The Top Five Essential Components of a Data Protection Strategy
This is part of Solutions Review’s Premium Content Series, a collection of contributed columns written by industry experts in maturing software categories. In this submission, Diana Salazar of Quantum outlines the five essential components of a data protection strategy.
For every IT department, protecting its organization’s critical data is imperative. Secondary storage continues to grow as more and more data is being generated, and many organizations are finding that the value of their data can also grow along with size. This tier of data also needs to be protected. Over the past five years, legislation like the General Data Protection Act (GDPR) and the Data Care Act has been rolled out to protect customer data, reflecting the growing importance of data protection.
Organizations face a wide range of threats to their data, from natural disasters and nefarious cyber-attacks to unexpected events like the current pandemic or simple human error. Yet Contingency Planning and Strategic Research Corporation reports that 96 percent of all business workstations are not being backed up, leaving organizations open to risks that could threaten their very existence. According to the University of Texas, 94 percent of companies suffering from a catastrophic data loss do not survive – 43 percent never reopen and 51 percent close within two years.
The following five steps are essential to developing an effective data protection strategy:
Know your data
First, understand your data. As the digital universe grows, so too does the volume of data that must be managed. But not all of it is critical, so the question we need to ask is, should it all remain in the fastest performing tier? Many enterprises understand the potential value of their data for future business endeavors. Tiering data to a more cost-effective solution presents a good opportunity to save long term and capitalize on its undiscovered value.
Many organizations struggle with their data protection plan and recovery of their data because they’ve never classified it. Classification entails categorizing the data and prioritizing its importance to the organization. Simple data classification enables an organization to distinguish between critical and non-critical data and prioritize what’s essential based on its lifecycle (hot, warm, or cold). Aim to boost your data protection strategy by combining data classification with well-defined recovery objectives.
Protect your assets
Organizations should tier their data in order of importance when developing their data protection strategy. Data that needs to be accessed quickly and frequently should be stored on a faster storage medium (hot) compared to data that rarely needs to be accessed (cold) and can therefore be stored on a more cost-efficient medium.
By incorporating the best practice backup rule of the 3-2-1-1 (three copies of critical data stored in two different mediums—with one copy offline and one copy offsite) in your data protection plan, you can ensure that you’ll always have access to the data you need, when you need it. The best practice rule enables you to withstand an attack even as criminals get more creative and persistent. Anything connected to a network is at risk of being breached.
Understand your recovery time
One factor that mustn’t be overlooked when deciding on a data protection strategy is how any unforeseen downtime will impact business operations. Unfortunately, some organizations are tempted to take a simple – and possibly expensive – approach to protecting their data. They’re so busy running their business operations that it’s hard to find time to research the nuances of different types of storage tiers available.
For example, it can take several days or even months to fully recover from a ransomware attack, especially when targeted campaigns wipe out clusters of servers. In such cases, there is no remedy except to rebuild. Avoid choosing convenience over complexity as it may make a bad situation even worse as lengthy data recovery times can add days (and even weeks) to an already stressful situation.
Know your backup options
It’s important to understand the range of storage options available as well as the benefits and drawbacks of each:
- Public cloud storage is scalable, meaning it can handle large volumes of data, plus you can leverage economies of scale. However, it can take longer and be more costly to retrieve data when it’s needed. When unclear or hidden fees and network lag are factored in, cloud storage can be an expensive recovery solution.
- Flash and hard disk drives (HDD) or solid-state drives (SSD) offer fast performance and instant recovery but are expensive. However, disk-based storage is more susceptible to criminals and corruption by malware or ransomware because they’re always connected to a network.
- On-premise object storage is one of the most flexible storage options, with almost limitless scalability and minimized cost when data is spread across different nodes. With on-prem object store, you bring the functionality of the cloud to your premises. Information is saved as objects, which is ideal for large unstructured data sets.
- Magnetic tape is an ideal cold storage medium for data backups and archiving and is also the most cost-effective option. Data is stored on tapes that are kept in a secure facility and not connected to a network, keeping it beyond the reach of criminals s and malware. Drawbacks, however, include the difficulty of managing tapes and accessing data.
Don’t forget to test
After you’ve established your data protection strategy, it’s time to test it. Don’t wait until an issue pops up. Run regular tests to work out any kinks so you’ll have an accurate idea of how a data attack or breach could affect your business operations, as well as how long it will take you to get your business back up and running.
Plan ahead for peace of mind
When determining the best data protection strategy for your organization, there’s no quick and easy solution. Understanding the relative value of data is a critical step toward tiering it and storing it using the appropriate storage. With proper planning and understanding of the nuances of storage options, your data protection strategy can save you time, money, and your business!