Business Trends

Part
01
of three
Part
01

Business Continuity

While natural disasters and other threats to supply chains and business infrastructure remain very much on the experts' minds, the primary topic of conversation on the subject of business continuity in the last two years has been concerns about the increasing sophistication of deliberate cyber-attacks and the difficulty faced by disaster recovery (DR) teams in developing long-term strategies in an ever-changing field. Currently, businesses are trending towards using hybrid cloud strategies in conjunction with traditional data centers, Disaster Recovery as a Service (DRaaS) vendors, and shifting from a reactive stance to proactively protecting their data in the effort to maintain business continuity in the face of both man-made and natural threats.
Note that while most of the trends and challenges currently under wide discussion involve cyber-attacks, business security and continuity experts continue to warn about the dangers of natural disasters, data outages, disruptive technologies, and business interruptions due to "failures in the supply chain, worker strike, factory fires and explosions, and power failures."

MORE SOPHISTICATED CYBER-ATTACKS

DISASTER RECOVERY TEAMS ARE OUT OF THE LOOP

  • Due to the increasing number, type, and sophistication of threats, it has become increasingly difficult for businesses "to develop long-term strategies" that are viable.
  • Consequently, disaster recovery (DR) teams in general "don't know enough about cyberattacks" or even what within their own organization might be affected and need recovery.
  • DR teams are not sufficiently cognizant that data in the cloud may be stored by a third-party vendor, but that it still belongs to the client and is the client's ultimate responsibility.

HYBRID CLOUD STRATEGIES

  • While Gartner, for example, has predicted that 80% of enterprises will migrate entirely to the cloud and shut down their data centers by 2025, others are skeptical.
  • There are concerns that cloud computing may, in fact, create additional risks "such as data loss, outages and inappropriate data access because organizations only have limited visibility into cloud providers’ activities.
  • Consequently, and due to the high costs of moving data in the cloud, more organizations will scale back on using the cloud for disaster recovery and instead "leverage hybrid cloud strategies and cloud service providers who offer private cloud solutions with predictable cost models."
  • Likewise, virtualization is providing more recovery options and "lessening the need to use lengthy recovery protocols" even as it reduces the footprint of a given company's data center.

DISASTER RECOVERY AS A SERVICE (DRAAS)

  • Due to the necessity of IT services and data in the modern business world, the kinds of manual workarounds that many businesses developed in prior years are no longer viable and Recovery Point Objectives and Recovery Time Objectives (RPO/RTO) have become shorter than ever before.
  • Businesses, particularly established ones and those in very conservative industries (e.g., financial), have been slow to completely migrate their data and infrastructure to the cloud, but are adopting cloud services as a part of their disaster recovery plans.
  • In particular, DRAAS is taking the place of the traditional solution of alternate co-locations for a company's data center.
  • Even so, as Arcserve’s VP EMEA Mick Bradley notes, "We are still in the early adoption stage of DRaaS and it will continue to evolve over the coming years," arguing that even a technology as old as "tape is not going away."
  • The fact that companies are already handing over non-critical business processes to third-party SaaS vendors is already reducing "internal disaster recovery needs" noticeably.

A SHIFT FROM REACTIVE TO PROACTIVE DEFENSES

  • Business continuity is currently largely reactive, acting only after being hit by a threat.
  • However, experts expect a shift to proactively identifying risks and moving data before those risks manifest.
  • This will be driven in large part by organizations's desire to protect their reputation and branding to a public that is watching how they handle disasters and breaches.
  • Bradley believes that the real future trend will be to use predictive analytics based on Big Data to take a proactive stance against potential disasters, noting that "the avoidance piece is what we don’t have at the moment and it’s got to be the next big step forward in business continuity."
  • In fact, AI is expected to automate the DR process, "intelligently restoring the most frequently accessed, cross-functional or critical data first and proactively replicate it to the cloud before a downtime event occurs."
  • A business that was able to predict a disaster in advance would be able to "automatically initiate the movement of data and services to data centers that aren’t at risk."

RESEARCH STRATEGY

We began our research by looking for existing reports regarding business disaster recovery and continuity. While there were indeed several, they tended to group challenges into two main categories of potential threats, cyber-threats and natural disasters. They also provided mostly baseline business continuity advice that did not seem to change when we looked at earlier iterations of the reports. Indeed, most are completely in-line with the Small Business Administration's "Disaster Preparedness and Recovery Plan 2018." Thus, we could not use these to indicate “trends” per se, save perhaps a trend of an ever-increasing number of voices calling for businesses to be more proactive in planning their disaster recovery and business continuity.
Therefore, we broadened our strategy somewhat to include articles, white papers, and even blog posts by IT and security experts. This led us to the Disaster Recovery Journal which, though its last “Emerging Trends” article came out nearly two years ago, ultimately led us to several other sources which helped us to have a more complete picture and thus became the backbone of our research brief. We have, as a rule, cited trends attested in multiple sources.

Part
02
of three
Part
02

BackUp and Recovery

Data storage backup and recovery is an area that is ever evolving and has its challenges. SaaS, appliance automation, security for ransomware, compliance, managing data, and artificial intelligence are all trending topics with many insights in this area.

SOFTWARE-AS-A-SERVICE (SaaS)

  • SaaS will make up 60% of cloud spending by 2020 and 73% of organizations say their apps will almost all be SaaS powered.
  • According to Forbes, the SaaS market is predicted to grow at a staggering 22% CAGR between 2015-2020 and reach $236 billion.
  • Saas lets companies use an agile, cost-effective option to store and back up their information.
  • It has become very popular due to its simplicity, security, and ease of access.
  • Saas is flexible. Businesses do not have to buy programs or hardware. With SaaS, they can pay for the services they need.
  • SaaS providers deal with your updates instead of your IT department.
  • SaaS enables a business to be more mobile since you can access the platform from any mobile device.
  • SaaS providers also offer security options at levels an individual business might not be able to afford. They have disaster protocols in place along with recovery protocols to manage crisis situations. If there is a system failure, your information is still safe.
  • Micro Saas businesses are run by a small team. These products are usually add-ons for an existing platform created to improve or enhance a feature in a SaaS product already in use. Micro Saas is becoming more popular and will be more prevalent in 2019.

