Research

Building Towards An ILM Strategy

By David Senf

September 27, 2004 — CSO —

Information life cycle management (ILM) a storage industryled marketing catchall represents an expansion of software and services offerings by industry vendors to help CIOs better align storage costs and regulatory compliance with data availability and records management (RM) policies. ILM is intended to improve the "cradle to grave" management of corporate data assets. However, the industry buzz phrase ILM represents small steps towards a broader information management strategy. Here ILM will be explored primarily within its current storage-centric iteration but couched within a larger strategic context.

As a starting point, ILM balances the cost of storage with end-user demands (end users being broadly defined to include employees, regulators, customers, suppliers, and partners). Add to this seemingly simple premise, a myriad of constraints that need to be addressed including compliance, risk, and data availability. These larger constraints, are integral to shaping the narrow policies that will guide information through its life cycle from creation to archival and disposition. Moreover, they help establish a baseline for storage technology investments as they relate to records management, business continuity, and storage hardware strategies (such as amount of focus on options like disk-to-disk-to-tape).

An ILM strategy considers the policies, processes, and technology used to align information with business value across the information life cycle. The following points discuss the alignment initiatives that make up the basis for an ILM strategy given todays offerings in this space:

Aligning information value with storage costs. ILM is concerned with improving the balance between information value and the cost of storage resources. Despite the continued year-over-year downward slide of the storage cost per megabyte, the amount of storage capacity that is required continues to climb. Moreover, the price difference from enterprise-class storage to (S)ATA, optical or tape, though thinning, remains considerable when aggregated across the IT environment. The primary motivator to migrate data from higher-speed/availability storage to slower and less available devices is, of course, cost. And while organizations have measured the cost difference between disk and tape in the past, they should now be examining the cost associated with newer storage options across multiple storage tiers.
Aligning storage availability with user activity/demand. The amount of data activity and reuse declines, on average, over time. Adding complexity to this simple equation is that there tend to be spikes in the use of data between the initial decline in use/relevance and final disposition. Organizations will be addressing questions around which users require given information and how to prioritize workloads/types of information to deliver the highest value. Ensuring that users throughout the organization whether frontline administrators or top executives, and whether in finance, IT, sales, or other departments have access to the information they require relies on some measure of user/group classification. Additionally, the type of information that users require defined by workloads, including email, CRM, or imaged records will hold varying levels of value/prioritizations.
Aligning records management/data retention with legislation/regulations. Records management is comprised of both the retention period and archiving (read only) of information; both of which are impacted by a number of regulations. For example, organizations need to be able to demonstrate that "best efforts" have been made to be compliant with legislation like SEC Rule 17a-4, which mandates email retention related to finance. There are situations, though, when data retention periods will actually be rolled back in the opposite direction. Working from the opposite perspective, privacy legislation, for example, may require a reduction in data retention time in order to afford customers a higher degree of protection. In other words, if it has been disposed, it can't be mistakenly or maliciously exposed.
Aligning data recovery with data value. The timely recovery of data relies on prioritization (based on availability requirements) used in defining policies for the distribution of data across the most appropriate storage configuration. First, as a factor driving the creation of policies to guide data availability and retention policies, business continuity will be concerned with vertical (such as, CEO versus administration) and horizontal (such as HR versus sales) value of data. Recovering data "in a timely manner" is a function of the business need for that data. In certain instances, business continuity is also a function of compliance requirements spanning a range of legislation like Sarbanes-Oxley (SarBox), HIPAA, and GLB, among others.
One of the questions raised regarding ILM is this: Is it merely hierarchical storage management (HSM) revisited? HSM aligning data availability with the most cost-effective resource does factor significantly into the ILM equation. While HSM is an important aspect of delivering this vision, it is not the complete story. An ILM strategy will, as mentioned, involve the consideration of the value, protection, retention, availability, and cost of maintenance of information across a management life cycle.
By distributing blocks of data onto the right storage device over time, less expensive capacity could be used to store archived and seldom-used data, while more costly storage could be reserved for the data subject to higher-availability requirements. For the migration of data to lower-cost, less available storage, policies are established based on multiple criterion. Policies ascribed to data in HSM typically are derived from file creation date, date last modified/used, user/group, type of application, and file size. To trigger the event of migrating data down to the next level, a watermark or threshold is set to each level in the hierarchy. Data policies are usually examined based on capacity, but when capacity peaks, they are examined for order of migration.
Once data is moved from one level in the hierarchy down to the next, a stub remains in place to shield the user from having to discover a new location path. For the user or application accessing a file unlike in the proactive process of restoring data from backup the process is as roughly seamless as if the data were available on a higher-cost storage. The time that the user will have to wait for data on a low tier is the noticeable difference.
One of the key differences between ILM and HSM or more specifically a major advance over HSM is that ILM considers data from a broader perspective. Compliance, for instance, will introduce a number of new policies pertaining to the migration (or not) of data to archived WORM storage for example.
However, information management spanning the life cycle of creation to disposition needs to reach beyond technologies like tiered storage and even the current iteration of ILM. An information management strategy should be considered within a broad top-down approach starting with knowledge creation/management and progressing down to underlying enabling infrastructure. However, the IT industry is taking a bottom-up approach to ILM, wherein storage hardware and software are instead the focal point.
Despite tactical advantages engendered by the storage-centric approach to ILM, organizations need to build on this view through a broader information integration strategy. Nonetheless, knowledge management, content management, digital rights management, and a host of other technologies needed to extract greater business value from enterprise data are still relatively immature. Therefore, from a tactical angle in which issues of the day prevail (for example, cost reduction and staying out of jail), a foray into ILM concentrating on storage cost per megabyte, data retention, and availability merits the CIO's near-term attention.