Data Management, Analytics & AI

In my predictions for 2020, I highlighted that tape is not going away any time soon. It’s actually experiencing a renewal as it has become quite obvious to a whole new generation of IT professionals that it is a great medium for high-capacity and low-cost storage. 

While the traditional use case of backup and recovery suffered in the past from recovery performance limitations compared to disk, other use cases have recently emerged. Large-scale archiving of course but also cold cloud storage, which is really large-scale archiving behind a cloud service interface and consumption model. Yes…tape actually powers a whole bunch of storage cloud services! Capacity, automation, and low cost make it possible.

Modern devices that integrate fast “cache” layers and the ability to leverage easy and friendly user and file system interfaces now make it a lot easier to “plug” tape into an environment without having to hire a PhD in “tapeology.” In combination with specialized high performance devices, mass producers of data can leverage high-performance (memory and disk-based) devices for production, and high-performance/large-capacity tape devices for storage. The media space is a good example. 

A couple of tape vendors have recently announced initiatives and/or new products that help address parts of the gigantic ransomware issue. It should come as no surprise: Tape can easily be put off-line, air-gapping the data from the main network and the outside world—and by that I mean the nefarious actors that might corrupt the data to extort a ransom. It’s a great solution that can help improve compliance levels, and provide a “gold” copy type and isolated recovery capability. Some ransomware attacks can corrupt backups—sometimes specifically targeting the backup systems—so everyone should have an air-gapped gold copy mechanism in place. With modern devices and many integrations into the ecosystem, recovery can be accelerated (compared to the good old days) should it be necessary. I recently wrote a paper on the topic for HPE.  

As I said, tape is not going away any time soon… 🙂

2020 started with a bang in the data protection space with the announcement of the acquisition of Veeam by Private Equity firm Insight Partners. Insight Partners is no stranger to the space, having invested in Acronis, as well. In this short blog, I am going to net out my views on this acquisition.  

It’s great news for the market! Let’s be clear, the backup and recovery space is hot and growing, but it is yesterday’s market. It is evolving into something else, which I have coined the data intelligence market, an evolution of backup and recovery that places data and data reuse at the heart of the enterprise. Whether enabling digital transformation or leveraging “dark” or dormant data, the idea is to leverage data assets. This acquisition is about the next stage of the market.

(more…)

Actifio just announced a new version of its platform, Actifio 10C, and it comes with a bunch of goodies just in time for year-end festivities. The version numbering itself reveals a triumvirate of themes around the letter C: cloud, containers, and copy data. While the first too are critical in supporting the “how to” or “where,” the third (copy data) is really about the ability to further leverage data assets, an area in which I believe Actifio has done better than others. 

This new version does reinforce the key capabilities that have made Actifio successful, which is data protection/recovery at scale. Scale is everything for enterprises, and it requires performance and flexibility. Our research shows data protection is not only moving to the cloud, it is expected to be as efficient as possible (achieving strict RPOs and RTOs) and cost-optimized. Recovery is critical for successful cloud-based data protection. In this version, there are many cloud-related improvements such as one-click multi-cloud orchestration and restore (automated DR at scale), and advances in leveraging object storage (more performance at a fraction of the cost) with intelligent caching including direct S3-compatible object storage recovery. Net net: faster, at scale, and cost-effective recovery in multi-cloud.  

Our research also shows that cloud will play an increasingly important role in intelligent data management or data reuse, which is not that surprising given the significant advances and services cloud providers offer today. Cloud tops the list of intelligent data management topologies. 

In 10c, Actifio adds rapid cloning of databases to containers to accelerate application test and release cycles. In essence, end-users can reuse backups backups to instantly clone multi-Terabyte databases leveraging Kubernetes-managed containers. The benefit is obvious: one data set can be leveraged across multiple test instances and only changes get stored. I am tempted to call it “parallelized data reuse.” It’s also self service, which means a QA team, for example, will be autonomous, and not depend on other parts of IT. Cost optimizations therefore occur in 2 areas:  storage and operational efficiencies. Business optimization should stem from the ability for developers or QA teams to do their job better and faster, which helps the top and bottom lines.  Actifio also integrates with Dev/Ops leading tools.  

Data reuse generates broad business benefits. Our most recent research highlighted the main areas in which organizations that implement secondary data reuse, or intelligent data management, can benefit. We believe that data reuse is critical to lower business risk and to foster business growth and expansion. Stay tuned for more on this topic in January. Version 10C adds wizards for mission-critical databases like SAP HANA/ASE/MaxDB, Oracle, Oracle EBS, MS SQL, Db2, and other enterprise databases with incremental-forever application-consistent backup, instant recovery, and rapid database cloning for test/dev anywhere (on-premises or in AWS, Azure, GCP, and IBM Cloud). 

With this new release Actifio is well positioned to capture more business and further its market presence as the “Go”-to (pun intended) intelligent data management platform. Our research shows that intelligent data management (heavily predicated on data reuse) is where the backup and recovery market is going. It looks as though Actifio is going there faster than others. 

The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. Often compared to GDPR, CCPA protects consumers from mismanagement of their personal data and gives consumer control over what data is collected, processed, shared, or sold by companies doing business in California. I recently chatted with my friends and colleagues Dave Littman from TruthInIT and Steve Catanzano, Senior Consultant at ESG. 

You can find our video chat here.

Focusing on the impact of this act on companies’ infrastructure, their storage, their data protection, and their archiving, it is clear that this is a regulation that forces companies to really start thinking more about their data and reusing that data as well.

