Backup is Dead – Introducing the Data Protection Lifecycle, Part 2

In this post, we continue to lay out the nScaled Data Protection Lifecycle concept by assessing the enabling technologies and then enumerating the requirements that the new paradigm must satisfy.

The new realities of virtualization and cloud computing

Despite all this bad news, there are some positive trends that support the revitalization of how IT leaders think about data protection and recovery. The virtualization of servers and workloads (operating system, data and application) has broken the ties between services and physical infrastructure. Through virtualization and other technologies, workloads are able to migrate readily between machines within a data center, and between data centers. This has made the specific hardware less important when it comes to service restoration.

While the process of restoring multiple dependent systems to service in different geographic locations is not trivial, with careful system design and preparation, it is achievable. Factors lowering the overall costs of what would in the past be considered highly sophisticated disaster planning include the transfer of software licenses through virtual server migration in an “off state”, and lower consumption of compute resources for the same reason.

Shared physical infrastructure delivered by cloud infrastructure as a service (IaaS) vendors offers – by far – the most significant incremental improvement in cost reduction. In a world where resources can be tapped on demand and shared between one organization and another in times of need – the so-called elasticity of cloud computing – with virtual workloads securely migrating between one location and another, there is no longer any requirement for individual IT teams to procure and manage physical hardware in remote geographic locations.

Requirements for a new paradigm

The broken state of traditional backup, and the game changing introduction of cloud infrastructure calls for a complete revision of how IT leaders protect and restore systems and data. Rather than focus on how to improve backup, or how to minimize any single pain point within the existing paradigm, savvy IT leaders should look to harness the power of virtualization and the cloud to increase service levels for all systems, simplify IT operations, eliminate repetitive, non-strategic activities, and put their organization onto a predictable and sustainable (service based) cost curve.

Moreover, backup and protection of data needs to be an intrinsic and ongoing part of the process. Protecting data from deletion or corruption should be as fundamental to the process as its creation. There should be no cause for system downtime during backup procedures, and continuous incremental backups should eliminate this requirement entirely. The protection process should be automated, with no requirement for manual intervention, switching of media or offsite physical relocation.

Intelligent systems design should facilitate regular, non-disruptive testing of recovery facilities and processes with predictable outcomes that business leaders can rely upon. Shared physical resources in different geographic locations should be used for on-demand utility infrastructure, eliminating waste and over-provisioning. Mobility of workloads should be engineered into the system to reduce localized threats such as flood and fire. Comprehensive local recovery should provide for immediate system restoration after localized system errors, with minimal disruption to users.

With a comprehensive data protection paradigm, there is no longer a requirement for backup as a point product or isolated process. Backup and the protection of data becomes a by-product of the overall workload protection process and occurs continuously. By delivering more effective and incremental backup, the system also delivers more rapid recovery (shorter RTO) with shorter windows of potential data loss (shorter RPO).

Automation introduces the potential for systematic reporting, alerting and analytics while eliminating human errors and the need for ongoing training.

Design requirements include:

• Backup is a by-product of a continual process of protection and replication
• No manual processes
• Automated monitoring and policy enforcement
• Centralized management interface showing holistic view of all systems
• Small recovery point objectives for minimal potential data loss (minutes)
• Local recovery for service continuity (data and systems)
• Remote recovery for catastrophic failures
• Ability to test regularly without impacting production systems
• Hardware independent
• Data lifecycle aware for aging recovery points (policy based)
• Security must be designed into the system

In the third and final post, we will introduce and formally define the Data Protection Lifecycle and show how it meets customer requirements.