With hurricane season in full swing, disaster recovery (DR) is top of mind for many data-storage professionals. But it isn’t just natural disasters that are complicating the lives of storage professionals in 2018. With the amount of unstructured data at an all-time high, organizations are struggling to effectively manage, analyze and act on their data. In addition, new laws such as the General Data Protection Regulation (GDPR) are creating compliance and security challenges that make having a strong DR plan even more crucial.
In addition to compliance and unstructured data, storage professionals working in disaster recovery face several other challenges. It may seem like an uphill battle, but by understanding these issues and identifying the right technology and strategies to address them, they can develop a strong DR plan for their company.
Embracing the Compliance Era
The GDPR was created to strengthen and unify data protection for individuals in the EU while also regulating the export of personal data outside Europe. On the surface, it would appear to affect only organizations based in Europe, but it actually affects any global company managing European-customer data. The GDPR brought tougher requirements for organizations that store “personally identifiable data,” such as names, photographs and addresses. To ensure compliance, businesses and their IT departments must first determine what personal data they have and then identify where it’s created, where it resides and who owns it. To best achieve this feat, companies should perform an audit to determine what personal data exits, what applications store or use personal data, who has access to the data, and how that data is accessed. They can then enact policies to secure the data and ensure compliance with the regulations.
The GDPR also imposes more-stringent requirements when data corruption or a breach occurs. Under the new law, enterprises must notify a data-protection authority within 72 hours of learning about the issue. Having a proper high-availability (HA) and DR strategy to minimize business impact and potential fines has never been more critical.
Preparing for IoT and Other Next-Gen Technologies
As machines and devices become more intelligent and can more easily share information with each other, the amount of unstructured data increases considerably. More enterprises are investing in connected devices, but they’re unprepared for the associated data-management challenges. In addition to storage problems, risks increase because many connected devices (e.g., wearables) weren’t created with security in mind. When developing a disaster-recovery plan for a connected enterprise, considering how to handle the data is critical.
The IoT creates data more quickly than traditional IT systems. For example, a recent article about the new Airbus 380-1000 noted that each wing will have 10,000 sensors. The current A350 model has 6,000 sensors across the entire airplane. And that growth of IoT devices is occurring across multiple industries. So data handling becomes crucial to a successful DR plan. For example, the type of data is important: Is it public or private? And if it’s private, is it sensitive or confidential or both? Is saving it necessary? Data from IoT devices requires analysis but does it require storage? And where do you keep it? Again, back to the type of data—it can simply remain on site or reside at a recovery site that mirrors the primary site.
Supporting Test-Environment Challenges
IT professionals recognize the value of conducting regular disaster-recovery tests. However, the testing process is complex and extremely expensive, which means it’s often pushed aside for other IT priorities. Rapid data growth only amplifies this issue: according to a Statista survey, a major challenge facing organizations that wish to deploy a test environment is that they have multiple versions of the environment. In addition, 48 percent were unable to manage the needs of test environments, such as network- and service-virtualization facilities. Without a solid testing environment, creating a proper disaster-recovery plan is difficult.
Managing the Skills Gap
The skills gap isn’t a new challenge in 2018, but it’s an ongoing one. According to a report from CompTIA, 46 percent of respondents said the skill gap had become more a problem in the past two years, and 54 percent were struggling to identify and assess skill gaps in their organizations. IT departments must have the right skills for all types of DR scenarios, including management skills such as disaster-recovery planning and process knowledge for documentation and planning. IT skills (data protection and compliance) are necessary to simulate a disaster and test the recovery plan. The GDPR as well as companies’ ongoing mission to protect their data, a rise in the need for data-protection experts is unsurprising. The surge began in 2017 as the EU prepared for the new law. Consultant and IT-associate positions specific to the GDPR are also on the rise, as are audit- and security-specific IT roles.
Facing Financial Limitations
Although an IT disaster-recovery plan is a great start, businesses must still fund the infrastructure and associated costs of disaster recovery. Surprisingly, many are spending less than $50,000 annually on recovery capabilities, and some don’t spend anything at all. The rise of low-cost software-defined storage gives companies the ability to protect more data at a more granular level while also enabling better “recovery-point and recovery-time objectives” at a much more compelling and palatable price.
Disaster recovery is a crucial part of any IT operation. New challenges will arise each year, and IT teams must be adaptable and ready to address them. Recognizing the challenges and identifying the people, skills and technology to address them is an important first step.
About the Author
Michael Dilio is product- and solutions-marketing manager at SUSE. He is a senior product-strategy and marketing specialist with a strong expertise in relationship management. He oversees the software-defined storage category, where he leads messaging for a variety of solutions. Before SUSE, he held senior marketing positions at Cisco, NetApp and Lenovo. Mike received his BA in business management from Pace University.