Data Protection & Resiliency In The Cloud

With so many businesses moving their mission-critical applications to the cloud, it becomes imperative to be able to have control over your data protection and application resiliency. To learn more about what that entails, as well as how businesses are succeeding and leading in this area, I had the pleasure of speaking with Clifford Barcliff, Senior Product Manager with Veritas, a leader in multi-cloud data management. Below, is a transcript of our conversation. You can view the entire conversation on YouTube at: https://youtu.be/VY4tw_I1m_w, or listen to it on SoundCloud: https://on.soundcloud.com/vahBv.

Avrohom: Veritas is an industry leader in multi-cloud data management, and they just announced the new Veritas Alta Cloud Platform. Can you go into detail about what is Alta, and what does it mean for Veritas and its clients moving forward?

Cliff: Think about customers over time. Cloud isn’t new anymore. And we’ve been helping our customers since the early adopters to now, today, with everyone having a pretty much cloud-first strategy, or at least some part of the enterprise doing cloud-first.

We have done so many modifications and created so much intellectual property for our products, and we’ve also had some acquisitions along the way, that it was time to rebrand those products for when they’re using the public clouds. They provide what our customers are asking us to do (i.e., how it’s deployed, how it’s consumed, the capabilities, and the use of data services within the public clouds.) These are our products, deployed and consumed the way our customers want.

Avrohom: It’s so true that businesses of all shapes and sizes are moving to the cloud. From small businesses that kind of kicked off this cloud migration, all the way up to enterprises. What challenges are you finding with businesses moving to the cloud?

Cliff: If you think about the adoption tail for virtualization. The tail went from early adopters, but the long tail, to get everybody on board, it took over a decade! Some people say it took 15 years before everybody was virtualized. Well, cloud wasn’t that way. There was that sharp early adopter thing, and then very, very, quickly, after the early adopters, as soon as you had your first financial, as soon as you had your first health care system, your first government agency, once you had the first of each of those, everybody else piled on. So, it was a much quicker adoption than previous types of technologies. And, you know those early adopters, they were the people in the corner. They were their own little people. They did their own thing. They even had different managers. They didn’t use any of the tools. They didn’t use any of the policies or desktop procedures, and the controls, that the rest of the enterprise was using, because they were told, “Look, this is new. We don’t want to corrupt it with anything old. Do your thing and get it going.” And so, they did. And all of a sudden, there are some really heavy mission-critical apps in the public cloud.

Now, today, we call it technical debt. It’s the technical debt of what these early adopters did. They were super-creative in getting these mission-critical, wonderful, cloud-native apps out there. It’s now time to make them more enterprise. So, it’s the control, the compliance, the resiliency, the ability to know that it’s protected, and in fact, recover it. Because everybody has now been through rounds of mistakes. All it takes is one bad script when you’re configuring something in your virtual private data center, and you’ve wiped out a whole bunch of configs.

So, people have gone through rounds of, “What does it take to recover, now?” It’s not just implementation. It’s now the full spectrum of the life of an app. So, to me, it’s that resiliency, that “Enterprise-ness”, that is probably the single biggest challenge for our customers. Because they still want to do things the new way, but they’ve got to bring in the controls, and the capabilities from an enterprise standpoint around those deployments.

Avrohom: I love what you said about “Enterprise-ness”, as a term. As an early adopter of cloud, I took to that as a technical consultant. It enabled me to be more mobile, and I was able to get going really fast. And I think a lot of us that were in a similar space, were able to get up and running really fast. But now when it comes to enterprise, there is a lot more that comes into play, such as ransomware and resiliency. We’ve got a lot of employees, a lot of people working at the enterprise, so there are many more vulnerability points when it comes to things like social engineering. There is compliance because we have clients in different regions, which have different laws, such as GDPR in Europe. So, I could imagine, that when it comes to enterprise, there are a lot of headaches that they need to deal with in order to get their environment up to compliance. When solving these challenges, what does great look like?