APPLIANCE AUTOMATION

  • When backing up your data, there should be some form of automation in place. Do not leave it to chance that an employee might forget to back up critical information.
  • Appliance-based automation with "geo-redundant cloud storage" is a current trend in data storage. This solution makes sure you can restore cloud data no matter what happens to it, be it a natural disaster or hacker. Numerous data centers are used in this process to make restoration successful.
  • This automation can prevent downtime and data loss.
  • Automation enables one to focus on important data tasks and not on tasks of less value.
  • Trouble tickets can be automated as the system is scanned during backup letting operators know if there is an issue.
  • Flash storage enables you to work on multiple devices and be more mobile.
  • With the adoption of more flash storage, one can ultimately make their server room more manageable.

ARTIFICIAL INTELLIGENCE (AI)

  • AI is credited for reduced energy costs. Google has reported its energy use dropped by 40% by using AI.
  • AI distributes workloads across multiple servers, eliminating inefficiencies.
  • AI can optimize speed, by optimizing internal processes an operations and redefining parameters for storage.
  • AI can monitor systems 24/7, enabling you to have better security and to be able to stay ahead of potential problems. With machine learning, AI can spot potential issues or threats and have a built-in "self-recovery".
  • AI can assist with managing data growth and make backup more efficient. This process can flag inactive or data that is used infrequently and compliance risks.
  • Predicting future storage needs can be accomplished with AI.

MANAGING DATA GROWTH/LOSS

  • In 2018, 27% of respondents in a survey conducted by Channel E2E, indicated that they had over 100TB of data to manage. This has doubled since 2016.
  • Data loss has affected 30% of the businesses surveyed.
  • In 2016, 55% of respondents had no plans to use the cloud. In 2018, this number has dropped to 35%.
  • Big data and the Internet of Things (IoT) has increased the amount of data we store exponentially. Traditional means of storage are now ineffective. More businesses are relying on cloud storage to combat this issue.
  • Ten years ago, our data was much simpler. Because the quality of spreadsheets and documents has increased, so has their size, and this creates more storage issues. Our databases are significantly larger as they have evolved to process more data. Finally, businesses now use big data for market analytics, so they store every piece of information possible in case they might need it at a later date.
  • To control the growth of data, backups should only capture data that has changed since the last backup.

FLASH

  • Flash has a solid state drive (SSD) with no moving parts and is used as a part of a hybrid system architecture. Flash architecture has many advantages over hard disk drives (HDD). HDD is at risk for developing scratches on the disk and the drive head breaking. When this occurs, retrieving information can be very difficult and expensive. These risks are multiplied the more times the HDD is written and rewritten. Flash drives do not have these issues.
  • Flash can deliver information in real time. They perform much better than HDD which can take around 5 milliseconds. Flash can take as little as 20 microseconds which is 350 times faster than HDD.

SECURITY- RANSOMWARE

  • Ransomware is one of the biggest threats to safely storing data. This also affects backup and recovery. In 1028, ransomware increased by 750%.
  • Cybersecurity Ventures predicts that damages from ransomware will reach $11.5 billion in 2019. By 2021 this amount will soar to $6 trillion.
  • The FBI states that ransomware attacks in 2017 cost over than $1.4 billion. Atlanta spent $2.6 million dollars to fix the damage caused by an attack.
  • Fifty percent of cybersecurity professionals stated they do not believe their company is prepared to "repel" a ransomware attack.
  • Considering that 75% of companies infected with ransomware were running up to date endpoint protection and the average cost is $133,000 per attack, it is of the highest importance to protect your data with appropriate backup and recovery protocols.
  • Ransomware-as-a-Service is one way to safeguard your information. It breaks the "attack loop" by detecting, capturing and quarantining affected files. Infected files do not enter the backup data.
  • Best practice indicates the following steps to protect your data from ransomware:
  • Backup your data locally and in the cloud. This will make it easier to repair and backup your information if attacked. Storing your information in the cloud gives an extra layer of protection and redundancy.
    • Have multiple backups in case one is infected. Backups should be stored in a way they are not accessible to ransomware. One method should be stored offline if possible. 3-2-1 is a practice where there are three copies of each file. Two are on different physical devices and one located off-site.
    • Use dynamic controls to segregate your network into zones that require different credentials for each.
    • Have an early detection system. Install ransomware protection software to identify potential attacks early.
    • Use email best practices along with spam filtering.
    • Download all patches and security updates. The best way to do this is by automation, then you do not have to manually install each update.
    • Run frequently scheduled scans of your network.
    • Encrypt all files on your computer including files on external hard drives and shared network spaces.
  • Just because data is being stored in a cloud does not mean it is automatically safe. If the cloud drive is mounted to the operating system, it is at risk for ransomware. Cloud backup services that use an application program interface (API) rather than a mounted drive are safer. With this method, you can mount, then unmount the cloud drive each time you access it.
  • Employees should be aware of the dangers associated with clicking on links and attachments in email. They should make sure they know the sender. The spam folder is there for protection, do not open attachments if the sender is not verified.
  • Employees should also be aware of their social media habits. Hackers will scour social media to find work-related information to use in an attack.
  • When laptops are used employees should be aware of the need to keep the machine password protected, stay away from public WIFI, and keep the machine with them at all times.

COMPLIANCE

  • With all the recent data breaches, it is not a surprise that compliance is a trending topic. Consumers want oversight of their data. New regulations like the General Data Protection Regulation (GDPR) have made it necessary to take precautions so they conform to privacy laws.
  • Depending on the type of business, some companies must deal with multiple compliance laws. If these laws are not followed, fines and even jail time can be possible.
  • Laws regarding how long information must be stored has also affected how we take on compliance from a data storage and backup mindset. Not only do we need to store this information, but we also need to protect it.
  • Compliance rules put a huge strain on backup and recovery. In addition to handling the data requirements of day to day business, a business must also handle storing and protecting large amounts of data for compliance.
  • Any data strategies for data storage must take compliance into account. Compliance laws not only affect what information is stored but where it can be stored. (data sovereignty).
  • Appropriate controls should be in place to keep unauthorized employees from accessing information. Encryption and authentication policies can help protect this information.
  • Data mapping and classification can help one to understand how information that is covered by compliance laws moves and is stored. It is impossible to protect information if one does not understand what the information is, where it is stored and how it moves. This step will let a business develop policies that will keep them compliant.
  • Set procedures in place to make sure this information is regularly monitored, tested, and audited, and make changes is necessary.
  • Simply storing information in the cloud is not enough protection for compliance. 83% of business professionals questioned in a Computer Weekly survey believed cloud storage would protect their data. One should make sure their SaaS provider is adhering to their own data compliance policies (ISO27001).

