Disk space is cheap.  Cheaper than it ever has been.  In fact, if you try to purchase small disks for legacy applications, you might be in for an exhaustive or expensive search.

For example, I was looking to replace a 20 Gig 2.5″ PATA drive with a 40 Gig one.  Good luck!  Not only did I not find ANY PATA drives at some local big box retailers, but going to Fry’s yielded me two choices: 160 Gig or 250 Gig.  The price of both of those was cheaper than what I could find online in the 40 Gig range.

With disk space being so cheap (sub $100 per terabyte) and data storage growing at insane rates, is it easier to back up your critical files to other disk space instead of tape? And specifically, for those of you subject to PCI DSS, what does this do to requirements 9.6-9.7?

Many of my customers are beginning to look to alternative methods of backup from periodic snapshots of critical files on DVDs, to cloud-based backup services, to secondary (and even tertiary) data centers.  Media containing cardholder data is now theoretically much less mobile (excluding laptops, PDAs, smart phones, and the fool storing some on a thumb drive), assuming you know where your cardholder data lives. So is complying with these requirements easier?

It seems like the companies that struggled with these requirements the most did so outside of tape backups (meaning, they were using CDs or DVDs to transport data from place to place), and had challenges identifying media as confidential as well as performing an inventory on all media. Considering compliance, live media seems to make some of those problems go away, and depending on your particular setup it could end up saving time and money from an IT operations perspective.

In a talk that Anton Chuvakin & I did at SOURCE Boston, I asked the question, “What value does a backup tape from two years ago have for your organization?”  There was only one respondent, and he came up with a scenario I had not considered that was unique to his industry.  For the most part, however, it seems that the value of snapshot data over time diminishes rapidly, and it could easily be stored, mirrored, or versioned on cheap, live disks.

