Extracting Value from Data: A Conversation with Neil Barton, CTO, WhereScape

In this video, Neil Barton, CTO of WhereScape, discusses how automation eliminates hand-coding and other repetitive, time-intensive aspects for data infrastructure projects, transforming your IT infrastructure into a valuable business tool.

Original video (with full player and complete transcript) posted at TruthInIT.com

Browse related videos on the Small World Big Data channel at TruthInIT

The Rise of Modern, Cloud-Delivered Workspaces and the Future of Fat and Zero Clients, with IGEL’s Simon Townsend

IGEL’s Simon Townsend, CMO, EMEA, talks about how the game has changed drastically in a new era of Desktop as a Service and cloud-delivered workspaces. While traditionally known as a pioneer in thin client computing devices, IGEL has metamorphosed from…

Original video (with full player and complete transcript) posted at TruthInIT.com

Browse related videos on the Small World Big Data channel at TruthInIT

It’s Not Paranoia If They Really Are Out to Get You

Part 6 in a series of posts about Data Protection as a Service… (Also posted on Cobalt Iron’s blog)

Mike Matchett, Small World Big Data

Ask any IT professional about enterprise data security and you can feel the tension in the room rise even before anyone starts speaking. Security is a tense topic, and for good reason. Good data security is hard. Total security today is nigh impossible.

According to the Online Trust Alliance (OTA), cybersecurity incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017. Since the majority of cyber incidents are never reported, OTA believes the actual number in 2017 could easily have exceeded 350,000.1 Some attacks, such as ransomware, have increased by 2000% since 2015.2

In any large enterprise we can never be 100% certain that some portion of our precious corporate data can’t be hacked, corrupted or lost in some nefarious way. I’m not saying anyone is lax, lazy, or incompetent. I am saying that every day there are new emerging threats, the corporate attack surface is multiplying, and our “sensitive” data footprint is both growing and spreading.

It’s Not Paranoia If They Really Are Out to Get You

Yes Virginia, there really are evil no-good hackers! If you are any kind of company, online or not, you and your data are a big fat target!

We now have viruses that once they worm into your organization might not trip any alarms until it’s too late to prevent damage. Ransomware might slowly encrypt (or just delete/corrupt) your primary data stores. I could go on at some length about increasingly distributed attack surfaces and multiplying online touch points (e.g. kiosks, end user apps, employee mobility, IoT devices, etc.). I’ll just say that we are well beyond the time that a solid firewall was the only defense necessary. We absolutely need a more intensive “defense in depth” approach by implementing security at all levels today.

If this isn’t sounding like a fear-based approach to motivating large security improvements yet, let me pile on a bit more! Consider the modern consequences of a major data breach – your reputation will just be the first casualty. You might lose major (many or most?) customers and clients. If you fall seriously afoul of industry compliance regulations, you can be directly penalized (your fault for being hacked) up to and including losing your whole business.

Even if you don’t lose any customer data or violate privacy regulations, once your systems have been penetrated you will still need to recover to a known good state. As long as we have a trusted, protected copy of our key data kept safe, then when things do go wrong (and they will) we can quickly repair and recover.

Keeping Up is a Company Full of Jobs

So how many security experts does it take to plug all the gaps, patch all the holes, implement all the new security paradigms, and keep up with all the new threats? Even if we just look at the core defense of our data protection scheme, which must now be as close to 100% protected as possible, we have to regularly (and often immediately) patch aging backup software, ensure complete encryption of all our backup data streams and images (and don’t forget key management), automate and audit every last touch and touchpoint so we can verify systems integrity, isolate and verify data integrity (repeatedly), and of course actually and reliably backup all of our key data to start with.

Apparently, we’d need a lot of highly trained people to do this right!

For most backup products on the market today cyber security requires additional products designed to fortify the backup and cut off access to potentially vulnerable areas. The architecture may include new air-gapped landscapes run by the security team requiring the training of a new group of IT professionals, increasing the number of people involved in the process, and of course driving up costs as well.

However, I’d propose that the biggest data security risks stem from having lots of “people“ in the middle of key data protection processes. Whether through naiveté, apathy, error, or evil intent, anytime and anywhere people are involved in data protection processes there are inherent vulnerabilities.

Can we get rid of all our people? Of course not! But we can implement data protection schemes that take people out of the critical data protection equation as much as possible.

Managed Data Protection as a Service

If it takes a company of data protection experts to provide the best and most secure data protection solution possible, then so be it. But likely your company is already doing something other than being 100% internally focused on secure data protection. Is secure data protection expertise something you can just subscribe to?

Yes. You only need to find a great data protection service provider to work with – one that has a world-class security solution and a company of experts behind it. For example, Cobalt Iron offers ADP CyberShield™ which includes security features to protect your key data architected into the core data protection product. Built-in features include fully human-less backup automation inaccessible to enterprise interference, full encryption schemes, WORM policies, air-gapped and isolated landscapes for validation and recovery, and more.
If we apply the law of parsimony, also known as Occam’s Razor, then “simpler solutions are more likely to be correct than complex ones.3” In the case of protecting your backup data, a solution with security built in by design will be stronger and less expensive than ones that require plugging the holes after the fact. The security for your backup solution should not be an add on.

1. https://otalliance.org/news-events/press-releases/online-trust-alliance-reports-doubling-cyber-incidents-2017-0

2. https://economia.icaew.com/en/news/december-2017/ransomware-attacks-increase-2000-since-2015

3. https://en.wikipedia.org/wiki/Occam%27s_razor

Robin Systems & Hyperconverged Kubernetes

Premal Buch, CEO of Robin Systems helps us understand the drive toward a multi-cloud or hybrid on-prem cloud approach to Kubernetes containerized environments. The convergence of big data and containers helps both DevOps and DBAs achieve a self service…

Original video (with full player and complete transcript) posted at TruthInIT.com

Browse related videos on the Small World Big Data channel at TruthInIT