The Fundamentals of Data Management

While corporate information technology services have always been concerned about the resilience of systems, networks and storage equipment, the integrity and accuracy of data, and the practical matters of heat and power management, these issues have over the past couple of years found their way into the ‘front office’ – the corporate boardroom. Renamed business continuity, regulatory compliance and green IT, the reasons for sudden senior management interest may vary from company to company. However, all of these issues are fundamentally connected.

Certainly, a confluence of highly publicized natural and man-made disasters since 2000, including terrorist attacks, Hurricane Katrina, power outages and the many instances of accidental disclosures of private employee and customer data, have raised management awareness of the need for some sort of business continuity plan. Surveys suggest, however, that the commonsense rationale for building a continuity capability has consistently proven insufficient to cajole senior managers to invest in such planning efforts.

The statistics are frightening. Surveys consistently show that fewer than 50 percent of large firms have disaster recovery plans; of those that do, fewer than 50 percent actually test their plans, which is tantamount to having no plan at all.

The record of smaller firms on this score is considerably worse. In a survey conducted by Office Depot a few months ago, 71 percent of 2500 small business owners said that they had no disaster recovery plan, and 62 percent believed that they didn’t need one. Presumed cost, complexity and lack of resources are routinely cited to explain the planning gap in both large and small organizations.

But the real reason for such dismal statistics is simple. In the current economy, it is anathema to top executives to spend money on a capability that in the best of possible circumstances would never need to be used. There are no actuarial tables for disasters, and no way to know from one year to the next whether a hurricane will drive ashore in Tampa or New Orleans – despite 116 years of tracking data. More to the point, by itself, disaster recovery/business continuity planning lacks a full business value case – founded on cost-savings, risk reduction and process improvement – to justify its funding.

What has elevated business continuity planning to the status of ‘must have’ in a growing number of firms are new laws and regulations requiring that companies take action to protect their data. The mandate varies by industry and geography, but the overall impact of laws like HIPAA, Gramm Leach Bliley and SOX, as well as SEC rules and changes made to the Federal Rules of Evidence late last year, is that companies must exercise due diligence to protect their critical information assets.

On the heels of mandated data retention, deletion and protection are carrot and stick laws that will be forthcoming next year that incent companies to reduce their power consumption (carbon footprint) by ‘greening’ their data center operations.

In Europe and elsewhere, it can be argued that green IT closely aligns with eco-consciousness: a desire to reduce the consumption of electrical power that contributes to carbon gas emissions and, by extension, to climate change. In the USA, data center greening is less about an inconvenient truth, than about inconvenient access to – or rising expense of – energy supplies. Green IT translates directly to finding ways to reduce the growing demand for energy, both as a response to rising energy costs and because, in some regions of the country such as the Northeast Corridor, Northern California and parts of Texas, new energy supplies are difficult or impossible to obtain.

These three issues have come together to create a perfect storm, with vendors of technology products and services swarming to characterize their wares as resilient, compliant or green in order to add green to their own bottom lines. Truth be told, virtually none of what is being offered will deliver more than short-term tactical fixes to what is in fact a strategic problem. That problem is a lack of data management.

Randy Chalfant, a CTO with Sun Microsystems, provides a damning picture of the current situation. His analysis of thousands of storage assessments performed by Sun (and earlier by StorageTek) consultants reveals that only about 30 percent of any disk drive is actually well used – that is, hosting active data that belongs in an online storage medium. By contrast, 40 percent of disk-based data is seldom, if ever, re-referenced, making it well suited for migration to an archive storage repository (typically near on-line or off-line media such as tape or optical disc). The remainder is junk data that should be deleted or it is empty space that is reserved but not allocated by applications or by vendors of disk arrays.

From a cost perspective, this analysis is significant. Storage technology currently accounts for between 35 and 75 cents of every dollar spent on IT hardware, depending on the company. And, if Dell Computers is representative of most large companies, storage arrays are on their way to surpassing servers as the biggest power hogs in the data center. According to Dell’s CTO in a recent trade press interview, storage accounts for 37 percent of data center power consumption, and is on its way to surpassing server electrical demand, currently pegged at 40 percent.

Lack of data management is also associated with the cost of business continuity plans and compliance initiatives within companies. The storage vendor community largely talks around this point rather than addressing it squarely.

The tech industry is aware that the power costs resulting from ever enlarging data storage infrastructure is increasingly under the corporate microscope. However, their solutions to the problems of unmanaged data growth are tactical at best and self-serving for the most part.

Recommendations range from deploying virtualization technology, re-driving arrays with bigger disks or recentralizing corporate data into a ‘storage area network’, to using the latest de-duplication or compression tools like the tech equivalent of a kitchen trash compactor. None of these will make any difference in the long-term, because they do not address the core problem: unmanaged data. Collectively, these ‘solutions’ to coping with the growth of unmanaged data amount to re-arranging deck chairs on the Titanic. They merely delay the inevitable failure of companies, whether from natural and man-made disasters, law suits and regulatory actions, or rapidly accelerating utility expenses and unmet power needs.

Strategically, the solution to all three issues is simply stated: data management. Companies need to begin sorting through the massive storage ‘junk drawers’ that most have created over the past decade or so. They need to sort and classify their data, dispose of the considerable quantity of bits that have no business value, selectively archive the data that must be retained but that is not being used, and free up enormous capacity on the storage gear they already own, deferring the need to buy more.

Only through such a data management initiative can businesses identify which data assets are critical so they can expose them to affordable and sensible protection services, or place them into retention and deletion schemes that comply with regulations and laws, or constrain the rate at which new disk arrays must be deployed, driving down power costs and new electricity demand in the process. Green IT begins with green data.

At this moment in time, the front and back offices of the contemporary business organization are focused on the same three issues: continuity, compliance and green. This represents a unique opportunity to build a data management initiative that will sort through the storage junk drawer and place data into a policy-managed framework once and for all. It also raises the possibility of healing the rift that exists in too many companies between senior business managers and their internal information service providers – another plus.

A 25-year IT veteran, Jon William Toigo is CEO and Managing Principal of Toigo Partners International LLC, an independent consultancy and technical research and analysis firm focused on providing actionable guidance to IT decision-makers. He is also chairman of The Data Management Institute LLC, a professional development organization for those who design, plan, manage and administer storage infrastructure and data assets.