Six Trends in Data Storage, Protection & Resilience
In this article
Organizations are nothing without data. With times changing fast, they are challenged with ensuring that their data is protected wherever it resides and their organizations are resilient. Here are six current and emerging trends in data storage, protection and resilience.
1. As organizations push more data and users to the edge, they must be able to protect that data and be resilient.
Digital transformation and the rise of remote work is pushing organizations to distribute more data to the edge than ever before. To protect this data, organizations must be able to identify when data is no longer being accessed in the appropriate manner — for example, when the change rate has skyrocketed or when the file type no longer matches the extension, indicating some sort of breach or ransomware attack. It is critical to be able to stand up, support, protect and recover data if there is a ransomware breach or bad actors have infiltrated the network holistically.
With digital transformation comes the need to rationalize applications. As organizations consider re-hosting, re-platforming, re-factoring and re-purchasing apps to move them to a Software as a Service (SaaS) model, they still have to continue supporting their traditional apps. Organizations need both proven technologies and modern innovation to think beyond data protection and become resilient. This means considering attacks in terms of "when" not "if" and preparing for response and recovery.
Organizations' data is fundamental to their business, and it is important to capture and monetize it. The majority of new data is unstructured, meaning it doesn't fit into a database. Traditionally, unstructured data has been stored to file systems as files or in object systems as objects. Managing unstructured data and getting it under control has received increasing focus, so why hasn't the problem been solved?
In short, the amount of unstructured data generated by today's organizations is growing — fast. Increasingly, unstructured data includes streaming data, which requires organizations to record on demand, learn as it's played back and act on it in real time or near real time. This data includes things like:
- Genome sequences
- Creating movies through unreal engines when actors can't be in the same place
- Tweaking sensor data from machines in factories
Another relevant example of unstructured data is video surveillance, including assessing individuals as they move through places to determine if they have a temperature using thermal imaging cameras that are accurate within half a degree. This type of video surveillance replaces the need to use a thermometer. In this instance, software and AI can examine the data and identify who should not be allowed into a store or business. It is also necessary to capture that data to learn from it moving forward, and to keep it for a long time in case of litigation.
4. Increasingly, data is scattered everywhere from the core to the edge and in the cloud, and it doesn't fit into neatly structured databases.
Organizations need to be able to play in all those fields and communicate across these zones quickly. Although traditional block storage still exists, there's explosive growth in things like smartphones, with people streaming content all the time and checking email. All that data needs to reside somewhere, and it all needs to seamlessly integrate across the different planes — and then, of course, it must be protected.
5. With the uptick in remote work comes an increase in destructive cyberattacks, including ransomware.
When the pandemic hit, employees, students and patients were forced to stay home to prevent disease transmission. And while these measures helped keep everyone safe, it also expanded organizations' attack surfaces and exposed them to potential ransomware and other data breaches. While endpoint and network security are important for preventing these attacks, data protection helps organizations respond and recover from catastrophic cyberattacks.
By designing and implementing an air gap vault, organizations can ensure that their data remains untouched even if their production data centers are hit, allowing them to get back up and running quickly. In a ransomware attack, organizations must assume they're coming back with bare metal and prepare for that.
Think about how your organization will get out of an event, but also how you can get into an event. Ask yourself:
- What happens if I neglect to capture or keep data?
- What should I capture upfront?
- How long should I keep it?
- How do I protect it?
It is a good idea to store more than you need and make those decisions later. As we can learn from data in the past, it's smart to be cautious about throwing things away, or you could find it difficult to move forward.
Learn from attacks to be better prepared and remember your final line of defense is backup. Bad agents are using ransomware to target NTP servers and archived information. Their latest strategy is creating time lags in the server, speeding up time until it is up to, say, a month ahead of real time. Immutable copies don't work when they change the date. Now, in response, organizations can put gates in place to prevent clock drift and set acceptable parameters. If those parameters are exceeded, human intervention is required to make any changes into the system.
Don't assume; confirm.
Organizations often assume they will receive fail safes and data protection automatically when they move their data to the public cloud, but this is not the case. Public cloud providers act as a repository of information unless additional data protection services are added. Organizations must consider everything they take for granted in a typical data center or on-premises environment when moving to the cloud.
One cloud provider may do a good job of renting GPUs for certain workloads, but if you have an app that needs something else that AWS has, how do you make it cloud accessible for your needs? Find the best tools for the job and have more than one option, such as an on-premises copy replicated to cloud, or a hybrid cloud strategy where you can take advantage of a vendor solution that provides connectivity into all three major American cloud providers with direct layer two access to the storage. Cloud gives you a lot to think about; you can't expect to pick up and move into the cloud and operate just like you did in your own data center.