SlideShare a Scribd company logo

232 a7d01

SMK PRASASTI KARANG BERAHI JAMBI
SMK PRASASTI KARANG BERAHI JAMBI
1 of 16
Download to read offline
College of virtualization: Lessons in integrating data protection software Sponsored by Dell VMware Speaker: Tom Nolle, President, CIMI Corporation Moderated by Kate Gerwig Karen Guglielmo: Hello, and welcome to a SearchStorage.com presentation, ‘College Of Virtualization - Lessons For Integrating Data Protection Software’. This presentation is being brought to you by Dell and VMware. For more information on Dell and VMware, you can click on their logo in the lower portion of your screen. My name is Karen Guglielmo, and I will be your moderator today. Joining me today is Laura DiDio, a Hi-Tech Analyst and Consultant, a professional writer and a former reporter. She is a principal at Information Technology Intelligence Corp., a company she founded. Before we begin the presentation, I would like to review a few housekeeping items with you. First, the slides in the presentation will be pushed to your screen automatically. If you have any questions throughout the presentation, you can type them in the ‘Ask A Question’ area located on the right-hand side of your screen and they will be addressed following the event. If you have any difficulty viewing or reading the slides, click on the ‘Enlarge Slide’ button located in the bottom portion of your screen, and finally, if you experience any technical difficulties with this presentation, click on the ‘Help’ button in the lower right corner of your screen. With that said, I am now going to turn things over to Laura DiDio to begin today’s presentation. Laura. Agenda •Overview: Data protection software •Getting Started: General Advice • Business & Technology Considerations •Deployment • Configurations & what to buy •Conclusions & Recommendations Copyright © 2009 ITIC All Rights Reserved
Laura DiDio: Thanks, Karen, and welcome everyone. It is a pleasure to have you here with us. We are going to dive right in and get started because this is a hot topic and we have a ton of information and data to help you with. Okay, so our agenda, we are going to give you an overview of data protection software. We are going to give you some general advice, business and technology considerations and some, you know, deployment considerations, configurations, what to buy, what to do, and then we will give you our conclusions and recommendations and we will wrap up with Karen doing some Q and A. Overview: Data Protection • Effective, efficient Data Protection is a core, fundamental network component • SMBs using virtualization will face additional challenges in managing and protecting data • Data protection ties into DR Strategy • Virtualization generates lots of data • Organizations must be able restore and recover data quickly • Absence of data protection will compromise the entire network and potentially put your business at increased risk for litigation Copyright © 2009 ITIC All Rights Reserved Okay, so data protection. Okay, this is a no-brainer, as we see on the slide. Efficient, effective data protection is a core fundamental network component. Now, SMBs that use virtualization, and that is many of you, especially on the server side but in your head we are expecting a lot of you are also going to implement VDI, Virtual Desktop, virtualization and also application virtualization as time goes on. You are going to face specific additional challenges in managing and protecting your data and as we will see, your data protection strategy is going to tie into your disaster recovery strategy and also your virtualization strategy. One reason for that, virtualization generates a lot of data when you are actually looking at things. So, there is going to be in some ways more for you to manage at once. Clearly, organizations have to be able to restore and recover data quickly and they have to make sure it is protected. The absence of data protection, we don’t have to tell any of you, will compromise your entire network and especially because you are SMBs who are even more risk averse than your enterprise counterparts, a really bad hack could potentially put your business at increased risk for litigation or even put you out of business.
Data Protection: Getting Started •Thoroughly review existing infrastructure & data protection • Start with a pristine network • Fix what’s broken • Regularly upgrade data protection equipment and software • Make a data protection/security plan, stick to it and enforce it!!! Copyright © 2009 ITIC All Rights Reserved Now, as we turn to the next slide, getting started with data protection, once again, you have to start at the beginning and that means you want a pristine network environment or as pristine as it can be. That means you have got to start by thoroughly reviewing your existing infrastructure, locating what are the weak points, are there any open doors, open ports, backdoors, what type of hardware do you have, server hardware, do you need ruggedized server hardware, how is your encryption. So do you have the latest upgrades? You need to fix what is broken or what is old and outmoded, and you should be regularly upgrading your data protection equipment and software. There was a famous German 19th century military strategist who said that military secrets are the most fleeting of all. In the 21st century computing environment, what I would say is security and data protection is one of the most fleeting of all, because as soon as you have one thing fixed there is a hack to exploit something. There are always new and improved ways to crack into and compromise the security and data protection of your network. So you have to stay on your toes with this and it is a question of months, not years. You need to make a data protection and security plan, stick to it and enforce it and by enforcing it that means with all of your users and you need to disseminate what your security and data protection plan is, what the rules are, and what the penalties are for violation.
Have you determined the cost of one hour of downtime for critical or mission-critical processes? Copyright © 2009 ITIC All Rights Reserved Do you have defined benchmarks to measure component, system or infrastructure performance? Copyright © 2009 ITIC All Rights Reserved So, as we turn to the next slide, the next few slides we are going to show you are based on the realities of what is happening now. This is survey data from ITIC over the last six months. We asked folks, have you been able to determine the cost of one hour of downtime? Okay, now you will notice only one third of companies said yes. That is the bad thing. So you have 51% who say no, and 14% who are unsure. So guess what? The majority of people don’t know what damage can be brought. That is bad. You have to know what the consequences are and if you don’t know how much downtime costs, there is probably a lot of other things you don’t know either. When we look, we ask people, do you have defined benchmarks to measure performance? Now security, actually this is a better one, almost 40% said yes, but almost 50% said, you know, no. Again, bad number there. We asked people what happens when something goes down, what factors do you
include in the cost? Once again, you can see productivity lost, but you look for all of these things and this is all tight security and data protection. If your security is compromised, if your data is unprotected, guess what? All of these things are going to happen. You are going to have dissatisfied customers, damage to your reputation. You are going to have regulatory exposure. You will lose, almost certainly lose revenue. There is going to be an upstream and downstream impact from, everyone from the C level executive to your endusers, to your business partners, to your suppliers, to your customers. So, there is also the risk of SLA penalties, risk of litigation, the cost for what happens for lost productivity for your employees, all sorts of things. If yes, which factors are included in calculation of downtime cost (select all that apply)? Copyright © 2009 ITIC All Rights Reserved Next slide, we asked people how many tier 2 outages, that is midlevel, 30 minutes to four hours has the firm experienced within the last 12 months? Now, this is always dicey because people talk about these things a little bit, you know, differently, but 44% said 1 to 3 outages. We also had 28%, nearly one, you know, one third said we did not have any. That is not necessarily a number I believe in, but 15%, as you could see, we got, said that they had 3 to 6 outages and then 5% said 5 to 10 outages. We had other people who were unsure and then only 3% owned up to having more than 10 tier 2 outages, but any outage is going to cost you money. Again, so...these numbers, a lot of people are just guesstimating or they are not owning up to it, but still, you can see that this is pretty prevalent. The tier 2 outage by the way is going to involve your network administrators, having to do remediation, getting involved, so it is going to be time, it is going to be productivity loss on the enduser side, it might mean your clients cannot get access to data, business suppliers, partners, etc.
