Having a storage strategy seems like a no-brainer. A company that invests a considerable amount of money in its storage infrastructure must have a storage strategy -- not necessarily the case. Many businesses are not prepared to properly handle long or even short-term storage capacity issues because they have no plan, or no well-tested plan, in place.
Channel to the rescue! As a VAR, systems integrator or consultant, there's something you can do to address this major dilemma, and make a few dollars while you're at it. This guide will help you potential business issues, identify storage needs and ultimately develop a storage strategy.TABLE OF CONTENTS
Understand business concerns
Identify storage needs
Develop a storage strategy
|Understand business issues||Return to Table of Contents|
Storage compliance regulations typically focus on three distinct areas of interest: retention, integrity, and security.
Retention dictates how long data must be kept in storage, but stored data must also be retrievable quickly in the face of compliance audits or legal discovery. Search is a serious issue with retention -- an organization needs advanced tools to locate relevant data stored for 10 years, 20 years or longer. Data must also be readable over time, which can be a crippling problem as operating systems, email server versions or other elements of the storage infrastructure evolve.
Integrity is also called "immutability;" ensuring that data has not been changed or lost because of corruption or media failure. Tape had been the traditional immutable media for many years, though optical WORM media like CD and DVD are cheaper and far more reliable. Disk-based write-once platforms, like content addressed storage (CAS), meet the demands for rapid accessibility.
Security protects sensitive data from unauthorized access. Security is typically part of the storage platform (e.g., user authentication in a CAS platform), though encryption is taking on a more prominent role for tapes and file servers. Regulators often require companies to have policies and procedures in place to manage integrity and security.
Federal rules of civil procedure (FRCP) are putting the onus on IT departments to ensure they have adequate data-retention policies and an archiving system that can retrieve documents in their original format, including meta data. To satisfy evidence requirements the systems may need to demonstrate that specific documents were not changed after they were archived.
Because the rules apply to civil suits, any organization -- not just public companies or those in financial services and other data-sensitive markets -- can be affected.
|Identify storage needs||Return to Table of Contents|
Say a customer is continually throwing more capacity at a storage problem. Is the problem as simple as alleviating a space issue? There are some basic questions to ask that can lead to in-depth discussions about the storage situation.
- Do you have a storage strategy?
- Where are your current storage problems?
- What is your capacity consumption?
- What are your budgetary requirements or limitations?
- Are you able to deploy storage in the required time?
Getting all the information you really need to perform capacity planning remains very, very difficult. Host-based agents for information gathering are still prone to human error, such as forgetting to install them. Advanced configurations, like server clusters, are still counted multiple times by many monitoring tools. And if your customer has a heterogeneous environment, forget it.
What users really want to know is, 'Where do I put my next dollar?' It's still a guess as to what you're going to need next.
When determining storage performance needs, you must look at all of these storage specs, have a requirement for performance and understand what an application might need and how it might grow. But then how do you know if what you'll implement is actually going to work in the way you want it to work? One of the biggest challenges with storage performance, in general, is that you just don't know.
|Develop a storage strategy||Return to Table of Contents|
There are some basic steps in developing a storage strategy for a customer:
1. Understand the company business issues. Whatever is done in IT must meet what the company is doing in business.
2. Get the requirements. Different organizations utilizing storage for the business must be interviewed and their requirements understood for growth, performance, availability, etc.
3. Understand the current infrastructure and storage environment.
4. Consider strategic initiatives that may be planned or put into effect. These initiatives may include a new facility, upgrading or changing systems, and other long-term projects that will involve storage.
5. Evaluate what is needed to meet requirements in the future. This sometimes involves a complex series of steps to understand how the current situation will have to evolve to meet long-term needs.
6. Look at technologies that could be effective in the future. Consider the advantages and risks of implementing the new technology.
The practices and techniques to consider when developing a data protection strategy are:
- Backup and recovery: the safeguarding of data by making offline copies of the data to be restored in the event of disaster or data corruption.
- Remote data movement: the real-time or near-real-time moving of data to a location outside the primary storage system or to another facility to protect against physical damage to systems and buildings.
- Storage system security: applying best practices and security technology to the storage system to augment server and network security measures.
- Data lifecycle management (DLM): the automated movement of critical data to online and offline storage. Important aspects of DLM are placing data considered to be in a final state into read-only storage, where it cannot be changed, and moving data to different types of storage depending on its age.
- Information lifecycle management (ILM): a comprehensive strategy for valuing, cataloging and protecting information assets. It is tied to regulatory compliance as well. ILM, while similar to DLM, operates on information, not raw data.
All these methods should be deployed together to form a proper data protection strategy.
A tiered-storage strategy, properly planned and executed, can increase service levels for your critical applications and data sets, while reducing the overall cost of data storage.
When setting up a tiered-storage strategy, the first step is not to buy a new class of storage devices. Before focusing on the technology, you need to classify the data sets, based on the business requirements for the applications. Then define appropriate service level objectives (SLOs) and data management policies for each class. Finally, define a tiered-storage architecture to support the needs of the data classes and work out a migration plan to place each data class on the appropriate storage tier.