Data protection strategies have become significantly more complex in recent years. Companies that used to rely on a single-vendor tape backup solution are now using disk-based backup, tape-based archive, snapshot, replication, and a host of other strategies to cope with new business requirements and exponential data growth. Failure to manage this complex environment properly can lead to underutilized hardware, increased administration, and worse: Since regulatory compliance and legal discovery frequently require data from specific points in time, failure to produce this data can result in staggering fines and significant damage to a company’s reputation.
So what does data protection management (DPM) entail and why is it so important? It can be helpful to view DPM as a chart. Each of the areas of DPM shown on the horizontal axis can be applied to each type of data protection shown on the vertical axis of the chart.
An effective DPM solution examines the entire data protection environment, from the backup software to related elements such as tape drives, tape libraries, storage arrays, network switches, and operating systems, as well as company-specific databases/applications and business rules.
Current DPM solutions fortify the backup reporting capabilities of earlier applications by providing business-level reports and the ability to integrate backup reporting with other infrastructure components, such as asset management and billing systems.
DPM enables relatively easy identification of bottlenecks; oftentimes these bottlenecks reflect inefficient scheduling, poor media utilization, or issues that are outside of the storage domain. DPM solutions can not only report and serve as interactive optimization tools, they can also provide a mechanism to ensure that once the environment is optimized it stays that way. To function in this way, the DPM solution must have the ability to automatically discover suboptimal performance and generate alerts when it discovers inefficiencies.
Policy validation is a relatively new business requirement. Regulatory compliance, the increased sensitivity of data, and the general trend toward managing centralized computing services via service level agreements have introduced business processes to the data center. Simply put, this refers to the ability to customize a commercial DPM solution to an individual business by modifying user options, menus, data collection policies, and other elements. At a deeper level, it refers to the ability to have the DPM solution report and proactively manage data protection policies to reduce risk. This can mean capturing Sarbanes-Oxley or other regulatory compliance policies. It can also mean uniformly enforcing information life-cycle policies (such as backup windows, type of media, restore metrics, and data destruction dates) around email. Not only can an effective DPM solution reduce risk, it can also greatly simplify both internal and external audits.
Perhaps the most difficult aspect of DPM is trending and analysis. Wouldn’t it be wonderful if one could identify problems before they arose? For example, the system could generate an alert notifying the company that nightly backups will begin to exceed their backup window within 3 weeks if current trends continue. Or the system could send an alert to the operations staff at 2AM to let them know that the disk staging area will run out of space by 7AM unless the data currently occupying the staging area is offloaded to tape. This type of predictive analysis is one of the greatest promises of DPM.
In summary, DPM is essential for any company that is serious about its data protection strategy. As data volumes continue to explode and regulatory compliance/legal issues raise the penalties for failure, new data protection strategies will emerge, and a commercial DPM strategy will become a priority for every company with critical data.