How many Tier 2 outages (30 min. to 4 hrs.) has your firm experienced within the last 12 months? Copyright © 2009 ITIC All Rights Reserved But it is not the worst thing that can happen, as you can see from the next slide. We asked what about the most severe tier 3 outages? That is four hours plus and you may or may not have data loss, but you probably have some data loss. We had two thirds of people said, no we have not had any, 66%, we have not had any tier 3 outages. Again, that is not necessarily a number I believe because a lot of people want to keep quiet about it. But as you can see, the remaining one third do have outages and this is going to be significant in terms of the business operation, the cost, the remediation, the potential damage to your reputation. So, the only good outage is not to have an outage. How many Tier 3 outages (4+ hrs. w/data loss) has your firm experienced within the last 12 months? Copyright © 2009 ITIC All Rights Reserved
If your firm was unprepared to respond to the Tier 2 or Tier 3 incident, what changed afterward? Copyright © 2009 ITIC All Rights Reserved We also asked people to say, how prepared are you to address these outages when they occur and as you can see, 41% or 2 out of 5 businesses said they are prepared. Then 51%, the majority said, we are somewhat prepared. We have some plans in place but there was also some confusion. This is getting closer to the truth and then 5% basically said they were unprepared, caught off-guard and really had to scramble, and 3% said that they were totally caught off-guard and they were unable to respond in an effective timely manner. So, you could imagine if you were in that 8% category minority, how damaging that could be, especially since you folks are smaller businesses. It is going to really impact you more. So you don’t want to be in a position where you are reacting to data losses, network outages because you don’t have a data protection plan. Then we also asked, well okay, if you were in that, if you are unprepared or only somewhat prepared for data losses after one of these incidents, what changed? Now, 42%, again 2 out of 5 businesses that is, basically said they learned their lesson, but they are still working on being proactive. But 22% said nothing changed, it was business as usual. We had 10% who really became proactive and said we learned our lesson, we established service level agreements and we made a future response plan. And then you had a 2% minority that said, look we just played the blame game, pointed fingers and we have not done anything constructive. So, this is an object lesson here for those of you who are in our College of Virtualization, for what happens when you get out to the real world, you don’t want to be in those slices where you are being reactive rather than proactive and have not done anything constructive.
How certain are you that the SLA commitments you expect from others align with the IT services expectations your clients have of you? Copyright © 2009 ITIC All Rights Reserved Another question we asked and this plays right into data protection, security, etc. We asked people do you require SLAs from your IT vendors, your hardware, your OS, your application, your storage, your network virtualization vendors because if you don’t, you should, and what we saw here is that only 17% absolutely say they do all of it. Now, you can see from these, the smaller globe here, the pie chart, it is a higher percentage, 56% from enterprises, with more than 3000 users, so clearly the SMBs are lagging behind here. And we see 23% said we are not requiring anything beyond standard warrantee. Again, you should require SLAs. It does not matter whether you have 10 people in your organization or 500. You should require service level agreements and basic minimum metrics and standards for performance from your vendors. Again that should be a staple of any data protection plan.
How certain are you that the SLA commitments you expect from others align with the IT services expectations your clients have of you? Copyright © 2009 ITIC All Rights Reserved And this one here, this is scary. How certain are you that the SLA commitments you expect from others align with the IT services’ expectations your clients have of you? And again, only 2 out of 5 businesses were reasonably sure. You see that the largest slice of this pie, okay, by 58% is either uncertain, you know, or excuse me you only have 12% that are certain that they align. You have to make sure again data protection is 50% technology, but it is 50% policy and human due diligence and that is what these slides talk about here. So, you can get all of your best hardware from Dell, your best virtualization and security software from VMware, but it is not going to mean a thing if you are not putting policies and practices in place to protect your data. It would be akin to buy the most expensive security or alarm system for your home and then going out and leaving the windows open and the doors unlocked and not arming the security system. So, half of this is going to be up to you.
Data Protection: Best Practices • Check for compliance • Virtualized environments contain more data – if there a 6 VMs on a single server you will see > 1 Tbytes of data if it fails • Virtualized data protection failures will take down multiple servers! • Ensure adequate bandwidth • Check carrier routes • Determine whether you’re protecting the data at the hypervisor or OS level • Ensure that you have the latest versions, patches • Standardize the environment as much as possible Copyright © 2009 ITIC All Rights Reserved So turning now to the data protection best practices, the first thing you have to do is take a look, are you in compliance? Okay, with all of your licensing agreement, are you in compliance with regulatory issues for security and that is going to have pretty big implications for those of you who are in the SMB space, you might be in a doctor’s office or a dentist’s office, what have you, where medical records are kept. You have got to protect that data, if it gets out, wow! You know what happens. It could just be business records. It does not have to be medical records. It could be anything but you need to protect and preserve your data. In a virtualized environment and many of you now, as the cost of virtualization and hardware has come down so much, you are virtualizing, you know, your server and increasingly your application environment. Virtualization is a great thing. You can consolidate space, you can consolidate application, cutdown on your manpower hours, utility costs, you name it, but you have to be aware that virtualized environment will contain more data. So, for example, if you have six virtual machines on a virtual server, on some level, as the network administrator, you will see six machines, however, if you connect...once you connect to the host server, what you are going to see is probably 1.5 terabytes of data. So, if that fails, if the virtualized environment fails, six servers are going to be taken down. So, data protection is crucial because now much more of your infrastructure is going to be contained under a single physical host server. So, you are going to have a single point of failure even though you might...your applications are in isolated containers. Okay, and if you have got locally attached storage, it is going to be another big single point of failure. If it is SAN attached storage, you will lose access to the data. So, from the business standpoint, the data would still be inaccessible. Okay, so you need a comprehensive, cost effective solution that will manage both your physical and virtual servers alike and that is one of the things that we are seeing with VMware’s, vSphere, the latest version vSphere 4.
Conclusions & Recommendations •Data Protection is a MUST!!! •Business & technology planning are symbiotic • Formulate a data protection plan and adhere to it!!! •Keep Records – Organizations should document everything: costs, manpower, remediation efforts; fallout (e.g. lost business) from a disaster •Budget accordingly •Upgrade infrastructure as needed •Adhere to the three “Cs”: Communicate, Collaborate & Cooperate • Enforce SLAs! Copyright © 2009 ITIC All Rights Reserved Now, your virtualized data protection failures will take down multiple servers, again, so you don’t want that to happen. You want to be proactive not reactive. You have to ensure adequate bandwidth. Again, all the data in the world contained in these virtualized environments won’t be any good if you cannot transmit it if the pipes are too, you know, not adequate, they are too small. So check your bandwidth. You also want to check your carrier routes. Okay. Access in and out of the server, you might think that you have enough redundancy, but you want to make sure that the carriers are not subletting the same lease lines. So there has been many an instance where it is on the same line and that line, that one trunk line goes down and you are still out. The other thing you need to do is determine whether or not you are going to protect your data at the hypervisor or the OS level. Okay that has implications as well. You also want to ensure that you have the latest versions and patches updated. You need to standardize the environment as much as possible that will cutdown on the amount of time you are spending doing remediation work and it will cutdown on your management time as well. Standardized environment can really cut your time to recover from a data loss or a hack by about on average one third, but standardizing the environment helps because you are not running hither and yon and a lot of times we find that the data is compromised because you have not applied a patch or you have got different versions and the versions are not interoperating together and that can cause disruption to the operation, you know, to the network operation. As we turn to the next slide, finally the conclusions and recommendations. You know this, data protection is a must. Your business and technology planning are symbiotic. Again, cannot overstate this, 50% of your data protection strategy will depend on the technology. So you need good, strong underlying technology from your virtualization vendors like VMware, from your hardware vendors like Dell, but the onus is also on the C level executive, the IT department, and the endusers to strictly adhere to best practices. You have to formulate a data protection plan, you must adhere to it. I cannot tell you