RESEARCH STRATEGY

To determine trends, we consulted reputable sources for data storage, backup, and recovery. We included research on topics that were mentioned multiple times across several platforms by leading names in the industry.
Part
03
of three
Part
03

Optimizing Production Workloads through IT

Among the current trends in workload optimization, particularly regarding IT storage, are the rise of AI-driven workload automation (WLA), a shift from local servers to the cloud, a shift from traditional business silos to "the edge," better alignment between IT and the business needs, and broader use of data analytics. The chief challenge to overcome is an increasing talent gap as the limited pool of IT generalists are acquired by the largest organizations.

WORKLOAD AUTOMATION

  • Leading AI analyst Robert Naegle states, "Workload Automation tools can help reduce the cost of operations by automating many manual processes, reducing redundancy, eliminating duplication and human errors, and by making systems more agile."
  • In particular, being the most logical tool for managing repetitive tasks, workload automation (WLA) tools are ideal for managing the large amount of data "that needs to be encrypted, decrypted, transferred, and stored."
  • Ultimately, workload automation will depend on AI and machine learning systems, which are needed "to leverage both hardware and software understanding to deliver the performance and support customers expect."
  • AI workload optimization platforms are fast becoming "self-healing, self-managing, self-securing, self-repairing, and self-optimizing."
  • However, paradoxically, AI workloads themselves are consuming more and more IT infrastructure resources.
  • A case-study detailing the results of the development of the Cisco Workload Optimization Manager notes a "30% reduction in resources required for Microsoft systems, and a 15% reduction for VMware" as a result of even semi-automating the process.

A SHIFT TO THE CLOUD

  • WLA tools have a "vital role" in managing cloud and/or virtual resources to manage ever-increasing workloads.
  • While on-premise servers are still the most common way to host workload automation (WLA) at 55%, "private cloud is a close second."
  • Enterprise Management Associates (EMA) believes that within three years, private cloud will become "the most common environment" for WLA and SaaS will become the second most common within five years.
  • Likewise, 451 Research has estimated that by the end of 2019, "60% of IT workloads will run in the cloud."

FROM THE SILO TO THE EDGE

  • Edge data centers are smaller facilities which, being positioned nearer to the end users, "extend the edge of the network to deliver cloud computing resources and cached streaming content to local end users."
  • Data is moving from a silo format to the edge, pushing data closer to the end users and enabling the implementation of new technologies, "such as artificial intelligence and the internet of things (IoT), which take advantage of higher processing features."
  • IoT gateways, which can connect the edge data to other data centers and networks "while also monitoring the entire process and handling storage and compute concerns," and thus are expected to have a major role in the edge.

AUTOMATIC ALIGNMENT WITH BUSINESS OUTCOMES

  • Over “the last five years,” WLA groups have seen an increase in “business awareness,” better able to quantify the business impact and costs of potential workflow failures.
  • To better manage workloads, the majority of respondents to an Enterprise Management Associates (EMA) survey “want to manage Service Level Agreements (SLAs) within the WLA software and this is an upward trend that EMA expects to continue.”
  • However, 17% note that they had discontinued self-service portals that they had previously offered to their clients due to a lack of use, indicating a need to “actively inform business users of the benefits of the self-service portal for its use to be adopted.”
  • As data storage "shifts to strategic applications," the channel partners who will be those who "demonstrate the ability to drive performance gains in storage installations."

BROADER USE OF DATA ANALYTICS


AN AGING IT TALENT POOL

  • IT generalists are "often scooped up by larger organizations or service providers." Consequently, smaller organizations face the problems of an aging IT talent pool and a resultant skills gap that may "hamper future enterprise development."
  • This talent gap in the generalist market, and the difficulties in retaining the right mix in one's engineering staff, has been noted by multiple sources.
  • To offset these issues, experts recommend diversifying the company's talent pool and "expand outside of the normal realm for potential hires."

RESEARCH STRATEGY

We began our research by seeking credible, neutral sources which provided perspective on current trends and challenges in workload optimization. Pursuant to the clarification provided, we paid particular attention to articles that specifically refer to "IT storage" in connection with workload optimization, but ultimately had to make judgment calls about whether particular trends would be relevant to data storage solutions. However, we did keep some baseline criteria in mind. Primarily, we looked for trends mentioned in multiple, credible sources, whether in name (preferably) or at least in concept. As our understanding of the trends and challenges in workload optimization developed, we expanded the range of our research, e.g., digging into workload automation, or WLA, along with workload optimization. Likewise, discovering that EMA was cited as a credible source by several experts gave more weight to their opinions and we began seeking them out even though in most cases the referenced reports were not in the public domain and we had to rely on secondary sources.

While we have utilized some information from what might be considered biased sources-namely, SaaS companies selling their own workload optimization solutions-we did not accept any "trend" that was only or primarily discussed by those companies. Very obviously, they would have a motivation to launch new "trends" that just so happen to fit with their products. Even so, because of the technical nature of the business, we found that many of the best layman's-terms articles on the subject were written by IT companies as a part of their marketing efforts. These have helped to inform our understanding of said trends and, consequently, several appear in our citations.

Sources
Sources

From Part 02
Quotes
  • "Appliances and Automation The need for automation across the board is here now. The days of tape and manual backup should be a thing of the past, or at least in a cloud conversion strategy. And, all backup should have some type of automation process in place. With potential security breaches constantly looming, it is now more important than ever to automate critical backup processes. Rather than leave it to chance that employees remember to engage the backup, there are many great solutions out there with complete automation."
  • "Appliance-based backup with geo-redundant cloud storage is the current trend. Solutions like this offer automatic back-ups to ensure you can restore cloud data no matter what happens to it, from malicious attacks to careless employees. Everything is backed up to numerous data centers and anything can be restored, no matter who did what or when. It allows companies to keep control of critical business data while enjoying the scalability, cost-effectiveness, and flexibility of SaaS solutions. This type of backup solution will also help prevent data loss and downtime."
  • "For instance, let’s say something happens to your entire infrastructure. There’s a flood in your building or there is a fire. Because of scheduled daily backups, all the data can now be housed on servers in separate geo locations. In this case, all your employees could work remotely as those servers in either data center could be turned on immediately. And, instead of there being a week or more of downtime to restore the servers onsite, it takes just a couple of hours to restore the data."
  • "Implementation of Artificial Intelligence The traditional approach to data centers is changing rapidly, and artificial intelligence (AI) is increasingly playing a role in its design and development. The influence of AI will be one of the popular trends in 2019 in a wide range of areas, but its influence will be particularly strong within the data center. "
  • "The implementation of AI creates numerous new benefits to the end user. As AI is implemented, the data center will become more energy efficient. To this end, Google reported that it was able to cut its energy usage by 40 percent by using AI. And that’s just the beginning."
  • "Benefits of AI in the data center include: The ability to modernize operations by analyzing data more quickly Elimination of inefficiencies in server usage by distributing workloads across servers Opportunities to reduce power consumption while at the same time increasing performance Better security by monitoring systems 24/7 and staying ahead of the curve on threats"
  • "Adopting Flash Through continuing evolution, flash’s solid-state drive (SSD) is becoming increasingly critical in the memory and storage hierarchy of systems. Used onsite, in a cloud environment or as part of a hybrid system architecture, flash has numerous benefits in terms of speed and efficiency."
  • "Today, thanks to its growing sophistication, flash can deliver information in real time (or near real time) and has distinct advantages over hard disk drives (HDDs) in terms of power and cost of ownership."
  • "As prices continue to fall and improvements in SSD performance continue, the all-flash array has become a viable contender to replace the traditional HDD infrastructure. In 2019, look for flash to become an even stronger player and gain more credibility as an HDD alternative. "
  • "Progressive Data Protection When we think of data protection, we think of the ability to backup and restore. Today’s data protection goes well above this way of thinking. This is where you need to focus on how to leverage secondary storage, whether it be backups, replicas or snapshot, to be used to optimize your data and protect your business from potential data breaches. "
  • "While in the past, copies may have been viewed as a liability, they are now an asset. Having data backups and replicas provide you with confidence that your data is secure—off-site—should you need to access it or restore the data. And, now you have the added benefit of the ability to take secondary data and use it for DevOps, analytics and testing workloads."
Quotes
  • "Multi-cloud protection The biggest of the data protection trends for 2019 is going to be increased acceptance of multi-cloud. Multi-cloud is nothing new, but there are still a number of backup providers that specialize in backing up to or from one specific cloud. Eventually, however, such providers are going to be left out in the cold unless they embrace the multi-cloud trend."
  • "Backup providers and network administrators alike will need to place an increased emphasis on cross-cloud, software-defined networking. This will be essential if an organization is to centrally manage its backup operations. It's one thing to set up a virtual backup appliance in the AWS cloud and set up another virtual backup appliance in a different cloud, such as Microsoft Azure. It is quite another thing for those virtual backup appliances to be able to communicate with one another and for a backup administrator to be able to centrally manage all of an organization's cloud backups."
  • "To put it another way, backup software will need to become cloud-agnostic. "
  • "Better support for SaaS Over the last year or two, companies have finally woken up to the idea that the data within their SaaS applications needs to be backed up. Even so, support for backing up SaaS applications still leaves a lot to be desired. In the case of Microsoft Office 365, for example, backup providers commonly offer protection for Exchange Online, SharePoint Online and OneDrive for Business, but support for lesser-known Office 365 applications, such as Flow, Planner and Stream, is almost nonexistent."
  • "Over the next year, I look for backup vendors to provide more comprehensive support for SaaS applications. In fact, given these data protection trends, backup vendors may even begin competing with one another based on the number of applications that they are able to protect."
  • "Hyper-convergence Although most of the talk about data protection trends these days centers on cloud backup, hyper-convergence has gained significant traction over the last year for its use as a backup platform. I look for hyper-converged systems to become the go-to platform for organizations that are creating backups on premises."
Quotes
  • "Data growth is climbing at exponential rates. Not only are we collecting more data through IoT devices and other collectors, but the size of our data files is also increasing. This year, 27% of the respondents reported having over 100TB of data, which is more than double the percentage from 2016."
  • "Data loss is still a problem: Although we have a plethora of technology available to prevent this problem, over the last three years the survey has shown that the percentage of companies that have experienced data loss has not changed at all. For each of the three years the survey has been conducted, 30% of the respondents reported they had some form of data loss in that year. Causes for the data loss can range from ransomware, natural disasters, and more."
  • "The survey showed that even businesses that still have onsite infrastructure are relying less on physical media for their backups, and hosting backups in the cloud. The cost of physical storage, storing the physical media, and transportation to offsite locations is fueling this shift. The survey reports that more organizations are storing backups in the cloud (36%) than using physical media (disk to tape, removable, tape) combined (31%). "
  • "The cost of cloud storage has declined over the last few years and organizations are taking advantage of it to make cloud the most widely used long-term retention option in 2018."
  • "The survey says 22% more companies use the cloud for DR /BC now than they did in 2016. "
  • " In 2016, 55% of respondents said they had no plans to use the cloud, and that number has dropped significantly to less than 35%. "
Quotes
  • "Failover to the cloud Restoring data is crucial, but data can be useless if applications are unavailable. Failing over applications to the cloud ensures that high priority applications keep running with little to no downtime. Replicating VMware and Hyper-V virtual machines to the cloud is the key, and users also want secure user access and simplified management. It is imperative for a comprehensive data availability and DR strategy to support failover and failback operations for one virtual machine to several VMs. "
