Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Storage Problem You Can't Ignore: Page 5 of 5

Bells And Whistles

Survey respondents moving toward outsourced storage named more than 30 vendors they're using or considering; we discuss them in more depth in our full InformationWeek Analytics report. Meantime, when considering storage services:

>> Drill into integration capabilities. No one wants a new silo--creating a unified environment and ensuring you have the ability to freely move data between off- and on-premises storage is the most critical feature.

>> Insist on real-time, on-demand access to data that enhances the business. This includes unified search.

>> Be realistic about regulatory requirements. Using FUD to avoid considering storage services is a good way to lose credibility. "Our biggest concern with public cloud storage is strict laws on retention polices," says one respondent. "A simple policy from the cloud vendor to use deduplication could break state laws regarding original file source." Now, we're not providing legal advice, but right now a government agency could ask any online service provider to give the names of all users who have a particular file, whether or not the provider employs deduplication. So check with your legal counsel before issuing blanket statements.

>> Still, your IT organization must master encryption and other security elements--no matter where you keep your data. The current standard is AES 256-bit encryption, but that will add a level of latency when data is unencrypted back within your network. As we've seen, "on premises" doesn't always equate to "strong security." Wherever sensitive data lives, make sure it's encrypted.

>> Ensure that retention and deletion policies will be carried over and enforced. Understand if a record or backup of data is kept when information is removed. Otherwise, e-discovery could land you in hot water.

>> Monitoring tools should clearly show usage and performance statistics and cost breakdowns, as well as provide a way to export these stats for reporting purposes. Monitoring systems should also provide visibility into SLAs. Since there's a lot to the management aspect (SLAs, usage, compliance, integrity reporting, integration), make sure that the interface is easy to use--during an outage isn't the time to find out that you can't get insight.

>> The importance of geographic redundancy was exposed by the recent Amazon data center outage. You must understand how a storage service provider will deal with major disruptions. Ensure you have a formal notification mechanism that kicks in if the provider changes its architecture, and negotiate the right to conduct regular reviews. The smaller your company, the less willing the vendor will be to accommodate such requests, but hold out for key considerations, including the location of your data, plans for backup and continuity of operations, speed to get your data, application access mechanisms, encryption at rest and in flight, physical and data security policies, and fees and triggers for adding more space and network bandwidth.

>> You never know which applications will need storage resources in the future, so put a variety of communications mechanisms in place. Vendors should support a variety of Web services APIs to enable a service-oriented architecture as well as transfer protocols such as SCP, SAMBA, and CIFS.

>> If you expect a lot of bursting, spell out the cost of quickly and seamlessly increasing the amount of data stored with the provider, along with any caps or advance notice required. And be sure that if you scale up, you can scale back down. Many vendors make adding capacity easy; removing it, another story.

Your Strategy

Eventually, we expect storage services will become just another tier, used for specific needs. How extensive that use will be depends on how well vendors reassure CIOs on security and availability. Another roadblock: We've yet to see a product that does a good job managing a hybrid, multivendor set of enterprise storage as a unified environment.

Still, we have to do something. It was only a few years ago that we started talking about terabytes. How long before we start thinking in terms of exabytes, zettabytes, and yottabytes? A few years? A few months? At one client, we saw 80% growth per year.

Unfortunately, instead of seeing legacy devices inherit cloud-like attributes, we see companies treating the cloud as just another silo. Seek to create a single pool of virtualized storage that leverages existing IT investments. Doing that might involve using private, public, and hybrid systems. Watchwords are reliability, scalability, multitenancy, and multitiering. Bake search, migration, and archiving in--and develop requirements before considering vendors.

Continue to the sidebar:
Mobile Device Backup--Still A Work In Progress

Continue to the sidebar:
Following Uncle Sam Into The Cloud