The Winner’s Problem – Technical Legacies and Legacy Technology

Part 3 in a series of posts about Data Protection as a Service… (Also posted on Cobalt Iron’s blog)

Mike Matchett, Small World Big Data

When a business is deemed successful it’s often because of great people doing awesome things with the latest technologies. Yet there is always a built-in problem for long-time winners that follows their success over time – inevitable age that causes obsolescence of both people and machinery alike.

The aging process leads to a need for ongoing retirement and refresh, even in companies that have in the past deployed prize-winning formulas. Unfortunately, winning arrangements by definition have survived, and through momentum often live well past their prime.

When it comes to data protection, what worked very well in the past to help the long surviving IT and the well-established business protect their mission-critical data most likely no longer works quite as well as it did in its prime. In fact, given the pace of change in data, applications, architectures, and even the skills and expectations in the available workforce, most organizations are working feverishly just to keep their business applications competitive. Quite often long-running back-office disciplines like data protection have to limp along as best they can, maybe adding band-aids and patches where it visibly hurts but not actually refreshing the whole solution to keep it truly current.

At least until something finally breaks in a big way – perhaps a ransom-ware attack, a rogue ex-employee, a 1000-year flood, or even full-blown compliance audit. By then of course it’s too late to be protected and prepared. The consequences can be fatal – winners can become losers overnight.

Good Legacies Can Beget Bad Ones

I see the legacy data protection challenge arising in three primary areas:

  1. Protecting legacy technology – Nothing that works well goes away fast. (Long live mainframes!) Even if users, usage, requirements, and expectations have grown and changed significantly over the years, the underlying IT methods, interface protocols, and performance capabilities of many long-successful applications and infrastructure may still be the same as the day they were first deployed – and today in 2018 that could be multiple decades past.Newer data protection architectures might require quite significant backwards integration to protect legacy technologies appropriately. And sometimes protecting both hardware and software built and deployed generations ago can still require legacy data protection technologies, doubling down on the legacy challenge.
  2. Technical legacies aging out – People grow old, especially experts it seems! Sometimes they leave even before they retire. Regardless, people inevitably grow old and age out of the workforce. And when they leave, there often aren’t equivalent knowledge replacements readily available. Old-timers just know things, particularly about legacy technologies, that no one newly available to the market will have any exposure or experience with.The learning curve for someone new to pick up legacy technology expertise may not only be steep, it may be too slippery to climb at all depending on just how legacy the technology really is. Lack of current documentation, relevant training classes, original equipment vendors, and of course senior staff mentors can all hinder effective knowledge replacement.
  3. Backup product stagnation – Many backup products have failed to evolve and keep pace with the current state of IT solutions. A partial laundry list would include virtualized servers, hyperconverged infrastructure, hybrid cloud applications, public cloud data pipelines, web applications, multi-cloud deployments, n-way replications, and globalized 7×24 operations. Let’s not even talk yet about protecting big data clusters, distributed containerized applications, temporal software defined storage, or IoT edge devices.In addition, expectations for data availability have changed significantly too – with end users more and more expecting “Apple Time Machine” like functionality in every IT application, instant RTO and seconds-level RPO from any mobile device anywhere in the world.

Even if implemented backup solutions have somewhat evolved, the necessary patches, upgrades, and migrations are likely well outside the ability of many organizations to even consider rolling out. I’m sure top of mind for many is that if a complex, legacy solution is even partly working, it’s probably best not to mess with it at all or risk blowing it up completely.

Not Just Surviving, But Thriving

So what’s the best approach to dealing with age and obsolescence? Fundamentally it’s not fighting to retain aging staff on contract into their geriatric years, or ignore the increasing wrinkles and weakening bones of your data protection program.

Rather it’s looking for a trusted service provider that specializes in data protection for enterprises like yours (like most, really). One that can afford to develop and maintain legacy technology expertise because they leverage it across multiple clients, that has current experience with most legacy hardware and software IT solutions, and that can not only maintain, but integrate, optimize and proactively operate modern data protection solutions for you on your behalf.

