Q&A with Komprise co-founder and COO Krishna Subramanian on managing unstructured data and data management techniques companies can employ to mitigate losses from cyber-attacks and other disasters.
What are the latest/new requirements for enterprise IT Disaster Recovery?
Disasters are on the rise, from climate change, ransomware and cybersecurity attacks, geopolitical conflicts/wars and more. These disasters are increasingly expensive to cities and businesses. In
In 2023 there were more billion-dollar-plus climate disasters than any other year, costing the US alone an estimated $92 billion, according to NOAA.
More than 72% of businesses worldwide were affected by ransomware attacks and the average cost of an attack was $1.85 million, according to Statista and GetAstra, respectively.
Focusing on data protection is always paramount.
However, when you consider the growing volumes of unstructured data in the enterprise, which today constitutes at least 80% of all data created and stored, treating all enterprise data the same is no longer viable.
Enterprise organizations typically create three copies of data and additional copies are needed beyond that for Disaster Recovery and ransomware protection.
Yet IT spending on storage – commonly at least 30% of the IT budget – is not sustainable.
Enterprise IT must be able to deploy flexible and cost-effective unstructured data replication and ongoing data lifecycle management policies to address the modern scale of data and increased Disaster Recovery requirements.
What gaps do enterprises have with traditional/typical DR?
Organizations need affordable data protection for non-critical data. As an example, most organizations replicate all their storage to another site so they can recover from a disaster.
This approach is called Network Attached Storage (NAS) mirroring and it is expensive because it requires identical infrastructure for each storage at both sites and a full copy of all the data.
With ongoing data growth, many organizations are silently choosing not to replicate storage that contains less critical data – a dangerous strategy that creates a gap in the event of a disaster.
What’s needed is a more affordable DR strategy which allows organizations to pick different levels of replication to non-identical destinations like the cloud based on the criticality of data.
This tiered strategy allows all data to be replicated but not with the same level of performance and in the same type of storage.
Also, this replication can be asynchronous with a delay of when changes get propagated to offer some protection from a ransomware attack.
How and when does unstructured data management come to play?
The first responsibility is to understand your data with visibility across all storage vendors – from on-premises to edge to the cloud.
Many enterprises don’t know how much data they have nor how fast it is growing company-wide and at the department level. They don’t have clear insights into file types and sizes or usage patterns – such as how much of their data is rarely used or where their PII and financial data is located.
Employees unwittingly copy sensitive data to incompliant locations.
An unstructured data management solution can index all your data in storage so that IT can see these trends and make better decisions for right-placing it. This ensures that you’re not overspending to protect less-critical or cold data.
With this knowledge, you can then look for a solution that can asynchronously replicate data at the share level. This means you can pick which shares you want to replicate, to where, and on what schedule.
You can configure different policies for different shares in the same volume and you can create a tiered DR program that doesn’t leave gaps for ransomware and hackers in general.
What about broader ransomware protection?
A challenge with NAS mirroring is that although it provides near instant recovery, it does not really protect from cyberattacks because changes are propagated to both sites at nearly the same time.
While this synchronous replication ensures a near-instantaneous Recovery Point Objective (RPO), its drawback is that a ransomware infection in the primary site will also infect the secondary site.
So, with asynchronous replication, you can create a buffer that mitigates the issues with data being replicated at nearly the same time.
Another strategy is to tier cold data from expensive storage and backups into a resilient destination such as object-locked storage in the cloud.
By moving cold data to object-locked storage and eliminating it from active storage and backups, you can create a logically isolated recovery copy which is immutable, to prevent deletion or alteration. This will also drastically cut storage and backup costs – by 70% or more – because this lower-performing, lower cost storage tier is not designed for rapid recovery.
Is there a role for AI to play here?
Yes. The power of AI is that it can very quickly scan petabytes of data – or billions of files – to find specific data sets.
AI tools such as Amazon Macie can help if integrated with an unstructured data management workflow.
The AI tool can scan the content of files for sensitive data (such as customer contact information or credit cards) and then tag those files as containing PII.
IT can use the output of the AI scan in the unstructured data management system to then segregate and move those data sets to a secure storage location where they can’t be copied or moved elsewhere in violation of corporate policy and industry regulations.
You can feasibly create an automated policy and workflow for this process to happen continuously. That way, you can be assured of which data sets require the highest level of protection – including DR. Right-sizing DR and data protection is becoming mission critical today; we simply can’t afford to treat all data the same, but we can protect all data at the level it needs to assure a holistic DR and security strategy.
Click below to share this article