Users Shatter Storage Myths

IRVINE, Calif. -- Data Protection Summit - Storage users have seen it all -- from getting sold on too much storage as necessary "overhead capacity" to niggling little "end-user fees" when individual license costs were supposed to be waived.

This week in Irvine, it was payback time.

IT managers gathered here at the Data Protection Summit debunked a trio of familiar storage myths.

Storage Myth #1: Data security is a boardroom priority

IT managers are having a tough time getting their bosses to take internal security seriously, said Keith Belyea, a member of the Los Angeles chapter of the itSMF user group. "It's hard to get that on the radar," he told Byte and Switch. "The biggest challenge that [our members] are facing is [internal] identity authentication."Many CFOs and CEOs are simply not concerned about the risk of an internal security breach, explained the exec. "Management is focused on the external hacks, which they have heard all about, but it is the internal hack which seldom gets publicized."

At least one analyst agreed that internal security is often neglected by firms. Mark Beadles, chief architect of analyst firm Sophos, painted a frightening picture of corporate networks during a presentation today. "It's amazing to find out how many enterprises do not know who is using their internal LAN," he said.

The analyst related the story of an unnamed U.S. firm he worked with, which ran into problems after outsourcing its helpdesk to India. "The helpdesk was deploying servers onto the network and not consulting central IT about it –- there was no central control of a large portion of their network."

A number of vendors, including Cisco, Microsoft, and Juniper are touting Network Access Control (NAC) technologies, which enforce security policies across a range of devices, as a solution to this problem. (See Cisco Shores Up Security, Cisco Expands NAC Framework, Juniper Wins in Norway, and Cisco, Microsoft Unveil Plan.)

Despite plenty of hype over the last few years, Sophos's Beadles warned that these offerings are still no panacea for users' data security woes. "The drawback is that these three solutions are not really compatible," he said, adding that Microsoft's Network Access Protection (NAP) also requires users to upgrade to the Vista or Longhorn operating systems.Storage Myth #2: CDP is totally continuous

CDP, increasingly touted by vendors as a fast way to secure enterprise data, left at least one IT manager scratching his head this week. (See EMC Takes CDP Downmarket , Exanet Dips Toe in CDP Pool, and Crowded Data Pool.) "CDP has become increasingly well known, but less well defined," said the government tech chief, who asked not to be named.

The exec cited cost and vendor marketing hype as two of his biggest CDP turn-offs. "If 'continuous' means [transferring] data every 10 minutes, it's not continuous," he said, adding that there is a cost premium attached to what is known as "full" or "true" CDP. (See New Wave of CDP Rolls In.)

True CDP, which is offered by the likes of Mendocino, is real-time capture of each block- or file-level write operation, which lets customers go back to any point in time to recover information when data is lost due to a system crash or human error. Near-CDP offers less granular recovery, usually through frequent snapshots. (See Fine Granularities and CDP Report Card.)

Getting this level of functionality may put a major dent into corporate coffers, he warned. "Depending on the size of your company, it could be hundreds of thousands of dollars to experiment."Storage Myth #3: ILM is a mature solution

For another exec attending this week's conference, ILM remains a major source of confusion. "When you start talking about ILM, I look on that as marketing," said Eliot Kaagan, senior systems engineer at 24 Hour Fitness, which owns 400 fitness clubs across the U.S.

Despite plenty of hype from vendors like EMC, IBM, and HP, Kaagan told Byte and Switch that he is largely unmoved by current offerings on the market. (See EMC Earnings Credit ILM Uptick, IBM’s ILM 30th Anniversary, and HP Uses Softech Archive in ILM.) "A lot of companies have point solutions, and the big companies don't always have the best solution in any one space," he said.

The challenge, according to Kaagan, is that true ILM is more about business process than technology. Firms, he explained, have to set values for their data before they can classify and share it across archives and different tiers of storage. "These decisions can only come from the business," he said, warning that it is unrealistic to think that an ILM solution could solve all these issues.

— James Rogers, Senior Editor Byte and Switch