Comprehensive and efficient enterprise data protection should not require substantial changes to your existing infrastructure. If you were to find that your company needed to deploy new operating systems (OSs) or make changes to database processes to implement a data protection strategy, it might be time to reconsider your strategy. This, the third and final article in the Essential Series: The Evolving Landscape of Enterprise Data Protection, discusses evaluation criteria for selecting an appropriate solution for your business.
Before delving into detailed evaluation criteria, it is worth noting two overarching principles. First, enterprise data protection should not require changes to core components of the IT environment, such as OSs, databases, email systems, or storage hardware. A second principle is that data protection methods should seamlessly support changes to OSs, storage hardware, and so on. The business environment is already dynamic and subject to many influences; data protection should not add another driver to that dynamic situation.
To meet the flexibility requirements outlined in the two overarching principles, a data protection solution should support several features:
Together, these criteria help to distinguish data protection solutions that can function within the constraints of dynamic IT environments from those that introduce more constraints on that environment.
You do not always have the luxury of restoring a backup image to the same device from which it was made. For example, a hardware failure on a server might require you to restore an application to another server with a different configuration. In particular, you should be able to restore to a device independent of:
This kind of necessary flexibility extends beyond disks.
As much as IT professionals try to leverage the benefits of standardization, it is not always possible to maintain a homogeneous environment. IT departments may have to support servers running a combination of Microsoft Windows and Linux OSs, for example. Even within these broad families of OSs, there are multiple versions and distributions that support a number of different file systems.
Just as there are a variety of OSs found in midsized and large organizations, there is often a mix of databases. It is not unusual to find a combination of Oracle, Microsoft SQL Server, MySQL, and IBM DB2 running in the same business. Databases, though, present particular challenges because of the way they use files and write data blocks.
Figure 1: Database backups may have to be performed while users are actively updating the database. Such "hot backups" require special attention to transaction level details to ensure a consistent state of the database is captured.
Databases are designed to provide logically consistent transactions. If you try to transfer funds from a savings account to a checking account and the system goes down before the transaction completes, during recovery, the database removes partially completed actions; you will never find the funds removed from your savings account but not added to your checking account. In a similar way, a backup should not represent a snapshot of a database in the middle of executing a transaction; it should represent a valid business state.
When restoring database objects from backups, it is helpful to be able to select subsets of the entire database to restore. For example, if an application programming error is discovered shortly after it is deployed, it may require restoring the database to a previous state. The erroneous program may have only affected a single table in the database. Ideally, you could restore just that table, not the entire database, from a known‐good point. (Of course, this assumes that the other tables in the database are in a logically consistent state with the restored data.)
Email servers are another application with idiosyncratic backup and restore requirements.
Although databases house the crown jewels of business operational data, email servers store vast amounts of communication records that can be just as essential to business operations. Email applications have developed to offer a wide range of personally customizable features, such as personal mailboxes and individual folders, as well as the ability to store and archive large volumes of email messages. An enterprise data protection system should include email protection features such as:
Both databases and email servers are core service providers in the IT infrastructure. Data protection strategies should accommodate the way these systems function and should not require you to restrict their services in order to accommodate backup and recovery services.
Ideally, all backup and recovery functions are accessible from a single console. When evaluating management and reporting features, look for the ability to:
The requirements outlined earlier—such as the ability to deploy to different disk configurations, support different source servers, provide application‐specific support, and provide reporting and management features—are all technical evaluation criteria. The most commonly used measure of business value for technologies such as this is the return on investment (ROI).
For all the technical features a data protection system may provide, the ultimate question that must be answered is: will it be worth the investment? To answer that question, you must take into the account the initial product cost and the time and resources required to install and configure the system. Perhaps more importantly, though, you must consider the additional costs or savings that may be realized during the life of the product deployment.
These include considerations such as whether the system
The ROI is closely tied to the technical criteria outlined earlier. In the case of enterprise data protection, what is good by IT professionals' standards is good for the bottom line.
When evaluating and selecting data protection products and services, it pays to ensure the selected systems account for the flexibility required by business operations. ROI can be significantly influenced by:
Although no two businesses or organizations are exactly the same, shared patterns and practices are common. The best data protection solutions recognize and accommodate those common requirements.