Enterprise Strategy Group
Published: 15 Dec 2003
I was driving up South St. in Hopkinton, MA, the other day. South St. is a typical New England thoroughfare with its share of Cape Cod-style houses, commercial buildings and a local watering hole called The Pond House. It's also the home of EMC Corp. As I made this familiar drive, I realized that I started my career here 17 years ago, working for a then-young upstart EMC that occupied a single, unassuming building.
Hopkinton has really boomed since then. Forests and dirt roads have given way to developments of four-bedroom colonial homes and the population has grown by thousands of people. All of this growth has led to new town infrastructure. EMC went from one building to a good half-dozen large facilities, all with their own requirements for public infrastructure.
Hopkinton's growth provides a good analogue to the challenges faced by IT professionals tasked with managing storage. Like the sleepy little town west of Boston, storage capacity has grown every year and will continue to expand. This growth has led to problems with infrastructure, services and operations.
IT storage executives must ensure that their storage town can continue to support its constituency while coping with continuous growth. To accomplish this goal, CIOs need to adopt a more proactive approach. Here are a few suggestions for a successful transition.
- Data classification is a must. To meet the needs of its citizens, Hopkinton must track its tax base, anticipate revenue and plan appropriately for the town's needs. Similarly, IT managers must assess storage needs by classifying data and developing appropriate processes and services for each data type.
Don't proceed with this important task in a vacuum. Instead, look around IT and you'll find a successful example of data classification as a model. Information security professionals have dealt with data classification for years with a combination of policies, procedure and technology. Public sector data--especially military or intelligence data--is segmented by types such as unclassified, sensitive but unclassified (SBU), confidential, secret and top secret. Private sector firms use titles such as confidential, proprietary and for internal use only to communicate the same type of hierarchy. Technology is used to distinguish who has access to information (authorization) and which information they can see (access control).
Storage professionals should use this security process as a model. First, create a tiered hierarchy that maps different information to different policies and procedures. For example, there's a difference between supporting information (e.g., employee personal files), business-critical information (e.g., e-mail, manufacturing data) and mission-critical information (e.g., customer databases). The data classifications should determine data protection schemes, retention policies (don't forget about regulations here) and storage technology decisions.
- Don't wait for next-generation information life cycle management (ILM) tools here. A good data classification process will help you save money and keep you one step ahead of the storage capacity avalanche.
- Focus on storage operations. Growing towns like Hopkinton can't expand on a haphazard basis. It's the same with storage technology. Your company adds a few storage area network (SANs), implements a couple of network-attached storage (NAS) boxes on the network, mirrors some databases over an OC-3 and backs up a few servers over a designated LAN to a tape robot. Each of these projects may be manageable, but when you add them up you've got an operations nightmare.
Continuous storage growth means that IT must view storage as a system, not a number of individual piece parts. Look at storage on a macro level and ask yourself some important questions like: Do the technologies interoperate? How will IT track changes and manage configurations? How can we manage all of the individual systems in a collective manner? What skills do we have in the IT organization and which new skills will we need?
Want an example of how bad things can get if you don't follow this advice? Look no further than the networking organization. Because the network grew on a piecemeal basis, chances are good that the network team is in constant fire-fighting mode as they try and keep up with constant change. While some of this is inevitable, IT executives will be best served by tracing the roots of these networking problems, then designing proper operational procedures to alleviate them upfront on the storage side of the house. Without this proactive work, the next best advice for storage administrators is to buckle up because it's going to be a bumpy ride.
- Distributed storage assets must be protected. The town of Hopkinton couldn't have grown without an increased investment in police and fire services. Citizens and businesses from one end of town to the other must be guaranteed ample protection against perceived and real security threats.
Storage planners must recognize that they face a similar requirement and invest in storage security planning, processes and technology. Let's face it folks, storage is a networked resource and networks have well-known secret entrances for bad guys. To combat this, build a plan that looks at everything from physical security, storage-specific security and coordination with the security team on confidentiality, integrity and availability issues that span the entire enterprise. Remember that the more storage gets connected, the more it will share network infrastructure with e-mail, peer-to-peer and Internet traffic. This means that the next worm may be speeding along the Infobahn alongside your critical remote mirroring traffic.
Don't underestimate the importance and expense of making storage security a priority. Ultimately, storage holds the crown jewels, so you can bet that hackers are intent on finding ways to hack into the storage domain. Make sure that all storage doors are locked and windows bolted shut before it's too late.
- Emphasize IT governance. Hopkinton can put up schools and buy new police cars, but none of these investments are any good without a town government. It's the same in the storage world. Technology is great, but it serves no purpose unless it's managed and operated correctly.
This process begins with formal IT governance. Each and every IT activity must be standardized, documented and measured using an established IT governance model such as ITIL, ITSM, or CobiT. These models take time to establish and require a commitment across the entire IT organization. Once they are in place however, they do produce results such as higher availability, improved operations and lower capital expense.
As far as storage is concerned, IT governance is a perfect solution for coping with continuous growth. All of the models described earlier provide a recipe for planning, implementation, operations and measurement. This will supply IT managers with the structure to deal with the otherwise chaotic storage growth.
The price of homes in Hopkinton, MA, has skyrocketed over the past 17 years. Some of this growth is related to the economy and the Massachusetts housing market, but Hopkinton has outpaced neighboring towns. Why? It was able to change from a rural farming town to a modern industrial suburban town with a combination of good planning, management and a commitment to service.
IT storage teams have a similar challenge in keeping up with massive and continuous capacity growth. By classifying data, focusing on storage operations, making security part of storage and emphasizing IT governance, storage professionals will succeed in coping with growth and satisfying the needs of their own citizens.