What Is Missing Is The Vision
by Seth Miller
I recently attended W. Curtis Preston’s (aka Mr. Backup) Backup Central Live full day event in downtown Minneapolis. I look forward to this event every year. This event was my third with Preston in as many years although technically, this event was the first of it’s kind in this city. Preston’s road shows used to be produced by TechTarget, but now they are produced by his own company, Truth in IT. The differences between the two shows are noticeable in a number of ways including the improvement of the schedule format, the inclusion of other independent thought leaders in the industry (Jacob Farmer from Cambridge Computers) and even live audience polling throughout the day. This presentation was a significant improvement over past years. A schedule of upcoming Backup Central Live! events is available here: http://www.backupcentrallive.com
There were close to 50 end users in attendance as well as a dozen vendor folks. I had some very good conversations with both end users and vendors. With both groups of people, our conversations were generally not about how certain vendor software works versus another. The conversations were more often centered around the issues IT professionals have with their data and those that they report to.
The thing that most inspired this blog post and hit so close to home with me is the vision of what to do with data and how to accomplish that vision. I am not so much referring to the tactics or logistics, but more with strategy and end goals of where and how that data should be maintained, deleted, formatted, etc.
Mr. Preston talked about the differences between “Backup” and “Archive” and then asked a poll question of the audience about their company’s backup and archive strategy. The answer was predominantly that there was a lack of strategy and most businesses only backup their data with no forethought of how it would be restored, nor the consequences of not having an archiving strategy.
There is little doubt that backup and especially restore are all too often at the bottom of the priority list unless (and sometimes not even if) a server crash or data loss occurs. This lack of priority seems to happen in my situation because the priority list is constructed based on what the most pressing issue of the day is. Should we forget about what needs to happen tomorrow or next week and write the priority list based on what is relatively more important like data protection? Not necessarily, but what seems to be missing is the vision of where the company is or needs to be going and how IT’s role will play out in that vision.
An issue brought up during the conference was data retention. Specifically, what is a company’s legal obligations for data retention and what happens to the data once those obligations have been clearly defined. Most company’s attitude seems to be, “Save everything just in case…” Mr. Preston suggests that the opposite should be the case. The default of data retention should be, “Unless it needs to be saved, delete it as soon as possible.”
There are multiple reasons for doing this, but the most relevant is based on the fact that we are such a litigious society today. If data exists that is relevant to a case, the defendant must produce it regardless of the cost. However, if that same data was properly and legally deleted on a regular and consistent basis (e.g. not immediately following a subpoena), the defendant would not incur the expense of discovering and producing that data. The onus then of producing evidence of wrong-doing would be on the plaintiff.
The vision of a company when it comes to their data should include the potential of someday (or the inevitability of soon, depending on who you’re talking to) having the situation described here along with myriad other possibilities. The narrow and limited view of data protection as defined by saving all data backups forever does very little and will likely cost a lot when it comes time to restore or retrieve data when an “event” occurs.
The subject of data protection is ubiquitous in the circles I run in and the differing opinions on how to do it are not lacking in quantity or passion. What seems to be a consensus though is that it is not something to be taken lightly. It is not something to plan for later when a situation presents itself. And it is certainly not something to be ignored completely.
One of the final requests the audience members were left with from Preston, was to (in my own words) inspire some vision for the way your company protects, retains and treats its data. Try to change the philosophy around your data instead of treating it like leftover exhibits of evidence after a case has been closed. Many managers/directors/c-levels won’t get it, but some will and those companies will be better off in the long run which means you as the IT professional will be better off as well.