By Jim McDonald

Data protection management (DPM) solutions have moved beyond reporting and analyzing backup problems to ensuring that data is safe, secure and accessible. Today's DPM solutions offer a multidimensional focus across different data protection techniques and technologies, providing cross-technology domain event correlation and root cause analysis for a more in-depth and active view of data protection effectiveness.

Basic functionality for DPM includes backup activity and media usage reporting with a shift towards multi-tenant and cross-technology analysis and automated event correlation for complex data protection tasks. Next-generation DPM capabilities include management of multiple types of data protection tasks in various combinations along with integration of different vendors' infrastructure resource management and data protection technologies for event analysis and planning.

To ensure business continuity and regulatory compliance, DPM solutions need to meet the following criteria

Backups Must Contain All Business-Critical Data

It is possible for a backup to complete but fail to contain the required data. For example, any Microsoft Outlook files that are in use when a server is being backed up will be excluded from the backup. Other data, such as feeds from upstream systems or references to file systems that no longer contain files due to a prior data migration, may not be present. The backup system will copy and protect whatever data is available and report success on completion, unaware of the required presence or state of critical data.

DPM products need to look for anomalies in the backup process. A backup that shows a significant decrease in the amount of data backed up should be flagged, even though the backup software reports the successful completion of its task. A "successful" backup that reports large numbers of unavailable files or misses specific business-critical files also needs to be flagged for further investigation.

Backups Must Complete Within an Appropriate Window

When a backup runs can be important information. For example, a backup of a trading database during the business day will contain intra-day data that may be inconsistent and of minimal, if any, use. Further, the act of backing up will degrade performance on the server being backed up and can cause significant business issues. To ensure that the backup is useful and does not impact business, it must start and end within an appropriate window.

An effective DPM solution allows the user to generate different backup windows for each server and offers flexibility to modify those windows to take into account weekends and business holidays. Reports must be available so that users know not only if a backup was successful but also if it started and ended in the designated window. Ideally, the DPM solution will generate an alert when a backup is in danger of going out of window, enabling the user to reschedule the backup and avoid performance degradation or a negative impact on business.

Backups Must Be at the Right Level

Companies often run different level backups on different days, with full backups containing all of the data required to restore the server and incremental backups relying on data from the previous full and subsequent incremental backups. Incremental backups are popular because they take less time to complete and lower storage requirements. However, there is a subsequent cost on the recovery side as the time and number of tapes required to fully restore the server or application increases with each incremental backup, as does the risk of a bad tape preventing a complete restoration.

A policy covering backup levels needs to be put in place within the DPM product that provides details of either how often a full backup should run or the maximum number of incremental backups that can be run between two full backups. A policy on the maximum number of tapes required for a restoration or the length of time between full backups should be put in place and enforced through automated checks.

Backups Must Cover the Entire Application

An application that can be described in business terms, such as "the customer Web portal," for example, may actually consist of multiple servers, databases, file systems, and other components that have no inherent relationship. In a recent white paper ("Business and Application Aware DPM: A look at the evolving landscape of data protection management [DPM] and infrastructure resource management [IRM]," May 2007), Greg Schulz, founder and senior analyst for the StorageIO Group, wrote "Given the complexities and interdependencies of applications that rely on multiple servers, operating systems, databases and IT resources, backup and DPM tasks similar to performance and capacity planning or change control and configuration validation need to look across the different technology domains that are used to support the application." Unless all of the pieces of each application have been backed up, the ability to restore the application is at risk.

It is important that the DPM product be able to display a consolidated application-level view of data protection. The restoration point for the application is going to be further back in time than the last successful backup of any part of the application, but how much further back? Equally important, how long will it take to restore the application? Due to the manual nature of the restoration process, it is hard to get an accurate answer to the latter question, but a good estimate is a very useful number to have.

Backups Must Be Set to Expire at the Right Time

With the advent of legislation that requires data to be available for up to 10 years, businesses need to have a clear data expiration policy for backups, based on both internal and external requirements and defined separately for different categories and types of data as required. Backups need to be classified against these categories and types, and checks must be made at the point of backup to ensure that expiration dates are set correctly. Checks also need to be made to ensure that any tapes containing expired backups are either destroyed or recycled.

The DPM Solution Must Optimize IT Resources

The DPM solution should be able to help users maximize their current technology by identifying and assisting with optimization of IT resource usage in terms of effective performance, availability, and capacity utilization. This capability should aid users in determining their future IT resource needs. The DPM solution should also have the ability to identify orphan storage and data that needs to be backed up and protected as well as provide support for audits for compliance and to ensure that protected data is complete and recoverable in a timely manner to meet service objectives.

Conclusion

In his Business and Application Aware DPM whitepaper, Schulz wrote, "Data protection today is as much about ensuring that data protection meets compliance and coverage requirements for service level objectives as it is about optimizing the use of IT resources to contain and reduce costs and expenditures."

The data protection management landscape continues to evolve to support timely and cost-effective data protection so information is safe, secure and accessible when and where it's needed. The increase of regulatory requirements along with pressure to meet service levels while maintaining 24x7 data availability has resulted in data protection interdependencies across different business, application and IT entities. Consequently timely and effective DPM requires business and application awareness to correlate and analyze events and conditions that impact service and IT resource usage.

Jim McDonald is chief technology officer for WysDM Software Inc.
www.wysDM.com