how many times I have been in consulting situations with some of the top Fortune 100 firms and they are four revs behind on their antivirus software. They have a data protection plan that is four years old, they have not looked at it, they have not set penalties or, you know, disseminated and distributed the computer data protection policy and rules. You have to have rules in place, you have to enforce them, your endusers have to know what they can and cannot do and what the penalties will be for infringing on the rules. You also need to keep very, very good records. You have to document everything. That means if you have had some data protection losses, how much did it cost? How much is it costing you to buy the software, do you have adequate data protection software and hardware in place, what is the costing to your manpower, what about the remediation efforts, what has been the consequence or fallout from lost business, if you have had a disaster or a hack? Budget accordingly. This is one area where you do not want to skip. You need to also keep the entire infrastructure upgraded as needed and once again you have to adhere to the three Cs, which is Communicate, Collaborate and Cooperate, both internally and externally that means with your hardware, software, virtualization providers. Ask them to help you out with best practices. Companies like VMware now have an incredible array of tools, documentations, white papers, that are available for free to assist you, so there is really, you know, no reason to be behind the eight ball even if your organization is on a very, very tight budget and once again, finally, you want to enforce those SLAs, service level agreements. You are paying for all this equipment, so you and your vendors should be in sync and agree upon SLA metrics that are most appropriate for your business and if it is not there, then you need to rethink that policy and perhaps move on to another vendor. So, with that, I will turn it over to Karen for the Q and A. Getting Started: General Advice •Know what’s on your network •Adhere to the Three “Cs”: Communicate, Collaborate & Cooperate •Perform a thorough inventory and assessment of your current environment •Identify & Replace outmoded hardware •Standardize the application environment •Check and upgrade storage, bandwidth as necessary •Security, security, security! •Review Licenses •Review SLAs •Construct Operational Level Agreements (OLAs) Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Great! Thank your Laura for your presentation. I would like to take this time to remind everyone again that you are participating in a SearchStorage.com presentation on ‘Lessons For Integrating Data Protection Software’. Today’s
presentation is being brought to you by Dell and VMware. If you would like more information on Dell and VMware, you can click on their logo in the lower portion of your screen. And now, we are moving on to the moderator Q and A portion of today’s presentation. I am going to be asking Laura a couple of questions related to today’s topic. So, let us get started. First, let me ask you, how is using data protection software different in a virtual environment? Deployment Best Practices •Determine how you’re going to segment the virtualized & cloud infrastructure •Mix & Match: you can deploy Web servers and other classes of servers in the same physical host •Keep Production Applications separate for security purposes! •Adjust your network architecture/infrastructure to deal with virtualized & private cloud environments •Virtual infrastructure should have its own network • It should not share with Email/messagging •For the Virtualized/Private Cloud buy the most robust hardware configuration the budget will allow Copyright © 2009 ITIC All Rights Reserved Laura DiDio: Well, it is different because, as we noted, virtualization is wonderful for a lot of things, consolidation, for saving money, for saving time, but you have to really be on guard because all of your, you know, data, you are going to have multiple instances of application and data contained in a single physical server. So that can potentially be a single point of failure, if you have not put the proper data protection controls and configuration in place. So that is a scary thought. You know, you don’t want to take a direct hit. So you really need to make sure that you have the proper hardware, proper software and the proper data protection in that virtual environment.
Deployment Best Practices, contd. •Public Clouds: Due Diligence is a must! •Determine what tier of service you need •Ask for References •Ask Questions: • What hardware do they use? • How many paths in and out of the cloud • What is the guaranteed response time • Where are the hosts physically located • What about security – physical and what are the country policies if the host provider is outside of the U.S.? • How are they segregating the services? SMBs will operate much differently than an Amazon.com type business Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Okay. So how is data protection linked to your disaster recovery strategy? Laura DiDio: They are inextricably linked. I mean it is a real symbiotic relationship. So, for example, if you have protected your data but you don’t have a disaster recovery plan in place and the worst happens, if you cannot recover from a disaster, then the best data protection in the world, your data will still be safe but you are not able to access it. So, the two have to go hand in hand, you have to protect the data to make sure it is not compromised and it is not lost in the event of a disaster and the in the wake of a disaster you have to make sure that you can recover quickly so you can get your users back up and running and able to access the data. So overall, it is, you know, its data protection, its disaster recovery, and it is business continuity. That is the Triumvirate that people have to live by.
Conclusions & Recommendations •Make a Business Plan based on the technology needs •Construct a three-year technology plan •Purchase the most robust hardware your budget will allow •Make a security plan •Adhere to SLA and OLA agreement •Engage virtualization vendors & cloud providers •Make use of tools & documentation available from vendors like Dell, VMware and others •Make sure your cloud providers are meeting their SLA agreements with your organization Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Okay, and finally, what would you say is the most common mistake that people make in respect to data protection? Laura DiDio: The most common mistake is the human error and that is they don’t have a policy in place, they have an...or they have got an old policy, they have not dusted it off. Things are really changing fast in security, data protection, managing the data, so you have to constantly be upgrading this policy and again, I understand the focus of many users, especially those people in the SMB space where you might have an IT department that might be anywhere from one or two people up to maybe 10 people rather than dozens or hundreds of IT managers. There is an incredible burden placed on these people and the emphasis oftentimes is on just keeping the network up and running on a daily basis, even if that means, you know, doing patch jobs here and there. But you have to make the time and spend the money on data protection and that means you have got to get that network protected to the extent it should be in 2010 and going forward because the hackers are not standing still, there are...you are always going to find errors in software that require a patch or some type of remediation or a fix. So you really want to stay on top of this and once again if you are an overburdened IT manager or if you are in our College of Virtualization right now and you are coming out and you are going to go to work for an SMB, get to know your vendors. The vendors have a lot of tools at their disposal. There are many free tools for self- assessment. There are many white papers out there and documentation with best practices and how to, so engage them, also ask them, what do I need? Is this the appropriate configuration for me in terms of my hardware, how should I be configuring my virtualization environment so that it is optimized for disaster recovery and data protection. Karen Guglielmo: Okay. I am sorry, go ahead. You are going to wrap up? Laura DiDio: No, so, I was just going to say, so that basically is the human element. It is equally as important as the technology if not more so.
Karen Guglielmo: Okay, and that does conclude today’s presentation on, ‘College of Virtualization - Lessons For Integrating Data Protection Software’. If you would like to review today’s material at a later date, an archived version of this event will be made available in our SearchStorage.com webcast library. I would like to again thank Laura DiDio for taking time to be a part of today’s presentation, and I would also like to thank Dell and VMware for sponsoring this event. And as always, thank you for taking the time out to join us today. This is Karen Guglielmo, wishing you all a great day.

