In Chapter 1 of his book Data Protection and Lifecycle Management, Tom Petrocelli discusses the five components of a data protection strategy.
The size of an enterprise determines which practices, processes or technologies
are used for data protection. It is not reasonable to assume that a small business
can deploy expensive, high-end solutions to protect important data. On the
other hand, backing up data to tape or disk is certainly something that any enterprise
can do. A large enterprise will have both the resources and the motivation to
use more advanced technology.
The goal is the same no matter what the size or makeup of the company. Data
protection strives to minimize business losses due to the lack of verifiable data
integrity and availability.
The practices and techniques to consider when developing a data protection
strategy are:
- Backup and recovery: the safeguarding of data by making offline copies of
the data to be restored in the event of disaster or data corruption.
- Remote data movement: the real-time or near-real-time moving of data to a
location outside the primary storage system or to another facility to protect
against physical damage to systems and buildings. The two most common
forms of this technique are remote copy and replication. These techniques
duplicate data from one system to another, in a different location.
- Storage system security: applying best practices and security technology to
the storage system to augment server and network security measures.
- Data Lifecycle Management (DLM): the automated movement of critical data
to online and offline storage. Important aspects of DLM are placing data considered to be in a final state into read-only storage, where it cannot be
changed, and moving data to different types of storage depending on its age.
- Information Lifecycle Management (ILM): a comprehensive strategy for valuing,
cataloging and protecting information assets. It is tied to regulatory
compliance as well. ILM, while similar to DLM, operates on information, not
raw data. Decisions are driven by the content of the information, requiring
policies to take into account the context of the information.
All these methods should be deployed together to form a proper data protection
strategy.
Read the rest of Chapter 1, Introduction to data protection
