Explore the TechTarget Network at SearchTechTarget.com.

ALL COLUMNS
MAR '04 TABLE OF CONTENTS

Additional Columns
Behind the firewall: LSI Logic and StorageTek team up for storage arrays ... EMC lures users from Veritas with freebies ... ILM backlash begins ... Brocade's Meteor will descend from the heavens soon.
Less tape talk, more tape testing: Less tape talk, more tape testing
The benefits of application-specific storage: In order to reap the benefits of application-specific storage, storage managers need to communicate with IT and business managers to gain a better understanding of their storage needs.
Companies are doing interesting things with object-based storage that might make ILM useful.: Storage Bin: So far, all of the ILM talk has been fluff. But there are some companies that are doing interesting--and potentially revolutionary--things with object-based storage that might make ILM useful.
  >> SEE ALL COLUMNS

Features
How to get the best deal
Database archiving done right
Slash SAN costs
Consolidating NAS pays off
Tape type matters
  >> SEE ALL FEATURES

Tools, Trends & Analysis
No SAS for Networked Storage
Virtual Servers in a Storage World
What's Worth Outsourcing?
Steamship Authority Sees Less Tape on the Horizon
Storage Pros of the World Unite!
  >> SEE ALL TOOLS, TRENDS & ANALYSIS

Our Sponsors Find out more about this month's Storage Magazine advertisers by clicking on the company names below to contact them and request more information on their products and services.

>> SEE ALL ADVERTISERS
printer friendly
e-mail a friend
Creating effective data storage policies: It's essential to create sound strategic, tactical and organizational policies to keep your organization from running amuck.
by: Stephen Foskett
Issue: Mar 2004

PREV PAGE  2  NEXT PAGE

The hierarchy of storage policies

Policies are the internal laws of an organization. Enterprise policies shape the behavior of business units into a common cooperative effort. Just like legislation, policies are often developed in response to a disaster and can have unexpected consequences. Developing effective policies requires an understanding of organizational imperatives and a periodic review to ensure they're still appropriate.

Although some policies are unique to an organization, there are often many commonalities between policies in different organizations. We find it helpful to divide policies into three categories: strategic, tactical and operational. (See "The hierarchy of storage policies")

Time to strategize
Strategic policies define the overall business imperatives. Think of the U.S. Constitution: Strategic policies are analogous to the Bill of Rights. There should be just a few, and all other policies should be assessed in light of them. Strategic policies are going to vary less from company to company. Here are some common examples:

  • Standardization. Storage services shall conform to a defined set of offerings, except in extraordinary circumstances.
  • Centralization. All storage shall be provisioned and managed by the centralized storage management group. No business may run its own storage infrastructure.
  • Service level agreements (SLAs). Storage shall be provided to internal customers according to negotiated SLAs.
  • Cost accounting. Business units shall be responsible for their portion of the cost of delivering storage services.
You can see that strategic policies would provide discipline to govern the business units and IT team. Storage would be standardized and cost accounting ensures customer requests don't get out of control. SLAs force IT to come to terms with what levels of service it can really deliver.

Strategic policies like these result in the alignment of the perspectives of the various parties at the negotiating table. IT managers often fear that if they offer solutions that are too costly, users might walk away and create their own infrastructure. We call this the CompUSA argument: "If I can buy a Pentium 4 PC at CompUSA with a terabyte of storage, why shouldn't I?" This is a red herring, but tends to be rehashed. Strategic policies let everyone focus on negotiating the right level of service from the perspective of the provider and the consumer.

Without alignment at the strategic level, efforts to create and enforce tactical and operational policies likely will fail. Without setting ground rules, tactical and operational policies can exacerbate any misalignment by forcing the IT organization and business units into a straightjacket of rules that are not in the best interest of either party.

Time for tactics
Tactical policies put the strategy into practice, governing the management of the storage infrastructure. They must be set within the framework of the strategic policies. Strategic policies are likely to look similar regardless of your business, but tactical policies will often look different. The following policies would support the goal of standard service levels:

  • Data classification. Data will be classified into four tiers based on business value and risk.
  • Data identification. Weekly reports will be developed to expose new or substantially modified data.
  • Data protection. Data will be protected with a combination of tape backup, interarray mirroring and off-site replication, creating four levels of protection.
It should be obvious that these are much more implementation-specific. The number of tiers or protection options will vary depending on technology and business needs. This would be the place to specify exactly how metrics would be gathered and data would be protected.

The key to success is to make tactical policies as specific as possible. We've spent hours in meetings listening to storage administrators and application owners discussing whether or not to use a certain tool. These discussions can be preempted if the specific tools have been determined and documented ahead of time.

PREV PAGE  2  NEXT PAGE



printer friendly
e-mail a friend

Storage Magazine is part of the TechTarget portfolio of enterprise IT-focused media.
© 2002-2005 TechTarget. All Rights Reserved. Read our Privacy Policy