Virtualization Technology News and Information
Article
RSS
VMblog Expert Interview: Keepit Talks Data Protection and Data Loss

interview-keepit-vaningren 

Keepit, a vendor-neutral and independent cloud dedicated to Software-as-a-Service (SaaS) data protection based on a blockchain-verified solution, recently concluded research to help identify proactive and reactive strategies employed by organizations to guard against the ransomware threat, analyze ransomware mitigation best practices and identify how organizations are prioritizing and planning to mitigate the ransomware threat in the coming 12 to 18 months.

To learn more about what's going on with cloud and security, VMblog reached out to industry expert Niels van Ingen, Chief Customer Officer and VP of Business Development at Keepit.

VMblog:  Why do organizations tend to assume that SaaS vendors are protecting their cloud data? 

Niels van Ingen:  There are a number of reasons for this:

  1. When customers move(d) their on-premises workloads to the cloud, the cloud was/is often positioned as the "Easy" button meaning it is simple and the cloud vendor will take care of everything so you can focus on running your business.  As a result, robust data protection was often assumed as available when in reality the capabilities included are very basic. 

  2. Different personas got involved and then the key challenge becomes who is responsible for data protection. In the on-premises days, it was very much understood that the backup/storage team were responsible for the data protection of the workloads. When workloads moved to the cloud, that team was often no longer involved, and instead, the application owner was the one responsible. He/she often did not have the required knowledge around data protection with the challenge being compounded by the fact that the vendor stated that high availability was part of the solution which is not the same as data protection.

  3. Cloud workload vendors have done a poor job describing what actual capabilities they provide natively for data protection. Instead, the conversation often focuses on service availability, which is not the same as data protection. Education of the market around the need for data protection has been and continues to be a significant challenge for cloud workloads. 

VMblog:  Explain what today's SaaS vendors are legally responsible for when it comes to data protection

Niels van Ingen:  It is actually fairly simple. SaaS workload vendors are responsible for ensuring the service is up and running and everything that is involved to make this happen. The customer is responsible for their data, their accounts, and the devices used to access the service.

SaaS-vendor-responsibility-model 

VMblog:  In failing to understand a provider's SLAs or data-retention terms, what are the unforeseen common risks that organizations face when it comes to data loss? 

Niels van Ingen:  When you discuss data loss the impacts can range from very small which you can typically categorize from "limited end user impact" to events that threaten the survival of the business. For example, a user who needs to redo a PowerPoint, if a certain version of the file cannot be recovered, is a relatively small impact. A very large impact could be a ransomware attack where all the customer's data is encrypted/deleted with not ability to regain access to your data. Yes, you can pay ransom but that does not guarantee you get your data back in a way that enables you to operate your business. In that kind of scenario, the key questions for customers to understand is:

If you don't have certain types of data, e.g. customer data, available to you, can you do business? And for how long?

A real but very sad example was 9/11. The majority of companies residing in the towers, were therefore directly impacted by these unspeakable events, had their production and backup data "locally" in the buildings, instead of geo and/or system separated. With no business data available, many companies simply could not continue to do business. 

An attack through ransomware or malware has a similar impact on data availability if not protected.

On top of that, you also need to consider reputational damage, regulatory risks, efficiency loss, and cost.

VMblog:  What are the pros and cons associated with third-party data protection solutions offered by SaaS vendors? 

Niels van Ingen:  Third-party data protection vendors are focused on doing it the correct way. What does that mean? 

  • Unlike the workload vendor, it is focused on the customer data, not just the uptime of the service 
  • Unlike the workload vendor, it focused on mature backup principles such as making sure backed-up data is separated from the production environment (the backup 3-2-1 rule is crucial) and is complete, not partial.
  • Unlike the workload vendor, it is focused not just on the backup of the data but also on making sure that recovery of both small and large data sets can be achieved in an efficient way at scale 
  • Retain the data as long you need it vs being able to do it for only 30 days (which is what you get with recovery bins) 

VMblog:  Explain what organizations should know about the shared responsibility model is in SaaS data protection. 

Niels van Ingen:  There is no excuse not to protect your customers, the business, and your employees from data loss considering the many dangers out there.  When thinking about the shared responsibility model associated with cloud applications you have to understand that your data is your responsibility. There is nothing shared about it. 

VMblog:  What are some of the causes of data loss for SaaS-based application organizations use? 

Niels van Ingen:

a. Accidental deletion 
b. Malicious user behavior (typically when an unhappy user leaves the company)
c. Hardware/ Migration failures / System outages
d. Malicious Attacks (Malware/Ransomware)
e. Policy mistakes. An example is retention settings being applied wrongly

VMblog:  In the event of a ransomware attack, what type of organizations are best positioned not to pay and to recover their data fully? 

Niels van Ingen:  The companies that are best positioned to deal with ransomware are the companies that cannot be taken hostage by something happening to their production data. These companies have the ability to quickly get back to business as usual by ensuring the integrity of the business. Typically, there are three phases that customers need to consider and plan for when dealing with a ransomware attack  

a. Prevention: Ensure that you have a full backup of your data that is separated from the production environment and is quickly and fully accessible
b. First 48 Hours: Ensure the key people know what to do early on during the attack and that correct procedure are in place to bring the appropriate parts of the business back online 
c. Root Cause and Remediation: Understand the detail behind the ransomware attack and take appropriate security measures to "clean" the environment. As part of this exercise, some or all data might need to be restored from an earlier point in time.  

VMblog:  Can you explain what organizations should consider when evaluating cloud-based data protection? 

Niels van Ingen:  Be clear on what they are looking for solutions for, and what are the key use cases for your business.  Use cases can often be put in buckets such as:

  • Regulatory requirements
  • Business/organizational continuity

Understand what your cloud workload can and cannot do in the area of data protection and recovery  

Understand the actual coverage and how it is accomplished. Many vendors will say that, for example, they have support for M365 but the coverage and recovery capabilities are often very different between vendors

Understand the TCO (total cost of ownership) of a solution. There are big differences between solutions in this area, and often hidden cost 

Don't just think about what you are solving for today but think about what other uses cases will become important to your business and stakeholders 2 to 3 years from now 

## 

Published Thursday, October 27, 2022 8:07 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<October 2022>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345