Assemble the right players for ILM

Seek input in setting policies for information life-cycle management.

Implementing the technology required for information life-cycle management is much easier than nailing down policy decisions about the value of data and where to store it. To make those calls, storage managers often need the help of department heads, compliance officers and the legal department.

Assess, classify, archive The processes and people required for ILM implementation.
Assessment: Determine what data resides on what storage assets and where data should reside based on such criteria as value or age.Storage administrators, IT
Socialization: Present data findings to others and explain storage asset utilization and costs involved.Department heads, legal counsel or compliance officers, business unit managers.
Classification: Determine how critical data is and how data is migrated over time. Classify by data type, organization, age and/or value.Compliance managers, legal counsel if for compliance; business unit managers if for data value.
Automation: Establish policies to automate data migration.Storage and messaging administrators.
Review: Review ILM policy as new applications are added to the network.Storage administrators and legal, compliance managers.
SOURCE: ENTERPRISE STRATEGY GROUP AND NETWORK WORLD

ILM involves moving data to a storage tier that's appropriate for the value of the data to the business. This process helps companies save money, optimize storage resources and comply with regulations.

"If you get involved with legal situations, the storage architect is not qualified to make decisions," says Randy Kerns, an independent storage analyst. "Other personnel are really accountable, so they must participate in ILM or archiving decisions. Others - such as legal or compliance officers and department managers - must be involved, and if the storage architect is smart, he'll put the requirement on them to keep him from getting into trouble," he says.

For example, initiatives to archive e-mail, files or database records should involve the IT personnel responsible for the applications that generate this data. If you're archiving for regulatory compliance, you may need to call on the compliance officer, chief security officer or legal counsel, while CEOs and other business unit heads may need to be involved in setting policies for migration and archiving.

Michael Passe, storage architect for Caregroup Beth Israel Deaconess Medical Center in Boston, is on the cusp of implementing an ILM strategy, a project he began two and a half years ago with the purchase of tiered storage systems.

Passe, whose organization falls under the dictates of the Health Insurance Portability and Accountability Act (HIPAA), has been looking at e-mail archiving for litigation support and storage management and at content-addressable storage for longer-term retention of research data, forms and patient records.

Passe worked with the medical center's storage management, Windows server and messaging IT teams to help assess the hardware requirements for archiving. He decided to use EMC Centera content-addressable storage for long-term data retention and Symantec's Enterprise Vault for archiving e-mails.

"Once we had cooked out the technology specifics, it then moved up to the IT management level and legal departmental level to make policy decisions based on our findings of the technical capabilities of the software and in our case, hardware," Passe says.

He adds that was among the hardest of the steps to implement. "We think we are in the homestretch and will probably go live in one to three months, assuming we can finish our policy decisions, which often are more difficult than the technological ones," he says.

When Passe finally implements ILM, to set policies in Enterprise Vault and Centera that automate data migration, he will rely on the decisions the IT management and legal departments make about when and for how long data will be archived.

Matt Pittman, director of enterprise systems at Penson Financial Services in Dallas, also relied on the help of others to define his ILM and archiving strategy. In his case, the government regulations were different and more clearly defined.

Penson's e-mails fall under the governance of the Securities and Exchange Commission (SEC), which requires that e-mails for financial traders be kept easily accessible for two years and retained for seven years.

Pittman has two Xiotech Magnitude storage arrays with a mix of Fibre Channel and Serial Advanced Technology Attachment (SATA) drives and Legato's emailXtender e-mail archiving and DiskXtender database archiving products for migrating the Exchange e-mail, user documents and SQL server database data.

"I met with managers to get their feelings about the data, but IT kind of had an idea and a preconceived notion about what we were going to do," Pittman says. "We thought let's identify our sweet spot - the time at which we would move data to the [SATA] drives."

To do this, Pittman used a statistics tool within Commvault's Data Migrator product. He benefited by moving data to SATA disks and backing up data to those disks, cutting his backup time in half.

He also created policies in emailXtender that automatically archive e-mails after a user's mailbox consumes 750M bytes of space. Some departments that have a greater need for data, such as new accounts, have asked for higher mailbox quotas, but for now, Pittman's arbitrarily imposed quotas work for the rest. As with Passe, an ILM strategy continues to work only if it is continually assessed.

"We are assessing right now whether our archiving policy and quota limits are too aggressive or not aggressive enough," Pittman says. "We are looking where we need to tweak the policies. The exceptions we've made to that rule are the people like vice presidents and the CEO who need bigger capacities."

Three years ago Gary Joppich, senior network administrator for NuUnion Credit Union in Lansing, Mich., started implementing a similar approach to archiving data. Joppich's job was made easier because his credit union follows SEC rules. "Our team involved just two people: myself and the organization's compliance and security officer," he says. "We knew things had to be kept for that legal length of time, seven years."

Like Passe, Mark Moroses faces complying with HIPAA regulations for his medical images and patient records. "A lot of our data is regulated either at the state or the federal level, so we involve the legal department right off the bat," says Moroses, senior director of technical services and security officer for Maimonides Medical Center in New York.

He relies on the legal department to set the bar for e-mail archiving. "Right now, legal says they want to keep everything for three years. We think they are going to want to reduce that." Moroses uses IBM's Enterprise Storage Server for storing his medical information and e-mail and Datacore's SANsymphony virtualization product for data migration.

All these users wouldn't have been able to archive this data or formulate an ILM policy by their own wits. Thanks to legal, department heads and other personnel, their jobs are now easier.

Learn more about this topic

EMC banking billions on information life-cycle management

04/24/06

Protecting data throughout its life cycle

03/20/06

Kazeon, others hope to help with classifying information

10/17/05

StorageTek expands ILM options

01/21/05

1 2 3 Page 1
Page 1 of 3
IT Salary Survey: The results are in