Saving Today for Tomorrow
Digital Preservation in a BYOD Business World
By Miles Weston
Most companies will tell you that their existing data storage and backup plans will protect their information from a massive data loss for many years to come. This is often a false sense of security. A rapidly growing percentage of vital business data is being generated and stored on individual employee personal devices with little or no data backup or plan for preservation.
According to a global survey performed by Wakefield Research, as many as 88 percent of executives reported having employees that are using their own personal computing technologies for business purposes. As businesses and corporations of all sizes shift their policy, allowing employees to utilize personal mobile computers and devices as primary tools for productivity in their jobs, critical applications and data have been exiled from the relative safety of mainframes and server-connected desktops, to disjoined laptops, tablets and smart phones.
Source - Wakefield Research
Often, corporate information assets are created on these computers and devices, shared through public email domains across unsecure networks and are lost, corrupted or deleted before the business server receives a copy. According to the same Wakefield survey, 55 percent of global companies report they have already experienced a security breach as a result of the consumerization of IT in the enterprise.
No longer strict gatekeepers of consumer technology, businesses must learn to enable these innovative devices, applications and services to best serve the health and growth of the company. To further leverage the power and productivity of this evolution, IT leaders should develop a data-driven plan that optimizes preservation without hindering performance and productivity.
However, merely dropping an app onto an employee's tablet that automatically ports business files to the corporate server for backup doesn't insure access to that data later. How much later? Most businesses should make it policy to retain records, contracts, discussion streams (document versions, business-critical email and VOIP audio/video/chat threads, etc.) for at least 20 years--not only to meet legal requirements, but as a business safeguard as well.
Gordon Moore (author of Moore's Law), is credited with saying: "Storing data is one thing; retrieving data is everything." This implies that critical information, once stored and protected, would have to be retrievable. Data that is not retrievable has not only lost its financial and intellectual value, it could potentially cost the company in business/customer loss and even legal fines.
Know the Value of Your Data
Every commercial enterprise should understand the value of their data and realize that protecting it is paramount to the continued health of the business itself. However, the inter-office memo about the cake in the lounge does not have the same value or priority level as the $500k digitally signed client contract.
Because company data can vary so broadly in levels of importance, implementing a blanket data protection strategy that requires every file to be preserved is neither cost- nor time-effective. For this reason, it is important to distinguish between mission-critical data and non-critical business data, excluding non-essential data from the digital preservation system. By identifying the various priorities and values of a business' data, a more effective data protection strategy can be implemented.
Since business data is critical to decision-making, it must be protected from threats that may cause major or minor data loss. It could be argued that a company's greatest asset-information--is continually under threat from human error, technological failure, natural disasters and other factors, both internal and external. These threats need to be identified and quantified, and relevant protection techniques deployed. This will allow businesses to ascertain which data protection strategies to embrace and deploy, thereby highlighting the balance between cost versus value for their business needs.
Ideally, the implementation of a preservation policy is automated, thereby virtually eliminating the added cost/hindrance of having future staff members remember that files must be migrated at specific time intervals or they will be lost. This ensures that a complete audit trail of priority information and activity is stored, backed up and preserved.
Most business managers will erroneously believe that all of their company's data needs to be highly available. Consequently, they invest in terabytes, even petabytes of high-availability storage technologies when truthfully, on average, little more than 20 percent of all data is accessed regularly and in most environments, only about 2 percent of information changes from week to week. Yet, most organizations depend heavily on always-on hard drive solutions to store all their data. This over- provisioning of storage performance to data sets that are seldom accessed, not only impedes file retrieval and access speeds of newer data, it also greatly inflates overall system and maintenance costs.
Tape-based technologies do offer low-cost archival of seldom used data, but the trade-off is long retrieval times. Depending on the business, long retrieval times may cause more than frustrated impatience and inconvenience. Regulated companies are not only required to store specified data for certain periods of time, but they have obligations to the courts, regulatory bodies and management to quickly recall that data, as well as vital metadata, within a brief allocated time.
Metadata (information about the creation of the document including the date and time a document was written) can be critically important in the event of a lawsuit. For example, if an employee was told a project was due on a certain date, properly preserved e-mails could show the date on which he or she actually submitted it. A study in 2011 by the Ponemon Institute LLC security research center found compliance costs associated with the storage of unstructured information (resulting from failed management of corporate intellectual property) costs organizations an average of $2.1 million per year.
