brian j. greenberg all rights reserved. [email protected] stand and deliver data protection sla’s...
TRANSCRIPT
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Stand and DeliverData Protection SLA’s
Strategies for developing Data Protection Service Level Agreements
Presented by Brian J. Greenberghttp://briangreenberg.net
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Overview
• Data growth rates are huge and it’s only going to increase.
• As data grows, protecting it becomes increasingly more important.
• Occurrences of Data Protection SLAs are on a upswing.1
1 Storage Magazine, February 2008 (http://searchstorage.techtarget.com/magazineFeature/0,296894,sid5_gci1299125,00.html)
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
What I Assume You Know
• The nature of data protection in a backup environment.• Off-line/near-line, snapshots in time, removable
media, implications of legal holds, etc.
• At least one backup application.• NetWorker, NetBackup, TSM, etc.
• Your data• Or you know someone who knows your data, or
someone who knows someone who knows your data…
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
By The End Of The Session, You’ll Know The Following:
• What is a SLA.
• Data Protection SLAs v. Storage SLAs
• The business case for a SLA.
• A two phased approach to a SLA.
• A SLA for your own DP environment.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
What is a Data Protection Service Level Agreement?
A data protection service level agreement is concerned with the agreed upon, measurable services of protecting a customers data according to the requirements laid out
in the agreement.
• Should not be confused with a Storage SLA, however, may be a subset of one.
• For the purposes of this presentation, DP SLAs are concerned with data that’s managed by a backup application. This will be different from organization to organization.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
What is Data Protection?
• It’s not just doing a backup anymore.• Data growth rates are necessitating
increased attention to protection.• Data protection has become a true
discipline and profession.
Data Protection consists of the processes and methods used to maintain the availability and integrity of data
over time.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
What Is Data Protection (continued)
• It is not the latest copy of data.(a.k.a., not part of continuous nor semi-continuous data protection.)
• A backup is:• A snapshot in time of a set of data.• A way to maintain data integrity over
time.• An inexpensive way to keep data for long
periods of time.• An inexpensive way to keep a copy of data
off-site and off-line.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
The History Of Data Protection
• Historically, DP has been viewed by I.T. and Businesses alike as an afterthought, and at best, a forgotten insurance policy.
• DP has never been an important discipline, not even offered in school.
• DP in general has a bad reputation.• Over the years, this perception has injured
the practice of data protection, the reputation of data protection professionals and the technologies that are employed by the practice.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Why Bother With A DP SLA?
• Employing a SLA, engages a contractual agreement of services, something the business can understand.
• Begins with making a business case for protecting data through understanding the business impact of data loss.
A data protection SLA illuminates the practice of data protection to the business for the businesses sake.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
The Business Case For A DP SLA
• An SLA sets a level of what is to be protected, how quickly it must be recovered and how long the data needs to be retained for.
• The business ‘declares’ the business requirements for protection (and compliance).
• Disaster Recovery & Business Continuance Plans will have most of this information already -- If you’re lucky.
• Will usually be supplemented with continuance technologies such as replication and snapshots.
Having a data protection SLA makes the practiceof protecting data a shared responsibly.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
The Data Protection Business Alignment Process
Identify PointPeople
Backup PolicyBilling DepartmentHost(s)Path(s)Schedule(s) Retention
CopiesOff SiteOff-LineEncryptedEtc…
ProduceAlignment Report
Produce Current SL Report
Review current backuppolicies and SL with business.
Compile business requirements for Service Level and determine Technical,
Architectural & Process changes.
Legal RequirementsBusiness DrivenOff-Site SpecificationsEncryption RequirementsNumber of copies, etc..
Assess business requirementsfor Service Level
Data Gathering
Assessment
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Step 1: Business Alignment
1. Know the current costs of data protection in your environment.
2. Based on what you can anticipate of your customers requirements, estimate any changes in cost. This will be the sanity check.
It's important to be business driven when designing your data protection architecture. If you're technology driven you'll find
yourself trying to fit your business processes around someone else's technology when it needs to be the other way around.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Business Alignment (Continued)
• Herding the cats… a.k.a. Identify the data owners.• Records Manager or Compliance Officer• Technical contact/owner• Data owner
• All data protection requirements must be legal/business driven.
• What is the data? • Where is the data?
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
• Are there Data Dependencies or Consistency Groups?
• Recovery objectives (Archive v. Backup)• Recovery Time Objective (RTO)• Recovery Point Objective (RPO)
• How many copies are required?• How many copies must be off-line?
Business Alignment (Continued)
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
• What are the physical location requirements for each copy?• Do any copies need to be off-site?• What does off-site mean in your
organization?• Are there encryption requirements,
especially of off-line copies?• What is the retention period of the data?
Business Alignment (Continued)
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Service Level Assessment Form
• This form is an example of what yours may look like, however, yours will most likely be more extensive pertaining to the specific requirements of your business and how you do data protection.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Step 2: Data Protection Methods
• Once the assessment is complete and signed off in the preliminary requirements, you can then determine what architectures (how much money) will accommodate the requirements and be sustainable.
• This ($) may require a re-leveling of expectations from the businesses.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Considerations Of Methods
• Virtual Tape Libraries and other disk based backup targets including De-Duplication.• Not off-line.• May need to be replicated, still not off-line.• May not fulfill the off-site requirements.• Can be vulnerable in a rolling disaster.• Not cost effective for data retained for
longer than one year, maybe less.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
• Encryption for removable media• Still very young in the industry.• Requires a excellent, reliable, protected
key management system.• May lock you into a technology for
decades.• Risky for long term retention data and
even more challenging to manage. • Could to be integrated into media
conversion projects for sustainability.
Considerations Of Methods (Continued)
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
Data Protection For Your Data Protection System
• Whatever your most aggressive SLA is for your customers, you’ll most likely need to match or exceed it for your Data Protection Environment.
• Take care of your backup catalog/index/database.
Brian J. Greenberg All Rights Reserved. [email protected] http://briangreenberg.net
FOR MORE INFORMATION
• http://searchstorage.techtarget.com• http://snia.org
I’ll be available at the Ask-the-Expert booth today from 1:30 PM to 2:30 PM.
Brian J. Greenberghttp://briangreenberg.net