Evolving data protection technologies require attention

The market for data protection technologies is exciting to watch these days.

There are new products competing with old products, new products competing with newer products, mergers and acquisitions, transformations and evolutions. And let's face it, there's a lot to protect.

In this edition of the Back up to Basics podcast, Oussama El-Hilali, vice president of products at backup and recovery vendor Arcserve, details what he sees as trends and misconceptions in data protection technologies. One important element is the ability to recover from the wide variety of threats out there.

"When we talk about data protection, we're talking about the comprehensive term that involves protecting the data, not only from disaster, but protecting it from corruption, from theft, from loss -- basically, making the data accessible to the user when they need to have it accessible," El-Hilali said.

Unfortunately, with new and evolving data protection technologies come misunderstandings.

"One of the most common misconceptions is: 'If I have the data in the cloud, it must be secure and must be backed up,'" El-Hilali said. "Well, a lot of cloud providers do not provide backup functionality."

Once you have that cloud backup, will you be able to recover quickly? Well, it depends. Bandwidth is an issue in the cloud that's not as prevalent in the on-premises data protection market, El-Hilali said.

As vendors get their products and message out, users are starting to understand that they need comprehensive and smart backup. Tiering data becomes an important piece of the puzzle. Mission-critical applications shouldn't be in the same backup space as data that doesn't require a quick recovery.

For customers' sake, there are a lot of products and technologies from which to choose.

"These are exciting times in the data protection industry," El-Hilali said. "I believe that, in the past 20 years, it was all about data protection. But the next 20 years are going to be about disaster avoidance and how we can prevent these disasters from occurring at all."

Listen to the podcast, and read the transcript below for more information about data protection technologies -- challenges, keys and what you can do to improve your organization's backup and recovery.

Editor's note: The following transcript has been edited for clarity and condensed.

Simply backing up data isn't really enough. What else do organizations need to do to make sure they're in a position to recover from an outage or another incident?

Oussama El-Hilali: It's very important for organizations to categorize their data with what is most important and necessary for the continuity of business and what can wait and be restored. Today, we have a number of platforms that can get us to move into our data very quickly in the event of a disaster. And there are traditional methods that can help us restore our data.

The other key is to have a mechanism to ensure that the integrity of the data is intact. So, for example, if we have a backup, we need to be able to check and make sure that, in the case of a need to restore, that backup is not corrupted. That's why Arcserve has Assured Recovery, which has an algorithm that allows it to go and pull in the backup sets, mount them and create a test to make sure that, if needed, that backup is intact, and it's available.

The first piece you mentioned in your last answer gets to the practice of tiering certain data. Obviously, not all data is mission-critical. What are some best practices with tiering in order to get the quickest possible recovery?

El-Hilali: When I talk to customers, I ask them, 'In the event of a disaster, what would you do?' And some of them are prepared, saying the first thing is to communicate. And in order to communicate, they need email and other communication tools up and ready. So, for that type of recovery, we would recommend a platform that allows you to do replication, for example, or a disaster recovery as a service [DRaaS] product that, within a second or two, can get those systems up and running. That's so the communication can happen within the IT organization and across the company.

Then, secondly, depending on the nature of the business, you determine what type of delay the business can endure. For some businesses, it's a few minutes; for some, it's hours. For businesses that can only endure seconds, they would need a managed DRaaS, where you can launch an application from the cloud within seconds and recover it.

But typical data that's not referenced or needed on a regular basis can be put on disk and restored a few hours later. Or it can be put on tape and may be moved off-site and brought on-site when it's needed.

Moving into the threat landscape today, we know ransomware is one of the biggest threats out there. What are some best practices regarding data protection technologies that organizations can follow to fight that specific threat?

El-Hilali: When we talk about data protection, we're talking about the comprehensive term that involves protecting the data, not only from disaster but protecting it from corruption, from theft, from loss -- basically, making the data accessible to users when they need to have it accessible. So, in terms of protecting data against ransomware, if you have a copy, it basically prevents the hackers from accomplishing their goal. You can very quickly go into that other copy, recover your data and restore it.

What else are major threats and challenges in the backup world today?

El-Hilali: There are a number of different kinds of malicious attacks. People try to steal credentials, people try to just steal the data, leak it out and make it available for other people. So, not only do we need to protect the data internally, but also we need to prevent accessibility to that data from nonauthorized users. There are functions that we put in our software that ensure that the data is accessible by only those people who have the right to access it.

And then there are outages. They seem to happen frequently. For example, Microsoft Azure recently had an outage, and obviously, not everyone was ready for it. What are some ways organizations can ensure business continuity in the face of a cloud outage?

El-Hilali: A lot of people feel that, when data is in the cloud, that means there's better continuity. Nobody can ensure continuity better than the data owners themselves by looking at their options and where they want to store the data and what kind of access they want to have to the data. At Arcserve, we have a number of data protection applications that allow you to back up the data in the cloud, from cloud to cloud and from cloud to on premises.

We're in the middle of hurricane season. How does backing up for recovery from natural disasters differ from other types of backup?

El-Hilali: One of the key elements in backup is where you store the data. I think a basic element of backup is that you need to move the data, you need to schedule that move and then you need to catalog it. The cataloging of the data has a link to the location. Regarding natural disasters, there is a certain amount of distance that needs to exist between where the primary data resides and the secondary data. We recommend that you have a local copy for accessibility, and that's provided by an appliance or disk backup.

And we recommend having a second copy that is off-site. That can be provided by a backup to tape, and the tape is moved externally. Or there's replication from the primary data to another site that's 70, 100, 500 miles out. Or there's DRaaS, which allows regular sync-ups with a location in the cloud that's physically separated from your primary location.

Looking ahead, what are some general areas of focus in data protection technologies for Arcserve?

El-Hilali: We see a lot of trends in the market. There's a lot of transformation. Reliable applications that had served the data protection market are transforming to adhere and to adapt to the needs of the cloud. There are a lot of acquisitions and mergers that are happening in order to consolidate the market and create stronger portfolios.

For Arcserve, the focus is on the cloud. The cloud is growing because it's cheaper. The essence is that it's a very financially attractive platform for the storage of data short term or long term. Our focus is to create new products for the cloud and to transform our existing products to adhere to the needs of the consumers of the cloud.

We're also putting an emphasis on accessibility. This umbrella of data protection involves a certain guarantee of accessibility that your data is being protected from natural disasters, from human interference, but it is accessible to you, the data owner, at all times.