Best Practices for Protecting Your IBM FileNet P8 Information



Similar documents
WHITE PAPER: BUSINESS BENEFITS

Archiving: Common Myths and Misconceptions

Do You Know Where Your Messages Are?

The Benefits of Continuous Data Protection (CDP) for IBM i and AIX Environments

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

A 15-Minute Guide to 15-MINUTE GUIDE

ESG Report. Data Protection Strategies for SMBs. By Heidi Biggar Storage Analyst, Data Protection Enterprise Strategy Group.

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

Recovering Microsoft Exchange Server Data

WHITE PAPER Achieving Continuous Data Protection with a Recycle Bin for File Servers. by Dan Sullivan. Think Faster. Visit us at Condusiv.

HOW TO SELECT A BACKUP SERVICE FOR CLOUD APPLICATION DATA JUNE 2012

Streamline Enterprise Records Management. Laserfiche Records Management Edition

savvisdirect White Papers

Recovering Microsoft Office SharePoint Server Data. Granular search and recovery means time and cost savings.

Information Retention and ediscovery Survey GLOBAL FINDINGS

The Microsoft Large Mailbox Vision

Best Practices for Using BMC Recovery Manager to Meet Data Retention Regulations

Addressing Archiving and Discovery with Microsoft Exchange Server 2010

Knowledge Capture Voice - Compliance Enabled Call Recording

The Challenges of Administering Active Directory

Anarchy In Your Inbox: A Guide To Management. A Whitepaper

WHITE PAPER Archiving: The Facts Behind The Myths

Why You Should Consider Cloud- Based Archiving. A whitepaper by The Radicati Group, Inc.

CA Message Manager. Benefits. Overview. CA Advantage

IBM Unstructured Data Identification and Management

Coping with the Data Explosion

COMPLIANCE BENEFITS OF SAP ARCHIVING

Virtual Infrastructure Security

Can CA Information Governance help us protect and manage our information throughout its life cycle and reduce our risk exposure?

Recovering Microsoft Office SharePoint Server Data

Our Business Continuity Solutions Ensure Long-Term Success

The IBM data governance blueprint: Leveraging best practices and proven technologies

MASSIVE NETWORKS Online Backup Compliance Guidelines Sarbanes-Oxley (SOX) SOX Requirements... 2

7Seven Things You Need to Know About Long-Term Document Storage and Compliance

WHY YOU SHOULD CONSIDER CLOUD BASED ARCHIVING.

The Disconnect Between Legal and IT Teams

Operational Risk Publication Date: May Operational Risk... 3

The Challenges of Administering Active Directory

THE BASIC BACKUP GUIDE TAPE BACKUP STRATEGIES FOR THE SMALL-TO-MEDIUM BUSINESS

WHITE PAPER ONTRACK POWERCONTROLS. Recovering Microsoft Exchange Server Data

2014 StorageCraft. All rights reserved. CASE STUDY: NUMA NETWORKS

Breakthrough Data Recovery for IBM AIX Environments

Using EMC SourceOne Management in IBM Lotus Notes/Domino Environments

Are Mailboxes Enough?

ELECTRONIC DISCOVERY & LITIGATION SUPPORT

Waiting to Upgrade: Understanding Archiving and ediscovery Limitations in Exchange by Michael Noel and Rick Wilson

IBM Sales and Distribution Group June Next-generation data protection for midsize companies.

Archiving Benefits

and the world is built on information

Buyer s Guide Checklist - What to Look For in Online Backup and Recovery Services

Enforce Governance, Risk, and Compliance Programs for Database Data

Top 10 Reasons for Using Disk-based Online Server Backup and Recovery

Archiving Whitepaper. Why Archiving is Essential (and Not the Same as Backup)

Data Management and Retention for Standards Consortia

End of Support Should Not End Your Business. Challenge of Legacy Systems

How To Test For Security On A Network Without Being Hacked

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

This white paper describes the three reasons why backup is a strategic element of your IT plan and why it is critical to your business that you plan

efolder White Paper: 3 Little-Known Risks Associated with Leading Cloud Services

5 Essential Benefits of Hybrid Cloud Backup

3 BENEFITS OF COMPLIANT ARCHIVING.

Financial Services Need More than Just Backup... But they don t need to spend more! axcient.com

Solving.PST Management Problems in Microsoft Exchange Environments

Management Trends, Troubles, and Solutions

Emptoris Contract Management Solution for Healthcare Providers

Archiving can prevent average business cost increases of

EMC DOCUMENTUM xplore 1.1 DISASTER RECOVERY USING EMC NETWORKER

Reduce your data storage footprint and tame the information explosion

Information Governance, Risk, Compliance

Taking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment

Whitepaper: archiving and storage management solution for compliance, retention management and electronic discovery

Information Governance 2.0 A DOCULABS WHITE PAPER

Lord Chancellor s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000

DEFINING THE RIGH DATA PROTECTION STRATEGY

Keeping watch over your best business interests.

