I was recently looking at LegoTM parts, and I started to consider the myriad of LegosTM and the broad categories they fit within. Then I had a thought. Is the cloud just so many LegosTM? SaaS, PaaS, IaaS, and DaaS are various categories of clouds. We could call them the fundamental building blocks or bricks of the cloud, and we could think of moving to the cloud as the assembly of those bricks into something usable. Or so one would think.
I have written many times about the need for application-centric data protection and data-centric security. But what these both require is that our data protection, security, management, and networking are data-aware. We use applications, but we thrive on data. The more data we have, the more chance we can make use of it, which has resulted in big data tools and big data extensions, even to hypervisors. We talk constantly about moving data closer to processing, with flash and other techniques at the storage layer. But we have not grown other aspects of our systems to be data-aware. It is time this changed. Continue reading Data-Aware Services: Oh, the Places We Could Go!
In the past, I have written about the next generation of data protection, which combines analytics with broader data and holistic system protection into one easy-to-use product (or set of products). The goal is to take disaster recovery to the future, when we will be able to restore and test our restores of not just our data, but also the systems required to make that data accessible, including all networking and security constructs. If you were to have a massive disaster, could your disaster recovery techniques restore your entire environment at just a push of a button? Does your disaster recovery testing feed back into analytics to determine what needs to change to make this a reality? Continue reading Next-Generation Data Protection: Realities
Backup, disaster recovery, and business continuity have changed quite a bit over the years, and they will continue to change into the future as more capability, analytics, and functionality are added to the general family of data protection tools. As we launch ourselves into the clouds, we need to perhaps rethink how we do data protection, what tools are available for data protection, and how to use our older tools to accomplish the same goals. We need an integrated data protection plan that not only accounts for cloud or data center failures but also accounts for the need to run within the cloud. There is always the need to get your data there and back again. Continue reading The Face of the New Backup
What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we have not really talked about the intersection of the user, application, data, and system. Perhaps this is part of architecture, but I see this as a need for all applications. Security must be able to protect the data and, simultaneously, the user. Security is about the traditional availability, confidentiality, and integrity as well as privacy these days. Continue reading Application Security: What Is the First Step?
When to implement security and data protection practices, or even change existing ones, is all about timing, knowledge, and scope. Deciding what to implement at any particular time requires knowledge of what needs to be fixed, and also of what the future could hold. To do this properly, you need to pay close attention to the threats within your industry, understand their impact, and evaluate them based on risk. Where to obtain such knowledge is always changing, but the scope we apply the knowledge to seems to be static and not changing with the times.