Best Practices
Data Protection: Going forward is important, but By Brandon Grieve
erly protected against outages and data loss. So, what can you do to ensure you are not
ment? Many organizations even think of their employees as assets. While all this may be true, many fail to con- sider an asset that others believe to be critical to the success of their operations… DATA!
W It is
no secret that we live in an information-centric world – most of which is stored electronically. Without reliable access to the information we need to conduct business, our business may very well come to a grinding halt, or worse, cease to exist altogether. So what is the point? Are you confident that
if you lost critical data today, or even access to this data, that you would be able to recover it? Let us look more closely at the issue of data pro- tection, and some important things you may want to consider, before making the dangerous assumption that you are adequately protected from data loss. Tink about this. Where do your employees
– particularly those that work in office positions – spend most of their time? Te answer, almost certainly, is “in front of a computer.” How do your customers and constituents prefer to access information these days? Many would claim it is via the Internet, from the comfort of their own home, any time, day or night. Tere is no getting around it. Our day-to-day operations revolve around accessing, processing, and sharing information stored on computer systems. Much of this data is sensitive customer information for which we have become entrust- ed stewards. Yet, as important as information has become
in our society, according to Boston Computing Network (
http://www.bostoncomputing.net/ consultation/databackup/statistics/), 34 percent of companies fail to test their tape backups, and of those that do, 77 percent have found tape back-up failures.
As astounding as this is, the
numbers are only in reference to those compa- nies that even conduct regular backups at all. Believe it or not, research shows that many orga- nizations admit to not having a regular backup process; and 85 percent of systems are not prop-
COUNTY LINES, WINTER 2011
hen you think of your orga- nization’s assets, what comes to mind? Automobiles? Real estate?
Office equip-
part of the alarming statistics referenced above? Te first thing you need to do is gain awareness of where your data resides, particularly critical and sensitive data. If you do not know where it is, you cannot protect it. Tis sounds so trivial, does it not? Have you really thought about it? Most would say that all their data is centrally located on network servers. While much, or most, of your data may in fact reside on servers, it would be foolhar- dy to believe that all data resides there. Data is pervasive. Employ- ees now have the ability to create data almost anywhere – mobile devices, laptops, and home comput- ers. Tey often email information from computer to computer or store it on removable devices such as CDs and USB drives.
Aside from the immense security you had better be ‘backing up’, too! Once you have identified where your im-
portant data resides, you need to make some decisions regarding your tolerance for data loss and downtime. If you had, or rather when you have, a systems outage, how much data could you afford to lose? One hour’s worth? One day? One week? Tis tolerance for data loss equates to what is called your “recovery point objective” or RPO. Now, consider this same outage and think about how long you could afford to be down. Would you need to be back up and running in one hour? One day? One week?
Your tolerance for down- time equates to what is known as “recovery time objective” or RTO. Both RPO and RTO are common, and recommended, in determining service level agree- ments (SLAs) for your technol- ogy operations. Does your current backup strategy support your RPO and
challenges this poses, which is beyond the scope of this article, it is nearly impossible to ensure that all this data is properly backed up. Do not lose heart! Tere are commercially
available solutions, such as Data Loss Preven- tion (DLP) software, that are designed to help you locate sensitive data, regardless of where it is found – servers, end-user workstations (aka, endpoints), or traversing the network. Once this information is identified, you need to decide how to handle it. You can do one of two things, or both. Option 1: If you decide that this data should not reside in its current location, you can either manually move it to the appropriate lo- cation, or better yet, utilize the same DLP tool to automatically move this data to an appropri- ate location that you have pre-defined, where it can be properly backed up. Note: Not all DLP tools are created equal, so do your homework. Option 2: If you determine that the data in question is fine to reside in its current location, then consider implementing a data protection strategy that provides adequate coverage for this “rogue” data. Many commercial backup appli- cations provide options for protecting desktop and laptop computers. Tis would allow this data to be managed and backed up from a cen- tral location. If your existing backup software does not provide this capability, you may want to consider looking at alternatives.
SYMANTEC IS SECURITY.
Some security and management solutions are only integrated on the surface. They can be complex and costly to manage, while leaving your business at risk. We offer a fully integrated strategy so you can protect today and secure your future. Learn about our integrated strategy at
go.symantec.com/ar
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
RTO requirements? Maybe or maybe not, but how would you know? Tere are literally hundreds of different prod- ucts and methodologies for backing up or oth- erwise protecting data. One thing to consider is that not all data is equal. You may have more strict requirements for important data, such as financial or customer records. If this is the case, the method for backing up critical data is likely to differ from non-critical data. But wait, does this mean that you should purchase and man- age multiple backup applications to accommo- date the differing requirements? Absolutely not! Rather, you should research the commercially available data protection solutions to find one that provides the flexibility and options to meet all your requirements from a single interface. If you do not understand terms like “continuous data protection,” “de-duplication,” and “granu- lar restore,” then you should work with a tech- nology consultant, reseller and/or software man- ufacturer to educate yourself on all the available options and what they mean for you.
Brandon Grieve, MCSE, CCNA, is a Senior
Systems Engineer with Symantec, a longtime authority on data security
brandon_grieve@symantec.com
51
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60