SlideShare ist ein Scribd-Unternehmen logo
1 von 37
Downloaden Sie, um offline zu lesen
…Welcome to …

                             A Buyer’s Guide - What to Look
                                  For in Online Backup and
                                          Recovery Services

                                                      2010
    Bob Chaput
    615-656-4299 or 800-704-3394
    bob.chaput@datamountain.com
    Data Mountain, LLC
                                                              1
© 2009 Data Mountain LLC | All Rights Reserved.
Background & Motivation
       • We are often asked, "How do I go about selecting an
         online data backup and recovery service?”

       • Unfortunately, in this market, unlike in the insurance
         marketplace, we do not have an A.M. Best, a Moody,
         a Standard and Poor or a Wiess Research publishing
         financial strength ratings on industry players. Nor do
         we have a J.D. Powers & Associates!

       • To help organizations navigate through a market
         where there are new players almost every week and
         horrific stories of lost data almost every month.
                                                                  2
© 2009 Data Mountain LLC | All Rights Reserved.
Objectives Today
             Learn all the right questions to ask and how to be
                assured that:
                       •    Your business goals (RTO, RPO, DLE) will be met
                       •    Your data will really be protected
                       •    You can actually recovery your data
                       •    Your data will be secure at all times
                       •    Your service provider has been and will be here
                            for the long-haul



                                                                              3
© 2009 Data Mountain LLC | All Rights Reserved.
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 4
© 2009 Data Mountain LLC | All Rights Reserved.
About Your Speaker – Bob Chaput
    •       President – Data Mountain LLC
    •       30+ years in Business and Technology
    •       Executive | Educator |Entrepreneur
    •       Global Executive: GE, JNJ, HWAY
    •       Responsible for largest healthcare datasets
    •       25 years DR / BC experience
    •       20 years Regulated-Industry Experience
    •       BA, MA – Mathematics; GE – FMP; Vanderbilt; HPI
    •       Numerous Technical Certifications
    •       Serve customers of all sizes in all industries
    •       6 years - Channel Partner/Reseller for Iron Mountain Digital
    •       Expertise and Focus: Healthcare, Financial Services, Legal
    •       Member: ACHE, NTC, Chambers, Boards
    • Passion: Helping business owners and managers manage risks:
       Risk of being out of regulatory compliance
       Risk of going out of business
       Risk of throwing money away on phony/ineffective solutions
                                                                           5
© 2009 Data Mountain LLC | All Rights Reserved.
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 6
© 2009 Data Mountain LLC | All Rights Reserved.
Why Bother?
                                                  Lost data exposes your business
                                                  and clients to business disruption
                                                    and possible legal set backs
                                                  Business and client data is more
                                                  visible and valuable than ever…
                                                          and more vulnerable
                                                               than ever
                                                           And, now, it’s law !!!

                                                  (GLBA, HIPAA, HITECH, SOX, SEC Rule 17a, PCI DSS,
                                                             FACTA, State Regulations, etc)           7
© 2009 Data Mountain LLC | All Rights Reserved.
HIPAA Security Rule – Example
    § 164.308 Administrative safeguards.
    • (7)(i) Standard: Contingency plan. Establish (and implement as needed) policies
      and procedures for responding to an emergency or other occurrence (for
      example, fire, vandalism, system failure, and natural disaster) that damages
      systems that contain electronic protected health information.
    • (ii) Implementation specifications:
    • (A) Data backup plan (Required). Establish and implement procedures to create
      and maintain retrievable exact copies of electronic protected health
      information.
    • (B) Disaster recovery plan (Required). Establish (and implement as needed)
      procedures to restore any loss of data.
    • (C) Emergency mode operation plan (Required). Establish (and implement as
      needed) procedures to enable continuation of critical business processes for
      protection of the security of electronic protected health information while
      operating in emergency mode.
    • (D) Testing and revision procedures (Addressable). Implement procedures for
      periodic testing and revision of contingency plans.
    • (E) Applications and data criticality analysis (Addressable). Assess the relative
      criticality of specific applications and data in support of other contingency plan
      components.
© 2009 Data Mountain LLC | All Rights Reserved.
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 9
© 2009 Data Mountain LLC | All Rights Reserved.
All Types of Disasters Strike

                                                                         • Natural / Environmental
                                                                             – Tornado, Hurricane,
                                                                               Earthquake, Snow storms,
                                                                               etc.
                                                                         • Intentional Acts of
                                                                           Destruction
                                                                             – Viruses, Worms, Spyware,
                                                                               Arson, Terrorism, etc.
                                                                         • Unintentional Acts of
                                                                           Destruction
                                                                             – Cable cut, Plumbing,
                                                                               Employee error, etc.


                                “Every state in the country will suffer a natural disaster in the next
                                    two years.”
                                                                              U.S. Small Business Administration (SBA)
                                                                                                                         10
© 2009 Data Mountain LLC | All Rights Reserved.
Facts and Reality




               • 93% of companies that experience a significant data loss will be out
                 of business within five years.
               • Of the companies that lose their data in a disaster, nearly 50% never
                 reopen their doors at all!
               • 7 of 10 SMBs that experience a major data loss go out of business
                 within a year.

