Small and Medium-Sized Enterprises Need a Unified
Approach to Data Protection
Enterprise-Class Recovery Capabilities in a Solution Tailored for
Smaller Organizations
WHITE P
APER
Contents
Introduction 3
Small and Medium-Sized Enterprises Need a Unified Approach to
Data Protection
Introduction
Small and medium-sized enterprises (SMEs) have many advantages over their larger enterprise (LE) competitors. They are often more nimble at reacting to changing market trends and requirements. They can bring new prod-ucts and services to market faster. They can focus their activities on a smaller number of solution areas. And, they can attract better talent. Because of their scale, however, big enterprises can deliver a wider and deeper range of services, including IT services across business applications, storage and data protection. They have the resources needed to effectively protect and manage data while providing needed recovery service levels for a wide range of applications, end users and processes.
As an SME, you have the same set of requirements as the LE. For example, you must be able to restore operations following a disaster and recover individual files and emails on an as-needed basis. You must reliably retain records and other information as deemed necessary by the business or by regulation. The challenge for both is the wide vari-ety of data types, application service requirements, and threats that can impact the business. Not all data has equal value, and each combination of data type, location and threat may require a different approach to protecting that data.
The difference is that the typical SME (see Figure 1) is hard pressed to be able to afford, implement and manage the many data protection and recovery “point solutions” that the LE uses to meet these challenges. Indeed, your IT staff is often stretched very thin, with much less technology specialization as compared to the large enterprise IT staff. You need to find solutions that are more comprehensive and easier to learn and use.
Some of the possible technology options include traditional backup, archive and hierarchical storage management (HSM), continuous data protection (CDP), snapshots and replication. There are different options for protecting virtual machines (VM), for remote and branch offices (ROBO), and for user workstations. Each requires additional hardware, software licenses, administrators, training and services.
In fact, you are also at greater risk of damage to the business when a data disaster strikes. For the LE, an event will usually be localized to one of its many locations or data centers. The financial impact may be substantial, but it is unlikely to result in the collapse of the business. But with fewer physical locations and less distribution of its data assets, the impact of a significant data loss can be devastating to the SME.
So, just because your company isn’t a major corporation with hundreds of offices and thousands of employees doesn’t mean you’re not under the same pressures to maintain access to critical information in order to run your busi-ness and remain competitive. You also need to comply with any number of regulations and to keep your customers happy, which can be expensive and difficult to achieve when you lose critical data.
But buying the same complex and expensive solutions as the LEs in your industry would be overkill: The cure would be worse than the disease. If there was a unified data protection and recovery solution that solved all of your data protection and recovery challenges, was easy to implement and use, and was priced for the SME, would you be interested in learning more?
This white paper examines the recovery capabilities SMEs require and makes recommendations for a unified approach to data protection.
Deliver Recovery Services
DEFINE YOUR RECOVERY SERVICE
In defining a recovery service, questions need to be answered by the data owner or the business:
■
■What do you want to restore? ■
■What events do you want to recover from? ■
■How fast do you need it back? ■
■How much time can we have to protect it? ■
■Where do you want to restore it to? ■
■What would be the cost, per hour, for lost data? ■
■What would be the cost if you lost the data forever?
The capabilities and effectiveness of data protection solutions are measured in 4 ways: recovery point objective (RPO), recovery time objective (RTO), backup window, and total cost of ownership (TCO). A unified data protection solution needs to be able to adjust these attributes for the different recovery requirements of each user, application, data set, location and so forth. And the solution must be able to do it all from a single, easy-to-use management console. It should be able to select from a palette of available technology choices that all work together to offer a comprehensive solution to this very complex problem.
Recovery Point Objective
as snapshots, replication and CDP can reduce (improve) the RPO, dramatically reducing the amount of data at risk, and should be considered for higher value data.
Recovery Time Objective
Recovery time objective refers to the amount of time it takes to restore access to data or an application following any type of disaster. Using traditional backup to tape, including the transport of tapes to off-site facilities, can result in an RTO measured in days or weeks. Many organizations find that it’s less painful or costly to accept a data loss and/ or recreate the data than it is to restore it from off-site tape. Again, there are options for tuning RTO. For example, you can employ synchronous replication and automated failover of your production storage volumes to a secondary system in another location. This strategy can reduce your RTO to almost zero in the case of a local disaster or system failure; but this solution is probably the most expensive to implement, and it does not provide any protection against file-level loss or corruption. (The error will be immediately replicated to your recovery system!)
