Data Protection Blueprints

"When writing a data retention policy, you must determine how to: organize information so it can be searched and accessed later, and dispose of information that's no longer needed. A comprehensive data retention policy outlines the business reasons and legal requirements for retaining specific data and what to do with it when targeted for disposal. An organization should only retain data for as long as it's needed, whether that's six months or six years. Retaining data longer than necessary takes up unnecessary storage space and costs more than needed" (Source: TechTarget).


What is your DR Temperature?

Hierarchy of needs in Data Protection...

Backups vs. Archives...

  • Backup: Copy to another location in the event of data loss, damage, or corruption following an incident.

  • Archive: Long-term data retention of inactive data that an organization needs to keep for legal or compliance reasons.

Questions you should always ask yourself...

  1. Based on your SLAs, what are your desired data lifecycle (GFS Retention)?

    • First, identify AND document your business requirements.

    • Second, identify AND document your legal requirements.

    • Note that these are rarely, if EVER the same.

  2. How will you be safeguarding your backups?

  3. What is your plan for protecting your backups from Ransomware?

  4. Is your data encrypted?

What are five benefits of a data retention policy (click here)?

  1. Automated compliance.

  2. Reduced likelihood of compliance related fines.

  3. Reduced storage costs.

  4. Increased relevancy of existing data (data becomes less relevant as it ages).

  5. Reduced legal exposure (don't let your data be used against you!)

Sample Protection Blueprint 1 (click here)...

Based on your SLAs. what are your data lifecycles (GFS Retention)?

  • Daily retention points, for 10 days.

  • Weekly retention points, for 8 weeks.

  • Monthly retention points, for 8 months.

  • Yearly retention points, for 2 years.

  • SUMMARY: 38 Recovery Points required (NOTE: During operations there maybe more than 38 points on disk required to meet the retention)

How will you be safeguarding your backups?

NOTE: Be sure to leverage Veeam storage integration keeping in mind that SNAPSHOTS are NOT BACKUPS.

NOTE: Veeam Encryption Best Practices.

What is your plan for protecting your backups from Ransomware?

SUMMARY...
38 recovery points over a 2 year period. The first 21 days of backups are in both the "Performance Tier" (On-premise storage) and the "Capacity Tier" (Cloud Object Storage) where they are immutable. Backups are in long term archives (such as Amazon S3 Glacier) after 120 days. Note that it takes more time to recover from the "Capacity Tier" (Cloud Object Storage) than from the "Performance Tier" (On-premise storage).

Note: X TB of source data would consume 2X TB in the Performance Tier and 5X TB in the Capacity/Archive Tiers.

Sample Protection Blueprint 2 (click here)...


Based on your SLAs. what are your data lifecycles (GFS Retention)?

  • Daily retention points, for 10 days.

  • Weekly retention points, for 8 weeks.

  • Monthly retention points, for 8 months.

  • Yearly retention points, for 2 years.

  • SUMMARY: 38 Recovery Points required (NOTE: During operations there maybe more than 38 points on disk required to meet the retention)

How will you be safeguarding your backups?

NOTE: Be sure to leverage Veeam storage integration keeping in mind that SNAPSHOTS are NOT BACKUPS.

NOTE: Veeam Encryption Best Practices.

What is your plan for protecting your backups from Ransomware?

SUMMARY...
38 recovery points over a 2 year period. The first 35 days of backups are in the "Performance Tier" (On-premise storage) where they are immutable. Backups are in the "Capacity Tier" (Cloud Object Storage) after 35 days. Backups are in long term archives (such as Amazon S3 Glacier) after 120 days.

Note: X TB of source data would consume 2X TB in the Performance Tier and 4X TB in the Capacity/Archive Tiers.