Manage Learn to apply best practices and optimize your operations.

Buffington: Data protection plans should contain technology 'spectrum'

Data protection plans are not simply about backup.

In his Storage Decisions presentation, "Data Protection for the 21st Century," Enterprise Strategy Group (ESG) principal analyst Jason Buffington advocated for data protection plans that are made up of a "spectrum" of many technologies.

Comprehensive data protection plans should feature archiving, snapshots, replication, high availability, business continuity and disaster recovery, as well as backup, according to Buffington.

"Backups and snapshots should not be either/or," Buffington said. "They're complementary to each other, and so is archiving and so is replication and so is high availability. Every one of these should fit someplace within your plan."

Most servers do not have adequate security if they're only protected by backups, Buffington said. According to an ESG survey, 14% of respondents' infrastructure had a downtime tolerance of greater than six hours, which Buffington noted is the "sweet spot" for backups. For the other 86%, technologies such as replication and availability can come in handy.

Backups and snapshots should not be either/or. They're complementary to each other.
Jason Buffingtonprincipal analyst, Enterprise Strategy Group

A big misconception is the belief that activities like replication and backup are interchangeable. In a similar way, a backup is not the same as an archive. However, these processes can sometimes coexist through the use of integrated products, and they should be designed as part of one strategy.

In addition to the technology spectrum, Buffington said, data protection plans should:

  • Focus on virtualization protection;
  • Allot more time for conference room meetings with fellow employees than for work on the user interface;
  • Incorporate appliances whenever possible; and
  • Include mixed media throughout the data lifecycle and strategy.

It's important to use multiple data protection methods for the given job that each method does best, Buffington said. This means using tape for long-term retention, disk for rapid recovery, and cloud for distance and agility.

Watch this video for tips on how to effectively compile many different technologies for optimum data protection plans. Plus, hear stats on the percentage of organizations using certain data protection technologies.

View All Videos

Transcript - Buffington: Data protection plans should contain technology 'spectrum'

Editor's note: The following is a transcript of a video clip from Jason Buffington's presentation, "Data Protection for the 21st Century," at the Storage Decisions conference in New York. The transcript has been edited for clarity.

In your data protection plans, you need a spectrum of activities, as opposed to just backup. I call it a spectrum because when you look at what backup does and how recovery works, you're going to find that most of your servers are not adequately protected if the only thing you do for them is backups alone.

So we asked in a survey, "What kind of downtime tolerance can your systems afford?" This is across high-priority and normal situations and everything else, across all your systems. If we asked about just high-priority apps, you might perform some heroics -- clustering, replication, mirroring and failover -- but if it only matters for 5% of your environment, it's not that interesting.

What we found in the survey is that 35% of servers have a downtime tolerance of 15 minutes or less. Another 32% have a downtime tolerance of between 15 minutes and two hours. About 20% have a tolerance between two and six hours. Only 14% of your infrastructure actually has a downtime tolerance of greater than six hours, which is really the sweet spot where backups go.

You may be thinking about the 67%, the two-thirds of servers that have a downtime tolerance of less than two hours. The problem is that backup alone doesn't address that. You can't figure out what's wrong, restore, and get back up and running again in less than two hours on a reliable basis. You need to do something more.

We found that many organizations are actually supplementing their backup process with something other than just backups:

- About 30% of organizations say that archiving is used to supplement backups. The more that you archive, the less you back up. And if you do that well, you can actually meet more of your service-level agreements.

- About one in five organizations are using snapshots.

- About a fourth of environments are using replication

- About a fourth of the respondents are using availability products.

- BCDR [business continuity and disaster recovery] is in about 20% of all environments.

- Every one of those additional methods for supplementing backup is actually expected to increase.

At Enterprise Strategy Group, we call this the data protection spectrum. Backups and snapshots should not be either/or. They're complementary to each other, and so is archiving and so is replication and so is high availability. Every one of these should fit someplace within your plan.

Fixate on this concept for a second and ask yourself, when was the last time you saw a rainbow that didn't have green or blue or red? Now, sometimes the hues aren't quite as prominent. Sometimes you don't see all the colors as brightly, but every one of them should be there until the business says it doesn't need one form of its agility or another. The hues in the colors will vary.

But if you try to do this with seven disparate products, you will fail. You can't afford it. And that's if you only picked one product per category.

Now, think about just the backup category. I've got my backup for VMs [virtual machines]. I've got something different for SaaS [software as a service]. And maybe I've got my legacy for everything else. Now I have three different hues of just orange. Data protection becomes very expensive if you think about it as isolated stacks along the way.

You need to be thinking about one strategy, multiple colors, and then weigh that against the agility requirements of the business based on the data, based on the uniqueness and the irreplaceability of the data. So in your data protection plans, use a spectrum.

+ Show Transcript