Tony Lock, Freeform Comment
Over the course of the last few months I have spent a lot of time speaking with end users and vendors about backup and recovery systems and their associated work processes. In fact, just this week, I gave a presentation on some research data that we have generated over the last year or so on the whole area of managing data protection and information management. Talking with end users, one thing is still abundantly clear – despite the fact that data backup and recovery being processes on which organisations, large and small, have spent much time over the years, very few think that they have safe, reliable systems running.
Well the answers here are many and varied. Alas no one thing can make all backup and recovery systems perform flawlessly each and every time. A lot of work needs to be put into the processes themselves whereas, in many instances, ’belief‘ that the technology of the backup and recovery software will function as desired is the only investment of effort undertaken.
It is interesting to see that today even professional service suppliers manage to get things wrong. Or, if not entirely wrong, then too often not quite what really should have been provided. Let me give you an example. I was recently talking with a health care professional who pays for a professional data recovery service on the PC he employs to run sophisticated patient management software and image processing equipment. He is a skin specialist. Well, as certainly as Murphy’s Law operates, there came an occasion when he had a hard disk failure so he called his support service.
They duly arrived in his surgery and confirmed that said PC was indeed non-operational and that they would be able to recover the system and the vital patient data. Perfect. Well, not quite. Instead of being able to get the system operational again within a short period of time, they did not return a working system for over a week! Naturally, during the downtime, the doctor had many patients arrive expecting to be scanned by the imaging system which was not possible due to the non-functional PC. Lo and behold, patients were unhappy at having to arrange a second appointment, with all the associated inconvenience and disruption, to complete everything. And this in a health system where practitioner income is directly related to patient sessions and insurance companies being happy with service provided.
Clearly this is a case where, whilst the recovery service works, it does not appear to provide appropriate service levels for the nature of the business being protected. Now who should shoulder responsibility? The Doctor, the company providing the specialist recovery service, or both? Tricky question.
What this does illustrate is that, unless attention is paid to the real needs of the business service being protected, it is easily possible to provide data protection and recovery systems that are less than perfect. Alas, in many institutions, the real value of recovery systems is only appreciated when they are called upon in anger. And, in too many organisations, the ability to recover data and systems is tested too rarely, if at all. Time and effort need to be expended to understand just what the business requirements are, and then putting in place simple systems that meet the need at an affordable cost.
Today, too many backup and recovery systems operate the way they do because that’s the way they have always functioned and, for some time, no further effort has been spent working out what is really required. With a wide range of affordable and workable recovery systems available to help make data protection more effective and efficient now is a good time to look with fresh eyes at backup, recovery and information protection. The place to start is to find all the data stores that exist in the business, now a more straightforward task than in the past, and then to establish just how they should be protected. Sounds easy but it requires time and effort plus whoever undertakes the task must be ready to talk to the business users to identify their real requirements and then translate these into potential technical solutions.