Changing approaches to data protection.Data backup and disaster recovery planning has long been an important part of corporate organizations, although often not an especially prominent one. A number of trends (from the attacks in 2001 and the continued threat of natural disasters, to the increased corporate and government data collection and retention requirements of regulations like Sarbanes-Oxley. HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, and the Homeland Security Act The Homeland Security Act (HSA) of 2002, Pub. L. No. 107-296, 116 Stat. 2135 (Nov. 25, 2002), introduced in the aftermath of the September 11, 2001 attacks, created the Department of Homeland Security in the largest government reorganization in 50 years, since the Department of ) have heightened the attention and awareness of the importance of data backup and disaster recovery in organizations of all sizes. But what has been the result of this increased attention? Have IT managers changed how they prepare, plan or operate? Imation Corporation, a global leader in data storage technology, commissioned a data protection survey in the spring of 2003 to find out. While much of the attention to IT practices post- post- word element [L.], after; behind. post- pref. 1. After; later: postpartum. 2. Behind; posterior to: postaxial. 9/11 focused on the world's largest companies and their data center operations, this survey focused on the broader set of IT directors and managers operating in open systems network environments. IT Departments Responding With New Approaches The fresh attention to data backup and disaster recovery appears to have translated into action at many companies. In the survey, more than one in three IT managers reported that they have made changes in this area since the events of 9/11. At Imation, we have seen many organizations react by moving along a continuum Continuum (pl. -tinua or -tinuums) can refer to:
pre- pref. 1. Earlier; before; prior to: prenatal. 2. 9/11 baseline The horizontal line to which the bottoms of lowercase characters (without descenders) are aligned. See typeface. baseline - released version was an absence of a formal backup plan, we've seen new interest in establishing one. If they already had a plan in place, we have seen renewed interest in refining refining, any of various processes for separating impurities from crude or semifinished materials. It includes the finer processes of metallurgy, the fractional distillation of petroleum into its commercial products, and the purifying of cane, beet, and maple sugar that plan to make it more powerful, sophisticated and reliable. The survey findings support this observation. Among companies who have made changes since 9/11, the most commonly reported changes were refinements to existing plans, such as the establishment of regular testing and update procedures, movement of data backup offsite, and increases in allocations to disaster recovery budgets. A smaller percentage reported the undertaking of preliminary steps, such as the development of a disaster recovery plan for the first time, and the establishment of budgets for both disaster recovery and data backup. Regulations and Retention Another area IT departments are addressing is how their technology infrastructure can support new data retention requirements. Financial scandals and concerns about security of electronic medical records have brought new regulations that are forcing companies to be sure that vital electronic files are preserved for the long term--or whenever they are needed. For example, the Sarbanes-Oxley Act See SOX. of 2002, enacted in the wake of the financial scandals of the past few years, mandates tighter controls on financial reporting and more robust record retention--increasing the need for long-term data archiving. The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when (HIPAA), enacted in 1999, ensures the portability, privacy and security of individuals' medical information. Meeting HIPAA requirements includes a higher degree of secure electronic storage of patient medical records, and requires patient data to be kept at least six years after treatment by any medical organization. Since most companies already create tape backups Using magnetic tape for storing duplicate copies of hard disk files. Users can add an internal or external tape drive to their desktop computers for backup purposes, and files are typically copied to the tapes using a backup utility that updates on a periodic schedule. and archives, many can meet regulatory requirements Regulatory requirements are part of the process of drug discovery and drug development. Regulatory requirements describe what is necessary for a new drug to be approved for marketing in any particular country. using existing systems. Tape storage remains the most economical and efficient way to ensure that records are kept secure, available and portable for the long term. Many Businesses Operate Without a Net Planning ahead in case disaster strikes is like wearing a seatbelt--you may not need it on every trip, but you wouldn't want to be without it in a crash. And yet, many surveyed companies leave themselves vulnerable through lack of a formal disaster recovery plan. Of the companies surveyed, three in ten do not have such a plan. Similarly, neither testing of disaster recovery plans nor engagement of external audits of data storage and disaster recovery plans is a universal practice, with 32% and 64% of respondents In the context of marketing research, a representative sample drawn from a larger population of people from whom information is collected and used to develop or confirm marketing strategy. reporting, respectively, that they do not take these simple, preventative actions. Tape technologies are among the most cost-effective and reliable for addressing the large-scale backup methods that guard against vulnerability and data loss. Moreover, tape is the only truly removable media In computer storage, removable media refers to storage media which can be removed from its reader device, conferring portability on the data it carries. A removable drive is a reader device for such media. designed for the enterprise, enabling those charged with protecting data to make sure it is not at risk all in one place. As managers look to strengthen their data backup and disaster recovery programs, tape particularly excels in those applications that address some of the most feared situations. Conclusion The past few years have cast a new light on existing IT concerns and raised many new ones. This survey of IT operations suggests that the combination of increased regulations, the events of 9/11, and the increasing volume and value of electronic data has prompted changes in data backup and disaster recovery practices. These changes, while helpful, have certainly not resolved key and critical issues and mounting pressures that IT managers face today. Imation's data protection survey findings suggest that many companies are moving in the right direction but many still need to improve, if they want to protect themselves to the full extent possible. As an industry, we can best help these firms by both demonstrating the need for and value of the right products and practices, and then work together as partners in seeing that they are deployed correctly. Jim Ellis Jim Ellis may be:
www.imation.com |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion