Getting your storage in order
With data growth only increasing, IT departments must be hasty in rectifying any confusion between backup and archiving functions and focus on cleaning up their organisation’s storage moving forward.
When it comes to getting on top of data it all comes down to one thing: strategy. IBRS’s McIsaac says that any good strategy must recognise different types of data at their sources be they email, file shares, or document storage repositories before approaching vendors and considering the various storage, dedup, compression and other related technologies.
“The problem is vendors are all about ‘I’ve got this product you should use’, whereas really this is more about policy and approach,” McIsaac explains. “If I take a backup, how long is it worth keeping, and if I need to recover data from an archive I need to have an archiving approach and how long should that data be archived and how do I get it back. Then you start looking at pieces of technology.”
Policies around data retention need to be nutted out to categorise data and ensure it is kept in accordance with regulations, as opposed to being unsure and keeping everything for seven years just in case or turning a blind eye. “Unfortunately businesses do turn a blind eye to [backup and archiving] which is why it is out of control, so what IT does is just keep everything and back everything up and then we end up with the very large backup and recovery problems with very large data sets that frankly, are unnecessary,” he says.
Businesses should assess their data requirements with an open mind and refrain from restricting certain types of data to certain systems in order to get the most out of the platforms they already have, Gartner’s Sargeant advises.
“The first thing they need to do is forget about the technologies at this point in time… there’s obviously some information that they’ll want to keep around but they need to think about their data and construct policies and once they’ve got those in place they can then decide on what is the most appropriate technology to use,” he says.
Even with stringent policies around data, organisations will be reluctant to let go and officially press delete, he says, which is a tough decision, but necessary as keeping old and stale data in the mix will only cost more and be detrimental in the long run.
“IT needs to sit down with the business and talk about the costs, both the cost of actually taking the backups and holding the data, and also the liability of keeping it with senior executives,” McIsaac says. “Unfortunately most executives don’t want to talk about it, the legal department doesn’t want to get involved, but IT needs to engage the data owner to come up with a policy about what can be deleted and when.”
For TCU’s Thomas, policy is fundamental and goes hand in hand with classifying data and implementing deletion dates on data.
“[Keeping everything] would have been a previous approach but now we’re starting work around best practice models such as the Cobit framework.
“Policy work is difficult but you need to know the framework you’re intending to operate on… while it’s difficult, it’s actually the processing, procedures, behavioural and expectation change you have to go through that’s most challenging.” ACGS’s Rees concedes that putting policies in place is a must but that it is an incredibly difficult feat once staff are set in their ways about what they store on the network.
“It’s really difficult to do once the horse is out of the gate, because you’re fighting end users, if you limit someone who comes into the organisation they accept it but if you try and take back something they’ve already got it’s really hard,” he says.
“Storage is really painful now, it never used to be an issue and in the last few years where everyone now has a digital camera, the storage needs have just exploded,” he says. “That’s probably the thing we find the most difficult or struggle the most with is getting people to limit what they’re storing on servers.”
“If you don’t have a storage policy in place, put one in before it’s too late, we’ve tried to do that and we still have issues all the time, putting policy in place that says this is what’s acceptable to keep on the network rather than trying to fight that battle later.”