Modern businesses are increasingly reliant on records stored electronically in computer systems, and the failure of these systems can cause serious problems. In law firms, computer-related data loss may result in serious harm to clients and resultant damage to the business interests of the firm.
This two part article:
- Addresses the nature of the data loss threat,
- Describes available data protection solutions,
- Identifies common pitfalls in utilizing these solutions,
- Provides general data protection recommendations.
The Data Loss Threat
Here is a dirty little secret that computer folks don’t like to talk about very much: all computer hardware will fail over time, often with resultant data loss. The primary area of vulnerability to data loss in computer systems today is the hard disk drive. Despite decades of improvement in disk drive manufacture, a significant fraction of all hard drives will fail prematurely (< 5 years), and all of them will eventually fail if they are used past their operational lifetime (5-10 years).
Unfortunately, there is no foolproof means of predicting disk drive failure in advance of the crash. Sometimes a faulty hard drive will produce intermittent errors that will give warning of pending failure, but there are many instances in which the drive will suddenly fail to boot or become electronically “dead.” The only truly reliable predictor of drive failure is that your drive will fail when you can least afford to have it do so.
Aside from the intrinsic vulnerability of the hard drive, there are many other computer malfunctions that can cause damage to data on a functioning hard drive. These malfunctions may take the form of processing abnormalities caused by power spikes and surges, defective system hardware, or malware attacks (viruses or spyware). These malfunctions can be sudden and dramatic, and often the damage is inflicted incrementally and is not immediately apparent. All of a sudden your document is toast, and you are forced to explain to an impatient client that “the dog (or the gremlin) ate your homework.”
Lastly, there is the unavoidable data integrity threat that arises from simple human error. Accidental – or intentional – improper deletion or alteration of computer data can cause as much harm to a business’s critical infomration as the worst hard drive crash. Again, this type of data damage may not be evident for some time. Identifying the culprit when the horse has left the barn is always an exercise in frustration.
Available Data Protection Solutions
Recognizing the need for reliable and affordable solutions to the data loss problem, the computer industry has worked hard to provide an array of data protection capabilities. These may be summarized as follows:
Redundant disk drive systems. RAID (Redundant Array of Inexpensive Disks) is a hardware scheme for utilizing multiple disk drives in a manner that makes them fault tolerant. There are several variants of RAID, but they all provide a significant measure of protection from the failure of a single disk drive. The disadvantages of RAID systems are their cost and their inability to protect against malware-induced or human error-related data damage. If your business plans to replace a server that holds critical data (and don’t they all?), consider specifying a RAID type disk storage system.
Local backup systems. A bewildering variety of backup systems are available for copying data from operational disk drives to local and/or “transportable” storage media. The simplest and cheapest systems utilize software that saves the protected data to other disk drives on the local computer or its network. More elaborate local backup systems use dedicated disk or tape storage hardware, or removable disk drives, to house the backup data. These systems vary considerably in their ability to back up all types of application data, and in their ease of use. The simplest of all local backup systems is the use of file copy commands to manually copy critical files and folders to fixed (local hard drives) or removable (flash drive) media. The disadvantages of local backup systems are mainly their exposure to catastrophic damage at the business site itself (e.g., fire, flood, or theft of computers).
Off-site Internet backup systems. Taking advantage of the increasing availability of high-speed Internet connections in homes and small businesses, a number of companies offer affordable Internet-based backup services. These services address customer concerns about data privacy by encrypting data. Encryption ensures that only the client of the backup service can read the data. Internet backup service vendors offer a variety of plans, typically priced according to the amount of storage consumed by the backed up data. Although the time required to perform an initial backup to an Internet-based site may be many hours or days, subsequent scheduled incremental backups are performed quickly. An important advantage of Internet backup is the ability to maintain a relatively long backup history. A disadvantage is the dependency on the availability of a “persistent’ Internet connection.
Uninterruptible power supplies (UPS). UPS hardware indirectly protects business data by shielding the computing hardware from destructive electric power dips, spikes, surges, and outages. Such power problems are a frequent cause of data loss, particularly in areas vulnerable to storm-related disruption of electrical service. The cost of these systems is directly related to the length of time that they can provide emergency power. Most UPS products include computer interfaces that will command an orderly shutdown of the connected computer(s) in the event of UPS battery exhaustion. UPS systems, particularly high-capacity units, are expensive, heavy, and bulky. Thus, they are sometimes omitted or under-utilized in office computing environments where minimizing costs is a priority.
In my next post I’ll take a look at some of the common pitfalls of all of these data protection solutions, and describe some steps you can take to minimize the risk of serious data loss.
Haig Hovaness is an experienced IT consultant who works in the New York office of Crosspointe Consulting Group. Haig earned an MBA in information systems and lists over two decades of experience in corporate IT work. He has published numerous articles on information technology and its effects on organizations and society.