What data loss prevention systems and tactics can do now
A comprehensive collection of articles, videos and more, hand-picked by our editors
Like many folks, I find myself put off by certain words that pop up often in advertisements for various products and services. Holistic is one of those words. Usually associated with healthcare woo, holistic medicine probably started as a smart idea, instructing patients and providers to look beyond point solutions to consider the broader context for injuries or ailments. But somewhere along the way, it was seized upon by marketing folks to incorporate a lot of unscientific nonsense into claims about certain products or treatment modalities.
A lot of today's data protection marketing incorporates the "holistic" meme. Vendors are starting to disparage these so-called "point solutions" and offer suites of data protection tools under one brand name and management console. That's holistic data protection, I guess.
Holistic data protection
Of course, there is merit to the claims of an Arcserve or an Acronis about the need to have a free-standing instantiation of data protection services set apart from services included in the software-defined stack that is siloed behind each deployed hypervisor and limited to storage systems operated by that stack. You can't share capacity between software-defined storage delineated by different, and competing, hypervisor stacks, nor can you protect data residing on a "foreign" hypervisor's storage. That is, unless you convert the workload and data into the native format of the protecting hypervisor.
Stand-alone data protection suite vendors want to address this issue by providing technology that's blind to hypervisor silos and works with all kits and data, usually at a block level. Working with data at the block level anonymizes data and insulates us admins from infrastructure peculiarities. A block is a block. What makes such an approach "holistic" is this universality and also the ability to manage data protection processes from a single pane of glass. Throw in a mention or two regarding how comprehensive the data protection services are in a given software suite -- or that they eliminate the need to buy continuous data protection (CDP) tools from one vendor, incremental snapshot tools from another and remote replication tools from a third -- and you get another "holistic" brag to make.
More than data replication
Sometimes lost in the messaging is the fact that "holistic" data protection requires more than just data replication tools, regardless of how fancy they are. Here are a couple of things to think about.
First, the data protection strategy you select needs to be granular. It has to match the specific protection and recovery requirements of data based on what that data is for and the business process it serves. For example, while mission-critical database transactions may require incremental and full snapshots and off-site replication to deliver an in-depth defense against logical and physical threats, this workload may also be a target for ne'er do wells who seek to encrypt that data and ransom it back. For that reason, you may also need CDP that can rewind I/O back to before the ransomware was introduced for a speedy recovery.
Conversely, archival data may not need much more than a weekly or monthly full backup because the data is seldom accessed and almost never updated. That said, depending on the nature of the archival data, it may be a candidate for encryption, another data protection service.
Security: The missing ingredient
Given the different needs of different data, holistic data protection tools should include some means of characterizing and classifying data, as well as establishing a policy for protecting, preserving and ensuring the privacy of the data in a manner befitting its criticality or class. Does your data protection strategy include that?
While we are on the subject of security, late last year, Jeh Johnson, then Secretary of the U.S. Department of Homeland Security, identified phishing as the top threat to data. He cited events ranging from the WikiLeaks email disclosures during the election process; the 21 million employees and contractors who had their personal data stolen in the Office of Personnel Management hack; plus recent hacks at Sony Pictures, JPMorgan Chase & Co., eBay, Target and numerous banks worldwide. Moreover, roughly 97% of phish attacks contain a ransomware payload, according to a McAfee Labs Threats Report in 2015, reflecting what Hewlett Packard Enterprise Security Research identified in their Cyber Risk Report of 2016 as a trend toward the monetization of threats (malware writers seeking to produce revenue with their scripts, rather than just vandalize targets).
Given the increasing risk that it'll be a security breach rather than a fire or flood that will take down your operating environment, shouldn't holistic data management include security services? In most shops, and in most data protection tools, security is kept quite separate from disaster recovery (DR). About the only overlap is in the area of encryption and access control functionality, and neither of these are particularly effective against phishing or ransomware, by the way.
To call their wares "holistic data protection" tools, a vendor needs to cram a lot of functionality into a product. Perhaps one of the first areas that should be targeted for improvement is in the blending of security services with DR services. Maybe doing this will require moving further up the functionality stack, away from data protection and security and into the realm of cognitive data management. More on that subject in future columns.
Analysts praise file sync and share for protecting data
A three-part process for protecting mobile data