How do you back up SaaS? I'd like to know

You can’t have an IT “modernization” discussion without bringing up the cloud. And in the realm of data protection, that comes in a few obvious flavors:

Backup as a Service (BaaS) – where your data is backed up either directly to a cloud provider or first to a local appliance and then to that provider. The latter gives you faster restore and other performance-related benefits, but the end result is the same.

Disaster Recovery as a Service (DRaaS) – where entire parts of your infrastructure, usually whole VMs, are replicated to a cloud provider, with the ability for you to bring those VMs online and resume business services from the provider’s infrastructure after a crisis. Some DRaaS solutions even provide BaaS as a side benefit.

Cloud-Storage for your On-Premises Backup – where your existing backup solution is working fine, but you’d like another copy of your data outside of the building – and cloud economics are interesting. Great, add cloud-based storage as a target to your on-premises backup server …or back up (BaaS) your backup server to the cloud. Either way is okay.

But instead of talking about data protection AS a service … what about data protection OF a service?

Many of us put our data into SaaS (software as a service) solutions today – e.g. SalesForce. We assume that SalesForce (or any other SaaS solution) has multiple points of presence on the Internet, and that they have resiliency between sites. The assumption is that if a site were to have a crisis, the other site(s) would still be available. For some large SaaS solutions, that may be enough – though it can still be hard to document (or test) when doing a BC/DR audit.

But what about if the SaaS provider goes dark?

Maybe out of business? Perhaps a victim of Denial of Service attacks or broad data corruption (that is then replicated between sites). What is your plan?

Do you back up the data from your SaaS provider?

In what format(s) is the backup in?

Is the data readable or importable into a platform that you own?

How would you bring the functionality back online for your local users? for your remote users?

Most importantly, have you tested that recovery?

This is not a blog post where I offer you answers, but one that I wanted to pose some questions for discussion.

Topics: Cloud Computing Backup Data Protection Information and Risk Management SaaS Jason Buffington business continuity disaster recovery BaaS DRaaS Public Cloud Service

One Rule with Social Media and Social Networking: Don't Be Creepy.

I’m always amazed how a wonderful and benign technology can be turned to creepy or downright evil uses. What is it about the profit motive that makes so many people check their ethics at the door? It seems so shortsighted.

I was lucky to be “there” at the beginning of the PC revolution and the beginnings of the Internet. Both were exciting times when the promise of new technologies seemed boundless. Then, it got real. And by “real” I mean turned ugly. Viruses and spam, Internet scams and phishing, rampant porn and ultra-violent video games. Makes me want to say the digital equivalent of “Hey you kids! Get off my lawn!” only the kids are businesses and the lawn is everything digital.

Topics: Enterprise Software Social Enterprise

Customers Expect Antivirus Protection from Online File Sharing Solutions

The most important security feature that customers expect of their online file sharing and collaboration (OFS) solution is antivirus. “Well, of course,” you might say. But this finding from ESG’s recent survey into the OFS market has come as a surprise to many OFS providers.

In addition to running their own antivirus software, organizations appear to expect their OFS provider to run an additional antivirus scan for more secure file sharing. In fact, customers demand this more often than any other security feature they might find in an OFS solution.

Topics: Storage IT Infrastructure Information and Risk Management Security and Privacy

Talking Storage with Dell Executives: Alan Atkinson

At Dell's recent Storage Forum in Paris (no, not the one in Texas, however convenient that might be to Round Rock!) I was able to record interviews with some of the vendor's senior storage executives. I asked each of them to succinctly cover a couple of key points. In this piece (which is number 1 of 4), I spoke with Alan Atkinson about Compellent - both its announcements and general progress.

Topics: Storage IT Infrastructure

Holiday (Or End Of The World) Thoughts

HP is the equivalent of the NE Patriots last Sunday vs. the 49ers - everyone knows all the pieces are there, all you have to do is not shoot yourself in the foot and you win. Oops.

Executive Management Is Becoming More Engaged In Information Security

Dealing with business and executive managers has been a persistent occupational hazard for security professionals. Business managers didn’t want policy enforcement to get in the way of business productivity. CEOs and CFOs tended to eschew “good security” for “good enough security.” The biggest role they played here was that of budget cutter.