                                       (Source: U.S. Department of Labor; University of Texas; DTI/Price Waterhouse Coopers)
                                                                                                                               11
© 2009 Data Mountain LLC | All Rights Reserved.
More Reality…
         Relevant Data Loss and Data Breach Statistics
         • 1 in 10 …laptop computers will be stolen within the first 12 months
           of purchase
         • 97% …of lost and stolen notebooks are never recovered
         • 50% …of organizations reported laptop theft
         • Every 43 seconds …a computer is reported stolen
         • Every 3 days … an information security breach is reported in the
                                                  Bad stuff happens to data and
           U.S.
                                                  computers all too often…and
         • 82% …of all PC’s will be mobile devices the 2008, is increasing…
                                                     by trend increasing 4 times
           as fast as PCs
         • 4,425 …laptops reported left behind in Chicago taxis during a six
           month period
         • 56 million …individuals affected by significant U.S. data security
           breaches, 2005
         • 1 billion …PC users expected by 2010, up from 660-670 million
           today
         • 57% …of corporate crimes are linked to stolen laptops. The latest
           crimes of espionage and sabotage are theft of executive personnel
           devices to access vital financial or personnel data.
                                                       (data source: http://datarevoke.com) 12
© 2009 Data Mountain LLC | All Rights Reserved.
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 13
© 2009 Data Mountain LLC | All Rights Reserved.
Elements of Business Resumption Planning




                       Business
                      Continuity                                  Data Backup
                         Plan                                         and
                                                                  Restoration
                                                                     Plan

                                                    Disaster
                                                  Recovery Plan
© 2009 Data Mountain LLC | All Rights Reserved.
                                                                                14
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 15
© 2009 Data Mountain LLC | All Rights Reserved.
Seven (7) Critical Questions
         1. Does the service provide a complete, end-to-end data
            protection process?
         2. Does the service meet your business, business continuity,
            disaster recovery business and data retention objectives?
         3. Does the service provide reliable data protection?
         4. Does the service provide for easy, fast, accurate and
            complete recovery?
         5. Is the service fully automated, providing efficient, “hands
            free” operations?
         6. Does the vendor have long-term experience in this business,
            financial stability and a long-term future?
         7. Does the service provider meet or exceed your industry
            standards for Security and Regulatory Compliance for
            encryption, etc?                                              16
© 2009 Data Mountain LLC | All Rights Reserved.
Business Objectives
    • RTO – Recovery Time Objective
         • How fast does the business / process need to be operational again?
         • OR, said another way, what is the maximum allowable downtime for
           that process?


    • RPO – Recovery Point Objective
         • Back to what point in time is it acceptable to resume / restart / recreate
           operational activity?
         • OR, said another way, how much data, time, productivity can we
           afford to lose?


    • DLE - Data Loss Event
         • Not all “events” are created equal – not equal impact and not equal
           frequency or probaility… against which “events” are going to focus?
                                                                                    17
© 2009 Data Mountain LLC | All Rights Reserved.
Data Loss Event Pyramid


                Against                                    Site
              which Data
              Loss Events
                are you
                building
                                                         System           Severity
               your plan?

                                                  Database / Exchange


                                                  Multi-Files / Folders


                                                        Single File



© 2009 Data Mountain LLC | All Rights Reserved.
                                                     Frequency                       18
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 19
© 2009 Data Mountain LLC | All Rights Reserved.
How It Works:
 Automated Server Data Protection and Recovery

       Microsoft® , Linux®,
       or Sun® Solaris®
       Server
                                                  Continuous                       Secure and safe
                                                  Backup                            •   National underground     Data Center       Mirrored
                                                                                        facility (NUS)           Data available    Data Center
                                                       •   Fully automated                                       for recovery
                                                           backup                   •   End to End 256-bit
                                                       •   Rapid recovery               AES Secure
                                                                                        Authentication
                                                                                    •   Secure socket layer
                                                                                        (SSL)
                                                                                   TCP/IP

                                                  Centrally managed                Flexible bandwidth
                                                   •       24/7/365 web portal     management
                                                   •       Remote administration    •   Bandwidth throttling
                                                           and monitoring           •   Unique delta backup
                                                                                        and restore technology
                                                                                    •   Optional TurboRestore
          Remote                                                                        recovery appliance
       Administration                                                                                             • Off-Site
       and Monitoring                                                                                             • Out of Reach
          24/7/365




                                                                                                                                           20
© 2009 Data Mountain LLC | All Rights Reserved.
Onsite Recovery Appliance:
 Fast Local Restore

        Linux®, Sun®
        Solaris® or
        Microsoft® Server

                                           OPTIONAL                             Data Center       Mirrored
                                           Onsite                               Data available    Data Center
                                                                                for recovery
                                           Appliance • Optional onsite device
                                                       stores recent history
                                                     • Fast local restore for
                                                       excellent RTO
                                                                     TCP/IP
                                                     • Self-managed with no
                                                       human intervention
                                                     • “Extra peace of mind”


          Remote
       Administration                                                            • Off-Site
       and Monitoring                                                            • Out of Reach
          24/7/365




                                                                                                          21
© 2009 Data Mountain LLC | All Rights Reserved.
Business Resumption Planning Resources
       Visit: http://www.datamountain.com/Resources/Disaster_Recovery_Planning/

       • National Institute of Standards and Technology (NIST) “Risk Management
         Guide for Information Technology Systems”