A standard tape backup system that indiscriminately backs up 100 percent of all available files from those hard drives weekly, results in hundreds of copies of identical data and poor use of valuable storage space. In addition, this type of backup practice creates an information blob, requiring tedious sequential file searches and often requiring huge data transfers to a random access media to facilitate data searches and mining activities in the event the data is needed again. Not designed for long-term data preservation, traditional tape archive solutions also require regular migration every five years. That results in a lot of headaches for data that hasn't been looked at for weeks, months or often even years.
There is no question that cloud services provide an efficient answer to content storage, software as a service (SaaS), file sharing and other data management services. However, long-term data preservation requires infallible permanency. The data (and associated metadata) preserved today, must be the identical data retrieved in 20, 30, even 50 years.
Comparatively, seldom accessed data can be easily mirrored to an optical preservation solution that will ensure the content and valuable metadata is securely stored for 50 years or more, while still providing data retrieval in minutes, rather than hours. Furthermore, because write-once read-many (WORM) optical, such as Blu-Ray Disc (BD) is a permanent media, content cannot be destroyed or altered, even if security barriers are hacked or a disaster destroys the data center, the data preserved will be the data retrieved.
Failure to adhere to strict industry data preservation and collection standards may result in the altering or loss of critical data. Copying must be done with caution to avoid altering the data. Simply dragging a copy of the data from one hard drive to another may alter the metadata, such as changing the creation date to the date it was copied. A direct mirror copy of the data stream is always considered best practice and can ultimately protect a business against legal charges of data spoliation.
Understanding the business value of data and storing it according to its value ensures the total storage investment is more cost-effective. When looking at the return on investment (ROI) for preserving data, it's important to also understand patterns of "wear and tear" and expected media lifetimes. Most IT specialists will replace their HDD every 2 and tape drives each 5 years as part of their preventative data loss measures. Consequently, that low initial buy-in cost of a HDD or even a tiered HDD and tape-based solution may quickly be significantly more than the seemingly higher initial setup cost of a tiered solution that includes a BD preservation system.
The cost of drive replacements is not limited to the hardware. Human resources for integration, data management and migration must be calculated into the TCO as well. In addition to the monetary cost of each replacement, businesses also have to weigh the cost of the higher risk of data loss during each migration. By comparison, BD solutions can safely preserve data for 30 years, without needing hardware replacement.
It's also important for a preservation solution to be future proof. Since the creation of digital media, over 200 newer and different storage mediums have been developed, making previous media obsolete in instances where new technology is not adequately backwards compatible with its predecessors. Each generation of LTO tape drives can only read the previous two generations of tape cartridges and write to just the current and previous generation. Today's BD drives not only read every generation and variation of BD media, but CD and DVD media as well while providing write compatibility with all BD media. Voluntary adherence to technology and migration path standards gives BD adopters the security of knowing the data preserved today will be retrievable tomorrow.
Digital Preservation TCO
Document retention regulations require organizations to establish, document, monitor and maintain the availability, authenticity, accessibility, security and recoverability of their data. Sometimes that data must be retained for a considerable amount of time. As data file sizes grow and regulations extend retention requirements, so does the need for more efficient and larger forms of storage media. The long-term accessibility and use of valuable digital materials
requires digital preservation activities that are economically sustainable.
One area many businesses fail to consider when developing their digital preservation policy is energy usage. A single server requires an average of 850 watts per hour for an annual demand of 7,446 kWh per year. According to the US Energy Information Administration, the average commercial cost of a kWh between January 2012 and January 2013 was 9.83 cents. Consequently, it would cost $731.94 to power a single server in a data center for one year. This estimated cost also does not include the added expense of cooling and A/C necessary to keep the server running optimally and preserving the integrity of the data.
BD preservation solutions, on the other hand, only require power when being used. Unlike both HDD and tape technologies, BD drives do not require 24 x 7 electricity or A/C to keep the hardware cool and data safe.
Hardware longevity is another significant consideration. Over time, media and drives fail, and consequently, preventative data loss measures include preemptive replacement of both. The more frequently media and drives have to be replaced, the higher the cost--not only in hardware, but in human resources for integration, data management and migration. In addition, each migration risks data loss. Specifications indicate HDD and tape should be replaced at least every 3 and 7 years respectively. By comparison, BD drives can safely preserve data for more than 30 years.
The consumerization of IT is quickly and dramatically changing how vital business data is created, forcing managers to rethink and reset collateral policies. What hasn't changed, however, is the need for businesses to understand that data with the value it deserves, and preserve it accordingly.