Cloud data protection starts with back to basics measures
Protecting data in the cloud is increasingly complex and challenging, but it has to be a priority and should start with basic data good practice.
This is according to speakers participating in a webinar hosted by Obsidian Systems, in partnership with First Distribution and IBM.
In a poll of webinar participants, asking whether their businesses were fully protected from ransomware, 64% were confident that they were.
Grant Bingham, CEO of IT Services at Autumn Leaf, commented that this was good to hear but surprising. “The problem with data is that as we speak, the data we have has changed. New data, different types of data, and someone is making a data-related decision, so it’s a moving target and you have to be on it every day,” he said. “One of the biggest challenges is around the ownership of the data, for example in the case of software as a service and who is responsible.”
Bingham said organisations had to get back to the basics of data and workload protection.
“You’re moving more and more data to the cloud and you are faced with different deployment models. We’re grappling with increasing regulatory controls, while on the other hand data is changing, being diluted, and distributed into various systems. So, applying controls is quite challenging as organisations move into the cloud,” he said.
“Often, during the deployment of workloads, the team’s focus is on availability. But that is just one dimension. The one issue that is often neglected is the integrity of the data. When ransomware presents itself at various layers of the architecture, integrity trumps availability.”
He said cloud data protection best practice required air-gapping of backups as the first line of defense.
“The next thing to consider is timeline sympathy in which the solution is sympathetic to the underlying environment. Organisations should clean data, taking care about what data they clean – just clean the ROT (redundant, obsolete, and trivial),” Bingham said.
Other measures were to focus on integrity as well as availability in applied metrics; automated, scripted deployment services with parameterized deployments; and testing across scenarios including data integrity issues, confidentiality, and availability issues.
“Organisations must go back to basics – even though there is data modernisation, the old data protection principles apply,” he said.
A poll also looked at what the main concerns were around container platforms for cloud data, finding that 71% said security was the top concern, with 14% saying lifecycle management, 9% saying orchestration, and 4% saying networking.
Taryn Doubell, vendor manager at Obsidian, said the first practical step toward cloud data protection would be to decide which data is critical for the organisation, and start with that dataset.
Bingham agreed, noting: “You can’t manage something if you don’t know what it is. You have to know where your precious data is – you cannot cover everything, so focus on the critical data.”
Doubell and Tania van Wyk de Vries, chief product officer of Obsidian, outlined the Obsidian Systems value proposition and its SMARTER framework, a guide to help plan, scope, and structure the delivery of technology solutions. Obsidian this year was onboarded as an IBM partner and can provide hardware, software, Cloud Paks, and services, they said.
Fatima Dawood, IBM software product manager at First Distribution, said there were five key trends to watch in the data analytics space: growing interest in self-service data analytics; stronger data integration through embedded analytics instead of users having to log in to a separate data analytics platform; AIops and other comprehensive analytics uses; tools that support data integrity; and the emergence of analytics on blockchain.
She highlighted data fabric – the management of data within an architecture that intelligently curates and orchestrates it for self-service delivery to data consumers.
IBM delivers a data fabric architecture through IBM Cloud Pak for Data, an open, fully integrated data and AI platform. By transitioning disparate data security, privacy, and governance practices into a more holistic approach through a unified privacy framework available on IBM Cloud Pak for Data, organisations can understand and police sensitive data and can unlock data’s potential.