Levi, Ray & Shoup, Inc.

Your Company’s Data Resilience: Does the Tail Wag the Dog?

2/29/2024 by Mike Zwolski

Every now and again, my company lets me comment publicly on the craziness of how our world operates. Today, Data Resilience is my topic of choice. What is Data Resilience? For this discussion, it’s the ability to recover from a cyber threat/ransomware/data destruction.

To have this discussion, we first need to understand the following formula:

High Availability + Disaster Recovery ≠ Capability Data Resilience

The best equipment, design, and DR capabilities do NOT provide Data Resilience. Data Resilience means coming back quickly after a Cyber Attack. HA & DR solutions don’t begin to address that topic, mostly because that’s not what they were designed to do.

The thing customers need to ask is how long it will take to recover from a major attack. Today, the average recovery period is three weeks! That’s not acceptable, of course, as most companies would be out of business by then. Accordingly, all the major storage players now offer some form of data resilience in their products to address this issue. As a result, most of the current storage offerings now talk about data recovery in days, which is a whole lot better. But honestly, that is still not very good…

Why not be able to recover in minutes? The answer is that to do so, you need to view data resilience differently than you do today. I subscribe to the notion that all data is not created equal. It’s all valuable, but some is much more valuable than others. The key is understanding which key processes and data are truly mission critical. These are what you need to recover your “minimum viable enterprise” after an attack. As you can imagine, this is a lot different than what you need to go back to “business as usual” after an attack. You need to define the data that is needed for your “minimum viable enterprise” and treat it differently. That’s the data you aim to recover in minutes. The rest could be recovered in hours or days once you have successfully kept your company’s doors open for business after an attack.

This approach also requires rethinking the whole “unified data” idea. In every customer I call on, whether open systems or mainframe, there are some common realities: A small percentage of their data (say 10-20%) is needed to keep the company open for business. This is generally block storage. The rest of the data is important but isn’t quite as important. This is usually file or object storage. Finally, companies want to standardize to save money.

Who cares? You do, or at least you should. Because in today’s zany world, vendors say: we have 80% of your data, why not standardize on our one platform? Not just for backups and DR, but for Data Resilience. Many customers don’t think it through. The tail wags the dog. The 80% of your data that isn’t the most important drives the care of the 20% of the data that is. The least common denominator, as it were, dictates the overall solution. Standardization on the platform that is OK for all, and exceptional for none, is not the answer.

Some consultants are starting to advise that unified data is not the silver bullet it was once thought to be. Some are now saying that if customers want to unify data, they should unify file and object, not file and block. This is well considered advice. I propose that you let the more important 20% of your data drive your data resiliency strategy first and let the other 80% come along later. Your key block storage drives your business. Let the dog wag the tail, not vice versa.

With immutable copy creation, storage, and validation — all on the storage hardware itself — IBM block storage products provide the capability of recovering your minimum viable enterprise data in minutes. You can then use the other guy’s products to recover the rest. The dog needs to stand up and put the tail in its place. Block storage drives your business. Why not treat it that way?

One size does not fit all. Sure, standardization can save money. But does that matter if your business’s recovery is measured in days instead of minutes? How much savings are worth putting your company’s image, reputation, and perhaps viability at risk?

Pick the solution optimized for your most critical data first. That will allow you reopen your doors quickly after an attack. Then build a solution for the other 80%. IBM has solutions for all your storage needs, but IBM block storage is ideally positioned for the 20% of your data that your company wants back in minutes. That’s an idea we would be happy to discuss with you. Feel free to contact us for more information.