CIO — “When it comes to storing data, there is no ‘one-size-fits-all’ solution,” says Orlando Scott-Cowley, Messaging, Security and Storage Evangelist at Mimecast, a cloud and mobile data storage and security provider.
Before you decide where or how you will store your structured and unstructured data, “companies first need to understand the amount and type of data they have along with the motivation behind storing the information,” Cowley says. “Having this background will help determine what route to take, whether building on-premise solutions or moving to the cloud,” or some combination of the two.
So how do you formulate that sound data storage management strategy? CIO.com asked dozens of storage and data management experts, which resulted in these top 14 suggestions regarding what steps you need to take to choose the right data storage solution(s) for your organization — and how you can better ensure your data is properly protected and retrievable.
1. Know your data. “All data is not created equal — and understanding the business value of data is critical for defining the storage strategy,” says
Souvik Choudhury, senior director, Product Management at SunGard Availability Services. So when formulating your data storage management policy, ask the following questions:
2. Don’t neglect unstructured data. “Think about how you might want to combine multi-structured data from your transactional systems with semi-structured or unstructured data from your email servers, network file systems, etc.,” says Aaron Rosenbaum, director, Product Management, MarkLogic, a database solution provider. “Make sure that the data management platform you choose will let you combine all these types without months or years of data modeling effort.”
3. Understand your compliance needs. “If you are a publicly traded company or operating within a highly regulated industry such as financial services or healthcare, the bar has been set high for compliance and security,” says Jay Atkinson, CEO of cloud hosting provider AIS Network.
“If you choose to outsource your data storage and management, ensure that your managed services provider has the credentials needed to provide a highly secure, compliant environment. Failure to operate in total compliance may lead to severe penalties later,” says Atkinson
4. Establish a data retention policy. “Setting the right data retention policies is a necessity for both internal data governance and legal compliance,” says Chris Grossman, senior vice president, Enterprise Applications, Rand Worldwide and Rand Secure Archive, a data archiving and management solution provider. “Some of your data must be retained for many years, while other data may only be needed for days.”
“When setting up processes, identify the organization’s most important data and prioritize storage management resources appropriately,” says Scott-Cowley. “For example, email may be a company’s top priority, but storing and archiving email data for one particular group, say the executives, may be more critical than other groups,” he says. “Make sure these priorities are set so data management resources can be focused on the most important tasks.”
5. Look for a solution that fits your data, not the other way around. “Many think the only choice to make is whether they need DAS, a SAN or a NAS,” says Olivier Thierry, chief marketing officer at Pivot3, the provider of converged, highly available shared storage and virtual server appliances. “These are important choices, but they are insufficient,” he continues.
“While a Fibre Channel SAN may be great for doing a lot of low latency read/write operations on a fairly structured database, it’s not typically designed to do well on spikey unstructured video workloads,” Thierry says. So “instead of selecting a one-size-fits-all strategy, smarter buyers are now considering the workload characteristics and picking the right storage strategy for the job.”
Similarly, “look for a solution that provides the flexibility to choose where data is stored: on premise and/or in the cloud,” says Jesse Lipson, founder of ShareFile and VP & GM of Data Sharing at Citrix. “The solution should allow you to leverage existing investments in data platforms such as network shares and SharePoint.”
And if like many businesses these days you have a mobile workforce, the data management and storage solution you choose “should be optimized for mobile and virtual platforms, in addition to desktops and laptops — and provide a consistent experience across any platform, including mobile editing capabilities and intuitive experience across mobile devices, virtual desktops or desktops.”
6. Don’t let upfront costs dictate your decision. “The real cost of storage comes from operating the solution over several years,” says Antony Falco, cofounder and CEO of Orchestrate.io. So “make sure you really understand your operating costs [or total cost of ownership]: personnel, third-party support, monitoring, even the chance you’ll lose data, which certainly carries a cost,” he says. “These all quickly dwarf the upfront costs to purchase and deploy.”
“Many users buy storage (systems or services) because of large initial discounts or they neglect to think through the costs of their chosen storage years down the road,” adds Jon Hiles, senior product manager at storage solution provider Spectra Logic.
“Factoring in scalability, technology refresh, and operating costs like power, administration, floor space and support renewal over time can make a big difference in the storage acquired,” Hiles says. “Considering the long-run implications of these storage characteristics and purchasing the storage that provides the best total cost of ownership over time reduces the chance that long-run costs will far exceed the short-term discounts.”