       • FEMA Emergency Planning Guide

       • An Overview of the Disaster Recovery Planning Process

       • Sample Business Recovery Plan

       • NIST Security Controls: Covers 17 key security focus areas, including risk
         assessment, contingency planning, and incident response, for protecting
         Federal computer systems


                                                                                      22
© 2009 Data Mountain LLC | All Rights Reserved.
Discussion Agenda
                  1. Quick Introductions
                  2. Case for Action – Why Bother
                  3. Common Threats
                  4. Where/How Data Backup Fits into Business
                     Resumption Planning
                  5. Seven (7) Critical Questions
                  6. How Online Data Backup and Recovery Works
                  7. Summary



                                                                 23
© 2009 Data Mountain LLC | All Rights Reserved.
Best Practices:
   What To Look For When Selecting A Solution

                            Address Entire Data Protection Process

                            Meet Your Business Objectives RTO/RPO/DLE

                            Reliable Backup and Recovery …and Track Record

                            Fast and Accurate and Complete Recovery

                            Free of Manual, Complex Tasks

                            Vendor Experience, Longevity and Experience

                            Meet Your Security/Privacy Regulatory Requirements

© 2009 Data Mountain LLC | All Rights Reserved.
Worst Practices:
   What To Avoid When Selecting A Solution

                         Emphasizes backup and not recovery

                         Does not address RTO/RPO/DLE business objectives

                         Poor or non-existent track record of recovery

                         Cumbersome and slow online recovery processes

                         Unencrypted (ZIP) files sent for recovery

                         Lack of or poor Vendor Experience

                         Unencrypted media (DVDs/CDs) sent through mail

© 2009 Data Mountain LLC | All Rights Reserved.
Summary
          •      Get serious about real data protection
          •      Develop your critical questions and criteria
          •      Formalize your selection process
          •      Try, before you buy
          •      Remember the key pieces (prior slide)
          •      Remember: without your data, all else is for
                 naught!
                       Seriously consider offsite, electronic data
                       vaulting
                       Seriously consider Data Mountain!
                                                                      26
© 2009 Data Mountain LLC | All Rights Reserved.
Cloud Storage Solutions
                                          Portfolio
                                                  Connected® Back-Up                                      eDiscovery Services
         LiveVault® Server                        for PCs & Macs                                          Organizes your data for fast
                                                                                                          access for timely responses to
         Backup                                   Protects distributed corporate                          litigation inquires.
                                                  assets while greatly reducing
         Provides continuous,
                                                  file share storage and
         automatic back-up for
                                                  support requirements
         enterprise remote offices or
         small & medium-sized
         businesses


                                                                  Total Email Management
                                                                  Suite (TEMS)
                                                                  Provides indexed archiving, mailbox
                                                                  management, security & redundancy
                                                                  for email environment plus eDiscovery



                                                                          Virtual File Store
                                                                          Reduces costs associated with storing, managing
                                                                          and protecting infrequently accessed “inactive”
                                                                          data




                                                                   Digital Record Center™ for Medical Images
                                                                   Ensures regulatory compliance; Provides long-term archiving
                                                                   and disaster recovery cost efficiently.

                                                                                                                                           27
© 2009 Data Mountain LLC | All Rights Reserved.
Complimentary Assessment --
   Data Disaster Recovery Preparedness

       Thank you
           for
       attending!


      www.DataMountain.com




                                                  28
© 2009 Data Mountain LLC | All Rights Reserved.
Contact

                                            Bob Chaput
                                  bob.chaput@datamountain.com
                                Phone: 800-704-3394 or 615-656-4299

                           Connect: www.linkedin.com/in/bobchaput

                                      Follow me: Twitter.com/bobchaput

                                                  Data Mountain, LLC


                                                                         29
© 2009 Data Mountain LLC | All Rights Reserved.
Backup material




                                                  30
© 2009 Data Mountain LLC | All Rights Reserved.
1. Does the service provide a complete, end-to-
                    end data protection process?
              a.       Does it offer continuous, disk-based data protection (CDP) such that
                       it protects your data as it changes?
              b.       Does the service take your data offsite immediately providing
                       protection against site disasters?
              c.       Is your data then accessible from anywhere, anytime via a web-
                       enabled interface?
              d.       Does the service provide integrated archiving of long-term backups
                       in a secure offsite facility?
              e.       Is your data protected from virus, corruption and unexpected
                       events in the storage facility?
              f.       Does the service provide an optional local recovery appliance to
                       enable high-speed, local disk-based restores?


                                                                                              31
© 2009 Data Mountain LLC | All Rights Reserved.
2. Does the service meet your business, business continuity,
                  disaster recovery business and data retention objectives?

       a.      Will the service enable you to meet your Recovery Time Objectives (RTOs) for your critical business
               processes?
       b.      Will the service enable you to meet your Recovery Point Objectives (RPOs) for your critical business
               processes?
       c.      Does the service protect you against all possible Data Loss Events and threats that may cause you to lose
               data?
       d.      Does the service allow for recovery to alternative locations and alternative hardware platforms?
       e.      Does the service offer a choice of retention periods (e.g., 30-day, 3-month, 1-year, 7-years) appropriate to the
               requirements for types of data stored?
       f.      Does the service provide for the migration of data as desired to a digital archive service?
       g.      Does the service provide for the recovery of data on demand through a complementary eDiscovery service?
       h.      Does the service provide support of all the platforms that you must protect – e.g., Windows®, Linux,
               VMware®, etc?
       i.      Does the service offer pricing plans and architecture that makes capacity planning and budgeting easy and
               predictable?




