There are no medals for Data Protection.
It used to be that data protection was all about cost. The easiest way to assign cost was to create an arbitrary system that offered a sliding scale of data protection depending on what internal departments were prepared to pay.
These Bronze, Silver and Gold medals quickly became the norm in most IT environments. Rarely would they be based on actual levels of service though.
Obviously the details of the SLAs might change but, essentially, offering a choice of these three tiers was a way of prioritising how quickly different parts of the business might want their data back following an incident.
But in the event of an outage, surely every department wants its data back swiftly? Unless budgets are very tight, everyone is going to opt for the Gold medal rather than the Bronze.
What has changed?
A fundamental shift in thinking has come about because we can now place value on data. Not just immediate value for day-to-day operations but long-term value as well.
As business analytics becomes integral to the way the company is run, data can be used to gain a competitive edge. This edge has a monetary value and so the company must take time to understand what it is.
If you know how valuable your data is then you can treat it accordingly, as though it is any other asset in the business that needs protecting. Just like insuring a fleet of vehicles, once you know what it is worth then you can take out insurance accordingly. It’s the same with data. By understanding the value – present or future – you can assign the right level of protection.
The role of the IT department
In the past, the IT department was fairly passive in this whole process. Marketing, Sales or Operations might ask for a Bronze, Silver or Gold SLA and IT would respond accordingly, acting as custodians of the data.
Now, however, the IT department has a crucial role to play in helping these other departments gain insight into the value of their data.
During industry investigations, the regulator will ask to see old files and data as we have seen in recent high profile cases in the energy and financial sectors. Without the right technology in place to retrieve this data, the regulators can impose significant fines.
What’s more, the details of these cases rarely stay behind closed doors. Negative financial impact is just one side of the coin. The other is damage to brand reputation, which can have longer-term ramifications – especially for smaller firms that are unable to bounce back.
The technology has been, and always will be, there to protect your company’s data and offer varying recovery speeds.
Whether it is short-term or long-term value, once you know what data is worth to the business, you can apportion the right data protection to it and manage your IT storage environment more effectively as a result.
So before you fall back into the trap of packaging up data protection in Bronze, Silver or Gold medals based on cost isn’t it worth considering value instead?