Thursday, November 7, 2013
3-2-1 Archive and Data-Protection Best Practice
"3-2-1 Archive", is a simple yet very important archiving and data-protection best practice.
Simply stated it is:
3 Copies of your Data
2 Different Storage Technologies
1 Copy Off-Site
Let's look at the 3-2-1 archive and data-protection best practice in detail.
A minimum of 3 copies of your business critical data, including archives.
Plan for the unexpected over the retention period of your archive. Be prepared for storage system/device/media failures, corruptions, losses and human errors, by having at least three complete, self-contained/describing, verified copies of you data.
Use two different storage technologies.
To minimize the risk of being unable to access your data due to storage technology failures and/or limitations, use two different storage technologies. For example: magnetic disk and magnetic tape; magnetic disk and optical disk; or optical disk and magnetic tape.
In choosing your storage technologies be sure to factor in the retention period and how you are going to manage reading and migrating data over this time period.
Keep one copy off-site.
For disaster recovery and business continuity purposes, an off-site copy of your data is a MUST. Either by physical transporting the storage media, or by electronically transferring the data.
3-2-1 Archive and the Cloud
Traditionally, archiving has been very focused on physical storage devices and media. Over the past several years, a growing number of organizations are outsourcing their archives, including management of their archives, to external third party data centers or cloud service providers.
Today, these service providers tend to operate highly virtualized storage systems that may or may not span over multiple remote data centers. This can present several storage audit/compliance challenges, including: security, verification, storage technologies, location, authentication and chain of custody.
For many organizations, an external cloud service is perfect for an off-site copy of their data. Additionally, some of these organizations maybe able to use external cloud services for managing all their archived data.
It's important to note, that using external cloud services does not reduce or relieve the organization of their legal or corporate responsibilities concerning their archived data. In fact it makes the undertaking of storage compliance audit's, i.e., a cloud storage compliance audit, not optional, but mandatory for most organizations.
The 3-2-1 archive and data-protection best practice can work well with cloud environments. It just needs some updating to practically deal with highly virtualized environments and third party cloud service providers. An excellent topic for a future posting.
For additional information on the 3-2-1 best practice, archiving in clouds and cloud storage compliance audit's, please contact Storage Clarity.