                                                                                                                              32
© 2009 Data Mountain LLC | All Rights Reserved.
3. Does the service provide reliable data protection?

     a. Does the service natively and inherently protect databases & open files such
        as Exchange, SQL Server, Oracle, and others without add-on software
        agents?
     b. Does the service provide end-to-end security including Encryption,
        Authentication and Digital Signatures?
     c. Does the service provider ensure recovery with an SLA backing the
        recoverability of your data?
     d. Is your data stored in more than one data center? Is it also mirrored in a
        redundant secondary data center?
     e. Does the vendor/service assure complete protection of backup and restore
        jobs from node failures and network resilience problems?
     f. Does the service provide automatic checkpoint-restarts if backup or restore
        jobs are interrupted?


                                                                                       33
© 2009 Data Mountain LLC | All Rights Reserved.
4. Does the service provide for easy, fast, accurate
                                and complete recovery?
       a. Does the service provide an optional Local Recovery Appliance to enable high-speed,
          local disk-based restores?
       b. Are you able to recover current data (within minutes), not just last night’s backup
          image?
       c. Does the service provide for granular recovery down to folder and individual file
          levels, including multiple restorable images per day?
       d. Are you able to perform “Change Only Recovery” such as “Delta Restore” which
          provides huge performance improvements on recovery time?
       e. Does the service offer Full System Recovery (versus data only) backup and restore as
          integral part of service?
       f. Does this service offer free, unlimited, immediate Internet-based restores 24/7/365?
       g. Does this service allow for very large data sets to be shipped on secure, encrypted
          removable media for fast disaster recovery?



                                                                                                 34
© 2009 Data Mountain LLC | All Rights Reserved.
5. Is the service fully automated, providing efficient,
                                “hands free” operations?
      a. Does the service have “Set-it-and-forget-it” capabilities?
      b. Does the service offer 24/7 proactive monitoring of your backup policies and
         centralized control of processes, status, inventories, and reporting?
      c. Are you automatically notified of any backup issues through an automated alert
         system?
      d. Is the task of reviewing and managing error logs each day automated?
      e. Are you able to perform restores anytime, anywhere you have web access?
      f. Are onsite appliances or devices integrated seamlessly into the backup process?
      g. Does the service provide data reduction technologies that include snapshots, filters,
         delta engine and automatic de-duplication of data?




                                                                                                 35
© 2009 Data Mountain LLC | All Rights Reserved.
6. Does the vendor have long-term experience in this business,
                         financial stability and a long-term future?
      a.     Has this vendor been in the data protection and/or online data backup and recovery business for 10 or more
             years?
      b.     Is the vendor a reputable, publicly traded company listed on a major exchange?
      c.     Does the vendor do business with large, known companies and businesses in your industry?
      d.     Does this vendor’s backup and recovery service form an integral part of a broader spectrum of information
             management and data protection services?
      e.     Is this vendor leveraging existing capacity for additional revenue only or is their service a core offering?
      f.     Does this vendor offer a full spectrum of information management and data protection services?
      g.     Has the vendors offering been proven and tested as evidence by thousands of customers and multiple
             Petabytes of data under management?
      h.     Does the vendor have a full complement of engineering, operations and customer service staff dedicated to
             their data protection business?
      i.     Does the vendor “own” all systems, facilities, processes, engineering and operational responsibilities for the
             service rather than outsourcing parts of it to others?




                                                                                                                              36
© 2009 Data Mountain LLC | All Rights Reserved.
7. Does the service provider meet or exceed your industry standards for
                                Security and Regulatory Compliance?
                             a. Is this vendor a publicly traded company subject to, aware of and experienced in
                                Sarbanes-Oxley-type regulations?
                             b. Is your data encrypted at all times while “in transit” and “at rest” throughout the
                                backup and recovery processes?
                             c. Is the vendor expert in and compliant with (e.g., will they sign HIPAA Business
                                Associate agreement?) privacy and security regulations including but not limited to:
                                GLBA, SOX, HIPAA, FACTA, Patriot Act, PCI DSS, etc?
                             d. Does the vendor offer encryption key escrow and the ability to retrieve lost encryption
                                keys from escrow?
                             e. Are all media restores completed using secure, encrypted removable media that meets
                                regulatory requirements?
                             f. Does service provider maintain the data vaults/storage facilities with proven track
                                record in security?
                             g. Are the service provider’s data centers locally globally to accommodate regional
                                security and privacy regulations?
                             h. Does the vendor maintain certifications appropriate to the data stored (e.g., PCI DSS
                                compliance, SysTrust assurance, a BRUNS-Pak Level 9 or above rating)?


                                                                                                                   37
© 2009 Data Mountain LLC | All Rights Reserved.

Weitere ähnliche Inhalte

Ähnlich wie A Buyer\'s Guide - What to look for in online backup and recovery services - 2010

EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...
EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...
EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...European Data Forum
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...Janine Anthony Bowen, Esq.
 