In the video, Stephen Catanzano explains, “Data reuse is important. Things like encryption, data masking, all these tools that exist today are tools that companies need to start taking very seriously to protect consumers data. And this should have a major impact on the amount of data that they store, where the data is, creating a whole level of intelligence around their resources that they have in place, and making sure that they meet these compliance…

CCPA is something that is hitting home in the California market. We think it’s going to extend into other markets as well. So really focusing on data management, data intelligence is going to help companies in meeting this regulation as well as being more efficient within organizations.”

I add, “In order to do business with California, you are going to have to be compliant. It’s the fifth economy or sixth economy in a world…It’s going to make it even more obvious for those organizations that do not necessarily deal in a lot of international business when it comes to the collection of data. It’s very restrictive and it has some fines. I think it’s $750 per incident per user. So if you have millions of consumers and you’ve done something wrong and you’ve been somehow you’ve exposed that data and it’s considered to be non-compliant, you can do the math. It’s going to be pretty, pretty bad.”

So we know the players in the data protection space, in the archiving space, and in the storage space. As the technology stands right now, are those features and functions there to comply? Or is it going to be that these vendors are going to have to produce new features and functions to enable their customers to comply? 

In closing, Stephen Catanzano sums this idea up: “It’s vendor specific. Many of the vendors have gotten ahead of this already, especially with GDPR and they understand what tools need to be in place and what the process needs to be to comply. It’s up to the customers to be using those tools effectively. And so they do exist, it is just a matter of policies and procedures that you need to put in place. One example is companies have the right or individuals will have the right to ask their data to be deleted. And that’s a complicated problem. If you don’t have all your day and organized and you know that you can go to your primary data, your backup data, your dev/ops, storage, everything else and remove that data, then you’re not in compliance with the regulations. That is when you get the fines as well. So people need to know. People can ask where the data is. They can ask how you’re storing it, how are you managing, why you have it, you need to respond very quickly. And then if they say you’re holding it inappropriately or you shouldn’t have my data, then they can ask for it to be removed. That’s a big challenge for IT.”

For more information on CCPA, check out our complimentary brief.

The California Consumer Privacy Act is a landmark piece of consumer privacy legislation which passed into California law on June 28th of 2018. The bill is also known as AB 375. This Act is the strongest privacy legislation enacted in any state, giving more power to consumers with regards to their private data.   

I sat down with my friends Dave Littman from Truth In IT and Steve Catanzano who works with us at Enterprise Strategy Group to discuss this new regulation.

These are some excerpts of our fist discussion on the topic, which you can find here.

CCPA is not really like GDPR in many ways, but it has a lot of similarities which really focus on the privacy and the ability for individuals to understand what data is actually owned by the various vendors and the various companies they deal with. So really this is about the extension of  “natural rights” as a human being. 

Now you have the right to your data, to know where it is, what it is, etc. The regulation is a landmark regulation in the U.S. We’re going to see a lot more in other states. It does inspire itself from GDPR.  Like GDPR, the European privacy act, California Consumer Privacy Act may be the beginning of stricter U.S. consumer privacy protections.

CCPA is really about protecting the consumer. It gives them a lot more control over what data has been collected on them, what data is processed, what data is shared, and what data is sold. As a consumer I now have more rights to figure out where my data is and who has it, and some rights even have it altered or removed if I think it’s inappropriately being held by someone. And then on the other side of it is the corporate side, which is now being forced to make sure they have policies and procedures in place to make sure they’re treating data the way that they need to.

The regulation specifically calls for conspicuous annotations on webpages. And there are some interesting twists because in this case, it specifically puts parameters around the size of the business in how many customer or individual contacts it has. It’s also very, very wide in its description of what makes up the type of privacy or private data that could be affected. 

If you think for a second about those larger organizations and how much data they actually have on individuals, the question is, do they know exactly what they have, where it is, and whether it’s protected in a way that makes sense for their organization, their own compliance, and for the CCPA compliance? They still have some very specific requirements around security, around access, etc. In the end, you’re going to see a lot of organizations scrambling to support it. And, of course you’ll get those emails; you’ll get the visible things on the websites. But that’s just the tip of the iceberg. The real story is about the data and where that data lives.

This is something that affects both your primary systems that you have in place and all these while there’s all your backup systems and your dev/ops systems. Tools like data masking are going to become more important for companies to make sure that internally, when they’re sharing data, teams aren’t seeing personal and confidential information from anyone who’s a customer of theirs. It’s really critical.   

So data intelligence is something that’s really growing. This is forcing that issue a bit further for companies to really start thinking about what are our policies, what are our procedures, how we’re treating data and using it intelligently, etc. So it’s not just for this regulation, but it goes much broader than that. And the days of just storing data and terabytes of data and not ever really looking at the data and understanding what the value is are going away. You can now have the tools in place to really be intelligent about what they’re storing, how they’re storing, and how they’re protecting it.  This pushes the issue a little further on personal privacy. It’s good for the industry overall.

To learn more, download my free Brief on the subject:

2019 was a year of contrasts for backup and recovery but also confirmed the great health and growth potential in this market. It is, however, at the cusp of a critical change, one that will see vendors pivot to expanded capabilities and new use cases. Those who don’t invest in these new capabilities (organically or through acquisitions) will enter a phase of slow decline, which may not be immediately evident but that will be hard to reverse. More on this in the predictions section.

(more…)