Why cloud backup? Top 10 reasons

The Importance of a Data Backup and Disaster Recovery Plan

DISASTER RECOVERY PLANNING GUIDE

WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity

2014 StorageCraft. All rights reserved. CASE STUDY: ADVANCED BACKUP SOLUTIONS

South Colonie Central School District Server Virtualization and Disaster Recovery Plan

With a Data Backup Plan, Your Business is Safe. NCGIT.com

How To Restore From A Backup In Sharepoint

HIPAA Compliance and the Protection of Patient Health Information

Best Practices in Healthcare IT Disaster Recovery Planning

Powered by DATTO. Backup vs. Business Continuity: Using a Recovery Time Objective (RTO) to Better Plan for Your Business

SCHEDULE 25. Business Continuity

Resolving Active Directory Backup and Recovery Requirements with Quest Software

Muscle to Protect Your Grid July Sustainable and Cost-effective Muscle to Protect Your Grid

This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered business sensitive.

Whitepaper: Backup vs. Business Continuity

Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

RELIABLE BACKUP TO PROTECT YOUR DATA, YOUR BUSINESS, AND YOUR REPUTATION VERITAS MANAGED BACKUP SERVICES

Traditional Backup vs. Business Continuity

Realizing the ROI of Information Governance. Gregory P. Kosinski Director, Product Marketing EMC

IBM Information Archive for , Files and ediscovery

Moving to the Cloud? DIY VS. MANAGED HOSTING

WHY CLOUD BACKUP: TOP 10 REASONS

Manufacturers Need More Than Just Backup... But they don t need to spend more! axcient.com

Transcription:

Best Practices for Protecting Your IBM FileNet P8 Information

Introduction There are dozens of articles and white papers outlining the most critical steps organizations can take to minimize the risk of information loss from disasters. There are few, however, that address the most common threats to your ECM system information the partial information loss incidents caused by everyday occurrences such as programmatic and user errors, viruses, malfeasance, and corruption. Working from the assumption that you ve already put in place commonly accepted security and disaster recovery best practices, let s explore some additional policies and practices that you must put in place to ensure that the information assets you store in P8 have an adequate level of protection. Here are 10 best practices for P8 backup and recovery. 10 Best Practices 1. Think Granular Granular recoverability is critical in any ECM implementation. Disaster recovery procedures are not only overkill when it comes to retrieving one, several, or even hundreds of lost documents, they are dangerous bringing the entire repository offline and rolling it back to an earlier version exposes the entire repository to additional information loss. Don t put yourself in a situation where you must make a devil s choice between recovering one extremely important document and losing updates (and possibly information integrity) for dozens of other documents. Supplement your disaster recover plan with the ability to backup and restore at a granular level. 2. Maintain Your Integrity Ensuring that P8 information maintains its integrity during the backup process and can be restored to its original state during recovery is critical for meeting compliance and business demands. Taking the entire system offline and performing a cold full system backup is an ideal way to ensure that you can fully recover from disasters without compromising information integrity. However, in the case of partial information loss incidents where you need to recover granular information, you re not going to want to take the entire system offline. The only way to recover from these incidents while maintaining information integrity and avoiding application downtime is to enhance your existing repertoire of backup and recovery solutions with an ECM-specific information protection tool. The tool should capture and recover granular information while your ECM system stays online, and should validate the integrity of information during the backup process. Corrupt information should be rejected and flagged for an administrator so that corrective action may be taken. This ensures that only clean information is captured during the backup process and that all recovery requests will be successful. 3. Conduct a Regulatory Refresher Most companies these days are subject to at least several federal and industry-specific regulatory demands, many of which require data preservation and retention. SEC 17a-4, Sarbanes-Oxley, FDA CFR Part 11, and HIPAA are some of the more well-known initiatives but there are numerous others, Copyright 2009 CYA Technologies, an enchoice company. All rights reserved. 2

including the Federal Rules of Civil Procedure ediscovery Rules Amendment, which outlines a company's duty to preserve and produce electronically stored information (ESI) in the face of litigation. Non-compliance with these initiatives can result in hefty fines, negative brand exposure, and in extreme cases, business shutdowns. To avoid these consequences, make sure that you fully understand the regulatory requirements being placed on your company, and look to see what other companies in your industry are doing to address data retention and other compliance mandates. You will also want to ensure that you have an ECMspecific data protection solution that can preserve and recover granular information in its original state so that you don t have to take P8 offline and incur more loss just to restore one document or folder and its associated properties (metadata) such as audit trails. 4. Deploy Application-Aware Backup and Recovery Solutions Application-aware backup is the new catchphrase, but for good reason: it is extremely important to understand the specific requirements of each of your major enterprise applications. When it comes to P8, for example, traditional backup approaches have no awareness of the relationships that an object (e.g., a document) has to other objects in a business process (e.g., another document in a workflow). Therefore, if you re using your ECM system to route documents through an approval process and one of those documents is accidentally lost, even if you were to restore the document using a traditional recovery solution, you would not be able to restore it back to the specific state in the process it was at before the loss occurred. Your only option would be to route it back through approval process until it reached the stage it was at prior to the deletion if anyone can remember what stage that was and suffer the permanent loss of annotations and other properties (metadata), which cannot be recreated. This puts you at compliance risk since the approval process, which specifies who approved what when, is not the original, but a recreation. By deploying a granular, application-aware backup and recovery solution, you would be able to quickly restore just the affected information back to its original state, with the original metadata intact, avoiding disruptions to critical operations and facilitating compliance. 5. Ensure Continuous Application Availability While P8 availability isn t always held to the same five-nines standards as other applications, quality of service and uptime are still very important metrics for measuring IT and line-of-business performance, particularly in today s global environment where maintaining 24x7 availability is increasingly critical. When evaluating your ECM backup and recovery policies or plans, ask yourself (and your team) how much ECM downtime and data loss you can tolerate. While traditional backup and recovery solutions are ideal for recovering from disasters, if you need to recover from a partial information loss incident and do not have an ECM-aware recovery solution, you will most likely have to take P8 offline to restore the lost data and incur additional information loss or suffer the loss and its consequences. Keep in mind that when it comes to e-discovery and compliance requirements, the timeliness of producing information Copyright 2009 CYA Technologies, an enchoice company. All rights reserved. 3

