Archive for the ‘Cloud Data Protection’ Category

Backing Up Your Data Should Be Obvious

Brian Heckert

Principal Content Editor, Dell EMC
My first long-term exposure to technology was the typewriter. I still love that invention, which really sparked my interest in writing. For the past 20 years, I have worked in high tech as a content development specialist, marketing writer, and documentation editor. Prior to working in the software industry, I was a journalist, photographer, photo editor, and military fire fighter. After hours, I enjoy spending time with family, reading, and hiking in the mountains.

Keeping a safe distance from large mammals with large canines should be obvious, especially when they can weigh more than a couple of tons. But what’s obvious to one person may not be so obvious to another.

On a recent excursion to the Central California coast I had the opportunity to observe elephant seals, mammals so massive they can grow to more than 16 feet and weigh more than 5,000 pounds. Elephant seals are fascinating animals, but there are some critical facts to keep in mind when you’re watching them in close proximity. According to the clearly visible signs posted nearby where the seals congregate, here’s what observers need to know:

beware-sealsElephant seals…

  • are large
  • have teeth and bite
  • are faster than you think
  • are wild

Seems obvious, right? And in case that information isn’t convincing enough, here’s the last bit of advice on the sign to anyone who might think elephant seals are cuddly critters: For your safety and theirs, KEEP YOUR DISTANCE. It’s the law.

When I returned to work the following week, I was thinking about my adventure at the elephant seal rookery and what I learned. It really was a treat to observe them and see them thriving, especially when you consider that at the end of the 19th century they were nearly extinct. That got me thinking about data protection. You may be asking, “What? Elephant seals and data protection?!” But when you consider the information on the signs that warns rookery visitors, and the importance of protecting your data, it’s not such a stretch, especially when you realize that many businesses don’t do the obvious by adequately protecting one of their most important assets—their data.

Why do you need data protection? The EMC Global Data Protection Index (GDPI) discovered some critical facts. The GDPI found that of the organizations surveyed, 52% of them suffered unplanned system downtime in the last 12 months, and 29% suffered data loss. Whether it’s a cyberthreat (36% of organizations reported internal or external security breaches, according to index) or hardware failure (hardware failure is still the number one cause of data loss and/or system downtime, according to Index), a massive data breach can happen faster than you think. In fact, once they gain access to a system, it takes just six minutes for cybercriminals to compromise an organization, and they can do that successfully 60% of the time. Those numbers have a lot of bite (think very large canines)!

When you consider that many industry and government entities require that businesses conform to standards for safeguarding and retaining data, it’s not much of a stretch to say that protecting your data is the law. And backing it up is an important aspect of your data protection strategy. Don’t ignore the obvious! Data is always at risk of being lost, stolen, damaged, or corrupted. The signs are all around. Your data is critical to your success and everyday operations, and business continuity depends on the availability of your data. Don’t let your data—or your business—become extinct! One way to ensure it doesn’t is by implementing the right solution. Check out how Dell EMC Mozy’s enterprise-grade cloud backup solutions can give you that peace of mind.

beware-hackers

So if I were to revise the elephant seal signs to instead caution business owners who are not yet confident in their data protection readiness, here’s how I would do it:

Your data…

  • is important
  • is valuable
  • must be accessible
  • must be safeguarded

And just to underscore that: For the safety of your business, BACK UP YOUR DATA. It’s essential!

Cloud Adoption: Strategy vs. Reality

Vladimir Mandic

Chief Technology Officer & Distinguished Engineer Data Protection Cloud, Core Technologies Division, Dell EMC
Vladimir has been driving technical innovation and change within EMC for the past 10 years, first in the area of data protection software and, currently, in cloud technologies. Prior to that, he’s had rich industry experience as a solution integrator and in the service provider space. When not working on technology innovation, he may be difficult to locate due to his passion for world travel.

Latest posts by Vladimir Mandic (see all)

Myths About Migrating to the Cloud

Myth 1: Cloud Bursting
One of the original highly publicized use-cases for public cloud was bursting. The story made sense: as your demand for computecloud adoption-vlad increased, you would use the public cloud to increase the capacity of your private infrastructure. Like so many good stories, bursting didn’t really happen. In fact, bursting is one of the least common public cloud use cases.
Why did bursting not become more widespread? Enterprises are either keeping applications on-premises in newly designed IaaS private clouds or they are moving them to the public cloud. It’s an OR function, not an AND one. Furthermore, it almost always happens per-application. You evaluate your future application needs and decide where it makes more sense to run the application for those needs. Bursting across environments is just too complex.

