Corporate data protection poses same challenges as BYOD

These days, IT no longer has the same influence over what laptop, tablet or smartphone users choose. In the age of BYOD, IT must accommodate for the devices that users prefer. I call this phenomenon “the audacity of BYOD.”

Data protection is heading down a similar path. Today, the backup administrator is no longer the unilateral king or queen of corporate data protection in most IT environments.

With BYOD, here’s how things have played out:

  • Ten years ago, many organizations’ users would receive whichever device IT had determined to meet the corporate standard, unless the user had extenuating circumstances or was an executive.
  • Five years ago, many IT departments offered a “menu” of approved devices, and users had choice within a range of what IT was willing and/or able to support.
  • Today, many organizations allow or even require BYOD, and users bring in their own device(s). In this scenario, IT is chartered with delivering an infrastructure that supports any range of technologies that the users may bring.

Today, many users choose their work devices based on what they use at home, instead of the other way around. And that makes a lot of sense. If individuals are responsible for their own productivity, shouldn’t they be able to choose the device that best enables it?

IT often finds itself in a similar evolution in regard to corporate data protection:

  • Ten years ago, the backup administrator chose the corporate data protection tool(s) to be used across the organization, often without much input from other constituents within IT.
  • Five years ago, workload administrators (e.g., DBAs, virtualization admins and file/storage admins) began pushing back and requesting or demanding influence regarding which corporate data protection tool(s) were used across the organization.
  • Today, workload administrators feel fully empowered to select their own data protection tool(s) for their own workloads, with or without interaction or influence from backup administrators.

Again, the premise makes sense for many organizations because the workload or platform administrator is ultimately responsible for the productivity platform. So those admins should have input, if not the final say, on how the data within the platform is protected to ensure recoverability. But there are two new twists to what seem like parallel evolutions: compliance and operations.

Protect corporate data to corporate standards

Workload administrators can, but often don’t, protect their systems’ data to the same degree that a backup administrator might have.

For example, many database administrators (DBAs) and backup administrators might be very focused on robust and rapid recovery of data within a 60-day window because it’s the likely source for most recoveries tied to ensuring availability or BC/DR of those systems. However, those administrators are much less likely to ensure that data is retained for seven, 10 or perhaps 15 years for long-term regulatory compliance, as mandated by the broader organization.This gap may lead to doubling the protection, with DBAs and backup admins operating in parallel. Or, more likely, the long-term data may not be retained, putting the overall organization at risk.

IT operations help with data protection

One of the major reasons that workload administrators started exerting more influence over the corporate data protection tool(s) used within their environments was the lack of reliability or workload-centric functionality that many legacy tools offered.

However, that too has changed. Today, most modern backup tools can successfully back up virtual machines, for example. Similarly, many tools now have substantive integrations with Oracle, SQL and other database platforms to ensure a workload-specific and reliable protection and recovery experience. However, there is still quite a bit of differentiation related to restore agility.

Recent ESG research on the topic shows that although workload administrators have taken on a great deal of influence throughout the current corporate data protection lifecycle (from evaluation, implementation and ongoing operation), IT expects those workload admins to reduce that participation over the next two years.

However, we are not returning to the days of the all-powerful backup administrator. Instead, ESG finds IT operations folks, whose role includes everything from provisioning to configuration to monitoring and management, willincrease participation in data protection. The same rationale applies here as well: If they are responsible for every other aspect of a server’s lifespan, why not its protection and recovery? Now that the workload owners are satisfied that their workloads will be adequately protected and reliably restorable, it makes sense for the management to be centralized around the server as opposed to the application platform.

IT and backup admins must protect data together

It remains to be seen whether the shift toward increased IT operations responsibility will continue. But as long as people other than backup admins are performing backups, the backup admins (who understand the corporate requirements for data protection and retention) and the workload admins/IT ops staff (who are growing their data protection influence) will have to collaborate.

They need to ensure, together, that corporate data is protected to corporate standards and that the application, platform or server is durable for the benefit of the organization and its users.

 [Originally posted on TechTarget as a recurring columnist]

Leave a Reply