1. Understand that we are all liable to protect the organizations data
Not only is the individual IT employee liable but the managers and board members are also personally liable. The board of directors has a fiduciary responsibility to the stockholders to protect the company assets. Failure to establish and maintain a reasonable security program is a breach of the fiduciary duty.
2. Understand your data
All data is not created equal. It is important to understand the value of your data as it relates to the business. This is critical for determining the offsite data storage strategy.
- How long must you retain data?
- How secure does it need to be?
- What are the regulatory requirements?
- Does your off site data storage vendor provide the best environment for your media?
- How secure is your off site storage vendor?
- Is your off site storage vendor located in a flood plain, fault line, or any other area potentially affected by natural disasters
- Does your off site storage vendor store paper records which make them vulnerable to destruction of all records from fire.
3. Understand compliance needs
Highly regulated industries like healthcare or financial services and public companies have specific, more regulated, compliance and security needs. Does your offsite storage provider have the facility and staff to provide highly secure, compliant environment? Failing to maintain compliance may lead to huge penalties in the future.
4. Use a tiered storage approach
Tiered storage saves money. Use fastest storage for active data, like SSD, and use less expensive media, like tape, for archival, backup and disaster recovery. Ensure your systems can utilize different storage tiers so when application performance needs change, you don’t need to re-architect it.
5. A tested disaster recovery plan is very important
All of your backups are useless if you can’t recover the data. Do disaster recovery testing and audits periodically to ensure your data is recoverable.
6. Utilize the 3-2-1 rule
Maintain 3 copies of any important data, in 2 different formats, with 1 being offsite.
For more information about Tiered Storage, download the Understanding Tiered Storage White Paper.