  • "Depending on the scale of a production site disaster, it is advisable to have full site failover or partial site failover backup and replication choices. The key benefit when you perform cloud failover is replicated VMs on the cloud host take over the role of the original VM allowing for continuous business sustainability. "
  • "Ransomware is one of the world’s biggest threats to cybersecurity because it’s simple for hackers to do -- there are even sites where attackers can buy pre-built ransomware. Falling prey to a ransomware attack is expensive: Cybersecurity Venturespredicts ransomware damages will claw their way to $11.5 billion in 2019. "
  • "Restoring from backup is a good way to defeat the attack unless you are caught in an attack loop. The loop occurs when the infection enters networks and spreads to data that is then backed up. Ransomware-as-a-Service breaks the attack loop by detecting, capturing, and quarantining infected files that enter the backup stream before they reach the backed up storage. "
  • "The only connection that the service allows to backup storage is through the protected backup stream. Moreover, if infected data already exists in backup storage, the service disables file restore. "
Quotes
  • "Managing the Growth of Data Volume In this age of information, the size and volume of data are amplified in almost every organization. Companies are overwhelmed with data, making it extremely complex to analyze, consume, interpret, and more importantly, store it without compromising on its integrity."
  • "Data management becomes even more challenging for large-scale businesses, multi-national organizations (MNCs) and those organizations which operate in heavily regulated industries such as healthcare, finance, pharmaceuticals, and those covering different industry verticals."
  • "Moreover, the introduction of big data and Internet of Things (IoT) has further accelerated the growth of data, which is surpassing the capacity of normal computing. Thus, the traditional techniques of data backup are inadequate and unable to serve as an effective data contingency strategy. Consequently, data administrators are switching towards cloud data management for optimal backup capacity and performance."
  • "Handling a Variety of Data If we go back a decade ago, data usually consisted of documents, spreadsheets, pictures and media content with minimal storage requirements. This type of data still exists, however, it requires a substantially large amount of storage space compared to its predecessors due to its superior quality. For instance, files which previously required a few kilobytes of storage now need several megabytes of storage."
  • "When we talk about companies, they are dealing with multiple data channels which handle all sorts of data formats, therefore, they need comprehensive online backup solutions to manage their workflow and store data securely. "
  • "Maintaining Large Databases It’s not just documents and multimedia files that have contributed to data amplification, but large databases, which contain hundreds of TBs of data, especially when we talk about large enterprises. These databases store multitudes of data variants including auditing data, performance data, logging data, diagnostic data, and different types of confidential and important information."
  • "Moreover, businesses are leveraging big data, which is large sets of unstructured data, to gain valuable insight into different aspects of business such as consumer behavior, market trends, and risk analysis, amongst others. Due to widespread interest in analytics of big data, enterprises have started storing practically every conceivable piece of data in their databases, augmenting the requirements of a comprehensive disaster recovery plan."
  • "Compliance with Regulations and Good Governance In light of recent scandals of Cambridge Analytica, Facebook, and Google data privacy, there has been increased scrutiny and demand for oversight on user data. Moreover, the introduction of General Data Protection Regulation (GDPR) on data protection and privacy has further prompted organizations to take preventative measures to conform to privacy laws and regulations to ensure confidentiality and integrity of their data. "
  • "The long-term retention of data might have become easier due to digitalisation, but the amount of storage they require increases the data burden for them i.e. the increase in total volume to preserve, means higher amount of data to protect. Therefore, organizations mitigate the risk by using professional companies who offer backup as a service (BaaS) to maintain a secure backup of their data."
Quotes
  • "“Software as a service” (SaaS) is becoming an increasingly viable choice for organizations looking for the accessibility and versatility of software solutions and data analysis tools without the need to rely on installing and running applications on their own computer systems and data centers."
  • "SaaS is taking over the cloud computing market – in fact, according to a study from IDC, SaaS will account for roughly 60% of public cloud spending by 2020. Moreover, 73% of organizations state that almost all of their apps will be SaaS-powered by 2020, according to Kahootz. "
  • "SaaS is a software distribution model that offers a lot of agility and cost-effectiveness for companies, which is why it’s such a reliable option for numerous business models and industries. It’s also popular amongst businesses for its simplicity and user accessibility, security, and the widespread connectivity that serves to streamline business models, resulting in maximum efficiency across the board. "
  • "SaaS: The Key Characteristics Flexible payment options: Businesses don’t have to go through the expense of purchasing software and hardware. Instead, they have the option of utilizing various pricing structures. Flexibility in payment models, where they only pay for the resource usage they need, for instance, is attractive for many organizations in today’s competitive world."
  • "Scalability: Cloud-based SaaS enables businesses to expand with ease due to its inherent scalability. Companies can be selective about the types of features and options they want."
  • "Updates: SaaS providers handle the necessary software updates and develop new features over time, so businesses don’t have to invest ample amounts of time in this particular area of operation."
  • "Accessibility: With SaaS, businesses have the mobility of accessing applications from any digital device and location, making it especially convenient for mobile platforms. Additionally, it boasts ease-of-use and is user-friendly."
  • "Increased collaboration: SaaS developments enhance a business’s ability to promote collaboration across teams and departments due to the facilitation of file sharing, in addition to a distinct ease of reading and understanding across systems."
  • "Security: Most SaaS models are known for their enterprise-level security, which is a more holistic approach to security than many centralized, on-premise solutions. In Cloud SaaS, pre-existing disaster recovery protocols are in place to manage potential system failures. This means that your business’s data is available and secure regardless of a data breach or system failure."
  • "Even if figures diverge somewhat, the many forecasts conducted on SaaS industry trends 2019 demonstrate an obvious reality: the SaaS market is going to get bigger and bigger. Indeed, according to Forbes, public cloud platforms, business services, and applications (SaaS) will all grow at a 22% CAGR (Compound Annual Growth Rate) between 2015 and 2020, reaching $236 billion"
  • "A Betterbuys.com report reveals that the specific expenditure in the U.S. SaaS Industry is forecasted to reach $55 billion by 2026. And according to Gartner, the global public cloud service market is projected to grow 17.3% in 2019 to total $206.2 billion, up from $175.8 billion in 2018. "
  • "Artificial Intelligence Artificial Intelligence (AI) technologies are becoming more widespread; 81% of the world’s IT leaders are already working on developing AI systems. AI optimizes businesses processes, increasing productivity and efficiency while automating repetitive tasks and supporting human capabilities."
