NEW YORK -- Protecting more data that is scattered in more places than ever before is the biggest challenge to backup administrators today, according to IT executives at a data management symposium this week.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
IT executives at the symposium, hosted by backup software vendor CommVault, discussed their policies for dealing with bring your own device (BYOD) and cloud backup -- two trends that threaten IT's control over critical corporate data.
"One of our biggest challenges is to know where all the data is, and that it's in places where we want it," said Branndon Kelley, CIO at American Municipal Power (AMP) in Columbus, Ohio. "We're staying away from BYOD. We're saying, 'We don't want you to bring your own device, but we'll buy you whatever device you want,' and let people get comfortable. Or else we won't be able to retain talent, and our workplace is not going to be a place that invites people who want to stay."
Tracy Riggio, IT manager of Temple University Health Systems in Philadelphia, N.J., said her hospital also provides devices for its users, who are mainly physicians.
"A lot of our physicians use iPads to connect to Epic [an electronic health record system], so they have it right with them," she said. "We've had doctors ask to buy their own, but we tell them, 'It's not going to work. You like your email? OK; use ours.'"
Gail Bymun, director of enterprise storage and data protection for Brookfield, Wis.-based financial services firm Fiserv, said her company's security department mandates that all corporate data resides on Fiserv-owned hardware.
"Data is not allowed to go to a personal device," she said. "They are very strict on that. We're starting to branch out and support more devices. We're seeing iPads and iPhones, where in the past it was all Blackberries. There was pushback from employees because of the slow adoption of some tools."
Other experts at the symposium emphasized the importance of strict control over devices for data security.
"People want to bring in their own devices, and they have zero concept about backup and recovery," independent backup consultant W. Curtis Preston said. "It's a mess."
Dealing with cloud backup challenges
The same can be said for people who set up their own cloud backup, another issue the IT execs have to deal with. Cloud use is difficult to control because users can go to cloud providers and provision their own storage online with credit cards.
"I'm never going to give up the storage side to the cloud," said Ed Donakey, vice president of strategic relations for genealogy organization FamilySearch International. "The compute side makes sense for the cloud; that's commodity-based. But for backup and recovery, we'll continue to monitor that ourselves."
Riggio said regulations in health care make it important for Temple Health Systems to keep its data on its own disk and tape.
"We don't use the cloud yet," she said. "It's still a security issue. We're a highly regulated industry, and we're held responsible. Should that cloud infrastructure go away, it would be a problem."
For security, she said Temple Health encrypts all of its data. Primary data gets encrypted on EMC VMAX arrays and she uses CommVault Simpana to encrypt data that gets backed up to disk and then moved off to tape.
"If a tape gets lost, we don't know if there's patient data on there, so we have to report it," she said.
Fiserv's Bymun said there are "pockets" of people in her company who use the cloud. Fiserv is an umbrella group of smaller companies, and there are different approaches to the cloud.
"Some businesses have gone out to the cloud on their own because we could not react quickly enough [to their request for capacity]," she said. "Now we have a focus group working at providing cloud and hybrid solutions for end users."
AMP's Kelley said he is worried about legal ramifications of "Joe User" going out and provisioning his own cloud backup. "I can't imagine any CIO would say, 'That's a good idea.' I would say, 'No, I invested half a million dollars in this infrastructure, let's do it this way.'"
Kelley said APM has a tiered approach to the cloud. It keeps critical "heart and lungs" data in-house, but has moved some important applications such as email to the cloud. The utility company also uses the Oxygen Cloud for file sharing.
"Cloud is a big part of our strategy," he said, but some things must stay internal because "we lose flexibility once we go to the cloud."
Kelley attributes the rise of BYOD and the cloud in the enterprise to users demanding the same level of technology at work as they have in their personal lives.
"What we're dealing with is the first generation coming into the workforce that's grown up around IT and computers their whole lives," he said. "The Internet has been part of their lives since inception. When I got into IT 13 years ago, you used to go to work and the technology was better there. The Internet was faster; the computer was nicer; they had better printing.
"You go into work today, and there are environments still running [Windows] XP and old technology that barely works. You have this new workforce saying, 'You can just leave me at home and I can do a whole lot better.' As IT leaders, we have to take responsibility for that," he said.