Recommended

Aureus disaster planning
Aureus disaster planningAureus disaster planning
Aureus disaster planning
AureusIT
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
 
Brighttalk converged infrastructure and it operations management - final
Brighttalk converged infrastructure and it operations management - finalBrighttalk converged infrastructure and it operations management - final
Brighttalk converged infrastructure and it operations management - final
Andrew White
 
Security Guide For Small Business
Security Guide For Small BusinessSecurity Guide For Small Business
Security Guide For Small Business
BrendanRose
 
Brighttalk high scale low touch and other bedtime stories - final
Brighttalk high scale low touch and other bedtime stories - finalBrighttalk high scale low touch and other bedtime stories - final
Brighttalk high scale low touch and other bedtime stories - final
Andrew White
 
NiTO Ebook
NiTO EbookNiTO Ebook
NiTO Ebook
NiTOROMInc
 
Help! I'm an accidental techie
Help! I'm an accidental techieHelp! I'm an accidental techie
Help! I'm an accidental techie
Miles Maier
 
Brighttalk brining it all together - final
Brighttalk brining it all together - finalBrighttalk brining it all together - final
Brighttalk brining it all together - final
Andrew White
 

Recommended

Aureus disaster planning
Aureus disaster planningAureus disaster planning
Aureus disaster planning
AureusIT
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
 
Brighttalk converged infrastructure and it operations management - final
Brighttalk converged infrastructure and it operations management - finalBrighttalk converged infrastructure and it operations management - final
Brighttalk converged infrastructure and it operations management - final
Andrew White
 
Security Guide For Small Business
Security Guide For Small BusinessSecurity Guide For Small Business
Security Guide For Small Business
BrendanRose
 
Brighttalk high scale low touch and other bedtime stories - final
Brighttalk high scale low touch and other bedtime stories - finalBrighttalk high scale low touch and other bedtime stories - final
Brighttalk high scale low touch and other bedtime stories - final
Andrew White
 
NiTO Ebook
NiTO EbookNiTO Ebook
NiTO Ebook
NiTOROMInc
 
Help! I'm an accidental techie
Help! I'm an accidental techieHelp! I'm an accidental techie
Help! I'm an accidental techie
Miles Maier
 
Brighttalk brining it all together - final
Brighttalk brining it all together - finalBrighttalk brining it all together - final
Brighttalk brining it all together - final
Andrew White
 
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
Andrew White
 
Bright talk running a cloud - final
Bright talk running a cloud - finalBright talk running a cloud - final
Bright talk running a cloud - final
Andrew White
 
Downtime-Whitepaper
Downtime-WhitepaperDowntime-Whitepaper
Downtime-Whitepaper
Matthew Spann☁
 
Christo email #4
Christo email #4Christo email #4
Christo email #4
Alex Fiore
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
guest64c5c
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Ron Pierce
 
Vantage IT - the Complete IT Solution
Vantage IT - the Complete IT SolutionVantage IT - the Complete IT Solution
Vantage IT - the Complete IT Solution
Paul Tarbox
 
Executive Primer on Business Continuity Planning
Executive Primer on Business Continuity PlanningExecutive Primer on Business Continuity Planning
Executive Primer on Business Continuity Planning
RickMark
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness Guide
DWP Information Architects Inc.
 
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
centralohioissa
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
Rogers Communications
 
CEO's Guide Effective IT Management
CEO's Guide Effective IT ManagementCEO's Guide Effective IT Management
CEO's Guide Effective IT Management
guest86c967
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your business
Soma Technology Group
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...
VMware_EMEA
 
Mastering disaster e book Telehouse
Mastering disaster e book TelehouseMastering disaster e book Telehouse
Mastering disaster e book Telehouse
Telehouse
 
Atkins case study
Atkins case studyAtkins case study
Atkins case study
1E: Software Lifecycle Automation
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep Dive
Envision Technology Advisors
 
AEPWP09292016
AEPWP09292016AEPWP09292016
AEPWP09292016
Demi Washington
 
The ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesThe ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologies
Livingstone Advisory
 
Protect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionProtect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and Action
Wolters Kluwer Tax & Accounting US
 
4th grade STAAR Night 2015
4th grade STAAR Night 20154th grade STAAR Night 2015
4th grade STAAR Night 2015
Summer Mires
 
Talk to the hand activity -dates and events
Talk to the hand activity -dates and eventsTalk to the hand activity -dates and events
Talk to the hand activity -dates and events
cortezushistory
 

More Related Content

What's hot

Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
Andrew White
 
Bright talk running a cloud - final
Bright talk running a cloud - finalBright talk running a cloud - final
Bright talk running a cloud - final
Andrew White
 
Christo email #4
Christo email #4Christo email #4
Christo email #4
Alex Fiore
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Ron Pierce
 
Vantage IT - the Complete IT Solution
Vantage IT - the Complete IT SolutionVantage IT - the Complete IT Solution
Vantage IT - the Complete IT Solution
Paul Tarbox
 
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
centralohioissa
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...
VMware_EMEA
 

What's hot (20)

Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
 
Bright talk running a cloud - final
Bright talk running a cloud - finalBright talk running a cloud - final
Bright talk running a cloud - final
 
Downtime-Whitepaper
Downtime-WhitepaperDowntime-Whitepaper
Downtime-Whitepaper
 
Christo email #4
Christo email #4Christo email #4
Christo email #4
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
 
Vantage IT - the Complete IT Solution
Vantage IT - the Complete IT SolutionVantage IT - the Complete IT Solution
Vantage IT - the Complete IT Solution
 
Executive Primer on Business Continuity Planning
Executive Primer on Business Continuity PlanningExecutive Primer on Business Continuity Planning
Executive Primer on Business Continuity Planning
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness Guide
 
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
 
CEO's Guide Effective IT Management
CEO's Guide Effective IT ManagementCEO's Guide Effective IT Management
CEO's Guide Effective IT Management
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your business
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...
 