  • "-Automation: Machine Learning, a subset of AI, is utilized in SaaS to automate responsiveness in customer service reports and applications, such as AI-powered chat operations with live chatbots. It will also automate the onboarding process of SaaS. -Personalization: Software is easier to use with technologies such as Natural Language Processing (NLP), which automatically processes human speech patterns, and voice control. This can be deployed across customer service functionality to improve customization and better address client needs. -Speed: Artificial Intelligence-enabled SaaS speeds up internal processes and operations, allowing businesses to obtain fast answers to questions, make quick forecasts, and speed up their overall level of responsiveness. -Security: Due to Artificial Intelligence-enabled automation, and the ability of Machine Learning to recognize patterns, SaaS security is enhanced by the quick identification and remedy of potential threats with built-in self-recovery."
  • "Micro-SaaS Typically, micro-SaaS businesses are run by a small team, sometimes even by one or two people. Micro-SaaS products are usually complementary add-ons to existing platforms or developments, created with the aim of improving a missing feature or enhancing an existing SaaS product."
Quotes
  • "AI and machine learning has already been a growing trend in SaaS but as B2B customers catch on to the need in their own industries, it will become an even bigger focus for SaaS companies. It’s not only a selling point but an expectation. Many companies want to automate processes as much as possible for their employees to improve productivity and cut time spent on non-value adding tasks."
  • "Many e-Commerce companies are seeing the importance of mass personalization in their sales and marketing strategies. Therefore, machine learning for marketing and sales SaaS products will become the key selling point that companies are willing to pay for"
Quotes
  • "Micro-SaaS -smaller tools that provide one important function and are run by a smaller team, rather than large platforms. They may come in the form of add-ons, extensions, or accessories to other tools and platforms. This includes plugins and extensions for platforms like WordPress or social platforms like Instagram. "
Quotes
  • "Cyber attacks against businesses of all sizes are on the rise and doing more damage than ever. But there are also physical threats your data faces, too. A fire, flood or other natural disaster can wreak havoc on your data and make recovery virtually impossible unless you have a backup plan in place. What is your business doing to protect your data?"
  • "Appliances & Automation The days of tape and manual backup should be a thing of the past by now. Rather than leave it to chance that employees remember to engage the backup, there are many great solutions out there with complete automation"
  • "The trend is now on appliance-based backup with geo redundant cloud storage. Solutions like this offer automatic backups to ensure you can restore cloud data no matter what happens to it, from malicious attacks to forgetful or careless employees. Everything is backed up to numerous data centers and anything can be restored, preventing data loss and downtime."
  • "For instance, let’s say something happens to your entire infrastructure, such as a flood or fire in your building. Because of scheduled, automated daily backups, all your data is housed on servers in separate geo locations. This also means your employees could work remotely, as those servers in either data center could be turned on immediately."
  • "Adopting Flash With continued evolution that is giving it many advantages over hard disk drives (HDDs), flash solid-state drives (SSDs) are becoming increasingly critical in the memory and storage hierarchy of systems. Used onsite, in a cloud environment or as part of a hybrid system architecture, flash has numerous benefits in terms of speed and efficiency."
  • "Today, thanks to its growing sophistication, flash can deliver information in real time (or near real time) and has distinct advantages over HDDs in terms of power and cost of ownership."
Quotes
  • "The FBI reports that ransomware attacks in 2017 cost US consumers more than $1.4 billion. The city of Atlanta can attest to that. City officials spent at least $2.6 million in March and April to repair damage caused by a ransomware attack. Baltimore's 911 emergency system sustained a similar attack soon after. "
Quotes
  • "50% of a surveyed 582 cybersecurity professionals do not believe their organization is prepared to repel a ransomware attack. (Source: Pwnie Express)"
  • "75% of companies infected with ransomware were running up-to-date endpoint protection. (Source: Sophos) "
  • "The average cost of a ransomware attack on businesses was $133,000. (Source: Sophos) "
  • "81 % of cybersecurity experts believe there will be a record number of ransomware attacks in 2019. "
Quotes
  • "Ransomware is on the rise with an increase of nearly 750 percent in the last year."
  • "Cybercrime related damages are expected to hit $6 trillion by 2021. "
  • "How To Avoid & Prevent Ransomware 1. Backup Your Systems, Locally & In The Cloud First, it will keep your information backed up in a safe area that hackers cannot easily access. Secondly, it will make it easier for you to wipe your old system and repair with backup files in case of an attack."
  • "Failure to back up your system can cause irreparable damage. Use a cloud backup solution to protect your data. By protecting your data in the cloud, you keep it safe from infection by ransomware. Cloud backups introduce redundancy and add an extra layer of protection. Have multiple backups just in case the last back up got overwritten with encrypted ransomware files."
  • "2. Segment Network Access Limit the data an attacker can access. With dynamic control access, you help ensure that your entire network security is not compromised in a single attack. Segregate your network into distinct zones each requiring different credentials."
  • "3. Early Threat Detection Systems You can install ransomware protection software that will help identify potential attacks. Early unified threat management programs can find intrusions as they happen and prevent them. These programs often offer gateway antivirus software as well."
  • "Also, use email security best practices and spam filtering to keep unwanted attachments from showing up in your email inbox. "
  • "Make sure to download and install any software updates or patches for systems you use. These updates improve how well your computers work, and they also repair vulnerable spots in security. This can help you keep out attackers who might want to exploit software vulnerabilities. "
  • "You can even use software designed to detect attacks after they have begun so the user can take measures to stop it. This can include removing the computer from the network, initiating a scan, and notifying the IT department."
  • "4. Install Anti Malware / Ransomware Software Don’t assume you have the latest antivirus to protect against ransomware. Your security software should consist of antivirus, anti-malware, and anti ransomware protection. It is also crucial to regularly update your virus definitions."
  • "5. Run Frequent Scheduled Security Scans All the security software on your system does no good if you aren’t running scans on your computers and mobile devices regularly. These scans are your second layer of defense in the security software. They detect threats that your real-time checker may not be able to find."
Quotes
  • "Files on a computer's hard drive are encrypted, including attached storage devices such as external hard drives and network shared storage spaces. Ransomware is extremely problematic for networks with more than one PC, as it is designed to spread as quickly as possible, which then increases the chance that ransom will be paid to unlock files."
  • "One is that backups must be made regularly (daily or every other day) - this requires proper planning and available storage space for backups. Ideally there should be at least 2 or more backup sets per system in case one of the backup sets is corrupted, or if one set has missing data because a file or folder may have been accidentally deleted by a user the day or week prior."
  • "Secondly, backups must be stored in a manner that they are not accessible to ransomware, otherwise ransomware will simply spread to the backups. "
  • "In the past it's been widely accepted to run an automated backup on schedule, which typically stores backed up data onto an attached external drive, or in a centralized network location (server or NAS device). This approach is no longer viable because as long as the backup device is accessible, it can be encrypted by ransomware."
  • "Having data stored "on the cloud" does not mean the data is safe. "
  • "The reasoning is that if the cloud drive is mounted to the operating system and accessible to the user, it is also accessible to ransomware which runs under the user's account and access rights. In Bob's case, ransomware spread to his OneDrive which was shared with his clients. "
  • "That said, there are cloud backup services that use an API (application program interface), rather than an always-mounted drive option. Essentially, this allows you to "mount" the cloud drive and then "unmount" it afterward, physically detaching it from the system. This can significantly reduce the risk of ransomware spreading to your backups. I will discuss this option further down. "
  • "Storing backups offline is the only sure-fire way to stop ransomware spreading to backups, as ransomware cannot "leap" to a drive that is not connected to the system. However this is problematic in an environment where backups must be automated on schedule, especially in a corporate environment. "
Quotes
  • "1. Ensure antivirus is installed and up to date across all endpoints within the business. Keep in mind, AV is based on signatures so new variants may and will slip through the cracks, but this could easily be a first line of defense. "
  • "Additionally, it’s best to have a multi-faceted security solution that employs additional protective technologies such as heuristics, firewalls, behavioral-based threat prevention, etc. "
  • "Establish security awareness campaigns that stress the avoidance of clicking on links and attachments in email. I literally ask myself these questions when receiving an email message with a link or an attached file: 1) Do I know the sender? 2) Do I really need to open that file or go to that link? 3) Did I really order something from FedEx?? Phishing is a common entrance vector for ransomware and because most end users never think twice, it’s extremely successful. DO NOT open emails in the spam folder or emails whose recipients you do not know. DO NOT open attachments in emails of unknown origin. Use a reputable antivirus software - we recommend Kaspersky, which ranked the highest in our tests."
  • "Backup the data. There are a ton of options here, from backing up to cloud providers to local storage devices or even network attached drives, but each comes with a certain level of risk. It’s imperative to remove the external storage device once a backup has been taken so that if ransomware does infect the computer, it won’t be able to touch the backup. "
  • " The best defense against ransomware is to backup all of your data each day. In fact, my rule is to have three backup copies using two different formats with one off site. "
  • "Most ransomware is delivered by spear phishing. Often the spear phishing is facilitated by information gathered through social media. Have a social media policy in place that limits work-related information, such as job titles from being posted on social media. In addition, have an ongoing education program for all employees about how to recognize and avoid spear phishing. "
  • "Humans need to be trained -- they are the weakest link. Companies should employ at minimum a bi-annual training geared towards each user group (end-users, IT staff, managers, etc.) so that everyone is aware of the latest attacks. "
Quotes
  • "Control data growth- A modern backup-and-recovery solution must be highly scalable, so your organization doesn’t need to continually add hardware to support growing workloads. The ability to conduct backups along multiple paths in parallel between servers and backup hosts, for example, is important in dealing with ever-larger backup jobs. "
  • "A modern approach to backup and recovery should also enable you to minimize the amount of data you’re processing, such as by capturing only data that’s changed since the last backup or by using advanced data deduplication capabilities to prevent the same data from being backed up multiple times. It’s important to have a solution that can monitor and evaluate data as it’s being backed up to help administrators understand how it’s being used, how frequently the data is accessed, what data is orphaned, and so on, to help optimize data use and storage."
  • "Automate operations A high level of automation is also important for creating efficiency in backup-and-recovery operations. Look to automate in at least two critical areas. One is policy-based automation, where you can define policies within the backup-and-recovery tool detailing the level of protection for various resources. "
  • "Policies will cover issues such as how frequently backups should occur, how long to retain the data (keeping in mind various compliance requirements), the destination (local or off-site) to which the data is replicated, and so on."
  • " Automation also plays a key role between the backup solution and other systems and processes on an API level. Integrating a backup solution with a trouble-ticketing system, for example, would enable the system to automatically create a trouble ticket whenever a backup problem occurs."
Quotes
  • "AI and machine learning have traditionally been used for ransomware detection in storage and backup, but the tech has also been used to generate intelligent, actionable recommendations. "
  • "Analytics driven by AI and machine learning can help with operations such as predicting future storage usage; flagging inactive or infrequently used data for lower storage tiers; and identifying potential compliance risks, like personally identifiable information. "
  • "In 2018, vendors launched products using AI and machine learning to guide IT decision-making. Imanis Data Management Platform 4.0's SmartPolicies can generate optimized backup schedules based on the desired recovery point objective set by the user. Commvault planned to update its interface with embedded predictive analyses regarding storage consumption by the end of 2018. Igneous Systems announced DataDiscover and DataFlow, which index and categorize unstructured data and move it around intelligently."
  • " This is because the technology is especially useful in optimizing storage, specifically when it comes to tiering. One of the major changes the adoption of AI and machine learning will bring in IT operations is the need to redefine parameters for storage tiers, thereby laying the groundwork for where algorithms deploy the data."
  • "It would make the most logical sense if storage can go to five or six different platforms, but that's complicated," Yuen said. "But if AI and [machine learning] can do that for you, wouldn't you want to take advantage of all those different options based on what the cost/performance metric is?" "
Quotes
  • "The idea of 3-2-1 is to have three copies of every file, two of which are on different physical devices, and one of which is located off-site. Our guy didn't have that. He counted entirely on one NAS for all his backups. He has an offsite backup, but it hadn't been updated."
Quotes
  • "Speed of data access is a critical parameter for enterprises to evaluate different options on, particularly while making enterprise-level data storage method decisions. In solid-state devices, the performance is governed by the time taken for the read/write head to move from one position to another. For even the best-performing HDDs, this time comes to be around 5 milliseconds. Flash storage devices perform much better."
  • "Flash devices can reduce the access time to as little as 20 microseconds. Theoretically, that's 250 times faster than HDDs. However, on a more realistic basis, it's estimated that flash storage devices are close to 100 times faster than comparable HDDs. "
  • "With every year, technological advancements and innovations by market leaders in flash storage market are driving performance ratings up. Flash drives enable quick boot up of machines, which is a critical requirement in enterprises with hundreds, if not thousands of devices. In networks with a large number of users, flash storage can perform much better than any other storage medium, as far as data operation efficiency is concerned. "