This minimalist attitude toward cyber security appears to be changing. According to ESG research, 29% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) say that executive management is, “much more engaged with information security situational awareness and strategy,” than a year ago, while another 40% of enterprise security professionals say that executive management is, “somewhat more engaged with information security situational awareness and strategy,” than a year ago.

Topics: Information and Risk Management Enterprise Software Security and Privacy

Evaluating Online File Sharing and Collaboration Solutions

Choosing the best online file sharing service for your organization starts with asking the right questions. We’ve created a complete checklist of questions IT professionals can ask as they evaluate different online file sharing and collaboration (OFS) solutions. Vendors can use the checklist, too, for a better understanding of how their OFS offering stacks up against the competition.

Are there file size limits that could prohibit storing and sharing your corporate data? How are application integrations priced? Will a dedicated account manager be assigned to you? These are just some of the questions we lay out in our brief, Conducting an Online File Sharing Comparison.

Topics: Storage IT Infrastructure

Security Intelligence Can Help Enterprises Improve Risk Management and Incident Detection/Response

According to ESG Research, 65% of organizations use external threat intelligence (i.e,. open source or commercial threat information) as part of their overall security analytics activities. This is yet another factor driving the intersection of big data and security analytics.

Topics: Information and Risk Management Security and Privacy

Mobile Devices and Online File Storage and Sharing

BYOD has been a key driver for online file sharing and collaboration (OFS). ESG’s research uncovered a very strong correlation between rogue online storage and file sharing usage (or suspicion thereof) and the surge of mobile devices in an organization. The more growth in alternative endpoint devices, the more likely an organization is to know that their employees are using rogue OFS services. See the ESG Research Brief: Spotting and Stopping Rogue Online File Sharing Accounts for more information on these trends and the headaches for IT that stem from employees’ mobile devices.

Topics: Cloud Computing Storage End-User Computing IT Infrastructure Information and Risk Management Enterprise Software Security and Privacy Public Cloud Service

Data Protection in a BYOD World (video)

One of the most complicated areas of data protection in IT today has to be around securing the data on endpoint devices (laptops and tablets). Frankly, most IT organizations weren’t able to do an effective job of protecting that data when the devices were corporate-owned, but with the myriad devices that are now in use, it is even harder.

But the reality is that, regardless of who purchased the device, it has corporate data on it !!

Topics: Cloud Computing Backup Data Protection Information and Risk Management BYOD Jason Buffington BaaS file sharing Public Cloud Service

Tape - Spinning Its Wheels or Ready For Traction?

Tape usage is declining, which is in many ways—and, for what it matters, in my opinion—an unfortunate thing. According to new ESG research, many organizations expect to further reduce their use of both on-premises and offsite tape storage. But forfeiting the many genuine benefits of tape could also be a costly mistake for them.

ESG has just published a Brief, Tape Usage is Declining – But It Shouldn’t Be, that covers both current and future tape usage trends, as well as highlighs some of the reasons that the all-too-common and easy assertion that "Oh yeah, we're phasing out tape wherever we can" may be just a tad myopic and/or founded on old and erroneous beliefs about the technology. Give the Brief a read to get a fresh look at the benefits of tape storage in today’s world of hot and cold data. It's an industry that might look like it's spinning its wheels, there are reasons to believe it's actually just getting ready for some new traction...

Topics: Storage IT Infrastructure

Enterprises Are Buying Host-based Advanced Malware Detection/Prevention Tools to Capture Forensic Data

APTs and advanced malware are having a profound effect on cybersecurity technologies. One notable change is the rise of new Advanced Malware Detection/Prevention (AMD/P) technologies from vendors such as Bit9, Bromium, CounterTack, Invincea, Malwarebytes, and Sourcefire that detect and block advanced malware on servers and endpoints.

Topics: Information and Risk Management Security and Privacy

At Least a Billion Good Reasons to Pay Attention to Not Only SQL Databases

We just published an in-depth market landscape report called Beyond RDBMS: Not Only SQL Challenges the Status Quo. While the full report is only available to private customers, here is an infographic that highlights some of the key findings about the nature of the Not Only SQL database market.

Topics: IBM Microsoft EMC Data Management & Analytics Enterprise Software database Oracle google NoSQL Teradata sap MongoDB aster Amazon Web Services 10gen Greenplum

Macro Economic Implications on IT—Thou Shalt Adapt, or Perish

I think about things in my (upper) 40s that I never would have given much thought to a decade ago. Funny how age changes a person. There are really only two ways things can go for us IT folk over the next five to ten years, in my opinion, and I shall discuss both.