If you have age-related issues with your data protection, and want to keep on as a winning corporation, you might want to ask an expert data protection company like Cobalt Iron to come in and show what they can do to help keep you eternally young.


Can You Really Afford Reliable Data Protection?

Part 2 in a series of posts about Data Protection as a Service… (Also posted on Cobalt Iron’s blog)

Mike Matchett, Small World Big Data

In IT there are well-known (and never 100% avoidable) risks that justify rock solid data protection – component failures, operator mistakes, application bugs, network outages and the like. Yet the business insurance plans we deploy in the form of data protection solutions are often incomplete, misaligned, offer poor capabilities (for management, assurance, recovery…), and sometimes can’t be trusted to work when needed.

Businesses tend to push back most on the costs of data protection when they aren’t actually getting the protection they deserve (at any cost). First, IT needs to step up and solidify, actually verify, validate, and otherwise engender trust with the business that they’ve implemented the best (in terms of aligned, functioning, reliable, correct) protection solutions for the business.

But a big second here is that “best” also means lowest cost. If budget were unlimited, IT could way overspend on “everything” and solve all the problems in the world. But realistically, IT needs to deliver rock-solid data protection coverage in the most cost-efficient manner.

A fair question to ask right now is if it’s even possible to deliver a cost-effective data protection solution, given all the complexities enterprises can face (many of which were introduced in the last blog post on data protection complexity). We’ve seen that there are solutions that can get us there technically, but do they help corral cost? If not, we might find ourselves back at square one.

Show Me the Money!

Let’s look at two big ways that newer data protection solutions, those that meet our needs to handle enterprise scale and complexity, significantly lower total data protection costs (disregarding for the moment that new intelligent solutions also provide vastly superior coverage, reliability, and services than aging piece-part manual approaches).

The first big cost-cut comes from eliminating wasted and obsolete spending outright. As a practicing analyst and long-time field consultant, I’d easily bet that anyone still running a toolbox full of “yesterday’s” data protection solutions has significant backup license misalignment. There will be unused or unneeded backup solution licenses lost or floating around even while key data is not being protected. According to Cobalt Iron, they’ve found that simply recovering stray licenses in some cases has provided a 20% cost reduction.

Then by establishing cohesive backup management and centralized, automated control, whole aging suites of newly obsoleted software and hardware can be swept out the door. Some common legacy protection software, often purchased for narrow and now obsolete requirements, can be quite pricey even as their relevance and functionality have faded.

The first big cost-cut comes from eliminating wasted and obsolete spending… The second big cost control come from right-sizing…

The second big cost control comes from right-sizing the actually required solution. This aligns the data needs with software licensing, hardware, and/or cloud storage costs over time. Automation and elastic cloud services play a large role in this dynamic balancing act, but when implemented correctly it results in accurate, always minimized data protection costs in the face of ongoing business, application, user and technology changes.

Three other immediate cost recovery areas that come with intelligent, automated, service-based solutions are also well worth mentioning here –

  1. Patching and upgrades can be automated, minimizing the costs of both scheduled downtime and avoidable outages (due to operator errors)
  2. Operational time is freed up for staff that otherwise had to maintain currency in various aging technologies, manually oversee deployment and patching, directly tracking and attempting to manage widespread processing, and more.
  3. Cloud advantages in elasticity and dynamic provisioning can help optimize spending, but only when actively managed. Unmanaged cloud adoption is always going to become expensive as costs add up over time.

This is really just the start of a full TCO reduction analysis that might also include quantifying data risks, business outages, staff shortfalls, and even new application provisioning agility (i.e. on-demand data protection services).

The bottom line on the costs of data protection? It’s not a question of if you can afford it, rather it’s a question of what’s at stake when you don’t have “business complete” data protection. Knowing that there are now new solutions that can assure end-to-end coverage AND reduce total costs means that you should be moving to modernized data protection today!

Protecting All Data in a Complex World

   …(Also posted on Cobalt Iron’s blog)

Are you actually protecting all your important data today? Not “almost,” “just about”, or “we have plans,” but all of it?

