1 G Best Practices for Storage Administrators: Staying Relevant in an Information-Centric Data Center Published: 13 March 2013 Analyst(s): Sheila Childs, Alan Dayley Success in an information-centric age means that storage teams must do more than manage capacity. IT leaders and storage administrators must step up to the challenge of working with the business to provide information about data, driving administrators from their comfort zone to expanded influence. Key Challenges Most organizations don't implement data content/information governance initiatives because they think it will be hard to understand the data. Many organizations still turn a blind eye to information governance issues, and rely instead on IT to keep adding storage capacity as a way to "manage" data growth, often past the budgeted limits. Storage administrators are unwilling to move out of their comfort zone of managing "bits and bytes and blocks" to becoming more aware of data content, value and risk. They'd rather be told what to do. Recommendations Storage teams must work with legal, compliance and the business to understand relevant regulatory compliance requirements and new business applications and data sources to know how they affect the storage infrastructure they manage, to keep being responsive. Storage administrators must step up and work with legal and compliance teams to fully understand the risk and security impacts of data, and must create policies to manage to the impacts. Storage teams should proactively create views into metadata and content, and work with all business units to create policies and plans for the data based on this information.
2 Storage administrators must gain a firm grasp of where all the organization's data resides, not just in the data center, but also on laptops, mobile devices and in the cloud. CIOs and IT leaders must support storage teams throughout proactive training on these best practices toward a positive IT culture change. Strategic Planning Assumptions By 2017, 50% of operations teams will have elevated their storage administrators to a leadership role to support information management initiatives, up from less than 5% today. By 2017, 50% of an organization's business data will reside outside the physical data center walls, up from less than 10% today. Introduction Organizations often manage multiple petabytes of data across a wide variety of applications. The advent of big data use cases is just one dynamic compounding the challenges of managing data growth, and organizations face massive volumes of information and new content types that require variable storage, security, protection and access methods. Storage and data administrators have typically relied on technology advances from their storage vendors to enable them to store more in smaller footprints. Administrators were called on to make sure capacity was available whenever users and applications required it, and faster, cheaper storage technologies with better management features enabled them to respond. To accomplish this, administrators worked behind the scenes on capacity-planning exercises and some architecture decisions, but generally went quietly about their business. But things are changing rapidly when it comes to data management. Consider: Petabytes of data mean that storage is consuming more IT budget, and because of rapid data growth, future budgets for storage and the resources to manage it cannot keep up. Storage has increasingly become the source of some application performance problems. Requests for data to be produced in response to legal and regulatory investigations continue to increase. Businesses need capacity to house the data for their analytical processes, to produce data and information that can be used for competitive advantage. Appropriately and inappropriately, data is flying out of data centers to file-sharing services, cloud providers and social media sites. As a result, storage administrators are more often relied on to provide capacity, and to produce data for audits and discovery, keep data available for data-intensive applications, capture content from social sites for compliance purposes and integrate the cloud into the environment. Given the broad set of touchpoints in organizations that these activities entail, storage teams can become Page 2 of 8 Gartner, Inc. G
3 more influential in the organization. Information is power, and as managers of the organization's data, storage teams can deliver that power. Storage organizations must work through these changes. CIOs and senior IT executives should push their storage teams hard in this direction, working with the business and effectively managing the changes. However, the changes will not happen overnight. What follows is a set of best practices that CIOs, IT leaders and their storage teams can adopt in order to improve their skills and be ready for this change. Analysis Be Incredibly Responsive to Legal and Compliance Officers When They Request Information Since the U.S. Federal Rules of Civil Procedure (FRCP) were amended in 2006, 1 corporate general counsels have increasingly focused on their organizations' ability to produce electronically stored information (ESI) in response to subpoenas or other requests for information; 2012 saw this focus extended internationally. Countless questions regarding processes for data storage, litigation holds, custodian notifications and management of data, defensible deletion policies and other activities related to e-discovery have kept legal teams busy and IT scrambling to respond. In reality, the bestrun e-discovery workflows include storage administrators as an integral part of the legal IT team. The legal department needs help understanding the various technologies and technical challenges and trade-offs in collecting, preserving and producing