Policy validation is a relatively new business requirement. Regulatory compliance, the increased sensitivity of data, and the general trend toward managing centralized computing services via service level agreements have introduced business processes to the data center. Simply put, this refers to the ability to customize a commercial DPM solution to an individual business by modifying user options, menus, data collection policies, and other elements. At a deeper level, it refers to the ability to have the DPM solution report and proactively manage data protection policies to reduce risk. This can mean capturing Sarbanes-Oxley or other regulatory compliance policies. It can also mean uniformly enforcing information life-cycle policies (such as backup windows, type of media, restore metrics, and data destruction dates) around email. Not only can an effective DPM solution reduce risk, it can also greatly simplify both internal and external audits.

Perhaps the most difficult aspect of DPM is trending and analysis. Wouldn’t it be wonderful if one could identify problems before they arose? For example, the system could generate an alert notifying the company that nightly backups will begin to exceed their backup window within 3 weeks if current trends continue. Or the system could send an alert to the operations staff at 2AM to let them know that the disk staging area will run out of space by 7AM unless the data currently occupying the staging area is offloaded to tape. This type of predictive analysis is one of the greatest promises of DPM.


In summary, DPM is essential for any company that is serious about its data protection strategy. As data volumes continue to explode and regulatory compliance/legal issues raise the penalties for failure, new data protection strategies will emerge, and a commercial DPM strategy will become a priority for every company with critical data.