This article can also be found in the Premium Editorial Download "Storage magazine: Storage Products of the Year 2005."
Download it now to read this article plus other related content.
Are your data archives secure?
Archiving data helps your company meet regulatory requirements and save primary disk space, but it can also put data at risk.
DATA ARCHIVAL IS certainly nothing new. Ten to 20 years ago, when disk drives were extremely expensive, large organizations archived data to tape to save precious hard disk real estate. When IBM introduced its Adstar Distributed Storage Manager (ADSM) in the early 1990s, one of its killer features was the ability to archive and retrieve data directly from desktop PCs.
These archiving anecdotes may seem quaint now, but automated desktop archival at that time was pure magic. It was also expensive, as archiving required a significant investment in tape drives and automated software. As a result, archiving was the exclusive domain of the IT elite.
Archiving for the masses
Things have certainly changed in the past couple of decades. Storage prices are now measured in the pennies per-megabyte range and archiving data is an everyday activity synonymous with tiered storage and information lifecycle management (ILM). What's more, government regulations like HIPAA, SEC 17a-4 and the EU Anti-Terrorist Declaration have transformed archiving from something that was nice to have to a global requirement. After all, some regulations mandate records retention for periods of more than 20 years!
This archiving transition
This, of course, begs the obvious question: Are these vendors panning for "fool's gold" or were their instincts about archival accurate? Enterprise Strategy Group (ESG) recently conducted a research project to discover the real deal about data archiving. The survey results are based on responses from more than 500 North American storage professionals.
Our data archiving research indicates that storage vendors that bet on archival growth were prescient indeed. More than 30% of respondents have deployed some type of archival solution for databases and/or e-mail. Most of the remaining storage professionals are planning to deploy archival solutions over the next year or are interested in deploying archival solutions but have no solid timeline yet. What's driving these decisions? It's a combination of new and old requirements. Respondents tended to implement or consider data archival solutions to meet compliance/legal requirements or to realize greater storage/IT efficiencies. Needless to say, archival capacity is growing rapidly as more data-retention requirements arise.
Archiving is booming as a result of increased demand, cheap storage and automated ILM software, but that's not the end of the story. Archiving and ILM mean that confidential data is constantly replicated, moved and stored in multiple places. As a security professional, I immediately recognize the risks this creates. Remember, I'm the guy who says, "Without security, ILM is DOA." Am I alone in my paranoia?
This was first published in February 2006