If youve been thinking that its time to do something to bullet-proof your small-to-midsize businesss critical data and systems such as financial transactions, patient records or your email and Web retail storefront youve been thinking right. Fifty percent of companies that lose their data go out of business immediately and ninety percent don't survive more than two years, according to research firm Baroudi Bloor International. Thats a lot of unnecessary risk for something so preventable.
The causes and instances of data loss are much more commonplace than you might think its rarely an act of God. In fact, its usually just an easily corrected system or user error, if youve protected your data correctly. Only three percent of all data loss is caused by fire, flood and other such disastrous events. The most common causes are hardware or system malfunction (44 percent), human error (32 percent), software corruption (14 percent) or viruses (7 percent).
There are very good reasons for protecting your important business data, according to Bob Schaefer, CEO of Breece Hill, whose company manufactures iStoRA, an integrated disk and tape-based backup, recovery and archiving appliance. Obviously, you need it to run your business. But beyond that, businesses face a growing list of strict legal requirements, and the need to be prepared for any potential lawsuits or audits that might follow events such as an employee termination, worker injury or the sale of the company.
Here are Five Things to Know:
1. Backup Often and Wisely
Market research firm Gartner says that less than 1% of small businesses perform daily backups, and Enterprise Strategy Group analyst Peter Gerr says that backup is always at the top of business concerns it either takes too long, or users cant verify that its actually working.
Backing up everything on a daily basis can be extremely costly and time-consuming, so its important to identify only the data that changes. For the average business, the percentage of data that changes daily is somewhere between 2-5%.
For example, a graphic arts agency that develops intricate print designs and continuously backs up large image files, page layouts and video work will quickly break the bank on storage hardware alone. By implementing a backup function thats able to sense changes reasonably well and back up just those files that have been altered, the business is protected at far less cost.
On the other hand, a specialty manufacturer of high-end audio products may only need to backup once a day, but will require it to be a bullet-proofed backup. While the rate of change is slow, each order is vitally important to the business.
By limiting what your business backs up to only that which changes daily, huge time and cost savings can be made, said Schaefer.
2. Prioritize Data for Disaster Recovery
Another aspect to backing up data is making sure that the systems and data your business absolutely needs will be there in the case of a disaster. This means that you need to look at your overall data picture, and decide whats critical, whats important, and what you can do without. Its critical that an online retailer keep its Web store up and running, but it can do without the contactor its print services, at least for awhile.
So the next step is to prioritize each system and its related data - key systems for most small businesses include email, telephones, databases, file servers and Web servers. Typically, systems are prioritized into three categories that require differing levels of recovery time, from zero to days: redundant (immediately), highly-available (minutes to hours), and backed up (four hours to days).
As a manufacturer of high tech storage products, including the iStoRA appliance, we have a high rate-of-change that forces us to keep more data on disk for immediate restore than many other businesses, comments Breece Hills Schaefer. For us, its essential to keep our most important data, such as engineering drawings, supplier specifications, and up-to-the-minute materials pricing, on disk for at least three weeks.
3. Archive Important Data for the Long Term
Now its time to consider your data archive. First, youll need to figure out how long to keep data. Federal and state regulations and policies dictating the length of time that your data must be retained vary by state, and can be anywhere from seven years for equity or stock transaction records, to 17 years for certain HIPAA regulations, and up to the life of a patient for others.
Government contractors or companies working with government contractors, face other requirements, including the type of media used. Optical disk, for example, can survive the electrical pulse that follows nuclear war. But in most other cases, its simply important to choose a system and/or storage location that will achieve your companys needs. But remember, penalties for non-compliance with data retention requirements are stiff.
If youre going to have to keep data for twenty years or more, youll need to identify a physical storage location. Some businesses will choose a full-service company such as Iron Mountain, that picks up, stores and delivers data when its needed. But its more realistic that the data goes offsite, and is stored in the safety of persons home.
But remember, however you choose to store data, said Schaefer, it must be stored in a climate controlled and electrically neutral environment.
4. Its Smart to Comply Now
Theres been a lot of buzz in business and industry media recently about compliance. What it really means for the small business is that youd better know what regulations affect your business, and what that means for your data storage system.
Some of the most important recent regulations to affect the small-to-midsize business include the Sarbanes-Oxley Act (SOX), which has implications for financial reporting, and the Health Insurance and Portability and Accountability Act (HIPAA), which applies to the maintenance, security and storage of health care records. There are also a variety of human resources-related regulations applicable to programs like workers compensation at the state level, and payroll regulations such as the Federal Insurance and Contributions Act (FICA) at the national level.
Compliance requirements are tightening across the board. For example, if your business sells bolts to Lockheed Martin, you may be required to comply with stricter Department of Defense regulations for military contractors. The same is true for independent broker/dealers and the Securities and Exchange Commission, service providers to major utilities and Homeland Security regulations, as well as small-to-midsize businesses and local, state and federal regulations of all shades.
The bottom line is, you had better comply, adds the Breece Hill executive.
5. How to Store Data Cost-Effectively and Easily
Most small-to-midsize businesses dont have free IT resources to set-up and manage a storage solution, so its important to work with a value-added reseller that understands your business. Its also important that the solution fit easily into your companys existing system, and is as manageable and turn-key as possible.
Over the long run, most mid-size businesses are better off buying an integrated solution. The upfront cost may be a bit more, but in the long run, the time, money and effort spent on a custom, or home-grown solution will be far greater. Not only will you need a professional to install it, but theyll need to help maintain and tune it as well.
Today, there are all-in-one storage appliances that include integrated disk for short-term backups and archiving; tape for long-term archiving; as well as the software and server components that that help to prioritize and store data appropriately such as Breece Hills iStorRA.
The beauty of the integrated appliance, concludes Schaefer, is that you have all of the storage media components in a single box thats easy to use. And if anything goes wrong, youve got just one number to call one throat to choke.
So there you have it the basics for protecting your business from the very real threat of catastrophic data loss. When researching solutions, make sure that you work with a professional or value-added reseller whos familiar with your type of business as noted above, data protection requirements do vary significantly, depending on your industry. And remember, without your businesss data, theres no business at all.
Breece Hill are exhibiting at Storage Expo the UK's largest and most important event dedicated to data storage, now in its 5th year, the show features a comprehensive FREE education programme, and over 90 exhibitors at the National Hall, Olympia, London from 12 - 13 October 2005 www.storage-expo.com