Mastering disaster e book Telehouse
Mastering disaster e book TelehouseMastering disaster e book Telehouse
Mastering disaster e book Telehouse
 
Atkins case study
Atkins case studyAtkins case study
Atkins case study
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep Dive
 
AEPWP09292016
AEPWP09292016AEPWP09292016
AEPWP09292016
 
The ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesThe ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologies
 
Protect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionProtect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and Action
 

Viewers also liked

Talk to the hand activity -dates and events
Talk to the hand activity -dates and eventsTalk to the hand activity -dates and events
Talk to the hand activity -dates and events
cortezushistory
 
Ist 448 648 group presentation
Ist 448 648 group presentationIst 448 648 group presentation
Ist 448 648 group presentation
Michael Scinto
 
Techideias excel avançado v2012
Techideias excel avançado v2012Techideias excel avançado v2012
Techideias excel avançado v2012
Tech Ideias
 
Presentation slide
Presentation slidePresentation slide
Presentation slide
mrstore
 
Supercharge Strategy Execution: Performance Scorecard
Supercharge Strategy Execution: Performance ScorecardSupercharge Strategy Execution: Performance Scorecard
Supercharge Strategy Execution: Performance Scorecard
Flevy.com Best Practices
 

Viewers also liked (20)

4th grade STAAR Night 2015
4th grade STAAR Night 20154th grade STAAR Night 2015
4th grade STAAR Night 2015
 
Talk to the hand activity -dates and events
Talk to the hand activity -dates and eventsTalk to the hand activity -dates and events
Talk to the hand activity -dates and events
 
Assess curr readg04
Assess curr readg04Assess curr readg04
Assess curr readg04
 
2 mans kupang
2 mans kupang2 mans kupang
2 mans kupang
 
99 ce ed01
99 ce ed0199 ce ed01
99 ce ed01
 
It's just a test!
It's just a test!It's just a test!
It's just a test!
 
Pidato bahasa inggris tentang hiv
Pidato bahasa inggris tentang hivPidato bahasa inggris tentang hiv
Pidato bahasa inggris tentang hiv
 
Actividades abril 2013
Actividades abril 2013Actividades abril 2013
Actividades abril 2013
 
sty3e 16ne
sty3e 16nesty3e 16ne
sty3e 16ne
 
Success Factors of Customer Experience in MobileAGE 20140806
Success Factors of Customer Experience in MobileAGE 20140806Success Factors of Customer Experience in MobileAGE 20140806
Success Factors of Customer Experience in MobileAGE 20140806
 
Ist 448 648 group presentation
Ist 448 648 group presentationIst 448 648 group presentation
Ist 448 648 group presentation
 
Techideias excel avançado v2012
Techideias excel avançado v2012Techideias excel avançado v2012
Techideias excel avançado v2012
 
2012 uy
2012 uy2012 uy
2012 uy
 
Presentation slide
Presentation slidePresentation slide
Presentation slide
 
Supercharge Strategy Execution: Performance Scorecard
Supercharge Strategy Execution: Performance ScorecardSupercharge Strategy Execution: Performance Scorecard
Supercharge Strategy Execution: Performance Scorecard
 
Trabajo de fatima
Trabajo de fatimaTrabajo de fatima
Trabajo de fatima
 
Proyecto iava Fortalecimiento de los valores en la educación
Proyecto iava Fortalecimiento de los valores en la educaciónProyecto iava Fortalecimiento de los valores en la educación
Proyecto iava Fortalecimiento de los valores en la educación
 
Plan de Negocio
Plan de NegocioPlan de Negocio
Plan de Negocio
 
354 b0d01
354 b0d01354 b0d01
354 b0d01
 
Rescatemos los valores
Rescatemos los valoresRescatemos los valores
Rescatemos los valores
 

Similar to 232 a7d01

[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
Srijan Technologies
 
Continuing Education Conferance
Continuing Education ConferanceContinuing Education Conferance
Continuing Education Conferance
Tommy Riggins
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Hamisi Kibonde
 

Similar to 232 a7d01 (20)

Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made Easy
 
[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
[Srijan Wednesday Webinars] 11 Things You Don't Know About Cloud
 
Why SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPsWhy SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPs
 
Continuing Education Conferance
Continuing Education ConferanceContinuing Education Conferance
Continuing Education Conferance
 
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Information security and protecting your business
Information security and protecting your businessInformation security and protecting your business
Information security and protecting your business
 
Cyber Security Magazine
Cyber Security MagazineCyber Security Magazine
Cyber Security Magazine
 
Common IT Mistakes
Common IT MistakesCommon IT Mistakes
Common IT Mistakes
 
Security Surveillance 2010_Final
Security Surveillance 2010_FinalSecurity Surveillance 2010_Final
Security Surveillance 2010_Final
 
Symantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to MaturitySymantec Data Loss Prevention- From Adoption to Maturity
Symantec Data Loss Prevention- From Adoption to Maturity
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
trellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdftrellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdf
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the Society
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloud
 
Institute for the entrepreneur v1r3
Institute for the entrepreneur v1r3Institute for the entrepreneur v1r3
Institute for the entrepreneur v1r3
 

More from SMK PRASASTI KARANG BERAHI JAMBI

More from SMK PRASASTI KARANG BERAHI JAMBI (20)

