The Definitive Guide to Protecting Enterprise Data

Your enterprise data is your most critical asset. If it's compromised, your business can be destroyed. Don't let that happen-leverage today's state-of-the-art strategies, best practices, and technologies and protect your critical information. In Data Protection and Information Lifecycle Management, leading industry consultant Tom Petrocelli presents a systematic, coherent approach to planning and implementing cost-effective data protection.

This book introduces Information Lifecycle Management (ILM), a powerful new strategy for managing enterprise information based on its value over time. The author explains emerging techniques for protecting storage systems and storage networks, and for integrating storage security into your overall security plan. He also presents new technical advances and opportunities to improve existing data-protection processes, including backup/restore, replication, and remote copy.

Coverage includes

• A complete, unique framework for considering and planning data protection

• Understanding storage technology from the standpoint of data protection

• Architecting more effective backup/restore solutions

• Using remote copy and replication to keep data synchronized and support immediate failover to hot sites

• Leveraging core computer security concepts and strategies to protect your most critical data

• Securing your entire storage infrastructure, not just servers

• Using policy-driven data protection and Data Lifecycle Management (DLM) to improve security and reduce cost

• Using ILM to identify your highest-value data and choose the right ways to protect it

Data Protection and Information Lifecycle Management is an indispensable resource for IT executives who must plan and implement strategies for data protection; administrators who must protect data on a day-to-day basis; and product managers, consultants, and marketers responsible for crafting superior data-security solutions.

Acknowledgments.

About the Author.

Preface.

    Who Is This Book For?

    How This Book Is Arranged.

    What You Will Take Away from This Book.

1. Introduction to Data Protection.

    What Does Data Protection Mean?

    A Model for Information, Data, and Storage.

    Why Is Data Protection Important to the Enterprise?

    Data Loss and Business Risk.

    Connectivity: The Risk Multiplier.

    Business Continuity: The Importance of Data Availability to Business Operations.

    The Changing Face of Data Protection.

    Key Points.

2. An Overview of Storage Technology.

    A Quick History of Data Storage.

    Storage I/O Basics.

    The I/O Stack.

    Direct Attach Storage.

    Network Attached Storage (NAS).

    Storage Area Networks.

    Extending SANs over MAN and WAN.

    Key Points.

3. Backup and Restore.

    The First Line of Defense.

    Designing Storage Systems for Backup and Recovery.

    Recovering from Disaster: Restoring Data.

    Things That Go Wrong with Restore Operations.

    Tape Backup.

    Disk-to-Disk Backup.

    Disk-to-Disk to Tape.

    Backup and Restore Practices.

    Application-Level Backup and Recovery.

    Case Study: Bingham McCutchen.

    Key Points.

4. Remote Copy and Replication: Moving Data to a Safe Location.

    How Remote Copy and Replication Are Different from Backup.

    Remote Copy.

    Design Considerations for Remote Copy.

    Replication.

    Case Study: PdMain.

    Key Points.

5. Basic Security Concepts.

    Least Privilege.

    Defense in Depth.

    Diversity of Defense.

    Encryption.

    Typical Attacks.

    Key Points.

6. Storage System Security.

    The Role of Storage Security in Enterprise Data Protection.

    DAS Security.

    SAN Security.

    Internal and External Vectors.

    Risk.

    Security Practices for Storage.

    Secure Fibre Channel Protocols: FC-SP and FCAP.

    Case Study: Transend Services.

    Key Points.

7. Policy-Based Data Protection.

    Difficulties with Data Protection Strategies.

    Data Lifecycle Management (DLM).

    Key Points.

8. Information Lifecycle Management.

    Information Assurance and Data Protection.

    What Is Information Lifecycle Management?

    Unstructured and Structured Information.

    The Importance of Context.

    Determining and Managing Information Context.

    Location and the Information Perimeter.

    The Information Lifecycle.

    An ILM Schema.

    Matching Information Value to Protection Options.

    The Changing Value of Information.

    Regulatory Concerns.

    Protecting Information Using ILM Policies.

    Controlling Information Protection Costs.

    Automating ILM.

    Case Study: MidAmerica Bank.

    Key Points.

Appendix A: XML Schemas and Document Type Definitions for Policy Statements.

Appendix B: Resources.

    Books Worth Reading.

    Organizations and Conferences.

    Web Sites Worth Visiting.

    Government Documents and Resources.

Appendix C: Acronyms.

Glossary.

Bibliography.

Index.