It seems every day we wake up to a new challenge to our organization. Like never before, the engines of global economic prosperity – people, capital, infrastructure, and information – need to be managed for resiliency in the face of uncertain yet pervasive risks.
Information lifecycle management addresses the critical concern of how best to protect information vital to commerce and public safety. The end goal is an information infrastructure that ensures the availability of critical information anytime, anywhere, across the globe. Achieving this goal requires new thinking, technologies, and management expertise needed to balance tradeoffs in cost, risk, and business value.
The challenge is to move toward this goal aggressively while operating within real-life budgetary, process, and technological constraints. Information lifecycle management helps you do that by aligning the various classes of critical applications and data across your enterprise to the appropriate level of protection and availability.
A number of issues make a lifecycle approach to data protection attractive. The first is the complexity that governs information management. Not only is information growing at an exponential rate, but it’s becoming increasingly difficult to detangle applications as they draw information from each other.
The issue of regulatory compliance is also becoming increasingly highprofile. HIPAA, Sarbanes-Oxley, and Basel II are just a few of the most visible new regulations that mandate the way that many companies manage and protect corporate data. With the advent of this new regulatory environment, companies must protect information longer and have the ability to recover faster. Moreover, they must protect the right data – and know when it’s time to delete information that’s outlived its function.
Many experts recommend the following steps to success for information availability and protection:
Lead with Business Requirements
Many enterprises will conduct a business impact study, which requires conversations with line of business (LOB) peers to get at the true business value of each application. Companies frequently call in outside assessment teams to help conduct an unbiased classification study, particularly in industries where regulatory compliance is an issue.
Once you have an idea of the value of each application, you can formally classify them. Generally this means at least three different categories of service-level importance:
Mission-critical – This includes applications that will, if interrupted, result in severe financial, regulatory or safety issues for the company. Recovery time for these applications will be in seconds, minutes, or a few hours at most.
Essential – These applications include supporting business systems, such as financial analysis applications. These systems must not be down more than a day.
Deferrable – This includes applications that contain data that is used periodically, such as market analyses. These applications might have a recovery time of 24 hours or longer.
Design for Success
Armed with a clear agreement on the critical classes of applications and data, the work of designing solutions begins. There are five key design principles for building a resilient, highly available information infrastructure:
Replication – Information is typically backed up so that companies can recover from operational failures and major business disruptions as well as archive data in accordance with business and regulatory requirements. As these requirements converge, they should be viewed as one enterprise-level business requirement.
Geographic Distance – Consolidating information processing into one center can save money, but it also creates vulnerability to a single risk event. Systems need to be designed for both economies of scale and distribution of information across suitable distances.
Consistency – Data and applications are often backed up at different times of day or week, making it nearly impossible to restart the enterprise at a single point in time. Backup and replication to a single point in time is a critical underpinning of a well designed infrastructure.
Accessibility – Anytime, anywhere access to information requires geographically redundant and diverse network connectivity that enables workers to continue operations from various remote locations.
Cost and Performance – The optimum design provides for backup, recovery, and high availability in a fashion that is both cost-effective and enables the right level of protection to be applied to the appropriate class of applications and data.
By applying different levels of protection to different levels of information, companies can tie the right price and performance levels to each group of information. Further, if a dollar value is assigned to the different levels of protection, it allows LOB executives to make decisions based on numbers, not technical jargon.
Manage Change
Of course, shortly after you classify your applications and design and implement the appropriate level of protection, your business requirements will change and new processes and technologies will be introduced. Building a successful information lifecycle management strategy is an ongoing process.
In an era of global data centers and companies that have tightly intertwined supply chains with partners and distributors, the ability to protect information is increasingly vital to the success of the enterprise. As such, businesses must manage this task at a very high level. First and foremost, they must make sure their protection and recovery policies are driven by the value of the information to the ongoing operation of the business.
Recommend0 recommendationsPublished in IT Availability & Security
Leave A Comment
You must be logged in to post a comment.