New Year’s Resolution – Talk to More People about Data Protection

data protection in 2016For 2016, one of my hopes for IT professionals is that you’ll talk with a wider variety of stakeholders within your organizations about data protection and the myriad methods for data retention and recovery that should be part of one holistic strategy in ensuring the protection and preservation of corporate data, regardless of where the data resides or who manages it.

  • DBAs continue to leverage DB-specific tools, like RMAN, as their preferred short-term recovery mechanism, but hopefully they are leveraging smarter storage solutions than the empty space on their expensive primary production storage volumes.
  • vAdmins continue to look for VM-savvy solutions that reduce VM recovery times (without first ‘restoring’ data from legacy backup pools), along with integrated snapshot/replication functionality and granular recovery capabilities from whole-VM backups.
  • File/storage admins are beginning to embrace protecting data directly from primary production storage to secondary protection storage, without ‘backups’ at all. When paired with snapshotting, this can be effective … but who is managing it for long-term retention and compliance?

The list goes on, but the short answer is that the decentralization of data protection continues, as discussed in this short video:

These are just the workload/platform owners, who are rightfully increasing their influence (and operation) of protection and recovery tools for the platforms that they are responsible for.

If we add in the IT executives and business Unit Leaders whose teams depend on the data and there should be even more people around the table discussing data protection.

Next, add in Legal, HR and Compliance teams, who are responsible for Information Governance – but should NOT be doing data preservation as yet another expensive and isolated island of data within the infrastructure.

Then add Operations and business processes folks who are interested in BC/DR (which is a much bigger initiative that just ‘IT’) and you see that you’re going to need a bigger conference room.

So, please — in 2016, get more people talking about their myriad recovery needs, and then develop one strategy (with multiple tools and methods) to accomplish it for the greater and unifying corporate goal of ensuing the corporate data is protected to a corporate standard, regardless of who or who is doing it.

Video Transcript:

Narrator: The following is an ESG video blog.

Jason: Hi. I'm Jason Buffington. I'm the Senior Analyst at ESG covering data protection. There was a time when those developing or selling a data protection strategy could afford to take a myopic view of their world. There was only one perspective to consider, that of the backup administrator. But today, that kind of tunnel vision seems well, a little short-sighted. These days, it's the systems administrator and the IT pros tasked with server or platform management that perform a majority of the data protection activities. And with increasing regularity, they're the ones making protection-related decisions, especially in larger organizations.

According to ESG research, IT operations folks who are responsible for most other aspects of daily data center operation are the group most likely to conduct data protection responsibilities, followed by backup admins, data and platform administrators. Each group has its own unique lens that really is necessary for modern data protection. The workload owners, such as database administrators or V-Admins, they know the data and how it and the underlying platform should be protected and recovered. IT operations folks know the infrastructure and the business requirements. Backup administrators understand the data protection tools and processes and which compliant-specific requirements that the organization as a whole is subject to.

But it's not just technologists that are taking on a more diversified role within data protection. Non-IT folks, those who depend on the data and are the primary beneficiaries of all these efforts are also becoming more involved in the evaluation and purchase process. And they see things a little differently than their IT counterparts. Blurring lines even further is the fact that involvement may also vary based on the hierarchy within the IT org. Everyone from the systems administrator to the CIO may have some level of influence or interest in modern data protection strategy. ESG found that the primary influencer group is likely to change at each stage along the data protection lifecycle, from who is introducing new data protection technologies to who it evaluates or implements, who would be purchasing versus who would manage it on an ongoing basis. And it's only by taking all of those viewpoints into account that a comprehensive data protection strategy or vision can really be developed.

If you're an IT professional, you need to talk to your IT colleagues, to the business stakeholders, to the compliance representatives and to senior decision makers as they will almost assuredly have insights on how little or much protection or agility that each platform requires. And those are insights that you don't have, but will surely affect your data protection strategy. If you are an IT vendor selling data protection technologies, you have to broaden your story and your messaging strategy to expand beyond pitching products to just the backup admin alone. The approach for considering, deploying and operating a data protection product is now marked by diversity. And those vendors who fail to take this into account will continue to be surprised that the backup admins love to talk about their stuff, but the organization just doesn't seem to buy anything.

So, make sure you have feature-level information to give to the backup admin. You also need workload-specific information for the workload owner. How does your product specifically work with databases in the language of DBAs? Or how does a protector recover VMs in the taxonomy of the VM? You also need to have operational and economic information for the IT execs. How will your product save money over the status quo and over the competitors? This does not mean that you need to go and build another simplistic ROI calculator, but it does mean that you need to really quantify and over-communicate the economic value of the complete solution.

And for the business units and compliance teams, the assurance that backup and recovery SLAs are being met is going to be needed through better visibility and better monitoring. You don't need an eye chart to see that we need to stop looking at data protection through a narrow focused rose-colored glasses. Whether you're an IT professional trying to implement a solution or a technology vendor trying to sell one, you need to involve a broader team of influencers than ever before. Otherwise, your data protection technology implementation or sale can fall short, leaving you with the worst kind of vision of all, hindsight.

modernize protection when you modernize production

Topics: Data Protection Jason Buffington