procedures • Continuous monitoring • Data knowledge required • Ongoing requirement
Just a last note . . . • During a crisis, visibility is heightened. • A number of critical decisions must be made to regain business processing. • Recovery to a known point-in-time is critical. • A wrong decision could result in delays. • This is a bad time to discover that your backup methods weren’t adequate.
Questions and Comments? 21st Century Software Partners and Premier Alliance 21st Century Software, Inc.940 West Valley Road, Suite 1604, Wayne, PA 19807 800-555-6845sales@21stcenturysoftware.comwww.21stcenturysoftware.com