Managing and protecting all enterprise data


Data on the brink

You might think your company's data is secured and safely backed up, but there's probably still a lot of crucial data that's out of the reach of your backup systems.

You might think your company's data is secured and safely backed up, but there's probably still a lot of crucial data that's out of the reach of your backup systems.

By Rich Castagna

Your data center storage systems are buttoned up and battened down, and everything has been deduplicated and replicated. But what about all of those laptop computers, smartphones, PDAs, thumb drives -- and even MP3 players -- out there? They might be out of sight, but they shouldn't be out of mind if you're truly serious about safeguarding your company's data.

A lot of companies try to keep all user files on network storage where they can be centrally managed, and properly backed up and archived. But remote workers and offices, which often use portable devices, can be disconnected from the corporate local-area network (LAN) for long periods of time. The data those devices create is usually called "edge" data, data that resides on the far reaches of an enterprise's network. But it's really data on the brink.

We're talking about an awful lot of stuff that may be falling through the data protection cracks. Some industry experts say that in many companies, the volume of data created (and stored) on the fringes may amount to even more than is created on data center storage. That might overstate the case a bit, but there's little doubt there are enough Word files, Excel spreadsheets, PowerPoint presentations and other business documents floating around to make any storage manager just a little less confident about data protection.

There are actually two separate issues. The first is backup or just making sure there are copies of all those files so they can be recovered if needed. Then there's the compliance and security angle. With all that stuff living on devices that tend to get left in taxi cabs, pinched by airport thieves or simply misplaced, backing up the data isn't enough.

There are plenty of solutions to address backup, although none of them could be considered perfect. There are backup applications that specifically address portable data protection, like Atempo Inc.'s LiveBackup, IBM Corp.'s Tivoli Continuous Data Protection for Files and Yosemite Technologies' (now a Barracuda Networks company) FileKeeper, which are just a few examples in a very crowded field of products. These can continually check for changes and ship them back to a central repository. They keep working when the portable PC isn't connected to the company network and update the repository upon reconnection.

The gap between connection times could be a little risky because even though the backup data has been collected and isolated, it's still on the same machine until it's hooked into the network again. A relatively "gapless" alternative is to use online -- or "cloud" -- backup services exclusively to protect mobile data. Generally, these services work the same as the backup apps, but don't require connecting to the corporate LAN, so any Internet connection will do. You'll have to be comfortable with having a third party hosting your backup data, although the services that align with enterprise needs offer central management and may even integrate with corporate backup systems to some degree.

So, if someone swipes a laptop from one of your users, but one of the backup methods mentioned here was being used, it shouldn't be such a big deal to recover the data. But backup won't keep the crook from looking at the data and, if it's sensitive company information or a customer's personal data, that is a big deal. That's the compliance and security side of the mobile data equation.

The Trusted Computing Group (TCG), an industry consortium, is helping to create standards for hardware-based computer security. The TCG's Storage Work Group, as its name implies, focuses on security for storage devices, and it recently released a few sets of specs for hard disk drive encryption. But you don't have to wait for disk vendors to get around to implementing the specs as most drive manufacturers sell self-encrypting disks. These drives were developed specifically for laptop computers where there's the greatest risk of losing data, but they're slowly making their way into data center-class storage systems.

Seagate LLC, a TCG member, has been shipping encrypting drives for more than three years. Other TCG members also offer full-disk encryption drives: Hitachi Data Systems shipped its first encrypting drive nearly two years ago; Fujitsu (which sold its disk operation to Toshiba) rolled out theirs nearly a year ago; and Samsung, Toshiba and Western Digital Corp. all offer self-encrypting drives.

Data on the edge doesn't have to be data on the brink of disaster. With so many options available today, you should be able to find one that's right for your environment. Many of you are probably well along in this effort, so drop me a line and tell me what you're doing to protect mobile data.

BIO: Rich Castagna ( is Editorial Director of the Storage Media Group.

Article 7 of 7

Dig Deeper on Data backup security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Storage

Access to all of our back issues View All