Effective Remote Office Data Protection

By Tom Schmidt

For today's enterprises, it can seem like an overwhelming challenge: the almost exponential growth of business-critical data from email, e-commerce, and electronic systems shows no sign of decreasing. In fact, some observers estimate the growth rate of corporate data to be 60% per year.

This staggering rise in corporate data has led to a corresponding tightening of corporate governance and legal procedures surrounding the retention and availability of data. According to one large storage vendor, there are over 4,000 major regulations that apply to information-keeping worldwide. And a number of these regulations stipulate extensive rules governing data retention, with heavy fines and even jail sentences for executives in cases of noncompliance.

Not surprisingly, conventional data management and protection techniques have struggled to keep pace. Many IT organizations still use the "weekly full, daily incremental" backup technique employed since the 1950s. Increasingly, however, these traditional approaches are failing. A recent Ernst & Young "Fabric of Risk" study determined that approximately 36% of the executives from the top 1,000 publicly traded companies believed their companies would cease operations due to inadequate protection, while 59% placed their risk as moderate to high.

For enterprises that have multiple remote offices, the backup process is even more complex. That's because these offices are often outside the scope of a centralized IT infrastructure. Given today's dramatic rise in corporate data and harsher regulatory climate, however, it is essential that enterprises deploy an effective remote office data protection solution.

This article explores the challenges to remote office data protection; it then shows how a disk-based solution can protect, back up, archive, and restore data across a broad range of computing environments, from large corporate data centers to enterprise remote offices.

Problems with traditional approaches
IDC estimates that approximately 99,260 medium-sized and large firms in the United States have remote or branch office locations, representing 85% of the total population of medium-sized and large firms in the U.S.

Many of these enterprises organize the backups of their remote sites by using tape. A traditional tape backup approach to remote office data protection places applications, databases, or files in a consistent state for a local, server-attached tape backup. When a failure occurs, recovery points are based on the last known good backup, and any data stored following the last backup is potentially lost. Recovery times are impacted by many variables, including the tape media location, the size of the restore, the type of the restore, and backup configuration attributes such as multiplexing and backup levels. According to a recent IDC White Paper ("The Data Protection Imperative in the Enterprise Remote Office," June 2006), other challenges with a traditional tape backup and recovery approach include:

• Poor remote office operational recovery due to longer restore times and limited IT resources
• High IT overhead and administration associated with tape handling, media management, backup and recovery verification, tape automation management, and lack of reliable tape media in specific conditions
• No available IT resources to manage the backup process and tape rotation and troubleshoot backup software or hardware problems
• High total cost of ownership related to redundant backup processes and data where the same data was periodically backed up again and again, increasing backup volumes, network traffic, and media costs
• Increased security risks associated with sensitive corporate information on lost, compromised, or offsite tapes
• Limited network bandwidth to back up local enterprise remote office over a WAN (Wide Area Network) to a central data center
• Lack of control and increased risk associated with a distributed and non-standardized approach to control data protection at enterprise remote offices

Conversely, performing a full backup of remote data over a WAN connection requires a considerable amount of bandwidth and can be prohibitively expensive. As the number of remote sites increases, this problem becomes an even bigger issue, creating a bottleneck between the remote site and the data center's backup server. As data volumes grow and working patterns edge towards 24x7 operation, the overnight backup window may not even be a feasible option.

Secure, optimized protection
A disk-based approach to remote office data protection can overcome the hurdles posed by both tape and WAN backups. Such an approach combines disk-based backup with so-called "fingerprinting" technology to identify the unique, changed segments of data across different offices.

A good solution would be to identify these unique file segments and keeps track of what has been previously backed up, while not moving or copying data that has already been stored. By identifying only those unique segments of data to back up, the solution can reduce the network bandwidth used to move data offsite as well as the amount of storage required. IDC estimates that such a solution can reduce storage and network consumption "by a factor ranging from 10 to 50."

In addition to eliminating the risk and costs of tape from remote offices, a disk-based solution offers the following benefits:

• Fast recovery Data can be recovered from a local server, a data center, or another remote site.
• User-level file restores Users can quickly search for and recover files.
• Remote replication Bandwidth-efficient asynchronous replication provides for offsite or disaster recovery protection, replicating data to a data center, a disaster recovery site, or another remote office.
• Standardized remote office protection Backup and retention policies can be set by system administrators at the data center.
• Centralized management Backup configurations, retention policies, and regular administration tasks can be performed via a secure, Web-based console.
• Secure administration The use of 256-bit encryption of data both at rest and in transit over LANs or WANs ensures that data cannot be compromised due to security threats and eliminates the risk of loss or theft of removable media.
• Standard file system interface Administrators can quickly restore backup data that is filtered by file metadata, such as file type, date, and source, using a standard CIFS virtual file system interface.
• Storage scalability Administrators can add storage modules to scale disk storage capacity. Because all available storage is virtualized in logical storage pools, scaling happens online without having to reconfigure backup and replication policies or clients.

Conclusion
For many companies, protecting remote office data can be a challenge. Companies may perform tape backups at each remote office, but this approach can be unreliable, cumbersome, and expensive. The alternative method, creating backups over a WAN, also poses problems because of the amount of data and the cost of bandwidth.

A disk-based data protection approach addresses these hurdles and enables companies to efficiently manage and protect remote office data. Such an approach can also put the brakes on runaway data growth by using fingerprint technology to distinguish unique files and file segments from redundant ones. The bottom line: a disk-based data protection approach enhances an enterprise's ability to ensure the security, availability, and recovery of its remote office operations and data.

Tom Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.