Backup Window
Backup window is the amount of time that an application or data set is unavailable while a backup operation is exe-cuted. Data write operations need to be paused during the backup window to avoid capturing an inconsistent data set, so long backup windows can have a serious impact on application availability. The backup window for traditional full backups is defined by how much data needs to be copied and the transfer speed of the slowest component in the backup infrastructure. Traditional incremental backups can also take a relatively long period of time: The backup application must scan through the file system directory to identify which files are new or have changed since the last backup. CDP and replication technologies capture new data as it is created, effectively eliminating the need for a backup window. Snapshots impose very short backup windows as they redirect data pointers at the time of the backup, rather than analyzing or copying actual data.
Total Cost of Ownership
Total cost of ownership reflects how much the data insurance you’re buying is going to cost, and consists of many items. Data insurance items may include: the protection software and annual maintenance; implementation services; administrator training and certification; backup storage, server and network hardware and maintenance; and floor space, off-site facilities and electricity. Each different data protection option will put a different load on your systems and impact costs differently. For example, a full backup creates a mostly duplicate set of your data from the last backup, incrementally increasing your storage costs each time it is run, up to the number of backups you keep. Having 30TB of backup data for every 1TB of active production data is not unheard of. Data deduplication was invented to put a temporary bandage on this phenomenon. Options such as CDP and snapshots capture only 1 copy of new or changed data, dramatically reducing storage requirements and backup windows.
By mapping business requirements by RPO, RTO, backup window and TCO, you can start delivering “recovery ser-vices” that are tuned to the needs of each stakeholder, including the chief financial officer (CFO).
What Can Go Wrong?
To provide the level of recovery services needed for each application while keeping costs to a minimum requires the ability to set different policies based on those needs, as defined by the attributes above. But you can further define these policies by the different events that can threaten data availability.
A unified data protection and recovery solution is going to involve a lot of considerations and contingencies (see Figure 2). There are many things that can go wrong with your data, and you should have a specific response to each:
■
■ Critical data is accidentally or maliciously deleted. You need a solution that can quickly and easily restore
■
■ Data is lost or corrupted over a period of time. Not all data loss incidents are noticed immediately, as is often
the case with virus and hacker attacks, or rolling database corruptions. You need the ability to recover to a point in time before the corruption started, and you’d like to have those recovery points be as granular as possible.
■
■ A disk can crash. Individual hard disks are often protected by arranging them in random arrays of independent
disks (RAID) that can be configured to recover from 1 or more failures within the array. Using dual RAID control-lers can further limit the impacts of a hardware failure. If you have disk volumes that are not protected in this way, you will need a facility for protecting and quickly rebuilding those volumes. There have also been reports of cata-strophic failures of even the most reliable storage systems, usually due to human error (for example, a service technician pulling a good controller instead of the failing one).
■
■ An entire server can die. The ability to restore operations when replacing a broken server may be complicated
by the need to install different drivers on the new system if the hardware is not an exact match. Can you temporar-ily move the application workload to a standby physical or virtual server while the system is being repaired?
■
■ Disaster strikes. When you lose an entire office to fire, flood or other unplanned event, it’s critical that you have a
current copy of your important information in a location outside the disaster zone. How fast can you failover to the remote site, and can you failback when the office re-opens? How much standby server and storage capacity do you need to handle disasters?
■
■ Recovering data in ROBOs is a challenge. Small operations usually don’t have the luxury of having an on-site
technical resource to assist in backups and restores. In fact, a nontechnical staff member running the backup incorrectly, or not running it at all, is the primary cause of failed data recoveries in remote offices.
The protection of critical data — the files, databases and other objects you really cannot afford to lose or to be with-out for an extended period of time — requires frequent or even continuous backup. But this level of protection may come with added costs. Applying a similar policy to noncritical data, such as typical office files, could add undue stor-age, network and labor costs. In some cases, it can be more cost-efficient to accept the loss of truly noncritical data, or even to recreate that data rather than to recover it (see Table 1).
These are not decisions and policies that a backup administrator should be making without direct input from the line of business (LOB) or other stakeholders in the information to be protected.