Cliff: Well, you mentioned compliance, and that goes with sprawl. As you mentioned, people are in different regions around the world. Some of the larger companies are in multiple regions because that’s where the customers are. There are all these new great edge services, where you can push things out close to where your consumers are. This means you can have data, literally, in seconds, all over the world. So, there is the sprawl factor. Being able to find out where everything is.

You have these early adopters that are using these great native tools. It’s great when it’s your app, you’re deploying it, and you own it. But not when you’ve got hundreds, or thousands, or tens of thousands of apps. And it’s not just you, but it’s people across your enterprise, who need to own it, manage it, recover it, and find out what’s going on.

So, some things that help our customers bring the “Enterprise-ness”, what I call, what great enterprise resilience looks like. One of the things is visibility. Knowing what you don’t know. Knowing what you don’t know is probably the number one risk that any customer has. If you know about it, you probably plan for contingencies. But if you don’t know about it, and the ransomware person comes along, and steals it or locks it down — wow! Huge headaches, all of a sudden.

So, having some type of controls capability services that can look from the outside in — we call it insights — but really just visibilities, finding out what you don’t know, I think is one of the capabilities of an enterprise in a multi-cloud world.

The second one, you mentioned earlier is about ransomware and recoverability. Everybody uses snapshots. All the native data-creators, if you want to save something, it shoves it into object storage. And it’s great! Right? You tell it to keep a copy of something and it put it somewhere. Usually, it puts it into an object storage bucket somewhere. And that’s great. However, snapshots don’t equal data protection. I tell people if you can’t index it, if you can’t automate it, and if you can’t on-demand recover it, then it’s not a backup. It’s a copy of data, which is great –

Avrohom: It’s good for when you’re doing an installation, and you can revert back.

Cliff: Exactly! In times of trouble, you need somebody who’s going to find out what one thousand and five snapshots out there are the right one thousand and five snapshots that brings my complicated app back together again.

Avrohom: And you don’t want to go too far back in time, either, because then you lose all that data.

Cliff: Seems right. And that whole idea of point in time RTO’s (Recovery Time Objective — how much time you’re willing to be down) and RPO’s (Recovery Point Objective — how much data you’re willing to lose) are just as important in public clouds, and I’d say in fact, more so, because of the sprawl and the variety of services. You need some way of indexing all of your data that’s out there and be able to coordinate the recovery. And not just-in-time ransomware recovery. We also need it for auditors, as well as being able to move your data, such as on-prem to cloud, cloud to on-prem, or even moving data from one cloud provider to another. So, for cloud customers, a great setup would be having tools, policies, and procedures that are independent of your provider, so that you can do all the things that you’d expect to be able to do back when you had everything on-prem.

You mentioned compliance too. Again, that comes down to discovery and visibility. Compliance is right behind ransomware visibility, from a headache standpoint. It is just too easy, especially in Europe, and places like California, and Massachusetts, where you have all kinds of privacy laws. You have the executive orders that are out there, around privacy and recoverability. Turkey, Australia, and Russia. They all have their own paradigms around privacy and resiliency. So, no matter where you are around the world, you need those compliance capabilities. And again, knowing where everything is, and knowing that you are compliant in your region. These are all the kinds of headaches that businesses would need to solve for their cloud setup to be considered great.

Avrohom: What are some examples of how Veritas helped businesses with enterprise resiliency in their multi-cloud environment?

Cliff: I’ll go back to a really early one. They were a very forward-thinking one. They were one of the first big financials in AWS. They’re a regular speaker at every event. And they wanted to get this app. But one part of this app was just the database that they wanted to maintain, this part of it, using native services. But the stateful, they just wanted to lift and shift. But they needed control and availability across availability zones. We gave them that availability, under the covers, without changing the app, to be able to use multiple availability zones to provide storage, so that within a data center they didn’t have to worry about an availability zone problem, as a single point of failure. Then, they also wanted to control wide area across their DR. They wanted absolute control like they had on-prem. That was an early adopter.