72 d86d01
72 d86d0172 d86d01
72 d86d01
 
9 a004d01
9 a004d019 a004d01
9 a004d01
 
8 d946d01
8 d946d018 d946d01
8 d946d01
 
6 e354d01
6 e354d016 e354d01
6 e354d01
 
6 cd4ad01
6 cd4ad016 cd4ad01
6 cd4ad01
 
5 a3a2d01
5 a3a2d015 a3a2d01
5 a3a2d01
 
4 f6a5d01
4 f6a5d014 f6a5d01
4 f6a5d01
 
1 d715d01
1 d715d011 d715d01
1 d715d01
 
1 b1d8d01
1 b1d8d011 b1d8d01
1 b1d8d01
 
26463d01
26463d0126463d01
26463d01
 
97309d01
97309d0197309d01
97309d01
 
50414d01
50414d0150414d01
50414d01
 
913
913913
913
 
754 c2d01
754 c2d01754 c2d01
754 c2d01
 
677 b bd01
677 b bd01677 b bd01
677 b bd01
 
457 a4d01
457 a4d01457 a4d01
457 a4d01
 
214 e6d01
214 e6d01214 e6d01
214 e6d01
 
86 c40d01
86 c40d0186 c40d01
86 c40d01
 
21 ike revita
21 ike revita21 ike revita
21 ike revita
 
10.1.1.130.4886
10.1.1.130.488610.1.1.130.4886
10.1.1.130.4886
 

232 a7d01

  • 1. College of virtualization: Lessons in integrating data protection software Sponsored by Dell VMware Speaker: Tom Nolle, President, CIMI Corporation Moderated by Kate Gerwig Karen Guglielmo: Hello, and welcome to a SearchStorage.com presentation, ‘College Of Virtualization - Lessons For Integrating Data Protection Software’. This presentation is being brought to you by Dell and VMware. For more information on Dell and VMware, you can click on their logo in the lower portion of your screen. My name is Karen Guglielmo, and I will be your moderator today. Joining me today is Laura DiDio, a Hi-Tech Analyst and Consultant, a professional writer and a former reporter. She is a principal at Information Technology Intelligence Corp., a company she founded. Before we begin the presentation, I would like to review a few housekeeping items with you. First, the slides in the presentation will be pushed to your screen automatically. If you have any questions throughout the presentation, you can type them in the ‘Ask A Question’ area located on the right-hand side of your screen and they will be addressed following the event. If you have any difficulty viewing or reading the slides, click on the ‘Enlarge Slide’ button located in the bottom portion of your screen, and finally, if you experience any technical difficulties with this presentation, click on the ‘Help’ button in the lower right corner of your screen. With that said, I am now going to turn things over to Laura DiDio to begin today’s presentation. Laura. Agenda •Overview: Data protection software •Getting Started: General Advice • Business & Technology Considerations •Deployment • Configurations & what to buy •Conclusions & Recommendations Copyright © 2009 ITIC All Rights Reserved
  • 2. Laura DiDio: Thanks, Karen, and welcome everyone. It is a pleasure to have you here with us. We are going to dive right in and get started because this is a hot topic and we have a ton of information and data to help you with. Okay, so our agenda, we are going to give you an overview of data protection software. We are going to give you some general advice, business and technology considerations and some, you know, deployment considerations, configurations, what to buy, what to do, and then we will give you our conclusions and recommendations and we will wrap up with Karen doing some Q and A. Overview: Data Protection • Effective, efficient Data Protection is a core, fundamental network component • SMBs using virtualization will face additional challenges in managing and protecting data • Data protection ties into DR Strategy • Virtualization generates lots of data • Organizations must be able restore and recover data quickly • Absence of data protection will compromise the entire network and potentially put your business at increased risk for litigation Copyright © 2009 ITIC All Rights Reserved Okay, so data protection. Okay, this is a no-brainer, as we see on the slide. Efficient, effective data protection is a core fundamental network component. Now, SMBs that use virtualization, and that is many of you, especially on the server side but in your head we are expecting a lot of you are also going to implement VDI, Virtual Desktop, virtualization and also application virtualization as time goes on. You are going to face specific additional challenges in managing and protecting your data and as we will see, your data protection strategy is going to tie into your disaster recovery strategy and also your virtualization strategy. One reason for that, virtualization generates a lot of data when you are actually looking at things. So, there is going to be in some ways more for you to manage at once. Clearly, organizations have to be able to restore and recover data quickly and they have to make sure it is protected. The absence of data protection, we don’t have to tell any of you, will compromise your entire network and especially because you are SMBs who are even more risk averse than your enterprise counterparts, a really bad hack could potentially put your business at increased risk for litigation or even put you out of business.
  • 3. Data Protection: Getting Started •Thoroughly review existing infrastructure & data protection • Start with a pristine network • Fix what’s broken • Regularly upgrade data protection equipment and software • Make a data protection/security plan, stick to it and enforce it!!! Copyright © 2009 ITIC All Rights Reserved Now, as we turn to the next slide, getting started with data protection, once again, you have to start at the beginning and that means you want a pristine network environment or as pristine as it can be. That means you have got to start by thoroughly reviewing your existing infrastructure, locating what are the weak points, are there any open doors, open ports, backdoors, what type of hardware do you have, server hardware, do you need ruggedized server hardware, how is your encryption. So do you have the latest upgrades? You need to fix what is broken or what is old and outmoded, and you should be regularly upgrading your data protection equipment and software. There was a famous German 19th century military strategist who said that military secrets are the most fleeting of all. In the 21st century computing environment, what I would say is security and data protection is one of the most fleeting of all, because as soon as you have one thing fixed there is a hack to exploit something. There are always new and improved ways to crack into and compromise the security and data protection of your network. So you have to stay on your toes with this and it is a question of months, not years. You need to make a data protection and security plan, stick to it and enforce it and by enforcing it that means with all of your users and you need to disseminate what your security and data protection plan is, what the rules are, and what the penalties are for violation.
  • 4. Have you determined the cost of one hour of downtime for critical or mission-critical processes? Copyright © 2009 ITIC All Rights Reserved Do you have defined benchmarks to measure component, system or infrastructure performance? Copyright © 2009 ITIC All Rights Reserved So, as we turn to the next slide, the next few slides we are going to show you are based on the realities of what is happening now. This is survey data from ITIC over the last six months. We asked folks, have you been able to determine the cost of one hour of downtime? Okay, now you will notice only one third of companies said yes. That is the bad thing. So you have 51% who say no, and 14% who are unsure. So guess what? The majority of people don’t know what damage can be brought. That is bad. You have to know what the consequences are and if you don’t know how much downtime costs, there is probably a lot of other things you don’t know either. When we look, we ask people, do you have defined benchmarks to measure performance? Now security, actually this is a better one, almost 40% said yes, but almost 50% said, you know, no. Again, bad number there. We asked people what happens when something goes down, what factors do you
  • 5. include in the cost? Once again, you can see productivity lost, but you look for all of these things and this is all tight security and data protection. If your security is compromised, if your data is unprotected, guess what? All of these things are going to happen. You are going to have dissatisfied customers, damage to your reputation. You are going to have regulatory exposure. You will lose, almost certainly lose revenue. There is going to be an upstream and downstream impact from, everyone from the C level executive to your endusers, to your business partners, to your suppliers, to your customers. So, there is also the risk of SLA penalties, risk of litigation, the cost for what happens for lost productivity for your employees, all sorts of things. If yes, which factors are included in calculation of downtime cost (select all that apply)? Copyright © 2009 ITIC All Rights Reserved Next slide, we asked people how many tier 2 outages, that is midlevel, 30 minutes to four hours has the firm experienced within the last 12 months? Now, this is always dicey because people talk about these things a little bit, you know, differently, but 44% said 1 to 3 outages. We also had 28%, nearly one, you know, one third said we did not have any. That is not necessarily a number I believe in, but 15%, as you could see, we got, said that they had 3 to 6 outages and then 5% said 5 to 10 outages. We had other people who were unsure and then only 3% owned up to having more than 10 tier 2 outages, but any outage is going to cost you money. Again, so...these numbers, a lot of people are just guesstimating or they are not owning up to it, but still, you can see that this is pretty prevalent. The tier 2 outage by the way is going to involve your network administrators, having to do remediation, getting involved, so it is going to be time, it is going to be productivity loss on the enduser side, it might mean your clients cannot get access to data, business suppliers, partners, etc.