TAblE 1. ThE PROS AND CONS OF DIFFERENT DATA PROTECTION AND RECOVERY TEChNOlOGIES
Protection Technology Pros Cons Batch Backup (full + incremental) Legacy infrastructure investment
(software, disk, tape, virtual tape); available administration talent pool
Long backup windows (major application disruptions); poor RPO (24 hours); storage hog; full backups require deduplication; poor RTO from tape
Continuous Data Protection Very granular RPO (1 minute); no backup window
Some continuous drain on the production environment; consumes a large amount of storage, thereby limiting retention to a few days Snapshot Minimal backup window;
storage efficient
May or may not be application consistent; not immune to hardware failure or local disaster; consumes primary storage
Network Data Management Protocol (NDMP)
Moves backup data directly between NAS devices and backup devices (usually tape or virtual tape), speeding backups and reducing load on backup servers
Each backup vendor supports slightly different implementations of NDMP, resulting in mixed performance and making it more challenging to move to new storage systems
Replicate Disaster recovery protection; built into many storage systems
Does not protect against file level loss or data corruption Archive Meet retention requirements;
trim data and processing loads on application systems
May need a facility for searching and retrieving archived data; very old data may not be readable
Cloud Pay-as-you-go service reduces or eliminates purchase and administration costs
Protect Virtualized Environments
The use of server virtualization technologies such as Microsoft® Hyper-V® and VMware vSphere is moving quickly
from secondary applications like development and test to production applications like Microsoft Exchange and SQL Server®. This change is creating serious headaches for storage and backup administrators. Using traditional backup
software agents within the virtual machines can be problematic. It can result in serious extension of backup win-dows and degradation of application performance as the physical system resources are loaded down by 10 or more backup operations instead of 1.
Advanced technologies such as Volume Shadow Copy Services (VSS) on Hyper-V and vStorage APIs for Data Protection (VADP) on VMware are being deployed to work around this problem. However, they can also add to the cost and complexity of the environment, and may not provide truly consistent point-in-time copies of application data. A better solution, especially for database and email applications, can be the use of an in-guest continuous data pro-tection agent. This CDP agent captures data in real time or on a scheduled basis with no backup window and has little or no impact on application availability and performance. A combination of in-guest CDP and off-host solutions, based on the combination of business requirements for each application, can offer the most cost-effective model.
Point Solutions Versus Data Instance Management
Many companies have opted to purchase several point solutions from different vendors to fully address the data pro-tection and recovery challenges of critical applications, virtualized servers, remote offices and user workstations. This is an extremely expensive approach in terms of acquisition, integration and ongoing management costs. Other com-panies have decided the cost is too high and decided to take their chances by not protecting critical data, which is an approach that has often resulted in disaster. In today’s highly regulated and highly litigious business environment, the loss of important data can cause significant damage and often leads to the demise of the business.
In addition to all the hardware, software and management complexity that multiple point solutions introduce into the IT environment, they often also result in additional copies of each data object. The “copy data problem,” as defined by analyst firm IDC1, consumes 60% of all storage capacity and accounts for 85% of storage hardware purchases
and 65% of software purchases.
A comprehensive, unified solution to data protection that captures new data only once and makes it available for dif-ferent use and recovery purposes can reduce or eliminate the copy data problem. As a result, the solution reduces storage and administrative costs, while also helping the organization to adhere to data retention and governance policies.
The New Unified Data Protection and Recovery Solution for SMEs
In April 2013, Hitachi Data Systems announced Hitachi Data Instance Manager (HDIM), a new software offering that meets the challenges described above in a single, easy-to-deploy and easy-to-manage package.
A unified policy- and workflow-based solution, HDIM centralizes multiple data protection capabilities for file, SQL and Microsoft Exchange in Microsoft and Linux midtier environments, including virtualized servers and remote offices. It includes configurable policies and workflows for backup, continuous data protection, archive, snapshot, deduplica-tion, data security and more. Its unique graphical user interface helps you quickly map data management needs to automated workflows.
HDIM protects data and reduces, controls and manages copy data, or data instances. It replaces or augments legacy data protection point-solutions and eliminates backup windows, improves service levels, reduces backup data volumes, supports compliance requirements and improves application uptime. At the same time, it helps to reduce costs. (See Figure 3.)
Figure 3. A Common Proponent of HDIM: The Microsoft SQL Server Administrator
Some of the many benefits of HDIM include:
■
■ Eliminate your backup window with a unified continuous data protection and archive solution. ■
■ Meet service levels and reduce costs, using fewer resources to manage more data with a holistic approach to data
protection.
■
■ Achieve maximum protection and synchronized snapshots for fast recovery and application consistency thanks to
real-time data capture.
■
■ Use a nondisruptive in-guest agent for virtual machines, or go agentless through integration with VMware vSphere
APIs for Data Protection (VADP) and Changed Block Tracking (CBT).
■
■ Realize advanced file and email archive capabilities in Microsoft environments from tight integration with Hitachi
Content Platform.
Notice: This document is for informational purposes only, and does not set forth any warranty, expressed or implied, concerning any equipment or service offered or to be offered by Hitachi Data Systems Corporation.
