Managing retention rules

You can use retention rules to help you comply with government, industry, and business requirements for the long-term retention and eventual deletion of data.

About this task

In addition to backing up new and changed data for day-to-day operational recovery needs, you might be required to retain data for longer periods. To comply with government regulations, you might have to save financial or employee-related records. To comply with industry regulations, you might have to retain records as evidence of best practices. Your organization might have its own internal requirements to preserve data. You might be required to collect the data on a recurring basis. For example, financial records might have to be collected regularly at quarterly or year-end fiscal boundaries. You might also have requirements to ensure that the data is deleted after a certain period.

Retention rules help you meet requirements for the recurring collection of data for long-term retention. When you create a retention rule, you specify which clients are to have their active backup data collected, how often the data is collected, and how long the data is retained. In a retention rule, you can specify backup-archive clients, Data Protection for Microsoft Exchange Server, and Data Protection for Microsoft SQL Server clients.

Retention sets are created at intervals, according to the data-collection frequency that is specified in a retention rule, and can be created on demand. A retention set is a point-in-time snapshot of the active backup data objects for the specified clients. Depending on the storage rule configuration, IBM Spectrum Protect uses one of the following methods to keep the retention set in primary storage or to copy the retention set to tape or cloud object storage:

In-place retention

With in-place retention, the backup data objects in the retention set are the original backup objects that are in server storage from earlier backup operations. A backup data object might be in multiple in-place retention sets, but the object is always the original backup data object and not a copy. The backup data objects in a retention set are tracked in the server inventory to ensure that the data is retained according to the retention set's own expiration date, which is independent of policy set specifications for data retention. A backup data object might be eligible for deletion based on its backup policy, but expiration processing does not delete the data object if it is part of an unexpired retention set.

Although in-place retention keeps client data in primary storage, movement of the data between primary storage pools is not restricted. For example, data might move to other primary storage pools if storage pool migration or tiering is configured, but the data cannot be deleted until the retention set expires.

Retention to tape or retention to cloud

With retention to tape, retention sets are initially created as in-place retention sets, but are soon copied to tape for offline protection of the retained data. With retention to cloud, retention sets are initially created as in-place retention sets, but are soon copied to cloud object storage.

After the copy process creates the retention set on tape or in cloud storage, the original backup objects are kept in primary storage according to backup policies only. Only the retention set data on tape or in cloud storage is retained until the retention set's expiration date. In this way, space on more-costly storage might be released as backup objects are retained instead on cost-efficient tape storage or cloud storage. In addition to the potential cost savings, retention to tape and retention to cloud offer the following advantages:

Copying retention sets to tape and removing the tape volumes from the production environment protects the retained data with an air gap. The retained data is physically isolated from your production systems and network, and is protected even if those systems become damaged or compromised. Tapes can be stored onsite or taken to an offsite location, where they are protected from an onsite disaster.
The copy operation hydrates the backup objects to reverse deduplication and compression. The tape or cloud volumes then contain reconstituted copies of the original files that were backed up by the client. The availability of reconstituted files helps expedite restore operations and mitigate damage that might result from data degradation over time.
Only retention set data is stored on tape or in cloud storage, so the retained data is not mingled with data that is required for operational recovery. The backup data objects that were copied remain in primary storage while they are still protected by backup policies. For this reason, the data can be retained on tape or in cloud storage without hindering recovery of operational data.

To store retention sets on tape or in cloud object storage, you define a new type of storage pool that is called a retention storage pool. A retention storage pool can represent tape devices including 3592 tape devices, LTO tape devices, or StorageTek drives. To store data in cloud object storage, a retention storage pool can represent a supported cloud object storage environment. A retention storage pool has an associated retention-copy storage rule, which is automatically created when you define the pool. The retention-copy storage rule runs once each day to copy retained data from primary storage to the retention storage pool.

If the retention set is not fully copied to tape or cloud storage during the retention storage rule's processing window, the copying is resumed the next time the retention-copy storage rule runs. You can view the status of the retention set, including the amount of data that was copied, from the Retention Sets page.

To view the retention rules that are defined to hub or spoke servers, open the Retention Rules page. From this page, you can also create, edit, and delete retention rules.

Procedure

On the Operations Center menu bar, click Services > Retention Rules.