OpTier McKinsey Big Data Overview
OpTier McKinsey Big Data OverviewOpTier McKinsey Big Data Overview
OpTier McKinsey Big Data Overviewnickychu
 
McKinsey Big Data Overview
McKinsey Big Data OverviewMcKinsey Big Data Overview
McKinsey Big Data Overviewoptier
 
McKinsey Big Data Overview
McKinsey Big Data OverviewMcKinsey Big Data Overview
McKinsey Big Data Overviewoptier
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting James Deiotte
 
Data security in a big data environment sweden
Data security in a big data environment   swedenData security in a big data environment   sweden
Data security in a big data environment swedenIBM Sverige
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Avirot Mitamura
 
Business-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a DisasterBusiness-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a DisasterNetWize
 
LuminrDRPresentation_AITP_October2014.pptx
LuminrDRPresentation_AITP_October2014.pptxLuminrDRPresentation_AITP_October2014.pptx
LuminrDRPresentation_AITP_October2014.pptxTimothy Krupinski
 
The Data Axioms lecture-overview-big data-usama-9-2015
The Data Axioms lecture-overview-big data-usama-9-2015The Data Axioms lecture-overview-big data-usama-9-2015
The Data Axioms lecture-overview-big data-usama-9-2015CMR WORLD TECH
 
Why your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramWhy your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramPECB
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?IBM Security
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 

Ähnlich wie A Buyer\'s Guide - What to look for in online backup and recovery services - 2010 (20)

EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...
EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...
EDF2013: Invited Talk Daragh O'Brien: The Story of Maturity – How data in Bus...
 
What if
What ifWhat if
What if
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber Attacks
 
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...
The Business Case for Cloud: Critical Legal, Business, & Diligence Considerat...
 
OpTier McKinsey Big Data Overview
OpTier McKinsey Big Data OverviewOpTier McKinsey Big Data Overview
OpTier McKinsey Big Data Overview
 
McKinsey Big Data Overview
McKinsey Big Data OverviewMcKinsey Big Data Overview
McKinsey Big Data Overview
 
McKinsey Big Data Overview
McKinsey Big Data OverviewMcKinsey Big Data Overview
McKinsey Big Data Overview
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting
 
Data security in a big data environment sweden
Data security in a big data environment   swedenData security in a big data environment   sweden
Data security in a big data environment sweden
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10
 
DAMA Big Data & The Cloud 2012-01-19
DAMA Big Data & The Cloud 2012-01-19DAMA Big Data & The Cloud 2012-01-19
DAMA Big Data & The Cloud 2012-01-19
 
Business-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a DisasterBusiness-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a Disaster
 
Protecting Data on Laptops
Protecting Data on LaptopsProtecting Data on Laptops
Protecting Data on Laptops
 
LuminrDRPresentation_AITP_October2014.pptx
LuminrDRPresentation_AITP_October2014.pptxLuminrDRPresentation_AITP_October2014.pptx
LuminrDRPresentation_AITP_October2014.pptx
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
 
Financial Data Analytics with Hadoop
Financial Data Analytics with HadoopFinancial Data Analytics with Hadoop
Financial Data Analytics with Hadoop
 
The Data Axioms lecture-overview-big data-usama-9-2015
The Data Axioms lecture-overview-big data-usama-9-2015The Data Axioms lecture-overview-big data-usama-9-2015
The Data Axioms lecture-overview-big data-usama-9-2015
 
Why your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramWhy your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity Program
 
Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?Securing Your "Crown Jewels": Do You Have What it Takes?
Securing Your "Crown Jewels": Do You Have What it Takes?
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 

Kürzlich hochgeladen

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 

Kürzlich hochgeladen (20)

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 

A Buyer\'s Guide - What to look for in online backup and recovery services - 2010