  • 6. How many Tier 2 outages (30 min. to 4 hrs.) has your firm experienced within the last 12 months? Copyright © 2009 ITIC All Rights Reserved But it is not the worst thing that can happen, as you can see from the next slide. We asked what about the most severe tier 3 outages? That is four hours plus and you may or may not have data loss, but you probably have some data loss. We had two thirds of people said, no we have not had any, 66%, we have not had any tier 3 outages. Again, that is not necessarily a number I believe because a lot of people want to keep quiet about it. But as you can see, the remaining one third do have outages and this is going to be significant in terms of the business operation, the cost, the remediation, the potential damage to your reputation. So, the only good outage is not to have an outage. How many Tier 3 outages (4+ hrs. w/data loss) has your firm experienced within the last 12 months? Copyright © 2009 ITIC All Rights Reserved
  • 7. If your firm was unprepared to respond to the Tier 2 or Tier 3 incident, what changed afterward? Copyright © 2009 ITIC All Rights Reserved We also asked people to say, how prepared are you to address these outages when they occur and as you can see, 41% or 2 out of 5 businesses said they are prepared. Then 51%, the majority said, we are somewhat prepared. We have some plans in place but there was also some confusion. This is getting closer to the truth and then 5% basically said they were unprepared, caught off-guard and really had to scramble, and 3% said that they were totally caught off-guard and they were unable to respond in an effective timely manner. So, you could imagine if you were in that 8% category minority, how damaging that could be, especially since you folks are smaller businesses. It is going to really impact you more. So you don’t want to be in a position where you are reacting to data losses, network outages because you don’t have a data protection plan. Then we also asked, well okay, if you were in that, if you are unprepared or only somewhat prepared for data losses after one of these incidents, what changed? Now, 42%, again 2 out of 5 businesses that is, basically said they learned their lesson, but they are still working on being proactive. But 22% said nothing changed, it was business as usual. We had 10% who really became proactive and said we learned our lesson, we established service level agreements and we made a future response plan. And then you had a 2% minority that said, look we just played the blame game, pointed fingers and we have not done anything constructive. So, this is an object lesson here for those of you who are in our College of Virtualization, for what happens when you get out to the real world, you don’t want to be in those slices where you are being reactive rather than proactive and have not done anything constructive.
  • 8. How certain are you that the SLA commitments you expect from others align with the IT services expectations your clients have of you? Copyright © 2009 ITIC All Rights Reserved Another question we asked and this plays right into data protection, security, etc. We asked people do you require SLAs from your IT vendors, your hardware, your OS, your application, your storage, your network virtualization vendors because if you don’t, you should, and what we saw here is that only 17% absolutely say they do all of it. Now, you can see from these, the smaller globe here, the pie chart, it is a higher percentage, 56% from enterprises, with more than 3000 users, so clearly the SMBs are lagging behind here. And we see 23% said we are not requiring anything beyond standard warrantee. Again, you should require SLAs. It does not matter whether you have 10 people in your organization or 500. You should require service level agreements and basic minimum metrics and standards for performance from your vendors. Again that should be a staple of any data protection plan.
  • 9. How certain are you that the SLA commitments you expect from others align with the IT services expectations your clients have of you? Copyright © 2009 ITIC All Rights Reserved And this one here, this is scary. How certain are you that the SLA commitments you expect from others align with the IT services’ expectations your clients have of you? And again, only 2 out of 5 businesses were reasonably sure. You see that the largest slice of this pie, okay, by 58% is either uncertain, you know, or excuse me you only have 12% that are certain that they align. You have to make sure again data protection is 50% technology, but it is 50% policy and human due diligence and that is what these slides talk about here. So, you can get all of your best hardware from Dell, your best virtualization and security software from VMware, but it is not going to mean a thing if you are not putting policies and practices in place to protect your data. It would be akin to buy the most expensive security or alarm system for your home and then going out and leaving the windows open and the doors unlocked and not arming the security system. So, half of this is going to be up to you.
  • 10. Data Protection: Best Practices • Check for compliance • Virtualized environments contain more data – if there a 6 VMs on a single server you will see > 1 Tbytes of data if it fails • Virtualized data protection failures will take down multiple servers! • Ensure adequate bandwidth • Check carrier routes • Determine whether you’re protecting the data at the hypervisor or OS level • Ensure that you have the latest versions, patches • Standardize the environment as much as possible Copyright © 2009 ITIC All Rights Reserved So turning now to the data protection best practices, the first thing you have to do is take a look, are you in compliance? Okay, with all of your licensing agreement, are you in compliance with regulatory issues for security and that is going to have pretty big implications for those of you who are in the SMB space, you might be in a doctor’s office or a dentist’s office, what have you, where medical records are kept. You have got to protect that data, if it gets out, wow! You know what happens. It could just be business records. It does not have to be medical records. It could be anything but you need to protect and preserve your data. In a virtualized environment and many of you now, as the cost of virtualization and hardware has come down so much, you are virtualizing, you know, your server and increasingly your application environment. Virtualization is a great thing. You can consolidate space, you can consolidate application, cutdown on your manpower hours, utility costs, you name it, but you have to be aware that virtualized environment will contain more data. So, for example, if you have six virtual machines on a virtual server, on some level, as the network administrator, you will see six machines, however, if you connect...once you connect to the host server, what you are going to see is probably 1.5 terabytes of data. So, if that fails, if the virtualized environment fails, six servers are going to be taken down. So, data protection is crucial because now much more of your infrastructure is going to be contained under a single physical host server. So, you are going to have a single point of failure even though you might...your applications are in isolated containers. Okay, and if you have got locally attached storage, it is going to be another big single point of failure. If it is SAN attached storage, you will lose access to the data. So, from the business standpoint, the data would still be inaccessible. Okay, so you need a comprehensive, cost effective solution that will manage both your physical and virtual servers alike and that is one of the things that we are seeing with VMware’s, vSphere, the latest version vSphere 4.
  • 11. Conclusions & Recommendations •Data Protection is a MUST!!! •Business & technology planning are symbiotic • Formulate a data protection plan and adhere to it!!! •Keep Records – Organizations should document everything: costs, manpower, remediation efforts; fallout (e.g. lost business) from a disaster •Budget accordingly •Upgrade infrastructure as needed •Adhere to the three “Cs”: Communicate, Collaborate & Cooperate • Enforce SLAs! Copyright © 2009 ITIC All Rights Reserved Now, your virtualized data protection failures will take down multiple servers, again, so you don’t want that to happen. You want to be proactive not reactive. You have to ensure adequate bandwidth. Again, all the data in the world contained in these virtualized environments won’t be any good if you cannot transmit it if the pipes are too, you know, not adequate, they are too small. So check your bandwidth. You also want to check your carrier routes. Okay. Access in and out of the server, you might think that you have enough redundancy, but you want to make sure that the carriers are not subletting the same lease lines. So there has been many an instance where it is on the same line and that line, that one trunk line goes down and you are still out. The other thing you need to do is determine whether or not you are going to protect your data at the hypervisor or the OS level. Okay that has implications as well. You also want to ensure that you have the latest versions and patches updated. You need to standardize the environment as much as possible that will cutdown on the amount of time you are spending doing remediation work and it will cutdown on your management time as well. Standardized environment can really cut your time to recover from a data loss or a hack by about on average one third, but standardizing the environment helps because you are not running hither and yon and a lot of times we find that the data is compromised because you have not applied a patch or you have got different versions and the versions are not interoperating together and that can cause disruption to the operation, you know, to the network operation. As we turn to the next slide, finally the conclusions and recommendations. You know this, data protection is a must. Your business and technology planning are symbiotic. Again, cannot overstate this, 50% of your data protection strategy will depend on the technology. So you need good, strong underlying technology from your virtualization vendors like VMware, from your hardware vendors like Dell, but the onus is also on the C level executive, the IT department, and the endusers to strictly adhere to best practices. You have to formulate a data protection plan, you must adhere to it. I cannot tell you
