Imagine this scenario: In Worldwide Corp., a global conglomerate, backups are performed on a nightly basis. At some point during the nightly cycle, backup administrators ensure that all data is written to tape. In addition, a large percentage of servers at Worldwide Corp. also replicate data to remote facilities using a variety of methods. Likewise, split-mirror and snapshot functionality are employed extensively throughout the organization. These functions are managed by systems and storage administrators independently and, in some cases, without the knowledge of backup administrators. Worldwide Corp. also has database administrators who, like all good DBAs, are extremely risk-averse. As a result, since disk space is plentiful, unbeknownst to either backup or storage administrators, the DBAs routinely dump copies of their databases to disk, ensuring that several recent versions are always at hand and can be recovered quickly in the event of a hardware failure or data corruption.
If data loss were to occur, Worldwide Corp. would be able to select from a combination of replicated copies, dumps, split mirrors, or snapshots to recover data. What is the likelihood that they would need to turn to the actual backup application for data recovery? The truth is that they would prefer to do anything humanly possible in order to avoid being dependent on traditional backups.
What I am describing is not uncommon. Many corporations today employ multiple techniques to protect against data loss. Unfortunately, the various approaches are often applied and managed in an uncoordinated manner. Ironically, the nightly backup, for some critical classes of applications, becomes almost irrelevant, representing a tertiary, "last ditch" level of data protection, while for lower-tier applications, backup still retains its importance as the first line of data recovery.
This leads to the paradoxical situation where the failure to back up a critical application will actually have less of an impact than the failure to back up one deemed less critical. However, organizational policies and practice do not currently reflect this. What is missing is a unified view of data protection from an application perspective. The next generation of data management tools needs to provide what some SRM products attempted to offer but never fully achieved -- a comprehensive, application-centric management capability for data protection. In addition, organizations need to break down the compartmentalized data-protection mind-set and develop an application-focused, policy-based approach.
Jim Damoulakis is chief technology officer of GlassHouse Technologies Inc., a leading provider of independent storage services. He can be reached at jimd@glasshouse.com.