General discussion

Locked

A technical question for a change

By neilb@uk ·
OK. I know it doesn't belong here but I'm not expecting a real solution anyway..

I'm the storage Manager, here, and so responsible for our SAN and backup systems. We're just starting a project to replace the SAN and backup and we've chose - and paid for - the replacement kit.

However, I have just been handed a totally unassociated small project (I'm the technical lead) for which one of the deliverables strikes me as being both unethical and stupid and I'm interested in responses. Just agree with me and I'll feel better!

I have to devise a backup strategy whereby any files deleted within the last two months may be easily restored, selected files are retained for years and must be easily restorable and the remaining non-critical files deleted over six months ago cannot be got back under any circumstances. All of that is easy and is, in fact, what I do anyway.

What they also want is for non-critical files deleted between two and six months ago to be recoverable at a cost greater than ?500 per request so that they can use this whip the users into a better data management mind-set. We can only make an internal charge of ?25 per hour for operator time. How on Earth can I do this? Send tapes to the Seychelles and fly out and pick them up myself?

Gah! X-(

I believe that the strategy was originally proposed by GWB but I can't get this confirmed.

This conversation is currently closed to new comments.

49 total posts (Page 1 of 5)   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

I would

by Jaqui In reply to A technical question for ...

tell the ones that want this implemented that you can only implement the extreme rate if you get to pocket all of the 475 pounds they are ripping the clients off. and you need their answer in writing, that they will pay you the full amount they are stealing from customers.

]:)


then you got them over a barrel, they admitted in writing that they are crooks. ]:)

Collapse -

You could

by TonytheTiger In reply to A technical question for ...

simply give them the tapes holding the non-critical files, to control as they wish.

Collapse -

Ethics

by Tig2 In reply to A technical question for ...

I suppose that they have a right to charge the end user whatever they like for restoration services. The question is whether they will consistantly charge ALL users this fee or if more Senior people will be charged less (or not at all).

Either way, the question that I have is if you personally are being asked to lie. If that is indeed the case, I would refuse. We may refer to them as "stupid users" but many of them are smarter than we think. You give up trust one time and it will haunt you forever.

If the goal is to retrain end users in data management, the best way to go about that is define and communicate a policy and define a consequence if policy is not followed. In other words, user training is not your problem. This solution not only removes the problem from your plate but sets it neatly in the lap of your Policy Analyst (or whomever your company uses to create and communicate policy).

Collapse -

Alas, it is partly my problem

by neilb@uk In reply to Ethics

This is all in-house. Were it for a customer then it would be relatively easy to deal with.

What I actually have to do is to make restore of some files much more expensive but still doable if the business case will swallow the cost or if HR want them, say, for disciplinary stuff. However they won't lie about the differential costs so I have to produce, basically, a strategy that lies for them.

It only appeared in my inbox late today so I haven't had a reply yet whether it is just a whim by those policy analysts suggested to promote user discipline or if - like the six month delete - it is mandated by our data policy's compliance with various UK data acts.

I suspect that it is just for "user enforcement".

I'll know more when I get replies from my "first thoughts" broadside. Luckily, I went back and edited out all of the swear words before I hit [send]. I was almost reasonable in my objections. Not like me - it must be shock!

Collapse -

A question for you Neil

by Tig2 In reply to Alas, it is partly my pro ...

Does management want to differentiate on rationale for the request? For instance, would fulfilling an HR request for disciplinary reasons be charged a lesser sum than an end user request to have a non critical file restored?

And if this is the case, who in management is willing to define the criteria for that differentiation?

Another odd thought- I know that the UK is implementing a variety of data and security initiatives and while I am not particularly up to date on all of them, I can't think of an audit point that would require that it be "more difficult" to retrieve non-critical data within the retention window. What I HAVE seen is initiatives such as this proposed to provide an additional or augmented revenue stream to fund compliance activities.

If you discover that it IS an effort to improve end user compliance, I would suggest that it will inevitably back-fire as end users scramble to "hide" non-critical data outside of the six month scrub window either through alternative storage (thus creating a new problem and potential risk) or through re-definition of criticality. A better and more successful path to increasing end user compliance is to communicate policy and consequences for failure to manage to the policy.

Can you tell that I have played in this sandbox once or twice?

What I have found to be successful was to shift the issue to a slightly different light- it became "us" (the company) against "them" (the political policy makers). I basically communicated a personal opinion that we were being held to new rules because government felt that we needed to be hand held. We (the company) set out to prove "them" wrong. Actually got to be kinda fun.

Good luck with this. Let me know how it goes on.

Collapse -

This is still unfolding

by neilb@uk In reply to A question for you Neil

The "Operational Change Authorisation" request landed in my in-tray (and that or all of the Infrastructure Team) for technical assessment just around 4pm. I'd heard runours that the data Management Policy Team were going to request it but I'd really assumed that people were trying to wind me up as it seemed so stupid!

It is, however, an official request and I guess I'm just going to have to recruit some allies up the IT management chain because I seriously can't think of a way to actually do it!

When I hear more, I'll let you know. Your insights could be useful.

Collapse -

Merely make additional storage part of your recovery policy.

by X-MarCap In reply to Alas, it is partly my pro ...

If you have to get addition storage for your (clariion, netapp, symmetrix,hitachi,etc. raid) you can easily justify the 500... Make it a policy to mount it on new storage, so it cannot mess up any existing data, and you are home free...

Collapse -

The real catch is 40 TB is not a lot of space.

by X-MarCap In reply to Merely make additional st ...

We are examining an additional 60 TB to get out to 2 weeks of incrementals... The space goes faster than you'd ever believe.

Collapse -

Not Unethical

by FirstPeter In reply to Alas, it is partly my pro ...

Really there's no ethics issue there at all - just stupid business practice. Effectively a business is saying "I want you to increase cost so we can justify not doing something." Instead of, say, putting out a policy that says "We will not do this."

Can you imagine being the CIO and having to explain to the CEO that you decided to actually increase costs unnecessarily because you didn't want to ask him/her to help enforce the policy that says we don't do that?

There are really two decision points here that have to be looked at. The first is "does the benefit outweigh the cost?" If the cost is, say $50/recovery and the benefit is a savings of $500 then absolutely.

But that in-and-of-itself shouldn't be enough to justify the recovery. The second decision point is "does it make sense to do that?" This one is the one I've seen overlooked so many times it scares me. Just because I CAN make a dollar doesn't mean it's wise for me to do it.

I run a consulting business. I could sell furniture on the side and make a buck here and there, but that's taking time away from my core business where my return is much greater. Maybe I could spend 5 hours making $50 on furniture when I could have used that 5 hours to drum up 20 sales leads, netting me one sale of $300/month recurring profit.

So, just because I can cost-effectively (direct cost) recover that file maybe I don't want to because it will take my folks away from mapping out the future strategies - which are more valuable than the $500 benefit we'll get. Maybe I don't want to because if I have one request it's justified, but when I have five requests it's not. Maybe I don't want to because it will set a precedent I don't want to set.

I don't see anything unethical in their request. Stupid, yes, but not unethical.

Collapse -

I think it is

by neilb@uk In reply to Not Unethical

The managers are asking me to engineer the system specifically to increase the cost of a data restore when it is completely unnecesary to meet any formal data management rules. This "cost" will be published to the workforce. They are involving me in a fabrication - a lie. That is unethical.

The current level of requests for restores is quite low and I have no reason to believe it would increase if everybody just shut uop and left everything the way it is now - perfectly in compliance with published policy.

Back to Community Forum
49 total posts (Page 1 of 5)   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums