Business expectations for data protection have evolved more rapidly than IT can respond. Initially, CIOs sought to lower operational and capital cost and risk by covering the protection continuum (from availability to archive). Now, CIOs need protection to help accelerate the business and drive revenue.

How can data protection meet these expanding demands? Metadata. The future lies with those who gather and leverage all the available information.

Cost vs. Risk

A few years ago, the person who said, “It’s not about the backup; it’s about the recovery” was considered a king of insight (in the ‘one-eyed man in the land of the blind’ sense).

Today, customers recognize a continuum of recoveries:

• Disaster recovery: Re-create an application due to unrecoverable failure. Increasingly, customers prefer disaster avoidance with continuous availability.
• Corruption recovery: Rollback an application to a previous point in time, due to a logical corruption (bad database schema, etc.)
• Granular operational recovery: Extract a single object from a recent (90 days or less) point in time – (e.g., email, file) usually due to users’ ”oops”.
• Archival retrieval: Search and retrieve objects from a historical archive, usually due to compliance or legal need.

To meet these needs, customers deploy mirrors, snapshots, replicas, backups, and archives. The complexity creates a conflict between reducing operational cost and reducing risk.

Accelerating the Business

Business demands an agile, analytic-driven IT environment. Unfortunately, small data sprawl, geographically distributed applications and users, makes centralized analytics nearly impossible. There is another option, however. Data protection consolidates both data and metadata across the organization. It’s time for that data protection lake to evolve from insurance policy to business asset.

Over the past year, we’ve seen the following data protection extensions:

• Security: The line between “backup” and “security” blurs. Companies want protection from both accidental and malicious action, like “Has secure data leaked to unsecured servers?” or “Can we identify excessive data deletion because that may indicate an attack?” or “Can I put all information pertaining to this user and his contacts into a compliance/security case file?”
• Availability: The line between “availability” and “recovery” is also blurring. Teams prefer to deploy continuously available infrastructure for disaster avoidance rather than disaster recovery. Furthermore, they want to know – “Will moving this workload compromise the data protection/security?” or “Are the application users and data in different sites, compromising performance?”
• Cloud Compliance: Businesses will move some applications and infrastructure to the cloud. IT fears that the cloud solutions will not meet business and legal regulations, and that those shortcomings will be blamed on them. The data protection team needs to ensure that the application data in the cloud is protected, secure, and compliant – even when the business “forgets” to involve them.

Continue reading the post on our sister site Reflections and check out how we’re continuing to redefine possible with EMC ProtectPoint.