Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Dr. Guy Bunker, Symantec: Storage is dead: Long live storage

August 2008 by Dr. Guy Bunker, Chief Scientist, Symantec Corporation

In an age where we have more information than we can cope with and where data is growing at an exponential rate, how can storage be dead? Well, it’s not, of course it isn’t, however it is changing and in a few years time we’ll look back and ask how we coped with it all. The reason... cloud computing, or the grid, or software as a service, or whatever we will call it next week. Yes, we will be using more and more storage, but we won’t be looking after it – someone else will.

Storage has come down in price, the first gigabyte capacity drive appeared in 1980, weighed in at 250Kg and cost $40,000, even 10 years ago the average disk drive was only five or six gigabytes, nowadays you can buy a terabyte drive for a few hundred dollars! Of course the data you collect just expands to fill all the space available and one of the biggest questions, “how do I back this up” often gets ignored – until a disaster strikes and by then it is too late. So, along comes ‘the cloud’.

The idea is simple, you have a lot of data and it needs to be protected. You don’t have the time or the expertise, so if someone else can do this for you it would be a big help. This is just as much for the individual as it is for the small to medium business. With new services available on the web we expect to see the definition of ‘small’ rising from 100-250 people to 5000+! Before delving into the cloud, let’s just step back and talk about ‘data’ versus ‘information’. Data is the raw material from which you get information. If we suffer from information overload (which we do), then we are drowning in data. Multiple copies of the same thing held at multiple points in the network and copies of copies on laptops (presentations are particularly bad – with copies on email to every man and his dog, saved in email, saved on the laptop and saved on the server – just in case – and that’s for every person out there!).

Increases in bandwidth make it possible to efficiently back this up over the internet to a service provider and new technology can reduce the quantity of data that needs to be stored. The new technology is called ‘Single Instance Storage’. In essence, when you are backing something up and if it already has a copy, then it doesn’t bother to copy it again. We have seen this reduce the quantity of data by 100x. Now, if you think you are paying by the gigabyte per month, then 100x reduction is a sizeable saving.

But... before you all rush off and start backing up all your information over the internet a few words of warning. Well, it’s more like things you should ask the service providers BEFORE you trust your most precious asset, your information, to them.

1) Who can see my information? We live in an age where data loss is a fact of life and unfortunately 43% of all incidents are by third party providers. So, you need to know whether the service provider, who is the administrator of the system can see your data. In regular IT, the administrator is all powerful and so is able to read data from backups, or through applications – is this something you can live with when your information is with the third party?

2) What would happen if the service provider lost some of your information? Perhaps they lost a backup tape, or maybe their systems have been compromised and your customer information has been leaked. You need to ask the service provider what their information protection policy is – and furthermore, you should audit them on it. Do they encrypt their backup tapes? Do they have polices and applications to prevent information being copied to laptops, CDs, DVDs, USB sticks, iPods etc? What do they do to delete or destroy data when it is no longer needed?

3) Are you ok with co-location – what does the third party do to separate information and systems? Could a competitor, who is also using the service, possibly get their hands on your data? In the cloud, where virtualisation rules supreme, you don’t know if your data is on the same storage device, or your application is on the same server!

4) What happens in the event of data corruption? How many copies of the data does the third party have – can you go back through the backups for the last week, month, quarter to find an uncorrupted copy – or do they just have a single copy?

5) How easy is it to move from one provider to another? This is probably the most important question – currently there are loads of service providers, and the prices are falling all the time, so you might think this is the equivalent of ‘open systems’ – and in some ways it is, lots of ‘openness’ but actually, once you are committed to one provider you are locked in. So, the question you need to ask is – how do I get ALL my data out and copied over to a new provider? Some providers are more flexible than others and help you in the process – others will make you pay by the gigabyte and have to download it back to your servers before uploading it to the new service provider! Sometimes, ‘cheap’ can come back to bite you.

Finally, will you be relying on Service Level Agreements (SLA) to get you out of trouble? In essence a SLA is the contract, when it comes to performance, between you and the third party. They tend to ensure uptime numbers and outage periods and there is some remediation relating to money if they don’t manage to keep to the service levels. However, as the anonymous quote goes “Service Level Agreements: The fastest way to make lawyers rich”, why, because it doesn’t guarantee to get your business back up and running – just to pay you compensation, by which time you could be out of business. This is just as true for applications you are relying on out in the cloud – what if your email was down for a week (this actually happened to one service provider recently), or if your web was out of action? Would your customers understand or would they go elsewhere? A week is a long time when your competitors are only a click away.

Storage, applications, security all are making their way into ‘the cloud’, and there are huge business benefits to be had by using them, but you need to be aware of the threats, risks and consequences before diving in – and ask the right questions. Forewarned is forearmed.


See previous articles

    

See next articles













Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts