Sprawling, fragmented data is a ticking time bomb. Here’s how to defuse it

Illustration of ransomware ghost coming out of someone's locked PC to demand money

Paid Feature The data landscape is often described in pyrotechnic terms. Data growth is explosive, even meteoric, while ever smarter analytics and AI means its potential is incendiary.

This vivid imagery is, perhaps, justified, given that almost 40 percent of organizations expect their data to grow by half or more every year, according to IDC research for HPE. But data is also fragmented, with the same research showing that just 10 per cent of organizations have the entirety of their digital infrastructure residing on-premises.

At the same time, the threat to data has increased enormously. The prospect of cyber attackers – or disgruntled insiders – exfiltrating data, whether PII Data or crucial IP is bad enough. But the threat of having data locked up by ransomware means companies are simultaneously prevented from carrying on with their business is existential.

Ransomware has certainly caught the imagination of tech leaders, with 27 per cent of respondents citing it as their most prevalent threat in the same IDC research.

Research conducted by the security vendor Cybereason reveals 81 percent of organizations are highly or very concerned about the risk of ransomware attacks. And so they should be. If current trend lines are anything to go by, ransomware is expected to attack at business, consumer or device every two seconds by 2031, up from 11 seconds in 2021. And if the attack is successful? The average downtime is 21 days.

With all these pressures, it perhaps shouldn’t be a surprise that half of organizations had suffered an unrecoverable data event in the previous three years.

So, should we be worried about the sort of adjectives used to describe organizations’ existing data protection? Words such as fragmented, aging, complex. And, perhaps worst of all, secondary.

As HPE’s data protection product marketing manager Ashwin Shetty explains, in this data rich, rapidly cloudifying world, organizations must often rely on tooling that is typically designed for a decade earlier. Moreover, “earlier backup and recovery was considered secondary storage and complex to deploy.”

This has meant that both operations – and technologies – really are fragmented. “You have multiple point solutions for backup, disaster recovery as well as archives. No single vendor has been able to unify this and offer it as a single solution.”

Just maintaining a multitude of point solutions on-prem sucks up time in management and maintenance. This becomes even more complex when customers inevitably begin to extend their operations to hybrid cloud architectures, because much of the existing data protection tooling was designed for an on-prem world. Things are further complicated if a team’s desire to run mixed workloads means it requires additional media servers and backup targets.

This is a stark contrast to the situation in cloud, which offers customers a more unified, agile experience, which is often impossible to replicate on-prem. However, this comes at a price and in any event, many applications and many data pools simply can’t be moved off-prem.

Lastly, there is the people factor. Traditionally, the team responsible for data protection and recovery could have been very distinct from the security team. Now, given the prevalence of ransomware and the almost inevitability that organizations will be hit by it, it is important that the two disciplines are, if not united, at least working in concert.

Seamless tooling

So how should data specialists begin to rethink retooling data protection for the modern era? There are three important questions that organizations need to ask themselves, Shetty explains: “How can I secure my data against ransomware attacks; how can I recover from without disrupting any of my business operations; and finally, how do I simplify backup and recovery operations?”

“Customers need to have a solution that can be as seamless as configuring your required RTOs and RPOs, and then you have the right blend of disaster recovery, or backup and recovery operations set up for you. Implementing a data protection solution has to be as simple as a few clicks.”

So, simplicity and ease of implementation are among the key elements of HPE’s GreenLake for Data Protection. HPE GreenLake brings a consumption-based, cloud experience to the management, provisioning and optimization of infrastructure, and services, whether it is on-prem, in a colocation facility or, indeed, in the cloud. The offering is underpinned by HPE’s InfoSight AI-powered optimization engine.

HPE’s Greenlake for Data Protection offers two key new services; HPE Backup and Recovery Service, which aims to modernize data protection and bring operational simplicity across hybrid cloud; and disaster recovery, ransomware recovery and continuous data protection, courtesy of Zerto, a Hewlett Packard Enterprise Company which HPE acquired last year.

Shetty adds that customers aren’t locked in with HPE GreenLake. “It allows customers flexibility to choose the backup ISVs of their choice. It can work with ISVs like Veeam, Commvault, Cohesity and others.”

But, he continues, “what it helps you to do is make management and maintenance of your infrastructure either on-prem or in the cloud much easier, much simpler, because the operation is managed not by the customer but by HPE GreenLake.”

According to Shetty, storage efficiency is a key differentiator of HPE Backup and Recovery Service, thanks to the firm’s StoreOnce Catalyst dedupe and compression technology. “Our internal testing shows that we are up to five times more efficient than any other backup service protecting VMware workloads.”

Policy-based orchestration and automation lets you set up the protection of your virtual machines (VMs) in a few simple steps, in less than five minutes. All backups will then run automatically so that you can be sure you can recover your data when you need it.

Managed through a unified cloud native console, this modern, flexible approach to backup automatically retains local snapshots for instant data restores, performs local on-premises backups for rapid data recovery, and utilizes cloud backups for cost-effective, long term data retention.

Using HPE StoreOnce Catalyst makes this service efficient at protecting backup data from cyberattacks like ransomware, because it keeps data hidden from attackers. Ransomware can’t infect and encrypt what is inaccessible to it. HPE Backup and Recovery Service takes advantage of this feature, creating backup stores which are not directly accessible by the operating system. Backup images are made inaccessible to ransomware, thereby ensuring data backup security and enabling reliable data restores.

Likewise, the initial focus is on VMware, which continues to account for the vast majority of corporate workloads. “But we will start supporting other workloads quite soon.”

It’s all in the mix

When it comes to mixed workloads, Shetty adds, “one of the key things with the backup and recovery service is you don’t need additional gateways or additional media servers to start protecting your VM workloads. Everything is done as a part of this service.”

As for setting SLAs and RPO/RTO targets, the equation is simple. Companies want minimum downtime and minimum data loss. “That’s where Zerto comes into play.”

With just a few clicks, you can recover your multi-VM applications to seconds prior to an attack, according to Shetty. Applications and all their VMs are recovered as one single, crash-consistent unit. Using built-in orchestration and automation, you can easily failover an entire site in a few clicks – without disruption, he says.

Using Continuous Data Protection (CDP) with its always-on replication and journaling technology, you can recover entire sites and applications at scale, with seconds of data loss. Simply select a checkpoint that’s seconds before an attack, and resume operations.

One of the headline claims of DPaaS is that it will allow customers to tackle ransomware “head on.” That might seem almost provocative given the nature of the threat and the people behind it. But Shetty explains the aim is to make ransomware attacks a “non-event.”

“You have near zero data loss in the process, and you have near zero downtime, so you don’t have to spend time recovering the data. You don’t have to spend time restoring your systems back after an attack. And the data is tested to make sure it’s a clean restore.” Customers can easily perform failover and backup testing quickly, without disruption. Using an on-demand sandbox, you can test when you need to and receive automated reports.

None of this denies that cyberattacks in general and ransomware in particular are very real threats and it is inevitable that companies will come under attack. But the ultimate impact, says Shetty, “depends on how quickly you’re able to restore your data and resume your business operations”.

Making a ransomware attack a non-event might be another way in which data protection fails to grab the sort of superlatives data growth does. But, let’s face it, that’s probably how we’d all prefer things played out.

Sponsored by HPE.