In Chapter 1 of his book Data Protection and Lifecycle Management, Tom Petrocelli discusses the five components of a data protection strategy.
The size of an enterprise determines which practices, processes or technologies are used for data protection. It is not reasonable to assume that a small business can deploy expensive, high-end solutions to protect important data. On the other hand, backing up data to tape or disk is certainly something that any enterprise can do. A large enterprise will have both the resources and the motivation to use more advanced technology.
The goal is the same no matter what the size or makeup of the company. Data protection strives to minimize business losses due to the lack of verifiable data integrity and availability.
The practices and techniques to consider when developing a data protection strategy are:
- Backup and recovery: the safeguarding of data by making offline copies of the data to be restored in the event of disaster or data corruption.
- Remote data movement: the real-time or near-real-time moving of data to a location outside the primary storage system or to another facility to protect against physical damage to systems and buildings. The two most common forms of this technique are remote copy and replication. These techniques duplicate data from one system to another, in a different location.
- Storage system security: applying best practices and security technology to the storage system to augment server and network security measures.
- Data Lifecycle Management (DLM): the automated movement of critical data to online and offline storage. Important aspects of DLM are placing data considered to be in a final state into read-only storage, where it cannot be changed, and moving data to different types of storage depending on its age.
- Information Lifecycle Management (ILM): a comprehensive strategy for valuing, cataloging and protecting information assets. It is tied to regulatory compliance as well. ILM, while similar to DLM, operates on information, not raw data. Decisions are driven by the content of the information, requiring policies to take into account the context of the information.
All these methods should be deployed together to form a proper data protection strategy.
Read the rest of Chapter 1, Introduction to data protection