7. Use a tiered storage approach. “Save money by only using your fastest storage, like SSD, for data that you actively use, and utilize less expensive platforms, like the cloud, to store your archival or backup data,” says Aaron Rosenbaum, director, Product Management, MarkLogic, a database solution provider. “Make sure your systems can utilize different storage tiers so as the performance needs of an application change, you don’t need to re-architect [it].”
8. Know your clouds. “All storage clouds are not created equal,” warns Andres Rodriguez, CEO of Nasuni, which provides storage infrastructure as a service. “Some clouds are optimized to handle archiving, others have the performance and stability to act as the back end for a primary data storage system, and still others aren’t worth the risk for any purpose,” he explains. “The lowest price cloud may end up being much more expensive in the long run if data is lost or inaccessible.”
9. Carefully vet storage providers. “There are many viable storage solutions in the marketplace that will meet your requirements,” says Mike Garber, senior director, Platform Management at health insurance provider Independence Blue Cross. “Choose a storage provider who has excellent technical support and also an attentive account team,” he says. “When problems arise within the storage network, they typically have a big impact to your organization. Your ability to resolve these problems timely will be critical to your success.”
It’s also important to “make a list of everything you want your data protection solution to do — and ask vendors how much of the list they can cover,” says Jarrett Potts, director of Marketing for data backup solutions provider STORServer.
“Organizations looking for storage providers should pay close attention to capacity, performance, availability and fault tolerance,” says Milton Lin, Master Cloud Specialist at Force 3, which provides a variety of technology solutions. “It is also important to seek out providers who offer innovative features such as thin provisioning, tiering and deduplication.”
Finally, you need to remember that you “cannot transfer all risk related to [your] data simply by storing it at a third-party facility,” warns Chris Reffkin, a senior manager in Risk Consulting with Crowe Horwath LLP. “The organization is ultimately responsible for its data,” he says.
“This responsibility includes performing due diligence not only during procurement, but through the lifecycle of the vendor relationship. It also means if the worst scenario were to happen, [you need to have] the appropriate contract in place to cover the cost of the breach, etc,” Reffkin says.
10. Don’t store redundant data. “Many companies do not have a plan on storage,” says Michael Clapperton, CIO of George Little Management, a producer of trade shows. Instead, “they tend to capture and store redundant data,” he says.
“This used to be a less of a problem when disk was expensive; companies were much more careful to plan what to store,” Clapperton says. “But with capacity being more reasonably priced, the tendency is to store everything. The problem is identifying what is valid and what is dated as well as database performance.” So before storing data, analyze it and “pick your most reliable source,” deleting copies.
11. Make sure your data is secure. “When managing data within any IT environment, security has to be the first priority,” states Neil Kole, vice president of global infrastructure and operations at Informatica, a provider of data integration software.
“Security comes two-fold: the data has to be secure both virtually and physically,” Kole says. “The data also needs to be encrypted so it cannot be read or used by unscrupulous third parties if it ever falls out of possession or is hacked (which does happen).”
In addition, Kole advises backing up encrypted data to tape and housing it in a secure outside location, “so that in the event of an emergency or natural disaster, the data and enterprise system can be recreated.”
12. Leverage technologies that use deduplication, snapshotting and cloning.“This can save you a fair amount of space, while giving you version control of your data,” says David Stahl, director of IT at digital agency Huge. “Some of the more recent file systems like ZFS do all of this and are open source. But commercial products like NetApp have been doing it for years.”
Adds Doug Hazelman, vice president of Product Strategy at Veeam Software: “SAN snapshots can now be converted into backups that IT can store offsite, which enables IT to back up the environment several times an hour instead of just once a day.”
13. Make sure you can find the data you need once it’s been stored. “Being able to easily search your electronically stored data and provide accurate results instantly is critical to getting the most out of your data on a daily basis and in urgent situations, such as when your data is needed for litigation,” says Chris Grossman, senior vice president, Enterprise Applications, Rand Worldwide and Rand Secure Archive, a data archiving and management solution provider. “After all, if you can’t find the right data when you need it, what’s the point of archiving your data at all?”
14. Have a disaster recovery plan — and constantly test. “It’s all about recovery,” says Potts. “All the backups in the world cannot save you if you can’t recover [your data].” So whichever method or methods of backup you use, be sure to test them — and not just once a year or once a month.
“Do random recoveries each week,” Potts advises. “Do disaster recovery testing and audit your data pools [periodically, so you can] be sure you can recover your data.”
“Always remember the 3-2-1 rule,” adds Dave Hamilton, Dave hosts the Mac Geek Gab Podcast at The Mac Observer. “Maintain at least three copies of anything you care about in at least two different formats, with at least one of them being offsite.