Myth 2: Multi-Cloud
Most enterprises have neither a comprehensive hybrid cloud nor an end-to-end multi-cloud strategy that covers entire IT cloud comic-vladenvironments. Frequently there is a general desire for multi-cloud strategy to minimize the dependency on a single cloud provider. But that strategy turns out again to be a per-application choice rather than a centralized plan.
Organizations choose to run some applications in the private cloud and some in different public clouds. Every cloud has very different functionality, interfaces, and cost optimizations. And each time an application developer chooses an environment, it’s because that cloud was the optimal choice for that application. As a result, application mobility becomes a myth; it’s something desired, but very few are willing to settle for the smallest common denominator between different choices just to enable application mobility.
Even if customers wanted to and could move the application, it’s unlikely to happen. Moving large amounts of data between environments is challenging, inefficient, and costly. So, once the choice of a cloud provider is made, the application stays where it is, at least until the next tech refresh cycle when per-application considerations can be re-evaluated.

Cloud Adoption for Legacy Applications
While so much of the focus has been on creating new applications, enterprises are also migrating traditional workloads. So what are the stages of cloud adoption?

  • Step 1: Infrastructure as a Service. Treat the cloud like a typical infrastructure; in other words, think of servers and storage as you currently think of them. Applications are installed on top of the infrastructure. Because everything is relatively generic, the choice of a cloud provider is not too critical.
    But as applications start to move, a new way of thinking evolves; you start looking at the infrastructure as services instead of servers.
  • Step 2: Software as a Service. Some legacy applications are swapped for new ones that run as a service. In this case, you don’t care where your SaaS service runs as long as it’s reliable. The choice of a cloud provider is even less relevant; it’s about choice of the SaaS solution itself.
  • Step 3: Rewrite the Application. Some applications are redesigned to be cloud-native. In some cases, the cloud is an excuse to rewrite decades of old COBOL code that nobody understands. In other cases, features of the cloud enable an application to scale more, run faster, and deliver better services. Not all applications should be rewritten.

The Core Issue: Data. When thinking about moving the applications, what’s left is the actual data, and that is where company value truly resides. Some data moves with applications where it resides, but not all data is application structured. And that is the last challenge of cloud adoption—looking how data services can enable global, timely, and secure access to all data, whether it resides inside an application or outside of it.

The Role of IT
Just what is the role of the central IT organization, and is there a single strategy for IT? Not really.
The word “strategy” comes not from having a single plan that covers all applications, but from a comprehensive evaluation that should be done before choices are made and from having a unified set of services that ensure security, availability, and reliability of all those different environments.

Consider how IT organizations are evolving to become service brokers. For example, sometimes:

  • It makes sense to build a private cloud based on new converged (or hyper-converged) infrastructure.
  • It may go with the software-defined data center (SDDC), but that is more the case of when they have to deal with unknown external consumers instead of explicit requirements
  • IT organizations will broker services from public cloud providers such as AWS, Azure, GCE, or VirtuStreamThe alternative is so-called “shadow IT” where each application team attempts to manage their own applications without understanding the global impacts of their choices. In such scenarios, security is typically first to go and data protection follows closely.

I’ve written before how with move to public cloud, the responsibility of infrastructure availability shifts to the cloud provider. But that does not negate the need for a comprehensive data protection strategy.

You still need to protect your data on-premises or in the cloud from external threats such as ransomware or internally caused data corruption events (as the application is frequently the cause of corruption, not just infrastructure failures), or from the common (and sometimes embarrassing) “threat” of “I deleted the wrong data and I need it back.”

Companies weigh the costs and benefits of any investment. There are places where different types of infrastructure deliver the right answer. For IT to remain relevant, it needs to support different types of environments. IT’s future is in delivering better on-premises services, becoming a service broker, and ensuring that data is securely stored and protected.

Conclusion
The cloud is real and it is part of every IT team’s life. IT can be instrumental in the successful adoption of the cloud, as long as they approach it with calmness and reason—and an open mind. The goal isn’t to design the world’s greatest hybrid cloud architecture. It’s about choice and designing for application services instead of looking at servers and storage separately from the applications. There will be well-designed private clouds and public clouds that are better fits for specific applications. But the applications will dictate what works best for them; they will not accept a least-common denominator hybrid cloud.
In the end, hybrid cloud is not a goal in itself; it is a result of a well-executed strategy for applications and data.

Data Sovereignty in the Cloud

Mat Hamlin

Director of Products for Spanning by Dell EMC
Mat is the Director of Products for Spanning by Dell EMC. He is responsible for the overall direction and strategy for Spanning's suite of SaaS backup and recovery solutions. His career in technology spans five startups and two large organizations, all in Austin, TX. Mat started out in product support and training, then engineering leadership and for the past nine years has been focused on product management and product marketing. Prior to joining Spanning, Mat served as Sr. Product Manager for SailPoint Technologies and Sun Microsystems, contributing to their market-leading enterprise identity management solutions.

The requirement to comply with data protection and privacy laws, like the EU’s General Data Protection Regulation (GDRP) and Australia’s privacy laws, drive the need to evaluate where enterprise organizations are storing their data in cloud data centers. If your organization hosts your own data centers, this can be challenging if you are multinational, but it can be just as difficult when you rely on SaaS providers to manage your data since the control of your data destination is a bit out of your hands.

dp-compliance

If you’re using a SaaS application, such as Office 365 or Salesforce, and are backing up your data with a third-party backup provider, there are many factors to consider as you evaluate your data protection strategy. Understanding the regulations and requirements first and then considering how the providers handle your data are both important.

