How can you keep critical data safe when disaster strikes? There is no one magic answer, but there are steps your business can and should take to protect important files and applications in the event of a disaster.
云计算提供商工程经理杰克·贝利(Jack Bailey)说:“没有银弹来恢复灾难。”伊兰。
"When outage horror stories take over headlines, executives tend to have kneejerk reactions and look to adopt whatever disaster recovery offering they can implement fastest," he says. "But every organization and location is unique, and failing to thoroughly assess your situation may lead you to adopt a solution that is expensive overkill or cheap and inadequate."
And while most IT executives and data management experts acknowledge that there isn't one failsafe solution to protecting and recovering data, they agree that there are certain steps organizations should take.
在发生灾难时,公司应采取哪些必要的预防措施来保护关键文件和应用程序?数十个数据存储,数据管理和灾难恢复专家共享他们的建议。以下是有关如何进行防火数据(文件和应用程序)的前12个建议。
1. Conduct a data assessment.“了解您的高价值数据资产 - 您的客户信息和其他敏感数据现场,哪些文件大量使用,使用它们以及与哪些部门相交的部门,”副总裁戴维·吉布森(David Gibson)说,Varonis,全面数据治理软件的提供商。“通过使用智能和数据分类,您可以更好地确定灾难发生后需要的数据,以及谁需要访问它。”
"Use the 80/20 rule," says Michael de la Torre, vice president, Product Management, Recovery Services atSUNGARD可用性服务。"Not all data is created equally. It's costly to ensure that every piece of data is always available and quite frankly most of it isn't critical to business functions," he notes. "By applying the 80/20 rule, a company can tier out its critical data and applications to decide which 20 percent is the most crucial to protect," he says.
2. Work with a trusted partner to disaster proof data & systems."Use an experienced partner to ensure your [storage and disaster recovery (DR)] solution meets the needs of your business and the capabilities of your IT department," suggests Peter Elliman, senior manager of Backup and Recovery atSymantec, a provider of online and mobile security solutions. "Consider integrated appliance solutions to reduce complexity, remotely managed backup services to minimize operational impact and risks and consider both internal DR sites as well as DR providers with both on-premise and cloud recovery options."
3. Define what an acceptable recovery time is and choose the right storage media.Think about "how quickly you need to restore your data," says De la Torre. "The least expensive method is offsite, on tape and de-duplicated," he notes. But he quickly adds, "you will pay later when you have to wait for days to restore your data. Understanding the threshold for how long you can wait to restore your data will provide clear direction on which storage medium -- Disk or tape? Cloud or on-premise? -- is right for your company."
"Don't accept mediocrity when it comes to the speed of recovering your data," adds Jennifer Gill, director of Product Marketing forZerto,提供企业级灾难恢复和业务连续性软件。
“许多公司都认为合理的恢复点目标(RPO,公司愿意使用的数据最高)是24小时。如果业务确实确实损失了这一数量的工作/数据,那么影响可能是实际成本的很多倍实施任何灾难恢复解决方案,”吉尔说。“找到一个解决方案,该解决方案可提供连续的数据保护和复制,而RPO仅为几秒钟,并且恢复时间目标(RTO)为分钟。”
4. Create a disaster recovery plan -- and test it."Have a written disaster recovery plan," says Gill. "It sounds obvious, but with the complexity of the old way of doing replication and disaster recovery, it is very easy to forget the most important aspect of disaster recovery, actually writing down a plan," she says.
吉尔说:“在理想的世界中,从一个单个接口管理复制,管理,保护组,故障转移测试和故障转移测试的所有内容。”“指定复制的SLA,创建虚拟保护组,选择VM以保护的VM,然后允许您的解决方案在后台照顾所有复制。”
"Think through the most likely threats to your business, keeping in mind everything from human error to component failure to natural disaster," advises Alan R. Arnold, CTO,Vision Solutions,云保护和恢复,高可用性,灾难恢复,迁移和跨平台数据共享解决方案的提供商。
Arnold说:“创造性地检查了在与这些威胁的地理位置相距甚远的位置的成本效益保护您的数据的选项。这可能需要访问第二个数据中心或基于云的策略。”2020欧洲杯预赛另外,“请确保考虑基础架构中的所有服务器(例如,在物理虚拟和云平台上运行的Windows,Linux,AIX和IBM)。您的解决方案必须使用具有异地保护功能的所有服务器类型。”
Then "test this plan multiple times to ensure that it is successful," adds Andrew Gilman, data director,Actifio,复制数据管理的提供商。“测试使一切都不同。它将帮助CIO解决计划中的任何纠结,并确保在数据泄露或灾难时准备就绪。”
5.确保正确加密敏感数据。"To effectively disaster-proof data, it is important to incorporate encryption into the data backup equation," says April Sage, director, Healthcare IT,Online Tech, a provider of collocation, managed server and cloud hosting solutions.
