Building Confidence with Data ResilienceBuilding Confidence with Data Resilience
As enterprises grow more complex, the need to protect them intensifies. Have the confidence to understand potential weaknesses in your infrastructure and take a data-centric approach to resiliency.
April 22, 2021
Ken Mattingly knows about resilience. Fifty-one years ago, this month, the young astronaut was cut from making a trip to the moon just days before lift-off.
Not unlike the way in which COVID-19 has cancelled events and sidelined individuals, Mattingly, who was to be the Command Module Pilot on Apollo 13, had been exposed to German measles. To avoid the known and any unknown problems that could have occurred had he contracted the disease while in space, NASA replaced him with backup astronaut, Jack Swigert, three days prior to launch.
What occurred later with the ill-fated Apollo 13 mission is a legendary tale of resiliency. But so, too, is the seemingly straightforward last-minute astronaut swap. The simplicity of that situation shades an otherwise complicated process and chain of events that were first well-established, and then set into motion once the exposure was discovered.
While resilience planning for moon travel is a relative extreme, ignoring the myriad risks and potential pitfalls of business can quickly ground a company, especially during a pandemic or while in the throes of a digital transformation -- or both.
Start With the Data
The first step in any digital transformation journey starts with the data and the development of a foundational storage layer. Resilience starts with data, too. It is the fuel that drives the company and it permeates every aspect of the technical infrastructure, from storage to AI, across the hybrid cloud, from the core data center to the edge. Lose data and you can lose your ability to function and, often, lose money. A recent study by KPMG found that cyber security risk will pose the greatest threat to a company’s growth over the next three years. The KPMG 2021 CEO Outlook Pulse Survey surveyed 500 CEOs in 11 markets around the world. Organizations like Pitney-Bowes, the University of California, San Francisco, and the many others are living proof of the risks.
But breaches tell only part of the story. According to a recent report by Harvard Business Review, the mean time it took businesses in 2019 to discover a cyberattack was 196 days. Cloud migrations are only compounding the challenge and risk by 51%, according to the report. The point is, for most organizations, the problem is not only losing data and vital corporate information, but also not realizing it for six months.
The goal of any resiliency plan is to recover quickly and hopefully with as little residual damage as possible. One of the best ways to do that of course, is to prevent disruptions from happening in the first place. The ability to prevent, protect and, when necessary, quickly recover from disruptions builds trust in the business and what it delivers. To do it requires a rock-solid information architecture that spans your enterprise and supports all software deployment models including container, virtual machine, and bare-metal deployments. Such a storage foundation facilitates and supports hybrid cloud environments helps keep organizations safe from cyber intrusions and optimized for resilience.
Protection and Recovery
Strong organizations plan for both data backup and recovery. Here are a few tenets to consider to strengthen the storage layer for greater resilience:
Isolation. Isolate and separate the data from the rest of the network via storage snapshots and backups. Isolation can be achieved by utilizing capabilities like backups. It can also be achieved by storing the data offline on a different media like tape storage, creating what is called an air-gap effect, or to tape located in the cloud, which is known as “logical” air-gapping.
Immutability. Ensure your data is placed in tamper-proof storage. This prevents any attacker, external or internal, from changing or deleting data. Write Once, Read Many (WORM) technologies, as well as snapshot and data replication solutions provide proven secure retention capabilities.
Performance. It’s often overlooked, but system performance is an important capability of any data resilience framework. How fast can your organization recover from a cyber-attack? While tape excels at isolation and immutability of backup data, it can take hours and sometimes days to fully recover the data to the pre-attack state. For organizations that need to recover in minutes, look for high-performing data storage solutions, such as flash-based systems that can be used to back up, snapshot, or replicate repositories.
Ease of Reuse. It’s increasingly critical that organizations have the ability to store data in native formats and instantly mount data copies to ensure access to backup data is quick and easy. For starters, this speeds testing recovery procedures and backup validation. The quicker you’re able to get data into an isolated environment following a ransomware attack, for example, the faster you’ll be able to find a valid recovery point from which to restore.
Another important factor in data resilience is the ability to detect cyberattacks. Having a solution that can help you automatically monitor data for possible intrusions can provide significant time savings. To do it, seek out programs that proactively monitor backup data to look for pattern anomalies. Things like higher ingest times or changes in deduplication rates can be signs that an attempt to compromise your data has occurred.
As for Ken Mattingly, he never did contract the German measles. But his story didn’t end in 1970. Far from it. After being bumped from Apollo 13, he would be instrumental in helping find the way to restart the stalled Command Module and save his Apollo crew mates, spending hours in the simulator meticulously looking for the proper sequence. Almost two years to the day later, he would get his shot at the moon and become the Command Module Pilot for Apollo 16, making him one of only 24 human beings to fly to the moon. He would also go on to be among the few astronauts to fly both Apollo and Space Shuttle missions and would retire from the US Navy in 1986 a two-star rank of Rear admiral.
Recovery is a big part of resiliency. Have the confidence to understand the weaknesses in your infrastructure, build the protection your data deserves, and craft the recovery plan you will need.
Eric Herzog is Vice President, Business Development and Go to Market, IBM Storage.
About the Author(s)
You May Also Like
Perspectives on Security for the Board: Edition 3
The Definitive Guide to Understanding IP Addresses, VPNs and their Implications for Businesses
Cyberthreats Racing Ahead of Your Defenses? Secure Networking Can Put a Stop to That
Top Six Recommendations to Improve User Productivity with a Hybrid Architecture
The 9 Traits You Need to Succeed as a Cybersecurity Leader