EBSI, when launched in late 2002, proved immensely popular with consumers, 450 of whom volunteered their support to the organization within a few days of its Web site unveiling. The encouraging grassroots response, which underscored the need for a sanity check on the proliferating set of alternatives for data protection, caught the attention of many vendors--and SNIA.
Apparently concerned about the popularity of a rival group and the threat of member vendor funds being spent on a non-SNIA endeavor, SNIA put the word out to its members not to join EBSI, stating that SNIA was about to launch SNIF (Storage Network Industry Forum) covering the same turf. Behind closed doors, EBSI founders were told they should let themselves be absorbed by SNIA or risk losing the investment they had made in EBSI. The founders chose to fold their activities into SNIA, where they were recast as the Data Protection Forum.
Little has been done since to vet and compare data-protection solutions appearing in the market. At the Fall Storage Networking World event in 2003, the forum chairman jokingly remarked that the group had met twice since being formed, and had spent most of their time debating the meaning of the word continuous in the phrase continuous data protection. Let's hope 2004 brings more progress.
Also obfuscating planning efforts is the lack of clarity in government regulations. After 9/11, a panel of regulatory agencies was convened to assess the adequacy of data protection within the financial community. The group stopped short, however, of mandating or recommending distance requirements for data mirroring. In the wake accounting scandals, corporate governance regulations have emerged that place data protection on the front burner but offer little guidance on how to provide protection in a compliant way. Health-care data privacy and portability laws, such as HIPAA (Health Insurance Portability and Accountability Act), as well as a growing number of Homeland Security laws and regulations, also have focused on data protection, but compliance systems and auditing standards remain moving targets.
In the final analysis, selecting the most appropriate strategy for data protection comes down to application requirements and budget, not much different from any other large IT investment. First and foremost, planners must understand applications and the business they support. They must define the characteristics that data inherits from the applications that produce it--in terms of criticality, priority of restoration, and requirements for access, retention and security.
This analysis helps determine which data must be copied, how frequently copies must be updated and which platforms should host the data in a recovery setting. Unfortunately, this is a laborious and time-consuming process; there are no automation shortcuts. However, a thorough analysis can narrow the range of options. If you aren't sure how to assess your application requirements, find a consultant to do it for you or teach you the basics.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
