Securing the Borderless Enterprise: What You Need to Know
Date: Tuesday , October 20, 2015
We live in the era of the \'borderless enterprise.\' This new enterprise is a fluid and adaptable ecosystem whose resources are accessed, used and shared via mobile, social and cloud. How has this model changed over the years? How mobility and the cloud have \'decentralized\' data and what does it mean for organizations working to manage and protect information? Let\'s take a closer look at these questions along with a few emerging technologies we will see in 2016.
First, some background and context-Once upon a time, IT had full control of protecting data, and data was centralized in a company\'s data center. During the last few years, mobility and the cloud have literally pushed data out of the data center and onto various devices. According to a Ponemon Institute study, 44 percent of corporate data stored in cloud environments is not managed or controlled by the IT department. Also, it has been estimated that more than 30 percent of business users have lost an external or mobile device containing sensitive business or personal information. As a result, enterprises are tasked with protecting data amidst an increasingly dispersed data landscape (think Office 365, Box, Salesforce, Dropbox, etc.) while also keeping the data compliant with regulations and enterprise policies. In addition, companies must adhere to global data privacy and industry-specific regulations (HIPAA, GLBA, COPPA). Ensuring better data backup and recovery efforts and improving cloud infrastructure services and regulatory compliance are all major priorities for today\'s enterprises.
This new decentralized data model has forced a change in the way enterprises manage, protect, access and govern information. Think of how the new cloud or Bring Your Own App wave (BYOA), with so much data outside the firewall, is impacting data use, accessibility and management. The largest data recovery and business continuity related change is the shift from software to service model. Organizations are increasingly using the cloud as a secondary storage platform for data recovery. Primary storage refers to data stored that needs to be readily accessible by applications and the workforce. Secondary storage is what you don\'t see, including information archival, backup and secondary copies of data. Additionally, the public cloud has become an increasingly popular choice, rather than hybrid or private clouds, to manage Disaster Recovery, as it is more cost-effective to build in and spin up. A company can leverage its existing investment in infrastructure as well.
This new borderless enterprise and dispersed data landscape requires specific technologies to ensure greater business continuity. Here are a few technology models that enterprises will be implementing in the coming year:
Cloud-Based Disaster Recovery: Today, business continuity must extend out to the various networks and mobile devices employees are using. Enterprises must ensure that if any system, server or network within the organization goes down that there is immediate failover. Currently, there are systems in place to facilitate a failover, but the process is not instantaneous. As services move out into the cloud and employees access services on mobile devices, enterprises are faced with new challenges. These employees, on their mobile devices, are accessing the system and various services from remote locations. How does a company provide access to these services when disaster strikes and when the data center goes down? One option that more and more companies are embracing: moving workloads to the cloud, including a Disaster Recovery as a Service (DRaaS) model that replicates on-premises workload data to run in a cloud environment. DRaaS is a cloud/backup service model that uses the cloud to protect application and data from disaster-related disruption. It actually enables the full backup and replication of all cloud data and applications while serving as a secondary infrastructure. The DRaaS environment becomes the \'new\' environment, allowing an enterprise and users to continue with daily business while the primary system is repaired. As the number of remote end users continues to increase, enterprises must provide the ability to access different servers at different sites.
Cloud-to-Cloud Replication and Recovery: The modern enterprise needs a multi-faceted technology approach to protect, govern, manage and access data. Firstly, more data risks will need to be addressed. More effort will be required to protect data within multiple places. Cloud-to-cloud DR can address these potential data protection gaps. Cloud-to-cloud will become the norm in coming years, including multi-cloud, multi-region to cloud and DR between Azure and AWS within the same region or AWS regions to another region, for example.
Centralized Data Governance: The forward-looking enterprise will understand converged data protection while taking a proactive approach to compliance, adopting technology that centralizes visibility and control of business data that resides on employees\' endpoints and cloud services. Druva, in fact, centralizes and controls business data residing on employees\' desktops, laptops, tablets and smartphones via integrated endpoint backup, data loss prevention, IT-managed file sharing, and data governance controls. Druva defines proactive compliance as enhanced governance- related capabilities that enable organizations to be more proactive in their ability to understand, identify and take action on data risks across the dispersed data environment. Technology components include a \'centralized compliance dashboard\' that offers an easily navigable view by data source, compliance risk type, or user and \'non-compliance reporting\' that includes automatically generated emails to subscribers when potential data risks are discovered.
The software-defined network: This network allows failover to another network with sync-back. Here, if an organization\'s primary system goes down, a second can \'take over.\' Once the primary system is re-staged, both the first and second systems are synchronized, allowing the primary system to be updated and \'regain\' control. As the globalization of data continues and the borderless enterprise becomes standard, those enterprises that implement real-time, transparent Disaster Recovery and business continuity practices across their organizations will be one step ahead of the data protection curve.