Barbara Imbert at Seagate recently blogged about Symantec’s 2010 SMB information security survey.  As a summary of the findings:

  •  
    • 74% are Somewhat/Extremely concerned about information protection
    • 42% lost confidential/proprietary information in the past 12 months
    • 100% saw losses – lost revenue & direct financial costs
    • In the past year, 62% lost devices and 73% saw cyber attacks

Scrolling down in the survey, to the Backup, Archiving and Disaster Recovery section:

  •  
    • 47% of respondents never backup
    • 39% said it never occurred to them to do so
    • 50% uses the same software for backup and archiving
    • 43% have no plans and/or no formal plans for a disaster preparedness

Why is this?

My opinion > because in many ways, the backup industry hasn’t kept up with the changing demands of data protection.  The workloads have become more advanced but the mechanisms of data protection haven’t always maintained parity.  I would offer some predominant causes (or symptoms):

1)  Legacy backup mechanisms that can’t aren’t agile enough to keep up with the newest workloads. 

If you have heard one of my live sessions at TechEd or MMS, you know that this is a sore spot for me.   I often hear folks say, “My current backup solution works fine on standalone SQL Server databases, but it has challenges protecting the content within a SharePoint farm  (which, by the way are just SQL databases)”.  The reason is that a SharePoint farm can be a very organic thing.  Data protection technologies that can leverage best-practice mechanisms like Volume Shadowcopy Services (VSS) can adapt and reliably protect an advanced workload like a SharePoint farm.  Those legacy or general-purpose backup mechanisms that don’t, can’t or choose not to use VSS will likely have more challenges (and supportability issues). 

Similarly, customers have told me that “My existing backup solution worked great with Exchange 2003, but had a few issues with Exchange 2007 when we tried to take advantage of CCR/SCR.  We are waiting to deploy Exchange 2010 until the backup solution supports DAG.”   The last part of that pains me = waiting to take advantage of new features because the backup solution hasn’t caught up yet.

2)  The mechanisms of data protection aren’t changing fast enough

There are still products out there that want to be “Disk to Disk” but using Tape methodology to protect whole files or store ‘lots’ instead of ‘littles’.  Most folks have figured out that nightly tape is never enough and that disk provides a faster recovery and more efficient backup, but some of the backup technologies still struggle with converting their legacy tape-based approaches to what is needed to reliably and more regularly back up their customers’ data today.

Lauren Whitehouse, an analyst at Enterprise Storage Group, blogged earlier this year that “Backup is Broken” -- http://www.dataprotectionperspectives.com/2010/01/broken-backup/

She talked about how even if you recognize that you need a better backup solution, it may be difficult for you to displace what you already have.  Lauren goes on to talk about how the need to deploy backup as part of a new software or platform deployment, not afterwards.  Of course, that takes us right back to point #1, showing that folks are either waiting to deploy sorely needed new capabilities, or to Lauren’s point, they are deploying without adequate backup and struggling to catch up later (when the existing backup solution finally updates their capabilities).

3)  Backing up advanced workloads can be hard

In many cases, problems #1 and #2 aren’t caused because backup vendors don’t want to do the right thing.  It’s because, like in life, the right thing is often hard. 

It can be challenging to write the software to back up an advanced software workload while still continuing to offer the wide range of capabilities that your legacy users are used to having. 

It can be challenging for IT staffs to learn new backup tools or methodologies.

One answer = DPM

DPM

These are some of the reasons that Microsoft built System Center Data Protection Manager.

1.  To ensure that you have a reliable (and supported) way to back up the latest generation of Microsoft workloads including Microsoft Exchange 2010, Microsoft SQL Server 2008 R2, Microsoft Office SharePoint 2010, and Hyper-V R2.

2.  To deliver a unified solution for disk-based, tape-based and cloud-based backup within a single set of offerings.  In this case, DPM 2010 provides native D2D and D2D2T solutions, and has partnered with companies like Iron Mountain for CloudRecovery

3.  DPM leverages VSS so much of the ‘hard part’ of interfacing with the applications is taken care of by the application itself.  As an example, by using only the Exchange VSS writer as our interface into Microsoft Exchange, we don’t have to try to reverse engineer or secure data in other methods.  The Exchange team wrote the Exchange VSS writer, so all DPM has to do is USE IT.  It ensures that the data is protected and restored in a reliable and supported way.  And as part of Microsoft bringing enterprise-class capabilities to mainstream (in this case, data protection), DPM 2010 uses wizards and workflows, combined with auto-grow, auto-discovery, and error-handling mechanisms to hopefully make DPM an easy to acquire, deploy and maintain backup solution that is worth migrating to.  DPM isn’t the only Microsoft technology that continues to evolve to meet your data protection and availability needs:  Exchange 2010 DAG, Windows failover clustering, SQL mirroring, Hyper-V R2 LiveMigration are all stepping up to make availability and protection easier.  In fact, as a small amount of self-promotion, my book on just this topic comes out later this month.

The statistics that Symantec surveyed are scarry.  When it all comes down, IT is almost always about the ‘Data’.

What is scarier is that some technologies do keep up with your data protection needs (and workloads) and are easy to use – but not everyone is using them yet.

 Thanks for reading

Check out Jason's other blog posts on Because It's Everybody's Business Jason Buffington
Senior Technical Product Manager – System Center

Email Jason Buffington at Microsoft Jason on Facebook Follow Jason on Twitter Jason Buffington on Linked-In Jason's blog is "All Backed Up"MOBI TAG for JBUFF (expand and aim your phone at this one)Jason plays as DarkJediHunter on Xbox Live Jason blogs about family friendly games at XboxDad.com
System Center Data Protection Manager
System Center Essentials
Check out my other posts on Because It’s Everybody’s Business