News
8/8/2008
05:17 PM
George Crump
George Crump
Commentary
50%
50%

SMB Archiving

Data retention and archiving aren't just for large enterprises. Small to medium-sized businesses need to be concerned about e-mail retention, data retention, and data archiving. I know the first response is, "We are not a public company, we don't have to worry about that." You might be right, but the need to retain and store e-mails and other forms of data goes well beyond being a public company. While I won't go into all the reasons why, here are some simple ones:

Data retention and archiving aren't just for large enterprises. Small to medium-sized businesses need to be concerned about e-mail retention, data retention, and data archiving. I know the first response is, "We are not a public company, we don't have to worry about that." You might be right, but the need to retain and store e-mails and other forms of data goes well beyond being a public company. While I won't go into all the reasons why, here are some simple ones:1. Has your business ever been sued? 95% of all discovery requests involve e-mail. 65% now ask for other forms of data (office productivity, CAD diagrams, etc). You must be able to not only deliver this information quickly after the request, but also at the request you need to know what you have and state what you are planning to deliver. 2. Have any employees? Ever have any leave because they weren't happy or you weren't happy with them? (if you answered no to question one and yes to this question, go back and change your first answer to yes. 3. Ever need to reference a previous piece of work as a starting point to save time or to upgrade or add on? Data retention is not just about being prepared for bad things, it is also about using your digital assets as... well... an asset, to help you save time on the next project, addition or redesign. First let's look at e-mail, certainly the headline grabber. At almost any level within the small to medium-sized range of business, outsourcing e-mail archiving makes sense. Companies like LiveOffice and MessageOne (now Dell) are good examples. What makes LiveOffice interesting is how mature it is in the space, with more than 7,500 customers in eight years of business.

Data archiving is a little different. For the "S" part of SMB, cloud storage solutions makes sense, but as I said in an earlier entry, make sure those cloud companies have a focus on retention. A great example in this space is iForem, which manages retention on a specific file, and you pay for the file storage for life as opposed to an annual subscription. For data retention in the medium-sized business a totally outsourced solution should be compared with storing the data on-site. The first choice is how to move the data to the archive. Companies like Atempo and Enigma Data offer simple and reasonably priced solutions for the SMB market. In the Macintosh-based market of video and film production, MatrixStore is designed for that purpose and is ideal for Final Cut Pro and Final Cut Server work flows, offering long-term protection for the final cuts you need to keep. From a hardware perspective there is the traditional use of these archive tools to copy to cheap disk, but companies like ProStor Systems have specific archive storage focused on the mid-tier business. Their ingenious solution leverages ProStor's removable hard disk technology by front-ending it with a 1-9TB RAID disk which automatically moves data from these disks to the removable hard disks. Even though the files have been migrated they still appear to be local on the system, and if a file is not actually there when being accessed then the operator is prompted to insert the correct piece of disk media. This provides an efficient, power managed solution for the medium sized business.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed. George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.