About 85% of the data most organizations store has not been accessed in 90 days and most of it hasn’t been accessed in years. The reality is data managers really don’t know what’s in that data or if it is important. Organizations are keeping it, “just in case.” There is a portion of this data set, however, the organization knows about and has specific reasons (regulatory or monetary) to retain it. This data can not be lost and must be available on-demand.
How To Preserve Data
An organization’s data set that needs to be retained has very specific requirements. First, there needs to be 100% confidence in knowing what data you have and the ability to recover it and when that recover request is complete, it is in the exact state that the organization expects it to be. Preserving state requires the NAS 2.0 system have the ability to scan and report on what data it is storing, when it was last used and is able to continuously check data integrity.
Insuring preserved state is different than data protection. Data protection, while critical, generally protects against media failure not against data degradation. The NAS 2.0 should allow the organization to, through policy, dictate the number of copies of data that the organization will maintain. Protection can also come via integration with a third party software vendor as we explain in this video.
A second requirement of data preservation is to make sure the preserved data is on different forms of storage. For example, if the NAS 2.0 solution supports traditional block storage, object storage, tape and cloud, the organization may decide it wants a copy of this data on all of the various types of storage. Or if the organization is only using cloud to preserve data, then the NAS 2.0 system, through policy, should be able to make sure a copy is in multiple regions of the cloud or even in two different cloud suppliers.
There will also be an increasing number of situations where organizations need to limit the number of copies of data and the geographic location of that data. The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament will, on May 25, 2018, impose specific regulations to where and how data can be stored, as well as placing the responsibility for data deletion on organizations.
NAS 2.0 can help organizations meet these new regulations by enabling them to set policy as to physical data location and retention times.
Finally, there should be an audit log for the preserved data. This log should track which users placed the data into a preserved state, who accesses the data over time and who deletes the data after the retention period is past. Essentially, the NAS 2.0 should document chain of custody for the organization, which is vital when the organization faces a compliance audit.
The Value of Integrated Preservation
Most data preservation efforts involve a separate software application and very often a separate hardware solution, which means another storage silo for IT administrators to manage. If preservation is integrated into the scale-out NAS then it will simplify the preservation process and it will save the organization money because it does not need to purchase special software and hardware.
Data preservation is a critical aspect of any data management strategy. The criticality of the process has increased. Now organizations are not only expected to retain this data for regulatory or monetary reasons, with policies like “the right to be forgotten” they are also expected to guarantee the deletion of data.
Creating standalone storage solutions to adhere to each one of these policies and monetary motivations will become unwieldy. If a solution like NAS 2.0 can integrate data preservation then the organization is in a better position whatever regulatory demands comes its way.
Sponsored by Quantum