Computerworld Storage Networking World Online
The Online Storage Networking Magazine for IT Leaders Services | Subscribe | About Us      


    

ROBO Cop: Reducing Business Risk with Remote Recovery Management
by Patty Then and Frank Jablonski

Companies of all kinds continue to decentralize the physical distribution of their workforces.  More and more employees are working from remote offices and branch offices (ROBOs) so they can be closer to their customers. According to the U.S. Census Bureau, there are more than one million remote branch offices in the U.S. alone.1 Because of this trend, as much as 70% of critical business data now resides outside the corporate data center.

The broad distribution of decentralized data represents a major source of risk for today’s security-and-compliance-conscious companies.  Inside the data center, IT staff can readily keep data under rigorous control.  But the data residing on servers, desktops and laptops outside of the data center in ROBOs can become much more exposed to a wide range of threats – unless appropriate measures are taken to extend protection by implementing recovery management practices that include remote offices.

ROBO risk factors
Remote workers generate large amounts of business-critical data which often ends up residing on a server in another state or a laptop on the other side of the world.  Yet access to this data is often essential to the business.  This access may be necessary to make a business decision, serve a customer, or fulfill the discovery requirements for litigation.  Any inability to access and distribute this data can therefore have profound consequences for the business.

It’s particularly difficult to ensure proper backup of ROBO data.  Most ROBOs don’t have much (if any) IT staff on site to manage backup tasks.  This can leave the business exposed to data loss resulting from equipment failure, extreme weather, fire, and other contingencies.  To avoid these risks, businesses need to bring the protection of ROBO data under the control of IT staff at headquarters and/or the primary corporate data center.   This centralized data reduces both risk and cost by enabling IT to leverage the infrastructure and trained staff already in place.

Centralization of backup operations makes even more sense in light of the fact that the location of data doesn’t affect its value.  That is, data sitting on a salesperson’s laptop may require the same level of protection as a file residing on the mainframe.  Compliance, privacy, retention, and recoverability imperatives relate to the type of data involved – not the particular device on which it is stored.  So IT organizations must be able to apply a common set of best practices to all data across the organization.

In other words, IT organizations can’t apply one set of business continuity standards to corporate headquarters and another to ROBOs.  They must be capable of protecting high-value data regardless of where it happens to reside.

Getting control of ROBO data
The good news is that businesses can take advantage of existing infrastructure to protect ROBO data and keep it highly available across the enterprise.  To do this, IT needs to implement data protection processes in both directions between ROBOs and the data center.  Of course, many companies already use ROBOs to back up data from the corporate data center.  But most don’t do the same thing in the other direction for data generated in the ROBOs themselves. 

In a recent article titled “Survey: CIOs Lack Confidence in their DR Plans,”2 Forrester Research senior analyst Stephanie Balaouras noted that although many IT executives are uneasy and don’t have a formal DR plan in place, 60 to 70% of enterprises do have a backup datacenter.  Typically, these backup datacenters tend to be at remote branch offices or disaster recovery facilities.  IT can widen data protection and achieve shared efficiencies by creating a cross-network DR methodology that protects both their remote branch offices and corporate headquarter simultaneously, which can greatly reduce risks and cost. 

Donna Scott, vice president and distinguished analyst at Gartner also highlighted the advantages of a company-wide DR plan at the May 2007 Gartner Midsize Enterprise conference.  During her presentation, “Trends and Directions in Disaster Recovery Management for Midsize Businesses,” Scott stated that “companies that have more than one facility should consider a ‘shared use mode’ for DR.  This approach provides a cost effective way for companies to set up DR sites.” 3

Companies often deploy a variety of disparate solutions in an attempt to address their tactical data protection, business continuity and DR issues.  Unfortunately, these disparate solutions wind up increasing the complexity of their IT infrastructure – while still failing to adequately bring management of their remote data into full compliance with corporate policies.

Generally speaking, there are five main challenges IT organizations face in managing ROBO data:

  • Centralized control and consolidation of data
  • Security and transport
  • Continuous remote accessibility
  • Consistent compliance with corporate data protection policies 
  • Management of data growth

A report by Forrester on “The Evolving Branch Office” echoes this list by citing the high-priority initiatives that IT organizations had underway last year.4  In addition to discussing general weaknesses in the performance of backup and recovery services, the report referred to the fact that “branch office backup and recovery is even more troublesome, requiring the deployment of local software, backup servers, tape, disk, and — most important — experienced staff to manage the process.” and that “…most enterprises don’t have a disaster recovery strategy for their branch offices.”  The report also noted that “Enterprises must archive ever-increasing amounts of data in order to comply with ongoing regulations like Sarbanes-Oxley.”