  • 1. …Welcome to … A Buyer’s Guide - What to Look For in Online Backup and Recovery Services 2010 Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@datamountain.com Data Mountain, LLC 1 © 2009 Data Mountain LLC | All Rights Reserved.
  • 2. Background & Motivation • We are often asked, "How do I go about selecting an online data backup and recovery service?” • Unfortunately, in this market, unlike in the insurance marketplace, we do not have an A.M. Best, a Moody, a Standard and Poor or a Wiess Research publishing financial strength ratings on industry players. Nor do we have a J.D. Powers & Associates! • To help organizations navigate through a market where there are new players almost every week and horrific stories of lost data almost every month. 2 © 2009 Data Mountain LLC | All Rights Reserved.
  • 3. Objectives Today Learn all the right questions to ask and how to be assured that: • Your business goals (RTO, RPO, DLE) will be met • Your data will really be protected • You can actually recovery your data • Your data will be secure at all times • Your service provider has been and will be here for the long-haul 3 © 2009 Data Mountain LLC | All Rights Reserved.
  • 4. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 4 © 2009 Data Mountain LLC | All Rights Reserved.
  • 5. About Your Speaker – Bob Chaput • President – Data Mountain LLC • 30+ years in Business and Technology • Executive | Educator |Entrepreneur • Global Executive: GE, JNJ, HWAY • Responsible for largest healthcare datasets • 25 years DR / BC experience • 20 years Regulated-Industry Experience • BA, MA – Mathematics; GE – FMP; Vanderbilt; HPI • Numerous Technical Certifications • Serve customers of all sizes in all industries • 6 years - Channel Partner/Reseller for Iron Mountain Digital • Expertise and Focus: Healthcare, Financial Services, Legal • Member: ACHE, NTC, Chambers, Boards • Passion: Helping business owners and managers manage risks:  Risk of being out of regulatory compliance  Risk of going out of business  Risk of throwing money away on phony/ineffective solutions 5 © 2009 Data Mountain LLC | All Rights Reserved.
  • 6. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 6 © 2009 Data Mountain LLC | All Rights Reserved.
  • 7. Why Bother? Lost data exposes your business and clients to business disruption and possible legal set backs Business and client data is more visible and valuable than ever… and more vulnerable than ever And, now, it’s law !!! (GLBA, HIPAA, HITECH, SOX, SEC Rule 17a, PCI DSS, FACTA, State Regulations, etc) 7 © 2009 Data Mountain LLC | All Rights Reserved.
  • 8. HIPAA Security Rule – Example § 164.308 Administrative safeguards. • (7)(i) Standard: Contingency plan. Establish (and implement as needed) policies and procedures for responding to an emergency or other occurrence (for example, fire, vandalism, system failure, and natural disaster) that damages systems that contain electronic protected health information. • (ii) Implementation specifications: • (A) Data backup plan (Required). Establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information. • (B) Disaster recovery plan (Required). Establish (and implement as needed) procedures to restore any loss of data. • (C) Emergency mode operation plan (Required). Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode. • (D) Testing and revision procedures (Addressable). Implement procedures for periodic testing and revision of contingency plans. • (E) Applications and data criticality analysis (Addressable). Assess the relative criticality of specific applications and data in support of other contingency plan components. © 2009 Data Mountain LLC | All Rights Reserved.
  • 9. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 9 © 2009 Data Mountain LLC | All Rights Reserved.
  • 10. All Types of Disasters Strike • Natural / Environmental – Tornado, Hurricane, Earthquake, Snow storms, etc. • Intentional Acts of Destruction – Viruses, Worms, Spyware, Arson, Terrorism, etc. • Unintentional Acts of Destruction – Cable cut, Plumbing, Employee error, etc. “Every state in the country will suffer a natural disaster in the next two years.” U.S. Small Business Administration (SBA) 10 © 2009 Data Mountain LLC | All Rights Reserved.
  • 11. Facts and Reality • 93% of companies that experience a significant data loss will be out of business within five years. • Of the companies that lose their data in a disaster, nearly 50% never reopen their doors at all! • 7 of 10 SMBs that experience a major data loss go out of business within a year. (Source: U.S. Department of Labor; University of Texas; DTI/Price Waterhouse Coopers) 11 © 2009 Data Mountain LLC | All Rights Reserved.
  • 12. More Reality… Relevant Data Loss and Data Breach Statistics • 1 in 10 …laptop computers will be stolen within the first 12 months of purchase • 97% …of lost and stolen notebooks are never recovered • 50% …of organizations reported laptop theft • Every 43 seconds …a computer is reported stolen • Every 3 days … an information security breach is reported in the Bad stuff happens to data and U.S. computers all too often…and • 82% …of all PC’s will be mobile devices the 2008, is increasing… by trend increasing 4 times as fast as PCs • 4,425 …laptops reported left behind in Chicago taxis during a six month period • 56 million …individuals affected by significant U.S. data security breaches, 2005 • 1 billion …PC users expected by 2010, up from 660-670 million today • 57% …of corporate crimes are linked to stolen laptops. The latest crimes of espionage and sabotage are theft of executive personnel devices to access vital financial or personnel data. (data source: http://datarevoke.com) 12 © 2009 Data Mountain LLC | All Rights Reserved.
  • 13. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 13 © 2009 Data Mountain LLC | All Rights Reserved.
  • 14. Elements of Business Resumption Planning Business Continuity Data Backup Plan and Restoration Plan Disaster Recovery Plan © 2009 Data Mountain LLC | All Rights Reserved. 14
  • 15. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 15 © 2009 Data Mountain LLC | All Rights Reserved.