is critical. 6. Perform Proactive Integrity Checks Because complex relationships between documents, sub-documents, workflows and all the other properties (metadata) surround ECM information, it is especially vulnerable to data corruption. Worse, it can often be difficult to detect this kind of partial information loss. Data corruption often goes undetected until someone unsuccessfully tries to access the data for a business need. It can also, however, rear its ugly head during repository migrations and upgrades, where it can halt migration scripts, causing delays and lost productivity. In order to ensure information integrity, with an ECM-specific solution that performs proactive integrity checks and alerts you to corruptions and other integrity issues. It s one thing to identify the problem, and another thing entirely to be able to fix it. Correcting corruptions requires extensive knowledge of ECM platforms and their underlying metadata schemas. In many cases, an ECM-specific granular recovery solution can help correct corrupted metadata by recovering it back to its original, uncorrupted state. However, it is also critical to conduct an in-depth analysis of information integrity on a regular basis, and develop and implement a plan with ECM system experts to rectify integrity issues that aren t so easily corrected. 7. Recover to Any Point in Time To ensure a full recovery from partial data loss incidents, you ll want to make sure that you have a granular recovery solution that performs hot (online) captures of your P8 information on a continuous, frequent basis ideally as often as every 15 minutes. This ensures that you can recover documents back to just about any point in time, and even recover documents that were created or modified as little as 15 minutes ago. And because the captures are hot, there s no need to worry about disrupting productivity. In addition, the captures should be incremental, meaning that they capture only the additions or changes that have been made to ECM information, which minimizes any impact on system performance. 8. Minimize Your Data Loss Window If you follow the earlier advice by capturing P8 data every 15 minutes, you will almost automatically reduce your data loss window by a significant margin the more frequent you can be in your backup while the system is online, the smaller your window, and the better you are able to meet ever-increasing recovery point objectives (RPOs) and recovery time objectives (RTOs). Solutions exist that provide cost-effective ways to reduce unplanned downtime, recover quickly from partial information loss, facilitate compliance and decrease the frequency with which the ECM system needs to brought down for backup and recovery. These solutions supplement traditional enterprise backup and recovery solutions and can be easily integrated into existing enterprise continuous data protection (CDP) schemes. Copyright 2009 CYA Technologies, an enchoice company. All rights reserved. 4

9. Implement Records Management Policies and Enforce Retention Policies. Organizations should implement and enforce stringent records management and retention policies to mitigate civil and financial risks from regulatory non-compliance. Regulatory non-compliance can result from inconsistent records management, accidental deletions, data corruption and essentially any other event not in accordance with business practices and regulatory guidelines. If these policies already exist in your organization, be sure to review them regularly to make sure they comply with new and changing regulations. Your P8 backup and recovery solution should be sensitive to your retention policies, consistently capturing, recovering and disposing of information based on retention policies. The solution should ensure that records are recoverable during the specified retention period, and that they are permanently expunged once the retention period has expired. 10. Minimize the Number of Chefs in the Kitchen. To ensure rapid recovery from partial information loss incidents while minimizing required recovery resources, the recovery process should be manageable by a single administrator. There should be no need to convene a data recovery committee meeting to identify the least impactful means of retrieving one, several, or even thousands of lost or corrupt documents. About CYA Technologies CYA Technologies, an enchoice company, provides the only end-to-end portfolio of solutions that optimize enterprise content management (ECM) application efficiency, facilitate compliance, and insure companies against the risks of ECM information loss. CYA solutions support ECM systems including EMC Documentum and IBM FileNet P8, and protect thousands of repositories at more than 275 global organizations including British Petroleum, DuPont, Gruenthal, McKinsey & Company, Schering-Plough, Standard & Poor's, and the U.S. Army. For more information about CYA, visit www.cya.com, or call +1.203.513.3111 ext. 501. CYA Technologies, an enchoice company 4 Research Drive Shelton, CT 06484 +1.203.513.3111 www.cya.com Copyright 2009 CYA Technologies, an enchoice company. All rights reserved. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information