And I don’t mean just your most mission-critical data sets, but any and all of your data – critical/operational, analytical, and even archival that could be important to anyone (or any process) in your organization. The sad truth is that very few enterprise IT shops are able to claim they provide adequate protection for all their important data, much less provide rock-solid business-enhancing protection services even on just their mission-critical data.

Why? First, IT seems to grow more complex every day. Our high-tech IT architecture keeps evolving – stack convergence, hybrid cloud operations, multi-cloud brokering, distributed and mobile users, edge computing, and more.

Second, data growth is not quite totally out of control, but that’s only because we can only keep what we can actually store. With the Internet of Things streaming more data every day, Machine Learning algorithms feeding on longer tails of detailed history, and demanding users expecting ever more active archives, both the available data and the demand for more of that data is increasing non-linearly quarter-by-quarter.

And third, businesses change. Mergers and acquisitions add new layers of data center complexity. Corporations upsize, downsize, globalize, reorganize and even evolve new ways to conduct business.

It’s no wonder that we’ve outgrown the older generation of increasingly fragile data protection solutions. You might pretend that keeping up is just a matter of buying more backup licenses, hiring more IT people, and finally getting that extra budget increase this year (unlike every past year). But the truth is that what we are doing today isn’t working and isn’t going to work ever again.

It used to be simple to have an admin just backup the main file system once a week to some deep storage repository and be done with it. Then we added virtualization, deduplicating target storage, incremental backups, and remote cloud repositories. Swizzle in a growing morass of compliance and regulatory requirements and yesterday’s solutions become overwhelmingly difficult to maintain, much less serve to protect all those new applications that harness big data, leverage cloud processing, and deliver end user experiences to mobile devices. (Note – Change is hard! I can still call on an old muscle memory to type “tar –cvf backup|gzip >>/dev/tape” without thinking.)

In fact, we’ve outgrown many generations of data protection solutions and yet sometimes expect many of them to work reliably forever. How many different types of protection software do you have deployed? How many different skill sets does that require? Can you upgrade and patch all those older solutions in a timely manner? And I’d still bet you have major gaps in protection coverage, have blown out backup windows, and are unsure that a timely restore for some systems is actually possible.
Yet a New Hope

But there is always hope. While many of the changes listed above make assuring protection more complex, there are new approaches that can also help make things simple again. We know how we got here, but how do we get out of this morass?

Fundamentally we have to recognize and accept that all applications (and thus most if not all data) are becoming critical to the business. People depend on data and applications today for almost every aspect of their jobs. If there are still manual process fallbacks, no one quite remembers. Those kinds of business continuity plans are simply no longer realistic. We have built the basis of our brave new high-tech world on increasing task automation and the enhancement of human capabilities through intelligent applications. All of that data deserves protection.

The rise of pervasive, intelligent, and automated applications is not just a growing data protection problem for IT. Luckily, that trend also provides big clues for how to solve today’s data protection challenges.

There is great hope now available that combines automation, machine learning, and managed services. None of these things really offers a better mousetrap as it were, but when applied smartly together they can provide a very practical (and actually affordable) assurance that all those naughty mice actually get caught.

I can say this with some conviction because I was recently introduced to Cobalt Iron and their latest Adaptive Data Protection release (ADP 4.1 as of this writing). They have successfully encapsulated a massive amount of field experience into their data protection service, eliminating a tremendous amount of complexity and low-level skill requirement (what I might call technical trivia) on behalf of their clients. It’s all about advanced automation, applied intelligence, and leveraging computers to help people better manage all their data.

How do trends in primary storage affect secondary storage?

I caught up with Steve Pao at Igneous recently to chat again about the rise of secondary storage. Primary storage is great and all, but flash is everywhere – it’s old news.  In secondary storage, we are seeing a lot happening with scale and functionality and hybridization and built-in data protection services.

How do trends in primary storage affect secondary storage? (here with full transcript)

Why is the non-RDBMS popular?

Ok, this is a softball question for anyone inside the big data space.  However, it does come up as a real question when talking to business owners and application users.   This is a quick high-level description of NoSQL/NewSQL, why it’s different than SQL RDBMS, and where I think both of those markets are going.

Why is the non-#RDBMS becoming so popular? #NoSQL #database (with transcript)