  • 16. Seven (7) Critical Questions 1. Does the service provide a complete, end-to-end data protection process? 2. Does the service meet your business, business continuity, disaster recovery business and data retention objectives? 3. Does the service provide reliable data protection? 4. Does the service provide for easy, fast, accurate and complete recovery? 5. Is the service fully automated, providing efficient, “hands free” operations? 6. Does the vendor have long-term experience in this business, financial stability and a long-term future? 7. Does the service provider meet or exceed your industry standards for Security and Regulatory Compliance for encryption, etc? 16 © 2009 Data Mountain LLC | All Rights Reserved.
  • 17. Business Objectives • RTO – Recovery Time Objective • How fast does the business / process need to be operational again? • OR, said another way, what is the maximum allowable downtime for that process? • RPO – Recovery Point Objective • Back to what point in time is it acceptable to resume / restart / recreate operational activity? • OR, said another way, how much data, time, productivity can we afford to lose? • DLE - Data Loss Event • Not all “events” are created equal – not equal impact and not equal frequency or probaility… against which “events” are going to focus? 17 © 2009 Data Mountain LLC | All Rights Reserved.
  • 18. Data Loss Event Pyramid Against Site which Data Loss Events are you building System Severity your plan? Database / Exchange Multi-Files / Folders Single File © 2009 Data Mountain LLC | All Rights Reserved. Frequency 18
  • 19. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 19 © 2009 Data Mountain LLC | All Rights Reserved.
  • 20. How It Works: Automated Server Data Protection and Recovery Microsoft® , Linux®, or Sun® Solaris® Server Continuous Secure and safe Backup • National underground Data Center Mirrored facility (NUS) Data available Data Center • Fully automated for recovery backup • End to End 256-bit • Rapid recovery AES Secure Authentication • Secure socket layer (SSL) TCP/IP Centrally managed Flexible bandwidth • 24/7/365 web portal management • Remote administration • Bandwidth throttling and monitoring • Unique delta backup and restore technology • Optional TurboRestore Remote recovery appliance Administration • Off-Site and Monitoring • Out of Reach 24/7/365 20 © 2009 Data Mountain LLC | All Rights Reserved.
  • 21. Onsite Recovery Appliance: Fast Local Restore Linux®, Sun® Solaris® or Microsoft® Server OPTIONAL Data Center Mirrored Onsite Data available Data Center for recovery Appliance • Optional onsite device stores recent history • Fast local restore for excellent RTO TCP/IP • Self-managed with no human intervention • “Extra peace of mind” Remote Administration • Off-Site and Monitoring • Out of Reach 24/7/365 21 © 2009 Data Mountain LLC | All Rights Reserved.
  • 22. Business Resumption Planning Resources Visit: http://www.datamountain.com/Resources/Disaster_Recovery_Planning/ • National Institute of Standards and Technology (NIST) “Risk Management Guide for Information Technology Systems” • FEMA Emergency Planning Guide • An Overview of the Disaster Recovery Planning Process • Sample Business Recovery Plan • NIST Security Controls: Covers 17 key security focus areas, including risk assessment, contingency planning, and incident response, for protecting Federal computer systems 22 © 2009 Data Mountain LLC | All Rights Reserved.
  • 23. Discussion Agenda 1. Quick Introductions 2. Case for Action – Why Bother 3. Common Threats 4. Where/How Data Backup Fits into Business Resumption Planning 5. Seven (7) Critical Questions 6. How Online Data Backup and Recovery Works 7. Summary 23 © 2009 Data Mountain LLC | All Rights Reserved.
  • 24. Best Practices: What To Look For When Selecting A Solution Address Entire Data Protection Process Meet Your Business Objectives RTO/RPO/DLE Reliable Backup and Recovery …and Track Record Fast and Accurate and Complete Recovery Free of Manual, Complex Tasks Vendor Experience, Longevity and Experience Meet Your Security/Privacy Regulatory Requirements © 2009 Data Mountain LLC | All Rights Reserved.
  • 25. Worst Practices: What To Avoid When Selecting A Solution Emphasizes backup and not recovery Does not address RTO/RPO/DLE business objectives Poor or non-existent track record of recovery Cumbersome and slow online recovery processes Unencrypted (ZIP) files sent for recovery Lack of or poor Vendor Experience Unencrypted media (DVDs/CDs) sent through mail © 2009 Data Mountain LLC | All Rights Reserved.
  • 26. Summary • Get serious about real data protection • Develop your critical questions and criteria • Formalize your selection process • Try, before you buy • Remember the key pieces (prior slide) • Remember: without your data, all else is for naught!  Seriously consider offsite, electronic data vaulting  Seriously consider Data Mountain! 26 © 2009 Data Mountain LLC | All Rights Reserved.
  • 27. Cloud Storage Solutions Portfolio Connected® Back-Up eDiscovery Services LiveVault® Server for PCs & Macs Organizes your data for fast access for timely responses to Backup Protects distributed corporate litigation inquires. assets while greatly reducing Provides continuous, file share storage and automatic back-up for support requirements enterprise remote offices or small & medium-sized businesses Total Email Management Suite (TEMS) Provides indexed archiving, mailbox management, security & redundancy for email environment plus eDiscovery Virtual File Store Reduces costs associated with storing, managing and protecting infrequently accessed “inactive” data Digital Record Center™ for Medical Images Ensures regulatory compliance; Provides long-term archiving and disaster recovery cost efficiently. 27 © 2009 Data Mountain LLC | All Rights Reserved.
  • 28. Complimentary Assessment -- Data Disaster Recovery Preparedness Thank you for attending! www.DataMountain.com 28 © 2009 Data Mountain LLC | All Rights Reserved.
  • 29. Contact Bob Chaput bob.chaput@datamountain.com Phone: 800-704-3394 or 615-656-4299 Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput Data Mountain, LLC 29 © 2009 Data Mountain LLC | All Rights Reserved.
  • 30. Backup material 30 © 2009 Data Mountain LLC | All Rights Reserved.
  • 31. 1. Does the service provide a complete, end-to- end data protection process? a. Does it offer continuous, disk-based data protection (CDP) such that it protects your data as it changes? b. Does the service take your data offsite immediately providing protection against site disasters? c. Is your data then accessible from anywhere, anytime via a web- enabled interface? d. Does the service provide integrated archiving of long-term backups in a secure offsite facility? e. Is your data protected from virus, corruption and unexpected events in the storage facility? f. Does the service provide an optional local recovery appliance to enable high-speed, local disk-based restores? 31 © 2009 Data Mountain LLC | All Rights Reserved.