"A full-scale backup with encryption of the data at rest and in-transit will prevent unauthorized users from gaining access and effectively minimize exposure," she explains. "It is the answer for security-conscious organizations which must follow regulatory frameworks to maintain security of sensitive data. With encryption, security breaches can be prevented and eliminate a media firestorm that leads to credibility and profit loss," she continues. And if you use a cloud-based solution, "ensure the process has been vetted and the encryption keys are not accessible."
6. Regularly backup and snapshot data."No strategy will work if you haven't set up automatic backups," states Scott Harris, the vice president of Services atEgenera, a provider of cloud management and disaster recovery software. "Whether it is to one of your corporate data centers, your DR site or the cloud, be sure that all critical data is backed up on a schedule that protects your business from downtime in the event of a disaster," he advises.
"Take real snapshot backups, not just RAID mirroring or database replication," adds Chris Camejo, director of assessment services atNTT Com Security。"If someone or something issues a command to overwrite or delete data, intentionally or otherwise, your RAID controller or database replication will dutifully delete it from the mirrors as well," he explains. "Removable media (tape) has the advantage that it can't get accidentally altered unless somebody physically mounts it."
7. Make sure critical applications are also accessible."Protecting your data is not enough if you want to keep the business running during an event that causes downtime," notes Justin Moore, CEO of轴心,数据备份和还原,业务连续性,灾难恢复和云连续性解决方案的提供商。“确保可以在云中虚拟化关键应用程序,以使您的员工保持生产力。”
8.不要忽略笔记本电脑。“大多数灾难恢复计划都专注于保护数据中心,”产品营销高级经理Peter Eicher说2020欧洲杯预赛Commvault, a provider of enterprise backup and recovery, data management, deduplication, data protection, archiving and e-discovery software.
“虽然这肯定至关重要,但根据Gartner的说法,近三分之二的公司数据生活在数据中心之外。2020欧洲杯预赛盗窃。”艾希尔说。因此,在您的DR计划中包括笔记本电脑和类似设备很重要。
9. Follow the 3-2-1 rule.“如果企业想要真正的防火数据,它需要遵循3-2-1规则:数据的三本,存储在两种不同类型的媒体上,其中一个存储了一个杂志,”副副主席道格说。数据保护提供商产品策略总裁Veeam。
"By following the 3-2-1 rule, IT eliminates any single point of failure," Hazelman says. "For example, if the organization relies on SAN snapshots (which are great for backing up frequently), IT will need to find a way to create backups from those snapshots to get multiple copies and move at least one copy off site."
10. Keep backups off site, in a safe location."How far off site depends on the risks you are worried about," says Camejo. "If your data center is in San Jose and a major earthquake knocks out all your infrastructure, then it doesn't do any good if your backups are in an 'off site' facility in Santa Clara, the next town over. Consider the threats and plan appropriately."
11. Store data in a secure cloud."In today's environment, one of the most secure ways to secure your organization's data is to put it into a hosted cloud environment," says Heinan Landa, CEO,最佳网络, which provides IT services, support and consulting. "Essentially, you are putting your network into a hosted cloud environment and then it is being delivered to you on-demand. The onus of responsibility for security, updates, redundancy, failover and business continuity rest with your provider."
"Cloud storage providers now provide secure, highly available services, combined with the maturity of cloud gateways to interface these clouds," adds Rob Whiteley, vice president of Product Marketing,河床技术, which provides a location-independent computing platform.
惠特利说:“公司实际上可以通过利用多个云存储提供商进行服务和地理冗余来改善灾难的准备。”“云存储可提高备份成本,提高性能并大大降低恢复点目标(RPO),避免过时的胶带和异地存储方法。”
12.测试恢复 - 再次测试。“一切都与恢复有关,”战略营销总监Jarrett Potts说。STORserver, a provider of data backup solutions. "All the backups in the world cannot save you if you can't recover to test. [So] test then test some more," he says. "When you're finished, test it again. Do random recoveries each week. Do disaster recovery testing and audit your data pools. Always be sure you can recover your data."
Jennifer Lonoff Schiff is a contributor to CIO.com and runs营销传播公司focused on helping organizations better interact with their customers, employees, and partners.
Follow everything from CIO.com on Twitter@CIOonline, 在Facebook, and onGoogle +。
阅读有关灾难恢复的更多信息在CIO的灾难恢复钻探中。
This story, "12 Ways to Disaster-Proof Your Critical Business Data" was originally published byCIO 。