What privacy laws apply to my organization?
As you build a cloud and data protection strategy, start by evaluating the privacy laws that apply to your data and corporate policies, and compare that against your SaaS provider’s offering, including the primary data storage location and their replication strategy.

My strong suggestion is that you work directly with your audit, compliance and legal teams to ensure you fully understand the regulations that could be applied to you directly or indirectly through business relationships with organizations in other regions.

Generally, global privacy and data protection laws provide strong frameworks and mechanisms to transfer personal data to other countries and economic regions if required, but the regulations are typically strict and the penalties can be costly. As a result, many organizations decide to enforce data governance policies that ensure data remains within defined boundaries. (more…)

Ransomware 101

David Tye

Product Marketing Manager
As a recent graduate from Sacramento State University I am able to take what I have learned in school and apply it to the high tech industry and the problems companies are facing today. I am a California native, die hard Green Bay Packers fan, and an outdoor enthusiast.

Latest posts by David Tye (see all)

Ransomware is a worldwide phenomenon that is affecting users all around the globe. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for the second quarter of 2015. For all businesses, small or large, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “Will I be prepared when ransomware attacks?” That said, falling victim to a ransomware attack is not the end of the world if you have a proper backup policy in place.
ransomware

Ransomware first arrived on the scene in 2005. The first known ransomware strain was The Trojan.Gpcoder, which affected Windows operating systems.  Ransomware is comparable to humans in that it comes in all shapes, sizes, and colors. Ransomware attacks once used screen pop-ups that would notify users of the attack and the amount of money required to unlock a computer. Today’s ransomware attacks are more sophisticated than ever and use “unbreakable encryption.” That usually means if you do not have your data backed up you will not be seeing that data again (AKA you’re toast)—unless you pay the ransom. And paying the ransom does not guarantee that you will gain access to your data.

Ransomware can infiltrate and spread through your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link, normally social media or an email with an infected link or attachment. Ransomware is an effective form of cybercrime because the attackers can instill both fear and panic in their victims. But there are other reasons as well: ransomware is easy to create and deploy. The good news is that we can all fight this sort of cybercrime with a thorough backup plan.

(more…)

SaaS is Changing Everything – Including Data Loss Risk from Admin Error

Lori Witzel

Product Marketing Manager, Spanning by EMC
Lori Witzel is a Salesforce MVP, has worked with and for SaaS companies since 2005, and has been sharing info with, listening to, and learning from tech users ever since. She is currently PMM for Spanning Backup for Salesforce, as well as PMM for Spanning Backup for Google Apps. Prior to Spanning Backup, Lori worked for various early-stage Cloud start-ups, mid-sized middleware providers, and ed tech firms, and she’s always eager to learn more. Lori's profile on LinkedIn: https://www.linkedin.com/in/loriwitzel

Software-as-a-Service (SaaS) has a history unlike that of on-premises software, and the people who manage and administer SaaS applications reflect that difference. When it comes to data protection, that difference matters, as you’ll learn.

accidental admin

What is SaaS, and does it REALLY differ from on-premises or from hosted applications?
SaaS isn’t just some software sitting on a vendor-managed server in the cloud –  it’s significantly different from its predecessors, hosted and on-premises applications, in its delivery and its architecture.

  • A SaaS application is by definition cloud-based and multi-tenant, sharing IT resources securely in the cloud among multiple applications and tenants (businesses, organizations, schools). Multi-tenancy is the technical architecture that differentiates SaaS from hosted/ASP applications. The customer will access the application through a web browser, and is only responsible for managing the data and metadata (customizations) of their instance.
  • A hosted application is almost always a single-instance, single-tenant adaptation of an on-premises application. The customer may lease or own physical or virtualized servers upon which the application is installed, and will access it through a web browser or a thin client. The customer may be responsible for managing the servers, and is responsible for managing application upgrades and maintenance.
  • On-premises applications are installed on and operated from a customer’s in-house (on-premises) servers and computing infrastructure. The customer is responsible for application security, availability to the organization, and management.

How Did SaaS Come to PaaS?
In 1999, salesforce.com was founded, offering the first true multi-tenant architecture in a commercial software application. Its SaaS applications, such as Sales Cloud and Service Cloud, were developed on its Force.com Platform-as-a-Service (PaaS). By foregoing conventional application development platforms and creating its own platform, salesforce.com freed itself from some of the performance limitations inherent in a standard relational database.

The salesforce.com achievement in creating a PaaS to enable SaaS, enabling them to scale up to support hundreds of thousands of intra- and inter-enterprise tenants (different departments, different organizations) was, to quote Computerworld, “complex, commendable and quite revolutionary.” (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog