Multi-cloud adoption has accelerated this year as organisations have digitalised in light of the pandemic. And while there are numerous benefits of Digital Transformation, this new environment has created challenges for enterprises – especially when it comes to managing data and complex infrastructures. Ian Wood, Senior Director Technical Sales and Services UK/I at Veritas Technologies LLC, talks us through the importance of data management for staying ahead of cyberthreats, as well as how organisations can ultimately build a unified multi-cloud strategy with resiliency at its core.
The new environment
This year, largely driven by COVID-19, cloud adoption has picked up significantly. This is as a result of accelerated Digital Transformation schemes as organisations redefined their go-to-market strategies due to the impact of the pandemic.
But while CIOs previously mandated ‘cloud first’, we have noticed a shift to a ‘cloud appropriate’ model.
This is where organisations look to adopt the appropriate cloud service for the appropriate use case or workload, which is what we call multi-cloud. It’s not one cloud provider, it’s multiple cloud providers – things like SaaS, IaaS and PaaS.
Managing data in a complex environment
Data growth has been ongoing for some time and should be seen as a good thing. But the rate of that data growth has exploded and that’s raising complexity within environments. In a multi-cloud environment, this growing data is stored in multiple locations which opens organisations up to greater risk.
One observation is a rise in ransomware attacks which are more targeted and sophisticated than ever. Another key challenge for organisations is around data privacy regulations like GDPR – being confident that you can manage personal identifiable information wherever it may reside.
Finally, cost – the exponential growth in data could lead to exponential growth in the cost of data storage and management.
Digital Transformation – the disconnect between expectation and reality
As we mentioned, Digital transformation initiatives have accelerated at an unprecedented rate during the last year but there are some gaps between expectation and reality.
Organisations expect cost-savings by going to the cloud and digitally transforming. But the reality is, there’s a huge risk of overspend, especially with data growth. Left unchecked, that can actually lead to unnecessary increased storage costs.
Enterprises also expect to be able to move faster, be more agile and reduce time to market through Digital Transformation and adoption of multi-cloud. But we’ve seen a gap in the security posture and capabilities of organisations to secure that data, and a gap in the skills associated with these new environments.
So, while organisations think they’ll be able to go quicker through Digital Transformation, the reality is they’re actually slower because they don’t have the skills and their IT processes and security technologies don’t keep up. And that leads to a gap.
Finally, there’s a belief that by moving to the cloud an organisation will automatically be more resilient. For many organisations, a cloud service provider is possibly more secure than their own data centre. But it creates confusion around ownership of that security which opens them up to increased operational resiliency risk.
Closing the gaps
First, organisations need to standardise toolsets where possible. We see organisations adopting a set of tools and processes aligned to the cloud that they are adopting. The risk, however, is that if you deploy multiple clouds then you have multiple tools and multiple methodologies of managing those which then increases their complexity.
One key area I would recommend standardising is data management. Infrastructures come and go but data doesn’t change – it’s a constant. That reduces complexity and the possibility of overspend because you can check how that data is managed, reducing that risk of ransomware.
Imagine a nightmare ransomware attack which goes into different infrastructures – some cloud, some data centres, etc – where you have multiple technologies to recover. You can imagine the complexity that would bring, rather than having a standard methodology to go in and recover that data.
Then, once you’ve standardised, we’d recommend looking at data management that includes a good level of insight. There are lots of opportunities to inject Artificial Intelligence and Machine Learning straight into data management.
And if we have the opportunity to make more informed decisions with insights, then we’re in a better place. After all, you can’t manage what you can’t see.
With data management, I always talk about insights first – it’s important to know where any personal information is that needs to be protected for data privacy regulations. On top of that, your data management needs to provide best practice protection. By following best practices, you can ensure you’re resilient against ransomware, for example.
Finally, you need to know what your critical systems are and ensure they have the right levels of availability.
Ransomware – a growing threat
We recently conducted some global research on ransomware. The first thing we picked up is that a third of UK respondents had already adopted multi-cloud, which tells us the UK is more advanced than most of the rest of Europe, at least in adopting multiple clouds.
We found 64% of those customers store all or part of their data in the cloud and, on average, the UK has 21 different cloud services, compared to 12 in the rest of Europe.
There is also a security gap of technology processes, skills, best practices in cloud in the UK. The results showed 55% acknowledge that their IT security has not kept pace with the complexity of deploying cloud and infrastructure in general.
Budgets are also tighter in the UK than in other areas. We saw 77% acknowledge their budgets will be flat to decline due to COVID so technology leaders have to do more, with less budget, quite quickly.
Only 5% said they followed recommendations to protect data against ransomware. The 3-2-1 recommendation is to have three copies of your data in two different locations and make sure one of those locations is air gapped. Interestingly, the UK is the most likely to pay the ransom in a ransomware attack – 56% would pay in full or partially, versus 43% globally.
Almost half estimated that if they were attacked by ransomware and infected, it would take five days or more to recover. So, the impact is really high.
There are implications if organisations don’t reassess their security strategies to make sure that it keeps pace with the complexity in infrastructure.
First, unwanted downtime and system outages – the big headline news moments that no organisation wants. This has cost and brand reputation implications but also breaks trust with customers.
Second, if you’re not managing your data effectively, you run the risk of breaching regulatory compliance.
Finally, if you don’t have a well-managed environment for your data, you’re typically overspending on data management.
If you get the security posture right and protect your data, you manage your data more effectively and there’s a by-product of reducing data management costs.
Data security – a forward view
Looking forward, we’re likely to see a continued adoption of multi-cloud and increased complexity of infrastructure. Customers are also increasingly investigating automation in IT – fuelled by cloud deployments.
We see discussions around infrastructure as a code and we will see more clouds and an increased risk of complexity.
But we also have an opportunity to build data management and security management into automation.
5G is another key area which is going to accelerate digital experiences, while ransomware is a threat which is likely to grow.
But the good news is that if you have a good data management and security strategy, and keep all your systems patched, you are probably going to be okay. But if you overlook those areas, you could have some challenges ahead.
Building a unified multi-cloud strategy with resilience at the core
Infrastructures will come and go but I would recommend looking at a data management platform, which should be seen as a service that is independent of the infrastructure.
Veritas has been in the data management industry for almost three decades and we’ve helped large organisations with complex environments to manage their data effectively with our best-of-breed technology.
Veritas helps organisations migrate to the cloud, protect their workloads on-prem, in the cloud and in multiple clouds, and allows organisations to underpin their critical workloads to make sure they’re available with near zero downtime, wherever they are located.
Click below to share this article