One of the most significant challenges when two organizations merge is what to do with the data protection process. In all likelihood, before the merger, each organization had its data protection practices and policy. The overwhelming tendency is to do nothing. The do-nothing policy is both costly and dangerous, especially considering that most organizations’ pre-merger data protection plans are not adequate.
The Risks of Doing Nothing
The cost of doing nothing means that whatever data protection process was backing up an application or data set prior to the merger, continues to do so after the merger. Organizations often choose the “do nothing” path because it seems like the least impactful and during a merger, IT thinks it has other more important tasks to complete before working on data protection.
The problem with the do-nothing logic is that it first assumes that the current processes on both sides of the merger are adequately protecting data. Considering that the majority of current data protection plans are not achieving their required service level objectives, assuming that both former company’s data protection strategies are working up to expectations is a huge and risky assumption.
There is also the likelihood that each organization is running multiple data protection solutions to meet all their recovery requirements. The combined company’s IT team now must manage multiple data protection applications.
IT planners also need to consider that the organization’s landscape has changed. There are now, more than likely, more employees, more applications and more sites to protect. Additionally, some of these applications may move as the organizations begin to unify their IT infrastructure and operations.
Keeping the organization on the same platform may seem more comfortable and more popular, but it leaves the organization open to a genuine risk of data loss or lack of adherence to compliance requirements.
The Cost of Doing Nothing
Running two independent data protection processes also increases management complexity. Each application requires unique management interfaces and training. More than likely the combined organization won’t be able to consolidate data protection administration down to a single team, giving it no efficiencies of scale. Beyond the operational costs, there are also the costs of having to manage multiple support contracts and support relationships.
Merge and Refresh Data Protection
Instead of doing nothing, a merger is an ideal time to consider refreshing the data protection process. Legacy data protection software is typically designed to protect and consolidate protected copies of data to a primary data center. However, the new, combined organization now has multiple sites to protect as well as data in multiple clouds. The timing may be right for a new backup solution designed for the reality of a multiple location organization.
A new solution should still consolidate data, but instead of that consolidation, occurring at a primary data center it may make more sense for that consolidation to take place in the cloud so that protected copies of data are available to authorized users no matter from which site they are working.
A merger often breaks the current data protection processes in use by the organizations pre-merger. These solutions can’t account for the new multi-site, multi-cloud environment the merger will almost certainly bring. A merger is an ideal time for IT planners to rethink data protection and look for a solution that can handle dozens of sites and more than one cloud.
To learn more about protecting distributed organizations, watch our on demand webinar, “Overcoming the Five Distributed Data Protection Challenges”.