4 questions to ask when modernizing your data security and management systems

Here are 4 questions to ask when modernizing your data security and management systems.

• 

  1. What type of data are you trying to protect?

  Every organization has their “crown jewels” they need to protect: customer information, employee details, and other data. You’ll need to think about this data differently than other data that you need to retain simply for compliance purposes. Be thoughtful about your entire data estate, particularly how many copies of data you need to retain, and for how long.

  When it comes to designing your modern data protection platform, you’ll likely store your data in one of three ways: as backups, replicas, or archives.

  • Backups are formed from a primary copy and result in deduplicated, compressed, and encrypted data. This processing is performed once on the data, and then the processed backup data can be copied to a replica or an archive.
  • Replicas are generally used for short-term retention, typically months, not years.
  • Archives are typically used for longer-term retention and are often kept for years. They’re often used for compliance and regulatory purposes.

• 

  2. How long do you need to retain the data (and how quickly might you need to bring it back online in the event of a disruption)?

  For example, a compliance team might need to pull a three year old contract to respond to a request from an industry regulator.

  If, for example, you’ve got aggressive RTO and RPO targets and a long-term retention requirement, you’ll want to consider a deployment across multiple data centers with multiple copies of data—as well as an archive as described above

• 

  3. How will your data center strategy affect your approach?

  Organizations have data in more places than ever: on-premises, in the public cloud, and at the edge. Moreover, this footprint is evolving along with business requirements and CapEx / OpEx targets. In our experience working with over 4,000 customers, we’ve seen three popular architectures emerge:

  Active-Standby. Here, workloads operate out of a single data center. Often, there will be a standby disaster recovery site that takes over in the event of an outage.

  Active-Active. In this setup, primary workloads are split across two data centers. In the event of a data center failure, the remaining data center can take over the entire load.

  Hub and Spoke. This option is popular in certain verticals like retail. Workloads are characterized by a large set of remote/branch offices that are then connected to a single data center.

• 

  4. What’s your minimal viable company (MVC)?

  An MVC is the collection of applications, infrastructure, and processes that must be restored for the business to function at a minimally viable level. These systems must be brought back online first; all other systems are a secondary priority. IT leaders must employ MVC when planning their incident response and recovery strategies—and their data topology.