Monroelab's Data-Centered Solutions

With Monroelab's data-centered solutions, your painful (and wasteful) wanderings though the maze of computer industry offerings is over.

To achieve security, you need to protect your data. Data is the heart of your business. At Monroelab, we help you bring order to chaos. We do so using tools you already have or tools that are easily available and easy on the wallet.

1. Overview
2. Consequences of Data Insecurity
3. A Case Study
4. Data-Centric Solutions For Your Business

Overview

For a long time, the focus of the IT industry has been hardware and software performance and feature ‘richness.’ This was true at all levels of the industry, whether it was at giants like Dell and Microsoft or the small PC repair shop. As a result, scientists and engineers specializing in computer hardware have achieved astounding gains in raw performance. Software engineers have created more attractive and feature rich interfaces.

Yet, in spite of these advances, the basic, computer-related needs of a business — to securely store and rapidly locate critical information — have been mostly ignored. Ignored not only by the vendors, but by small– and medium–sized businesses as well. The tendency is to treat the machines (which can be quite expensive) as irreplaceable and the data as unimportant.

If your business is like most, important information is scattered among the various workstations used by your staff. “Alice” may have a proposal for a new client on a laptop hard drive, “Bob” keeps several spreadsheets containing mission-critical company information on his desktop machine. It's information that's crucial to your business — and to your success.

If either of these people call in sick, quits, or is laid off, you can be deprived of business-essential information. It may not be apparent at first but, sooner or later, the scramble will be on to find that missing document or spreadsheet.

The examples of “Alice” and “Bob” are all too typical of today's business. Owners and managers are often so focused on developing and expanding the company, they don't always take time to ensure they have command and control of business-essential data. Consequently, data insecurity has control of that business.

Whether you know it or not, your business exists in large part as electronic objects: documents, spreadsheets, database files, even e-mail exchanges with clients and potential clients. If you cannot pull these documents up on a moment's notice, you don't have adequate control of your business.

The Consequences of Data Insecurity:

1. Important staff or customer-generated information is not easily retrievable.
2. Backups of important information are incomplete (or worse, simply not done) because the files are not accessible in a central location.
3. Protection against software viruses and other malicious code becomes more complex.
4. Data is not restricted to those with a “need to know.” It can be accessed by anyone with physical access to that computer, i.e. in a haphazard, insecure way.
5. Rather than a machine-independent, data-centered approach to your computing resources, you elevate the importance of individual machines (Alice's laptop has the proposal on it; Alice's laptop is inordinately important).

Solving this problem requires a change in your focus, not necessarily new hardware or software. There's no need to reinvent the wheel. Rather, the strategy is to make better use of the tools you already have. At Monroelab, we call this the Data-Centered approach.

Elements of the Data-Centered Approach

1. A data security policy is put in place. The goal shifts from protecting machines to protecting data. Data is the only irreplaceable part of your computer system.
2. Data is made easily accessible within a secure, “need to know” access control framework. This access is either by centralized data servers, attached network attached storage devices or by creating a well designed, data transparent peer-to-peer network.
3. Backup accomplishment is enforced as an absolute necessity.
4. As an inviolable part of the data security policy, software on every machine is configured to save objects (spreadsheets, documents, and database files) to approved network shares or locations.
5. Software agents are used, as required, to audit data on user machines and move or copy stray documents to the centralized devices or approved peer network shares.

The emphasis is on machine independence — that is, on your independence from individual machines. The emphasis is also on easy access to your data, no matter where you are in your office. An extension of this idea, web-hosted data, allows data access no matter where you are in the world. Computers may come and go, but your business data is priceless.

Adopting the Data-Centered approach to your business network means knowing where important data is at all times, and safeguarding it against loss. At Monroelab, we can help you implement this approach as we detail in our case study of a small marketing firm.

A Case Study

Small marketing firm with 15 workstations.

The Alarus Group employs 15 people and has 15 computer workstations. There are 5 sales people, 6 creative staffers, 2 customer service representatives, and 2 accounting and billing personnel. Every person, including the CEO/founder, uses a proprietary application for handling project and time management for the advertising industry. Additionally, each employee uses Microsoft Office to create objects related to whatever project they're on. Everyone also uses email applications and a variety of miscellaneous applications for individual needs.

The CEO assumed that the centralization of project data (stored in the proprietary database of the industry-specific application) was all that was needed to have control of what his business was doing. During a crisis, he discovered that the database was incomplete. His staff had accumulated critical data in a variety of applications and objects which were scattered throughout the enterprise. Only then did the importance of rapid access to all business data became clear.

Creating a Data-Centered system was straightforward:

1. The server hosting the proprietary application was left as it was, except for the secure sharing of its default data folders. These were reconfigured for inclusion in the overall backup scheme.
2. A data-only server was installed on the network.
3. User access to data was assessed and a “need to know” access control policy created.
4. Each user's workstation was audited, installed software was inventoried, and business data was securely migrated to the data server central share.
5. An installation copy of every application in use was centrally stored, so users could install applications on an as-needed basis, to view every file type in use within the company.
6. Applications on each workstation were reconfigured to save created or modified data to the appropriate user share on the central data server.
7. A simple application, ran by a scheduler, enforced this policy by copying all known data types from each user's machine to the appropriate network shares.
8. A comprehensive backup policy was strictly adhered to.

Results

The result was two-fold: users continued to enjoy the freedom to create whatever spreadsheets, documents or other objects they needed to accomplish their work and, simultaneously, critical business data was easily retrievable, regardless of type.

No new technology was required, only a new way of organizing the technology already in use. This is the key to understanding data-centered systems. It is not a bold leap forward or a new paradigm, it is simply an optimization of the computing resources already available to you. Using the data-centered approach means your data is available when you need it.

This is one example of achieving greater data security and although it worked for this client, it is by no means the best that can be done.

Data-Centric Solutions For Your Business

Our first recommendation to customers is to choose network attached storage (NAS). This technology, which creates server appliances tailored to the requirement for centralized storage, is the ideal solution for most customer needs. Another option is the use of advanced ATA drive arrays such as those offered by Nexsan. These allow you to expand the capacity of your existing computer investment.

Major hardware vendors offer data storage hardware, such as Dell's POWERVAULT unit. Smaller but tech savvy players like Advansor, Network Storage Solutions, Cutting Edge, and Excel Meridian Data are also creating state-of-the-art, affordable, and reliable data-centered hardware for businesses of all sizes.

Using one or more NAS devices provides business with a ‘plug and play’ hardware module that requires minimal effort since they can be painlessly introduced into an existing infrastructure.

But, simply plugging a storage box into your network is not enough. To make the most of the technological fix, it's crucial to put in place several policies for data retention , access standards, and best practices.