A safe storage of digital documents in a shared safe location: a holistic perspective
1. 19th Archival Day 2009,
9.-11. nov.2009
Trieste, Italy
dr. Tomislav Rozman, Head of ICT solutions engineering
LANCom d.o.o. Slovenija
2. The problem
The project: Analysis of safe storage
requirements and design
◦ Project team
◦ Methodology
Results
◦ Technical design of safe storage (building, information
technology)
◦ Processes, Standards, Roles
◦ Resource (time, €, people) estimation to build such
storage
Keywords: Digital documents, safe storage, research, consortium,
computer infrastructure, standards
3. Organizations are nowadays producing more
digital documents than ever
Organizations must store their digital
documents to ensure their business
continuity and to comply with the national
and international laws
Only 8% of organizations can survive data-
loss disaster
Digital storage center is much more than IT
equipment!
4. The study, which goal was to create a
comprehensive view on digital documentation
storage factors and needs
Requirements for:
◦ physical building, information and
telecommunication infrastructure, software,
business processes, organization and standards
(ZVDAGA-national law)
"Should we lease or build our own safe
storage center?"
5. A cooperation between 9 Slovenian companies
and it is based on real-world needs.
Clients (4):
◦ Industries: Metals and mining, Food processing,
Construction, Services, Tourism
◦ Tasks: Provide requirements
◦ 200 GB-3 Tb / client (documents, pictures, records)
GB- documents, pictures, records)
Performers(5):
◦ Information technology and services companies
◦ Tasks: to analyse and choose technologies for safe
storage center
Independent coordinator(1)
6. To prove, that:
◦ shared storage center for digital documents for
multiple companies is cheaper than multiple
storage centers for each company
To investigate:
◦ which parts of the storage center can be shared
To prepare:
◦ project documentation for EU financing
7. 1. Requirements gathering for safe storage
center:
◦ Number of digital documents produced/month and
their size
◦ Digital formats
◦ Interfaces and outputs of client’s information and
documentation systems
◦ Importance of documents
◦ Archiving strategy and Timeline for storing digital
documents
◦ Security policies for various types of documents
◦ Legal constraints
8. 2. Design of (OBASHI methodology) safe
storage center:
◦ Safe building
◦ Physical servers
◦ Communication subsystem
◦ Data subsystem
◦ System software
◦ Applications
◦ Service and processes
◦ Organization
9. 3. Analysis of suppliers of safe storage
components in SLO:
◦ Analaysis of IT suppliers capability
◦ A questionnaire based on ISO9126 (quality of
information systems)
◦ Importance of questions(weights): average evaluated
weight of 4 project performers
◦ Sample: 28 IT companies
◦ Groups of questions to determine companies’capability
for safe storage centre:
HelpDesk capability
Backup & Disaster recovery capability
E-archive capability
Infrastructure
Hardware
System
10. A comprehensive study which contains:
◦ Vision, strategy, goals of the shared storage center
◦ Analysis of existing IT technology of 4 client
companies
◦ Design of a safe storage center
◦ Analysis of 28 suppliers in Slo.
◦ Financial and resource evaluation of the project
◦ A consortium of 4 competing suppliers working on
the same project
11. ◦ Infrastructure, general:
2 primary and 1 backup locations,
separate seismic plates with low seismic activity (e.g. NE
Slovenia and SW Slovenia )
Fire, flood, earthquake, explosion, intrusion protection
Access control system (biometric)
◦ Inner building: Lampretz safe cell
Anti-static
Anti-static, double floor
Auto fire protection with inert gas sensors
gas,
Air conditioning, redundant (ASHRAE standard)
conditioning,
Temp. 20-25oC, humidity 40-55%, condensation at 17oC
Power supply redundantd, separate phases
supply,
Racks for servers
12. Hardware:
◦ UPS
◦ Blade servers IBM or HP (e.g. 'HP Blade C-CLASS 8x with
servers,
FC/Ethernet switches).
◦ Data subsystem; SAN network:
Redundant storage system (e.g. HP Storage EVA 4100).
Robot tape library (e.g. HP library MSL 2xUltrium 960 SAN)
software:
System software:
Virtualization.
Virtualization Microsoft Hyper-V, VMWare ESX ali ESXi, CITRIX-
XEN.
Operating systems
Microsoft Windows 2008
Linux - SLES, RH .
◦ Configuration of servers: High Availability-cluster system
Availability- sy
13. Communication subsystem
◦ Hierarhical LAN network with redundant core switches
(CISCO)
◦ Separation of logical networks (for data, users and
management)
◦ Optimization of transfer speeds between data centre
and clients (CITRIX WAN Scaler system)
Communication providers
◦ At least 2 providers
◦ Leased line / optical line + redundant wireless
17. Mandatory start-up processes for safe
storage center:
◦ Help Desk User/
customer
◦ Security management klic
Identifikacija
problema Belezenje in spremljanje
poteka resevanja
+
◦ Technical support +
◦ Maintenance and management
Help desk
manager
Resevanje
problema Preusmeritev
problema na
+ 2.nivo
+
Help desk Resevanje
personal problema na 2.
nivoju
+ Help desk
personal
2.nd level
18.