data, along with their associated costs across the myriad content types and locations that are part of any enterprise. Legal also needs a storage team that knows what data the organization has, where it's kept and how difficult it is to locate and possibly retrieve. Conversely, storage administrators must understand the ramifications of poorly managed data and the inability to produce what the legal team needs. This means storage administrators must become more knowledgeable about their data, and must be involved in information policy development, albeit led by the legal team. To go from good to great, storage administrators should: Work with legal and compliance teams to help create data retention policies. Ensure that data management processes map to those policies, and that they're documented and as close to fail-safe as possible. Build a process for immediate responses to requests for information. Include good, solid, documented processes for identifying, preserving and collecting ESI. Understand all ESI sources, including cloud-resident data (cloud storage, and file sync and filesharing services), and understand the nature and differentiating factors of data on all end-user devices, including desktops, laptops, smartphones, tablets and whatever comes next. Create an ESI inventory. Gartner, Inc. G Page 3 of 8
4 Work with legal to resolve the issues that arise when users request data that resides outside their home jurisdiction; cross-jurisdictional issues are becoming commonplace due to increasing cross-border businesses. Storage administrators must educate themselves by learning about the e-discovery and judicial decisions impacting IT. The Electronic Discovery Reference Model (EDRM) 2 is an excellent resource for storage administrators interested in e-discovery. Select the right storage strategy for data preservation, and understand the ramifications of storing data on tape, in an on-premises or a cloud archive, in a records management system, or in other locations as they relate to speed, technology trade-offs and e-discovery costs. Work with legal teams to understand which "routine, good faith" operations can be continued when there is the possibility of litigation, including things like moving data to an archive, deleting archived and original data, rotating backup tapes, etc. Take an Expanded Role in Information Governance, Business Efficiency and Cost Optimization Projects As organizations recognize that they must do a better job of managing information, CIOs and IT leaders must be involved in the improvement process. Storage teams also play a proactive and important role in understanding and controlling data. Until now, many storage administrators have been reactive to new storage needs. To redirect administrators toward this new perspective, begin by asking how the data can be stored, but also ask why it must be stored and for how long. Build retention requirements into the front end of application and capacity management projects, rather than wait for end-of-life decisions to be made. By working with other functional teams including business owners, developers, application owners, compliance officers, records managers and content experts storage teams can get a clear picture of the data's value and/or risk. Storage administrators can demonstrate their expanded value by contributing views of data access patterns, content maps, redundant data, data locations, etc., to other stakeholders to initiate data management planning across functions. This will keep requests for guidance on storage decisions from falling on deaf ears. To go from good to great, storage administrators should: Start by leveraging tools that can enable views into data that facilitate productive conversations with other functional areas in the organization and will ensure that the storage team has a seat at the table based on the value this information provides. Pick one or two information views in the beginning, such as access patterns for a subset of data, a picture of what data resides outside the data center or redundant copies of data throughout the organization. Use the information gathered about data location, age, how often it's accessed and so forth to support information governance, business efficiency and cost optimization projects with concrete total cost of ownership (TCO) and ROI models. Provide practical advice to cross-functional teams working on data management regarding specific technologies. Provide information related to cost, latency, storage security, application Page 4 of 8 Gartner, Inc. G
5 retirement options, data recovery options, search and indexing options, and other storagespecific aspects. Develop Plans to Manage and Retrieve Information From File-Sharing Services, Cloud Applications, Social Media and Endpoint Devices Gartner predicts that the Nexus of Forces (cloud, mobility, social and information) will shift power away from the enterprise to the individual, and that it will change the skill set IT needs to meet the new demands of these forces. While most data still resides within the four walls of the data center, this is rapidly changing. Changes in the ways employees collaborate and communicate, and more access to vastly greater amounts of information, enable businesses to dramatically improve agility in nearly every area, from product development to customer responsiveness. Gone are the days when a few crucial database applications, user file shares and systems comprised the enterprise's most valued data. In today's world, valuable information is just as likely to reside in external clouds, file sync and share services, and users' personal devices. Knowing where data resides, providing secure ways to store and share it, and being able to report on usage wherever the data may be will keep storage administrators relevant. To go from