Today, it’s things like — well, I mentioned snapshots. Snapshots are great, and they only record differences. However, we know that the great word about on-prem is de-duplication. That’s where you really save because the proliferation of dev environments, prod environments, and a point and a click in a script can replicate an entire production environment. Even if you just snapshot the differences, you still have copies of things. We’ve helped several customers, with their storage de-duplicate all of that storage from all of their copies. So, immediate huge savings. As you know, in the cloud, you’re paying by the month. For every terabyte that you’re storing, you’re paying for it, and it doesn’t go away unless you delete it. The bill keeps coming. I would say, that one of the glaring lines in the financial picture on cost in the public cloud is all that storage. So, we instantly save customers money.

Avrohom: Cliff, how can people connect with you to learn more about Veritas and beefing up their resiliency for their cloud environment?

Cliff: Sure. We’re going to be at AWS, and we are every year, we’re always a big sponsor. So, we’re going to be at AWS re:Invent 2022 in Vegas. I’ll be there and would love to meet people and have a talk. You can learn more about Veritas at AWS re:Invent here: https://www.veritas.com/company/event/aws-reinvent.

You can also reach Veritas on our website, https://www.veritas.com. You can access all of our documentation and our tech notes, free of charge, directly from the website. More information on Veritas Alta Cloud Platform can be found here: https://www.veritas.com/alta.

I’m also active on LinkedIn at https://www.dhirubhai.net/in/clifford-barcliff-4937114 and would love for people to reach out and say hello.

Avrohom: Cliff, do you have any parting words of wisdom to share with the audience?

Cliff: Absolutely. This has come up in customer conversations and every time I’m at a trade show, and it is around ransomware. Probably, the thing that we’re seeing a big shift in is, threat actors are realizing that you’re doing the data protection thing, so they have to do something else. They’re hitting people’s configurations — the metadata. For example, your firewall configurations, your AD configuration, and your vPC configurations. If you think about it, of all those things that you have out there, your VMWare cluster configurations. Not the cluster itself, but the configurations. Because if those somehow get corrupted, stolen, or deleted, it’s really, really tough. Even if you did the best job in the world, from a data protection standpoint, you need that first rung on the ladder to climb out of the hole of a ransomware attack. So, use a floppy drive, thumb drive, etc., but do that thing with a small piece of technology to record all that metadata. It’s probably a handful of megabytes, but go ahead and get that saved, because that is what they’re going after.

About Veritas:

Veritas Technologies is a leader in multi-cloud data management. Over 80,000 customers — including 95% of the Fortune 100 — rely on us to help ensure the protection, recoverability, and compliance of their data. We have a reputation for reliability at scale, which delivers the resilience our customers need against the disruptions threatened by cyberattacks, like ransomware. No other vendor can match our ability to execute, with support for 800+ data sources, 100+ operating systems, 1,400+ storage targets, and 60+ clouds.

About Veritas Alta Cloud Platform:

Veritas Alta empowers you to take control of all your data protection and application resiliency in the cloud.

About the Author

?

Avrohom Gottheil is the founder of #AskTheCEO Media, where he helps global brands get heard over the noise on social media by presenting their corporate message using language people understand.

?

Avrohom presents his clients as Thought Leaders, which challenges his audience to reimagine their own mission and vision, delivering actionable insights, and leaving them passionate, motivated, and with the necessary tools to take immediate action.

?

Avrohom comes from a 20+ year career in IT and Telecom, where he helped businesses around the world install and maintain their communication systems and contact centers. He is a Top-ranked global expert in IoT, AI, Cloud, and Cybersecurity, followed worldwide on Twitter, and a frequent speaker on leveraging technology to accelerate revenue growth.

?

Listen to him share the latest technology trends, tools, and best practices for IoT, AI, Cloud, Cybersecurity, and more, on the #AskTheCEO podcast — voted as the #1 Channel Friendly Podcast 2019 by Forrester.

?

Contact Avrohom:

Web: https://asktheceo.biz

LinkedIn: https://www.dhirubhai.net/in/avrohom-gottheil/

Facebook: AvrohomGottheil

Twitter: @avrohomg

Instagram: @avrohomg