To address all these requirements, the ideal solution combines security, data transport and recovery management technologies.  To efficiently provide the full continuum of recovery management, it should offer a centralized recovery manager that integrates backup, replication, continuous data protection (CDP), failover and failback to provide business continuity for the data center and remote offices.  Likewise, remote systems can be used to help ensure overall business continuity. This provides multi-layered business information protection based on the business value of data and applications. In addition, it should include the ability to regularly test recoverability of enterprise-wide data, including at ROBOs.  Centralized data protection allows organizations to enforce corporate policies for data protection and retention and mitigate risk with their remote data.

Companies ultimately determine where their data resides based on the specific needs of their business and their workers.  Regardless of the approach, remote data must be secured, protected and available to mitigate risk to the business.

The components of ROBO recovery management
To provide the desired level of control while simplifying management, an effective ROBO solution should provide multi-layered protection in a way that unifies the administration of all software components under a single user interface in a single administrative environment.  

These components should include:

  • Enterprise-wide management and reporting for flexible, granular control of information and recovery management
  • Consolidation of remote data in corporate data centers or other designated location(s)
  • Replication with integrated CDP for true point-in-time data recovery from a secondary location
  • High-Availability for failover of mission-critical applications
  • Transparent high-performance backup and long term archiving
  • Ongoing disaster recovery site testing, providing IT executives with much needed confidence

These components address key recovery management issues driven by business requirements including:

IT Issue

Business Need

Requirements

Data protection

Safeguard critical business information

A disaster recovery solution that offers continuous asynchronous, real time, WAN replication of files and databases such as Exchange, SQL, Oracle. Integrated continuous data protection.

Application availability

Business continuity

A high availability solution that allows fully automatic failover and failback – and that provides continuous replication, failover and CDP.

Data distribution and consolidation

Consistent treatment of business information anywhere across the enterprise

A Branch Office solution that provides data consolidation and distribution –  including multi-directional replication, flexible failover, integrated CDP, policy-driven backup, and consolidation of data to any location(s) of choice.

DR compliance

Best-practices governance of DR measures

A solution that allows for automated testing of disaster recovery sites located at branch or satellite offices.  Should test systems without disruption and ensure that failover will occur in the event of a disaster.

Continuous data protection

Accelerate recovery and minimize data loss

A Continuous Data Protection solution with continuous replication of all changes that allows for rapid recovery from corruption for databases and file servers.

The benefits of integrated recovery management
The key to successfully implementing a complete recovery management environment is integration.  An ideal recovery management architecture will fully integrate replication, failover, traditional backup, andCDP.  This integration allows for consolidation of backups from multiple branch office servers into a central data center location, while simultaneously delivering the benefits of disaster recovery and continuous application availability.

The centralization and consolidation of backups across branch offices into a single facility significantly reduces the need for sophisticated IT support at every location.  This approach also eliminates the risks associated with tape transport and reduces overall tape media and handling costs.   It also offers significant improvements in efficiency over the type of isolated “mini” data centers that are typically used in a fragmented manner to manage critical enterprise data in branch offices.   Other benefits of integrated recovery management include:

  • Eliminating the cost of separate disaster recovery facilities
  • Reducing the risk of having backups at ROBOs managed by non-IT staff
  • Reducing costs and improving scalability through economies of scale
  • Mitigating security risk by eliminating physical data transport
  • Alleviating legal and financial risk by protecting distributed Intellectual Property (IP)   
  • Mitigating business impact with high availability and disaster recovery

To realize the benefits of a remote workforce while minimizing the risk, organizations need to implement recovery management practices that centralize management of ROBO backup and disaster recovery.  Only by integrating high-performance backup, replication, failover, CDP, high availability and automated DR testing can today’s geographically distributed enterprises cost-effectively access, consolidate and distribute data to and from the corporate office and remote locations.

Ultimately, if organizations don’t provide adequate protection for all their business-critical data, no matter where it resides, they risk a lot more than simple disruption of daily operations – they risk going out of business.  Not paying proper attention to your data in remote offices can cost you everything!

About the authors
Patty Then is senior product marketing manager for CA’s Recovery Management solution. Patty has more than 25 years of IT industry experience and has worked in various capacities including technical systems engineering, management, sales and education.

Frank Jablonski is director of product marketing, responsible for CA’s Recovery Management solution.  Frank has more than 20 years of experience in building and expanding IT product portfolios.

  1. “WAFS Delivers Advantages to Remote Offices,” Elliot King, Windows IT Pro, April 7, 2006
  2. “Survey: CIOs Lack Confidence in their DR Plans,” Shamus McGillcuddy, September 26, 2006
  3. Gartner, Inc., Gartner Midsize Enterprise Summit 2007, Atlanta, GA, Gartner presentation “Trends and Directions in Disaster Recovery Management for Midsize Businesses,” Donna Scott, May 17, 2007
  4. “The Evolving Branch Office: Intelligently Reducing Your Network Infrastructure Footprint,” Forrester Research, October 4, 2006