19. ZVDAGA – Safe storage of e-documents and e-archive
law
◦ Organization, infrastructure, process of acquiring and storage
of documents in digital and paper type of form. Requirements
for usage of documents as proof-of-evidence, national
archives services, inspecions,…
ZEPEP – E-commerce and digital signature law
◦ E-commerce requirements for ICT, digital signature usage in
legal processes
MoReq2 - Model Requirements for the management of
electronic records
Enotne tehnološke zahteve v1.0 [8] – Unified
technological requirements v1.0
20. Example
Client organization Critical – Seriously limited Limited work Non-urgent
event interrupted work process process, not services
work process critical
priority 1 2 3 4
Feedback response 15 min 45 min 1h 2h
time
Remote Response time 30 min 1h 2h 4h
On-site response time 2h 2h 4h 8h
Time to repair (limited Continuous 1d 2d 3d
functionality) retrying
Time to repair – full Continuous 3d 5d 5d
functionalities retrying
21. Basic services or clients
◦ Shared archiving
◦ Replicated data and document servers
◦ redundant company IS servers
Extended services for clients:
◦ Shared web hosting
◦ Shared email hosting
Wish-list services for the future:
◦ Shared IT tools for project management ,
◦ Shared web based document systems
◦ Shared CRM systems
◦ Shared grid/cloud computing platform
22. Economy:
◦ Shared physical infrastructure – lower operational costs
◦ Shared energy consumption – lower costs
◦ Shared human resource costs
◦ Optimized and 100% used IT equipment, if
◦ Lower costs in comparison with archiving of paper
documents
◦ Shared services can be leaset to 3rd party companies
and create revenue!
Ecology:
◦ Shared virtual host servers – lower energy consumption!
23. the results of the study can be directly used
by organizations, which do not already have
an archive for their digital documents
Te economy shows that it is cheaper to build
shared data center than buliding multiple
ones
Buy or rent? No difference for 5-year cost
simulation!
25. [1] Rozman, T., Florjanič, M., Varkonji Šajn, M., Romih, J., Brumen, A., Vrankić, D., Kejžar, T., Krajnik, G., Sernec,
R., Perme, J., Hržič, R., Korošec, A., Jošt, K., Vindiš, M., Cizel, I., Planinšec, R., Mlakar, P., Tetičkovič, M.,
Samojlenko, D., Postavitev skupnega varnega prostora ter storitve arhiviranja dokumentov in zapisov, študija,
2009.
Answers,
[2] Klasinc, P. P., Safety and Security in Archives: Many Questions, and Even More Answers Atlanti, Review for
modern archival theory and practice, vol. 18, 2008.
high-
[3] Mergen, M. F., Uhlig, V., Krieger, O., Xenidis, J., Virtualization for high-performance computing, ACM SIGOPS
Operating Systems Review, Volume 40 , Issue 2, April 2006.
[4] Vaughan-Nichols, S., J., Virtualization Sparks Security Concerns, Computer, vol. 41, no. 8, pp. 13-15, Aug.
2008.
[5] Zakon o varstvu dokumentarnega in arhivskega gradiva ter arhivih (ZVDAGA), Uradni list Republike Slovenije,
št. 30/2006.
[6] Zakon o elektronskem poslovanju in elektronskem podpisu (ZEPEP), Uradni list Republike Slovenije, št.
57/2000.
[7] Uredba o varstvu dokumentarnega in arhivskega gradiva, Uradni list Republike Slovenije, št. 86/2006.
v1.0,
[8] Enotne tehnološke zahteve v1.0 dokument Arhiva Republike Slovenije, objavljen 1.12.2006.
[9] Pravilnik o strokovni usposobljenosti uslužbencev javnopravnih oseb ter delavcev ponudnikov storitev, ki
gradivom,
delajo z dokumentarnim gradivom Uradni list Republike Slovenije, št. 132/2006.
[10] Model Requirements Specification for the Management of Electronic Records,spletni vir:
Records
http://www.moreq2.eu, pridobljeno dne 1.7.2009.
[11] Hoffer, Jim. Backing Up Business - Industry Trend or Event, Health Management Technology, Jan 2001.
[12] OGC, ITIL – Information Infrastructure Library (Incident Management), spletni vir: http://www.best-
management-practice.com/gempdf/itSMF_An_Introductory_Overview_of_ITIL_V3.pdf, pridobljeno 1.7.2009.
[13] Wallis, P., Cloughley F., OBASHI, Wikipedia, The Free Encyclopedia,
http://en.wikipedia.org/w/index.php?title=OBASHI&oldid=285546814 pridobljeno 1.7.2009.