  • "Businesses, in particular, need a lot more control over their data than the cloud offers, at least for some components of their business-critical data. This makes options such as flash storage and hard disk drives useful for enterprises. "
  • "Among these, flash drives present significant benefits, because they don't have any moving parts, and hence perform the data operations electronically and silently."
  • "Safety of the storage media Inherently, flash storage devices are much safer than solid-state devices. HDDs have many moving parts. They're prone to two kinds of spontaneous breakages: Scratching of the disk. Breaking of the drive head. Particularly when they're subjected to a lot of read/write requests, HDDs tend to falter and break down. For an enterprise, this could be catastrophic. Recovery of data from a physically damaged HDD is not only very difficult but can be highly expensive."
  • "Flash drives, over the past few years, have established a strong reputation for device stability and durability, and there's little to zero risk of any spontaneous damages occurring to these devices. This makes them a reliable mechanism of data archival and storage within a business setting."
  • "Many of these will be handheld devices, and much like the current breed of handheld devices (smartphones and tablets), they will also use flash storage. Not only does flash storage mean future-readiness for enterprises, but also implies current portability of data assets. For large enterprises, this even boils down to smaller and more easily manageable server rooms. "
Quotes
  • "For example, the Sarbanes-Oxley Act, often shortened to SOX or Sarbox, requires public accounting firms to retain documentation pertaining to audits for seven years. Public companies must hang onto their payroll documents for seven years but their purchase orders for five years. Failure to meet these obligations can result in fines, jail time, or both. "
  • "GDPR has the IT industry abuzz, and with good reason. Not only do the European Union's new stringent data privacy regulation affect organizations based in the region, it also applies to enterprises that do business there. GDPR compliance involves classifying, protecting and keeping track of personally identifiable information on EU users. In some cases, it also involves being able to package and supply that information to users in a timely manner and purging it from an organization's systems if requested. This puts pressure on storage administrators. Not only must they ensure that their storage infrastructures can handle an organization's day-to-day business, but that they have the appropriate access controls and data lifecycle management capabilities to support the regulation's various provisions. "
  • "It should come as no surprise, then, that regulatory compliance has a major impact on an organization's overall data storage strategy. "
  • "Data compliance generally involves strict access control and authentication policies, ensuring that sensitive data isn't plucked off a drive by unauthorized persons or applications. Encryption is another popular method of keeping regulated information out of the wrong hands, often requiring that storage arrays and other systems support cryptography schemes while delivering acceptable performance. "
  • "First, know your obligations. This means knowing which regulations apply to your organization and which types of data you're expected to manage (or not), how long to retain it and how to protect it. Your compliance officers should help in this regard. "
  • "Focus on data classification and data mapping. Data classification and data mapping are crucial in discovering the types of information that are being held in your storage systems and how they are being moved across the network. Not only are they essential factors in determining how regulated information is stored, but also a solid step in establishing compliant policies. "
  • "Continual monitoring. Storage compliance is not a set-and-forget affair. Continual monitoring is key in ensuring that regulated data is properly cared for during its lifecycle. Procedures must be in place to make sure this monitoring happens regularly."
  • "More than security. Security and storage often go hand-in-hand, but storage compliance takes it to another level. Encryption will help, and many storage solutions feature support for the security-enhancing technology, giving both storage and security professionals one less thing to worry about. "
  • "Critical: Testing and audits. Testing and audits will ensure that your compliance policies and IT mechanisms are up to the task. It's best to work out the kinks now before having to explain to investigators why sought-after emails or transaction records have gone missing. "
Quotes
  • "A recent survey found that more than one in four businesses intend to move all IT infrastructure and workloads to the cloud in the next 12 to 24 months."
  • "Meanwhile, 83% of those questioned – in research by backup software maker Veritas – think cloud service providers will protect clients’ data."
  • "But, for compliance the key issues facing chief information officers and security officers are what types of data the organisation stores, and where that data is. Organisations that run their own in-house databases, archives and storage systems should be in a position to identify the location of most, hopefully all, of their data. "
  • "They can specify the location of systems and datacentres, and set up IT so that data restricted to a certain geography – say, the EU – is stored and processed within that geography. Breaking out personal data from other business information should, equally, be feasible with good IT controls."
  • "Unless an organisation is large enough to pay for a private cloud system – or possibly several geographically-dispersed private clouds – they will be handing data over to their cloud service providers to store as they see fit. This creates a challenge around “data sovereignty” and knowing where data is at any moment in time. "
  • "Fortunately, there are steps organisations can take to address the pitfalls of cloud compliance. The first and most drastic is to restrict use of the cloud or limit its use to specific providers with robust and transparent policies on data geolocation."
  • "But, for organisations that do need to use the public cloud – ie, those with a multi-vendor strategy – the next step is to carry out a careful audit of all data to ensure personal data is identified, tracked, and data sovereignty policies enforced."
  • "Client-based encryption is recommended good practice, as it reduces the risk of data loss if a cloud service is hacked and cuts the risk of losing data in transit, even if it does not address data sovereignty."
  • "Boards should also scrutinise their cloud service providers, including SaaS platforms, for adherence to their own data compliance policies and standards such as ISO27001."
Quotes
  • "Employee Error Even if an IT department puts in place firewalls, intrusion detection and prevention systems, and other security measures to safeguard its networks, the company can still find itself out of regulatory compliance if its employees innocently mishandle the company’s regulated data. Examples include employees leaving personal customer or patient data on unsecured computers or printed out on hardcopies that can be viewed or grabbed by personnel not authorized to view that data. They could also include employees falling for phishing or other hacker ruses to illegally obtain access to regulated data. "
  • "The key measure here is proper training of your staff. Every employee who handles or has access to company data that falls under federal regulation needs to know how to protect that data. "
  • "Employees carrying laptops anywhere need to keep those machines password-protected, physically under their care at all times and away from public WiFi hotspots, such as coffee houses, whenever possible. Another security measure that experts suggest is to issue employees travel-only laptops — which are capable of performing the employees’ specific job tasks but limit access to the company’s network and do not store regulated data. "