Smarter Data Protection: Link Security and Storage Management
Wes Simonds 120000EFD6 firstname.lastname@example.org | | Emneord:  anne storage capabilities services software pulse data of wes vining 2012 ibm capability management infrastructure protection impact tivoli simonds lescher rich business and
0 kommentarer | 8.424 besøg
Ever get the sense that marketing jargon is getting out of hand? Consider this sentence: ‘Siloed management must give way to a new paradigm of holistic business value.’
‘New paradigm,’ in particular, seems a little doubtful. I learned a long time ago not to talk about paradigms, especially in the context of shifting. But I think the rest of it just needs a little rephrasing.
Let's try this: ‘IT teams and technologies should collaborate more to work better.’
That's not so bad, is it? It's easy to find an example, too: security and storage management.
These two seemingly separate IT domains turn out to be flip-sides of the same coin: data protection. And a coin is probably a good metaphor here, because data is often the most valuable asset an organization has.
Imagine your organization. Now imagine how productive your organization would be without any data. See what I mean?
Security and storage management are your vigilant friends with specialized military training who hang around your data and keep it from being threatened, damaged, mutilated, spied upon, lost, kidnapped or murdered in cold blood. And to get that done, they work best as a collaborative team.
Encryption delivers powerful protection for almost any form of data
To pursue this idea in a little more detail, consider the most traditional form of backup media: magnetic tape.
It's inexpensive, commonplace and even today, in extremely widespread usage. And it's also a gigantic potential security hole, because the stuff that gets backed up onto it is quite often the stuff organizations want to protect the most. So it typifies the natural link between security and storage, and underscores the fact that organizations should think about connecting these domains a lot more naturally.
Anne Lescher, Product Marketing Manager with IBM Security Solutions, agreed with me on this point when I talked to her.
Absolutely. Encrypting data everywhere you reasonably can, including backup tapes, leads to better security and a better business outcome.
So solutions that optimally manage encryption keys, like IBM Tivoli Key Lifecycle Manager, are already pretty compelling and getting more compelling by the day. They help organizations serve and manage those keys in a centralized way, as long as the keys are in use, and directly integrate with tape drives (from both IBM and third parties) to encrypt data as it's stored on tape.
So if a tape, as Lescher puts it, falls off a truck, it's useless to anybody who finds it because all the data on it is already encrypted. That data is much better protected because this organization's security and backup capabilities have now collaborated to work better.
Scale that idea up to the level of production servers and it gets even stronger. Enterprise infrastructures, of course, are chock-full of critical business data kept on disk arrays. Can the same IBM solution help protect that data as well, in basically the same way?
It certainly can. And because you're using the same solution to do multiple jobs, you avoid making things overly complex as well -- a common enemy of progress in the world of IT.
Another point: encryption can also help organizations more easily comply with government regulations (example: HIPAA) concerning sensitive data (example: patient health records). That’s more important than ever, given the way compliance failures increasingly lead to stringent fines -- not to mention negative publicity and serious brand damage -- if data is exposed and customers are affected.
‘Effective data protection can be complex to the point of seeming like rocket science,’ said Lescher. ‘The complexity of encryption technology can scare storage and security administrators away from using effective protection controls. So simple, integrated security is essential for both peace of mind and critical data protection.’
Data protection means never having to say ‘it's gone forever’
Of course, backup tapes are just one element of storage. You can make essentially the same case for storage management in a larger sense. Generally speaking, you want to be able to protect data as comprehensively as you can, everywhere you can, while introducing as little new complexity as you can to get it all done.
Talking to Rich Vining, IBM Tivoli Storage Marketing Manager, drove that point home for me.
‘When someone says data protection, do you think of backup and recovery, or encryption and access control?’ he asked. ‘Because they're both directly relevant and they both need to be addressed. Are you confident that during your next data disaster, the right person with the right training will log into the right system, restore the right data to the right place, do it quickly enough to limit any losses and not break anything else? If you've deployed a number of different point solutions from different vendors to address the complex needs of your business, the answer is probably no.'
This scenario illustrates data protection from a fundamentally different angle -- the idea that even without malicious attacks or inadvertent backup tape losses, an organization can put its own data at higher risk through problematic storage management. It can slow down backup and recovery processes, skip data that should never be skipped and ultimately lose critical data.
That prospect is enough to give business leaders the heebie-jeebies.
It also underscores the charm of backup solutions like IBM Tivoli Storage Manager that centrally and comprehensively back up, archive and restore all enterprise data, everywhere it exists, quickly and cost-effectively.
‘I like to think of data protection as being comparable to health insurance,’ said Vining. ‘When something goes wrong, whether it be the flu, an accident or something much more serious, you better have good insurance to keep from ruining your financial as well as your physical well-being. Same thing with data protection -- its value comes into play when something goes wrong, avoiding the huge costs of lost data and business downtime.’
It's an interesting parallel, and a timely one given the nation's current interest in healthcare reform and the various ways we might go about it.
In healthcare reform, the fundamental problem reformers would like to address is escalating costs, i.e., insurance premiums that climb every year. A direct parallel to that situation exists in the world of data protection, in the form of escalating data volumes, which similarly grow every year. Data is also increasingly scattered -- distributed over more endpoints and servers than ever before, and in more ways. Conventional backup solutions and strategies often no longer suffice to handle it all, and even if they have the capability, they often don't have the time.
That means more and more data goes unprotected every year. And that's just not acceptable given how critical data is to business operations and strategies. What's the fix?
Vining's answer: Smarter backup solutions, like Tivoli Storage Manager.
‘One of the biggest, if not the biggest, cause of data growth is performing full backups every week, which most data protection products force you to do,’ he said. ‘That's because of needless redundancy. Your full backups probably contain more than 90 percent of the same data you backed up last week, and the week before and so on. Why not avoid creating all that duplicate data by only performing incremental backups -- forever?’
Indeed, why not?
Get your thumb on the pulse of data protection
If you'd like to find out more about these subjects, think hard about attending Pulse 2012.
You'll get a chance, via technical demos exploring real-world scenarios, to see how security and storage management can work hand-in-hand to protect your data -- everywhere it lives throughout your infrastructure -- and direct specific questions to solution and business process experts from around the world.
Register for Pulse 2012
Share your viewpoint on the Tivoli Storage Blog
Watch a video podcast with Rich Vining about storage management
About the author
Guest blogger Wes Simonds worked in IT for seven years before becoming a technology writer on topics including virtualization, cloud computing and service management. He lives in sunny Austin, Texas and believes Mexican food should always be served with queso.