Intelligent CIO North America Issue 27 - Page 35

EDITOR ’ S QUESTION

According to a recent Harvard Business

Review article : “ As enterprises have moved their workloads ( applications and data ) to the cloud , hybrid and distributed cloud environments have become the norm for most companies . Eightyfive percent of respondents to a new Harvard Business Review – Analytic Services survey say their organizations use at least two clouds – and a quarter of those respondents are using five or more .”
While the cloud can offer increased capabilities , quick access to scalable resources and many other benefits , too much of a good thing is not necessarily better .
In fact , too much of a good thing is oftentimes just that . . . too much . Many of the issues that enterprise organizations have historically faced on-site in regards to IT sprawl , have now been extended to the cloud as a result of multi-cloud adoption . These challenges include added management complexity , cost and risk , among others . It likely doesn ’ t come as a surprise to hear that conversations with our channel partners and end-user clients have revealed that security tops the list of risks that are introduced due to multi-cloud sprawl .
My advice would be to get your arms around this one first – especially given the meteoric rise over the past few years in ransomware and other forms of malware attacks coming from both external bad actors and internal threats .
The first part of your recovery strategy should entail having a backup that is essentially unbreakable . The ideal solution ( s ) should include features like file fingerprinting , file redundancy , file serialization , secure timestamp and auto file repair , as well as the necessary capabilities to ensure regulatory compliance .
And , importantly , the admin keys should be stored in a separate location for added protection . While an unbreakable backup is ideal to protect against ransomware and external threats , it ’ s equally valuable for data defense internally . An unbreakable backup is just as it sounds – the data is locked down , so to speak , so the backup can ’ t be damaged or tampered with and the company need not worry about data loss or downtime should an insider threat be lurking .
Malicious actors may target the company ’ s backups just as ransomware does , so the goal with unbreakable backup is to have a solution that eliminates a company ’ s concerns about the ability to recover its backup .
Part two of your recovery strategy should incorporate immutable backups . As with unbreakable backup , immutable backups are a perfect solution when external threats are the issue – and this type of backup is just as useful to guard against insider threats .
The goal here is to give companies a backup target that lets them lock their backups for a predetermined period of time : An immutable retention period , if you will .
While consolidation is likely the key from a cloud sprawl standpoint , even before that , a multi-layered security strategy must be implemented across all on-site and cloud data that includes protection , detection and the ability to recover . The recovery piece is one we find ourselves advising on perhaps most often . The two best practices for a recovery strategy relate to data backups . Organizations should secure their data first , before a cyberattack even happens and have both an unbreakable backup and an immutable backup in place .
Ideally , this type of solution will integrate with write once , read many ( WORM ) immutable storage that many cloud providers now offer , which prevents file alteration during a designated time period . The result is the creation of immutable backups that no user can delete .
Once data is secure , the focus can turn to planning and executing an efficient and effective cloud simplification strategy . p
SURYA VARANASI , CTO , STORCENTRIC
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 35