good to great, storage administrators must: Develop a strategy for file sync and file-sharing services as your first priority. User adoption of these services has outpaced IT's ability to provide a controlled, secure environment. Enterpriseclass file sync and share services are beginning to offer functionality that enables collaboration, while preserving control and minimizing risk. Storage organizations must understand where data resides, and must devise a plan to incorporate these services. Support efforts to enable cloud storage as a potentially cost-effective, agile platform. Storage administrators must analyze various approaches to storing data, comprehend the feasibility of different use cases, understand vendor offerings and their costs, and keep abreast of this rapidly evolving technology area. Get involved in capturing and archiving all content required for compliance. Storage administrators must understand which content from which social media applications (Facebook, Twitter and LinkedIn), Web pages and mobile content must be captured and stored, and must make decisions about whether to store the data on-premises or in the cloud. Put together a plan for retrieving relevant data from endpoint devices, including laptops, tablets and smartphones. Evaluate New Technologies That Can Provide Detailed Information About Your Organization's Data Understanding an organization's data is difficult, and most storage administrators believe there's no way to do this. IT relies on the business to help, and the business relies on IT to manage storage growth without adequate information. This frequently results in a stalemate in managing data, creating policies and instituting defensible data deletion. Gartner, Inc. G Page 5 of 8
6 New tools and new versions of older tools can facilitate an understanding of the organization's data. All provide insight into what data is, who owns it and how it's being used. To go from good to great, storage administrators should evaluate these types of tools: File analysis: These tools can provide reports and, optionally, take action based on metadata analysis. Copy data management: These products can perform a host of functions, including backup, archiving, replication and creation of test data using a minimal number of copies. File/identity governance: These products can provide information on who owns what data, where it's being utilized and where copies are being sent. Content migration: These products enable migration from one storage platform or repository to another using policy-based rules to determine which data should or should not be moved. Information classification: Today's solutions can analyze content (based on anything from simple keywords to sophisticated information inferences and learning algorithms), and can provide useful visualization that will facilitate storage decisions. Table 1 provides a representative sample of vendors providing functionality in certain categories. Table 1. Sample of Vendors of Data Functionality Category Description Sample Vendors Storage Management File/Identity Governance Copy Data Management Classification and Information Governance Content Migration Source: Gartner (March 2013) Generates metadata reports for file access, owners, redundant copies, etc., that can be used to make storage management decisions Generates reports for file access rights Provides information about and management for multiple copies of data Generates decision data based on metadata and/or content Migration of data from one location (or repository) to another Aptare, FileTek and Nuix Autonomy (an HP company), Symantec and Varonis Systems Actifio, CommVault and Proofpoint Content Analyst, EMC Kazeon, Index Engines, Nuix and ZyLAB AvePoint, Dell (Quest Software) and Metalogix Recommended Reading Some documents may not be available as part of your current Gartner subscription. Page 6 of 8 Gartner, Inc. G
7 "The Nexus of Forces Changes Everything: Gartner Symposium/ITxpo 2012 Keynote" "Toolkit: How to Create and Maintain an ESI Inventory" "MarketScope for Enterprise File Synchronization and Sharing" "Data Center Budgets Will Be Squeezed by Cost Pressures and the Need to Support New Projects in 2013" "Predicts 2013: Managing Infinite Data From Every Direction" Evidence 1 Growth in international e-discovery: The FRCP can apply outside the U.S., and issues related to regulatory compliance, record keeping and accounting are similar to those in the U.S. (see "Best Practices for Addressing the Catch-22 Between Common-Law Discovery and European Privacy Law"). Gartner estimates that the percentage of e-discovery software revenue in North America will decrease, from 82% in 2011 (18% in non-north American geographies) to 70% in North America in 2017, with the balance in the rest of the world. 2 The EDRM offers reference models for e-discovery and information governance, and its Information Governance Reference Model (IGRM) offers guidance to legal, IT, records management, line-of-business leaders and other business stakeholders. Gartner, Inc. G Page 7 of 8
8 GARTNER HEADQUARTERS Corporate Headquarters 56 Top Gallant Road Stamford, CT USA Regional Headquarters AUSTRALIA BRAZIL JAPAN UNITED KINGDOM For a complete list of worldwide locations, visit Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without Gartner s prior written permission. The information contained in this publication has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. This publication consists of the opinions of Gartner s research organization and should not be construed as statements of fact. The opinions expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner s Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see Guiding Principles on Independence and Objectivity on its website, ombudsman/omb_guide2.jsp. Page 8 of 8 Gartner, Inc. G