All business operates with some sort of data that is unique to their organization. Data can be in a form of emails, database or just files. These are a vital part of the business operations and business will not be able to run without them.
Why you need data to be protected?
To operate a business data should be available to employees all the time. Missing data will cost the business in loss revenues and operational down times.Ultimately,the Business will not be able to run without their data.
Why you need data to be made high available?
Making the business data available to users all the time, regardless of environment conditions, system failures, and any other situation is called high availability of data.
What to look for data protection and high availability?
Protecting data is vital, it is also vital to plan for a process of getting those data back to production environment in little time as possible. This will ensure a little down time and more business continuity
Planning for Data Protection
When planning for data protection, it is vital to understand the business requirement of the organization. For Example, how long can the organization survive the operation without the data? can the business process be run with manually ? How to switch back when the data becomes available? This is called Recovery Time Objective (RTO)
Also how much data can the organization afford to lose, without a major impact to the operation? For example, if the organization to lose 1 days’ worth of data, can it survive and recover that data? This is called Recovery Point Objective (RPO)
Most importantly these are not IT related decisions. These parameters had to be decided by the top operational groups of the organization, after analyzing their own business operation. Surely everyone wants to have a zero down time and a zero data lose system, but implementing such a system will be very expensive. Also not all organizations will require such system.
An analyzing of data in a typical organization
We will take a simple business organization as a sample for this. It will have following systems. Assuming they depend heavily on the systems and no manual process exists for each system.
· Central user authentication system
· Email system for internal and external messaging.
· database to house the ERP, Accounting, manufacturing, store and HR system
· Central file repository for user created data
· Various application servers
Above systems will be vital part of the business operation. Any system malfunction will affect the total operation of the organization.
Categorizing the criticality of the data in a typical organization
Once the critical data is identified, those can be categorized according to the priority in conjunction with the business operation. Identifying the most critical systems to the business operations and least critical systems to the business operations will help to plan on deploying data protection and later high availability.
Most critical systems to the business operations will need to be up and running faster than the others. They will also be needed to have least amount data loose.
Categorization of critical data will be a group task that should have all the management levels and the divisional presence.
For a buying office that mainly deals with customers and factories, email system will be the most critical system. Their main mode of communication with customers will be through emails. Orders will come through; changes will be communicated so on through emails. So the email systems will be crucial for their operation.
The users will require very high availability of the email system. Also they will require availability of their older emails for future references.
So for this organization, there should be a data protection solution to protect their existing emails to be retrieved later.
Also since their email system is so vital, there should be a mechanism to make it available all the time, without a downtime in email operation.
Ultimately from IT point of view, the emails should be backed up frequently and a high available solution to in place for the email system.
For a large scale manufacturing office that mainly deals with factories, email system will not be the most critical system. But their ERP system will be much critical for the manufacturing process.
So for this organization, there should be a data protection solution to protect their ERP database to be retrieved later.
Also since their ERP system is so vital, there should be a mechanism to make it available all the time, without a downtime in ERP system.
Ultimately from IT point of view, the ERP database should be backed up frequently and a high available solution to in place for the ERP system. But the emails are also important, the emails should be backed up frequently and a high available solution might not be required at this time for the email system.
Planning a data protection solution
Planning for a data protection solution should consider the above mentioned criteria first. Apart from that they should consider the method of the protection to be used. Ex: tapes, disks etc. also the retention time for each media is needed for consideration.
Retention period means how long the data be kept in tapes. This will allow old data to be retrieved on a later data for validation or auditing. Retention period should be decided by the business operations.
In addition regulatory requirements mandate a certain retention period for certain business operations.
Planning a Business continuity solution
Planning for a business continuity solution needs to consider the same parameters as the data protection solution. And in additionally on getting the systems running on a predefined time window.