  • 32. 2. Does the service meet your business, business continuity, disaster recovery business and data retention objectives? a. Will the service enable you to meet your Recovery Time Objectives (RTOs) for your critical business processes? b. Will the service enable you to meet your Recovery Point Objectives (RPOs) for your critical business processes? c. Does the service protect you against all possible Data Loss Events and threats that may cause you to lose data? d. Does the service allow for recovery to alternative locations and alternative hardware platforms? e. Does the service offer a choice of retention periods (e.g., 30-day, 3-month, 1-year, 7-years) appropriate to the requirements for types of data stored? f. Does the service provide for the migration of data as desired to a digital archive service? g. Does the service provide for the recovery of data on demand through a complementary eDiscovery service? h. Does the service provide support of all the platforms that you must protect – e.g., Windows®, Linux, VMware®, etc? i. Does the service offer pricing plans and architecture that makes capacity planning and budgeting easy and predictable? 32 © 2009 Data Mountain LLC | All Rights Reserved.
  • 33. 3. Does the service provide reliable data protection? a. Does the service natively and inherently protect databases & open files such as Exchange, SQL Server, Oracle, and others without add-on software agents? b. Does the service provide end-to-end security including Encryption, Authentication and Digital Signatures? c. Does the service provider ensure recovery with an SLA backing the recoverability of your data? d. Is your data stored in more than one data center? Is it also mirrored in a redundant secondary data center? e. Does the vendor/service assure complete protection of backup and restore jobs from node failures and network resilience problems? f. Does the service provide automatic checkpoint-restarts if backup or restore jobs are interrupted? 33 © 2009 Data Mountain LLC | All Rights Reserved.
  • 34. 4. Does the service provide for easy, fast, accurate and complete recovery? a. Does the service provide an optional Local Recovery Appliance to enable high-speed, local disk-based restores? b. Are you able to recover current data (within minutes), not just last night’s backup image? c. Does the service provide for granular recovery down to folder and individual file levels, including multiple restorable images per day? d. Are you able to perform “Change Only Recovery” such as “Delta Restore” which provides huge performance improvements on recovery time? e. Does the service offer Full System Recovery (versus data only) backup and restore as integral part of service? f. Does this service offer free, unlimited, immediate Internet-based restores 24/7/365? g. Does this service allow for very large data sets to be shipped on secure, encrypted removable media for fast disaster recovery? 34 © 2009 Data Mountain LLC | All Rights Reserved.
  • 35. 5. Is the service fully automated, providing efficient, “hands free” operations? a. Does the service have “Set-it-and-forget-it” capabilities? b. Does the service offer 24/7 proactive monitoring of your backup policies and centralized control of processes, status, inventories, and reporting? c. Are you automatically notified of any backup issues through an automated alert system? d. Is the task of reviewing and managing error logs each day automated? e. Are you able to perform restores anytime, anywhere you have web access? f. Are onsite appliances or devices integrated seamlessly into the backup process? g. Does the service provide data reduction technologies that include snapshots, filters, delta engine and automatic de-duplication of data? 35 © 2009 Data Mountain LLC | All Rights Reserved.
  • 36. 6. Does the vendor have long-term experience in this business, financial stability and a long-term future? a. Has this vendor been in the data protection and/or online data backup and recovery business for 10 or more years? b. Is the vendor a reputable, publicly traded company listed on a major exchange? c. Does the vendor do business with large, known companies and businesses in your industry? d. Does this vendor’s backup and recovery service form an integral part of a broader spectrum of information management and data protection services? e. Is this vendor leveraging existing capacity for additional revenue only or is their service a core offering? f. Does this vendor offer a full spectrum of information management and data protection services? g. Has the vendors offering been proven and tested as evidence by thousands of customers and multiple Petabytes of data under management? h. Does the vendor have a full complement of engineering, operations and customer service staff dedicated to their data protection business? i. Does the vendor “own” all systems, facilities, processes, engineering and operational responsibilities for the service rather than outsourcing parts of it to others? 36 © 2009 Data Mountain LLC | All Rights Reserved.
  • 37. 7. Does the service provider meet or exceed your industry standards for Security and Regulatory Compliance? a. Is this vendor a publicly traded company subject to, aware of and experienced in Sarbanes-Oxley-type regulations? b. Is your data encrypted at all times while “in transit” and “at rest” throughout the backup and recovery processes? c. Is the vendor expert in and compliant with (e.g., will they sign HIPAA Business Associate agreement?) privacy and security regulations including but not limited to: GLBA, SOX, HIPAA, FACTA, Patriot Act, PCI DSS, etc? d. Does the vendor offer encryption key escrow and the ability to retrieve lost encryption keys from escrow? e. Are all media restores completed using secure, encrypted removable media that meets regulatory requirements? f. Does service provider maintain the data vaults/storage facilities with proven track record in security? g. Are the service provider’s data centers locally globally to accommodate regional security and privacy regulations? h. Does the vendor maintain certifications appropriate to the data stored (e.g., PCI DSS compliance, SysTrust assurance, a BRUNS-Pak Level 9 or above rating)? 37 © 2009 Data Mountain LLC | All Rights Reserved.