Storage Hypervisors - Video Blog (3 of 3) with DataCore, HDS, IBM, & Virsto

In a recent blog entry, I 'trailed' a series of three short videos that I would be posting. You can storage-hypervisors-need-more-hype/index.html" target="_blank">read that other blog for a full explanation of the genesis of these pieces.....but the quick version is that I was fortunate to run a panel recently with four of the leading vendors in this space. While we'd expected lots of discussion about their different approaches to the storage hypervisor opportunity, the panelists and I soon realized that basic education about the concept and possibilities was a more pressing need than vendor-specific pitching.

Topics: Cloud Computing Storage IT Infrastructure

Are Rogue Online Storage and File Sharing Accounts Exposing Your Organization to Risk?

Employees are signing up for individual online file sharing and collaboration (OFS) accounts with free cloud storage sites, exposing their organizations to risks of data leakage or even data breaches. ESG conducted a survey of nearly 500 IT professionals to find out how pervasive the problem is, and what can be done about it.

Topics: Cloud Computing Storage End-User Computing IT Infrastructure Information and Risk Management Security and Privacy Public Cloud Service

Security Data Explosion Is Driving Big Data Security Analytics

In my last blog, I mentioned that 44% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that security data collection and analysis could be considered “big data” today while another 44% believe that security data collection will qualify as “big data” within 2 years.

What makes security data “big data?“ One place to start is simply security data volume. According to recent ESG Research, 47% of enterprises collect more than 6TB of security data on a monthly basis to support cybersecurity analytics. Security data volumes are growing as well: 43% of enterprises are collecting “substantially more” security data than they did 2 years ago while another 43% of enterprises are collecting “somewhat more” security data than they did 2 years ago.

Topics: Storage Networking Information and Risk Management mobile Compute Security and Privacy

Remember When

Your pager goes off and wakes you at 4:00 AM to let you know that the power is back on at the office, and you think, “Oh Great.” You look out the window and see the ground covered with snow as you fire up the home computer to see if you can send an e-mail - nothing. The drive to the office is quicker than usual, because there’s no traffic. It’s dark as you walk down the hall past the empty cubes, swipe your security card past the reader and open the big steel door. Ah, the familiar sound of cooling fans as you flip on the lights and walk to one of the many computer racks in the room. You jiggle the mouse in front of the console, and it lights up with a blue screen and a half booted system. The only option is to hit the power button.

That memory ran through my head during one of the recent ESG Lab projects I was involved in. I was thinking how rare it is for the computer equipment an administrator manages to be in the same office they work in these days - or even the same state, for that matter. We were testing a solution that paired NEC blade servers and storage with PAN Manager software from Egenera at the time.

Topics: Cloud Computing Storage IT Infrastructure Private Cloud Infrastructure Compute data storage ESG Lab Server Virtualization

Is HP Storage Discovering Itself?

With commendable fanfare at its Discover event earlier this week, the storage arm of HP has rolled out what it is spinning to be the biggest announcement since it acquired 3PAR. A cynic might use the same words in a different order—since the announcement this week essentially cemented the 3PAR take-over of HP storage. The key players have been in place for a while as the bright yellow bezels have flown off HP’s shelves (I like to use somewhat consumer-ish terminology so that all of HP and all of the world realizes that storage can make revenue and margin for HP just as much as—and for all I know more than—PC’s, printers, and toner!). Anyhow, aside from the players, now the products are in place too—with the centerpiece of this week’s announcement being the new midrange 3PAR offering.

And let’s make no bones about it: The new HP 3PAR StorServe 7000 Storage (can’t we just call it "sir"?!) is an excellent product, which ever way you look at it….function, pedigree, whatever. More importantly, it packs a genuine "enterprise punch" for a "midrange price"…and this in a market where HP—despite, or because of, the popular and venerable EVA—has not (to continue the analogy) even punched its weight for a long time. Indeed, HP was at pains to point out the vast new TAM (Total Addressable Market) that it could now reach. Of course, having someone’s address—this is a new analogy!—is not the same as arriving and being welcomed in….having "something to bring to the party" is great, but you still have to get an invite! More of this later.

Topics: Storage IT Infrastructure