  • 12. how many times I have been in consulting situations with some of the top Fortune 100 firms and they are four revs behind on their antivirus software. They have a data protection plan that is four years old, they have not looked at it, they have not set penalties or, you know, disseminated and distributed the computer data protection policy and rules. You have to have rules in place, you have to enforce them, your endusers have to know what they can and cannot do and what the penalties will be for infringing on the rules. You also need to keep very, very good records. You have to document everything. That means if you have had some data protection losses, how much did it cost? How much is it costing you to buy the software, do you have adequate data protection software and hardware in place, what is the costing to your manpower, what about the remediation efforts, what has been the consequence or fallout from lost business, if you have had a disaster or a hack? Budget accordingly. This is one area where you do not want to skip. You need to also keep the entire infrastructure upgraded as needed and once again you have to adhere to the three Cs, which is Communicate, Collaborate and Cooperate, both internally and externally that means with your hardware, software, virtualization providers. Ask them to help you out with best practices. Companies like VMware now have an incredible array of tools, documentations, white papers, that are available for free to assist you, so there is really, you know, no reason to be behind the eight ball even if your organization is on a very, very tight budget and once again, finally, you want to enforce those SLAs, service level agreements. You are paying for all this equipment, so you and your vendors should be in sync and agree upon SLA metrics that are most appropriate for your business and if it is not there, then you need to rethink that policy and perhaps move on to another vendor. So, with that, I will turn it over to Karen for the Q and A. Getting Started: General Advice •Know what’s on your network •Adhere to the Three “Cs”: Communicate, Collaborate & Cooperate •Perform a thorough inventory and assessment of your current environment •Identify & Replace outmoded hardware •Standardize the application environment •Check and upgrade storage, bandwidth as necessary •Security, security, security! •Review Licenses •Review SLAs •Construct Operational Level Agreements (OLAs) Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Great! Thank your Laura for your presentation. I would like to take this time to remind everyone again that you are participating in a SearchStorage.com presentation on ‘Lessons For Integrating Data Protection Software’. Today’s
  • 13. presentation is being brought to you by Dell and VMware. If you would like more information on Dell and VMware, you can click on their logo in the lower portion of your screen. And now, we are moving on to the moderator Q and A portion of today’s presentation. I am going to be asking Laura a couple of questions related to today’s topic. So, let us get started. First, let me ask you, how is using data protection software different in a virtual environment? Deployment Best Practices •Determine how you’re going to segment the virtualized & cloud infrastructure •Mix & Match: you can deploy Web servers and other classes of servers in the same physical host •Keep Production Applications separate for security purposes! •Adjust your network architecture/infrastructure to deal with virtualized & private cloud environments •Virtual infrastructure should have its own network • It should not share with Email/messagging •For the Virtualized/Private Cloud buy the most robust hardware configuration the budget will allow Copyright © 2009 ITIC All Rights Reserved Laura DiDio: Well, it is different because, as we noted, virtualization is wonderful for a lot of things, consolidation, for saving money, for saving time, but you have to really be on guard because all of your, you know, data, you are going to have multiple instances of application and data contained in a single physical server. So that can potentially be a single point of failure, if you have not put the proper data protection controls and configuration in place. So that is a scary thought. You know, you don’t want to take a direct hit. So you really need to make sure that you have the proper hardware, proper software and the proper data protection in that virtual environment.
  • 14. Deployment Best Practices, contd. •Public Clouds: Due Diligence is a must! •Determine what tier of service you need •Ask for References •Ask Questions: • What hardware do they use? • How many paths in and out of the cloud • What is the guaranteed response time • Where are the hosts physically located • What about security – physical and what are the country policies if the host provider is outside of the U.S.? • How are they segregating the services? SMBs will operate much differently than an Amazon.com type business Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Okay. So how is data protection linked to your disaster recovery strategy? Laura DiDio: They are inextricably linked. I mean it is a real symbiotic relationship. So, for example, if you have protected your data but you don’t have a disaster recovery plan in place and the worst happens, if you cannot recover from a disaster, then the best data protection in the world, your data will still be safe but you are not able to access it. So, the two have to go hand in hand, you have to protect the data to make sure it is not compromised and it is not lost in the event of a disaster and the in the wake of a disaster you have to make sure that you can recover quickly so you can get your users back up and running and able to access the data. So overall, it is, you know, its data protection, its disaster recovery, and it is business continuity. That is the Triumvirate that people have to live by.
  • 15. Conclusions & Recommendations •Make a Business Plan based on the technology needs •Construct a three-year technology plan •Purchase the most robust hardware your budget will allow •Make a security plan •Adhere to SLA and OLA agreement •Engage virtualization vendors & cloud providers •Make use of tools & documentation available from vendors like Dell, VMware and others •Make sure your cloud providers are meeting their SLA agreements with your organization Copyright © 2009 ITIC All Rights Reserved Karen Guglielmo: Okay, and finally, what would you say is the most common mistake that people make in respect to data protection? Laura DiDio: The most common mistake is the human error and that is they don’t have a policy in place, they have an...or they have got an old policy, they have not dusted it off. Things are really changing fast in security, data protection, managing the data, so you have to constantly be upgrading this policy and again, I understand the focus of many users, especially those people in the SMB space where you might have an IT department that might be anywhere from one or two people up to maybe 10 people rather than dozens or hundreds of IT managers. There is an incredible burden placed on these people and the emphasis oftentimes is on just keeping the network up and running on a daily basis, even if that means, you know, doing patch jobs here and there. But you have to make the time and spend the money on data protection and that means you have got to get that network protected to the extent it should be in 2010 and going forward because the hackers are not standing still, there are...you are always going to find errors in software that require a patch or some type of remediation or a fix. So you really want to stay on top of this and once again if you are an overburdened IT manager or if you are in our College of Virtualization right now and you are coming out and you are going to go to work for an SMB, get to know your vendors. The vendors have a lot of tools at their disposal. There are many free tools for self- assessment. There are many white papers out there and documentation with best practices and how to, so engage them, also ask them, what do I need? Is this the appropriate configuration for me in terms of my hardware, how should I be configuring my virtualization environment so that it is optimized for disaster recovery and data protection. Karen Guglielmo: Okay. I am sorry, go ahead. You are going to wrap up? Laura DiDio: No, so, I was just going to say, so that basically is the human element. It is equally as important as the technology if not more so.
  • 16. Karen Guglielmo: Okay, and that does conclude today’s presentation on, ‘College of Virtualization - Lessons For Integrating Data Protection Software’. If you would like to review today’s material at a later date, an archived version of this event will be made available in our SearchStorage.com webcast library. I would like to again thank Laura DiDio for taking time to be a part of today’s presentation, and I would also like to thank Dell and VMware for sponsoring this event. And as always, thank you for taking the time out to join us today. This is Karen Guglielmo, wishing you all a great day.