Nothing quite changes like IT. We have gone from incredibly manual, thought-requiring human processes to handling petabytes of data to make a single decision. In essence, our requirements have changed to meet our real-world needs, whether such change has been to improve performance, capacity, or other needs. Requirements rule the world of IT. Recently, we have seen an additional shift in requirements. TVP Strategy is currently looking at a small set of IT: data protection. Our approach has been to produce a coverage graph. The graph gives us a nice visual on how vendors’ products match up. But that is not all. We recently did some analysis comparing products over time as our coverage graph requirements have evolved. The results of these comparisons over time are very interesting.
Articles Tagged with Secure Hybrid Cloud
This is the first of many comparisons and commentaries on data protection within the hybrid cloud. We are looking at the mechanisms used to achieve data protection. Mechanisms—how boring—yet from an architectural and data management view, mechanisms become increasingly important. The mechanisms available can impact the costs of your data protection. One example: it is often thought that data protection is instantaneous. It isn’t. It has a window of execution measured in hours, not microseconds. If you need microsecond data protection, you may need other tools to fill that need.
The first things to decide are what you need in the way of time to recover your application (recovery time objective, or RTO) as well as how much data loss you can stomach during recovery (recovery point objective, or RPO). RPO determines how often data protection should be used, while RTO governs how soon recovery will be completed once started. This pair of critical factors will control what mechanisms are important within your organization. Beyond those two, there are other, equally important mechanisms that influence the types of recovery mechanisms in use.
I recently had a number of consulting conversations about IT transformation and adding new Security as a Service products to companies’ existing clouds and tenancies. This is the beginning of IT transformation in many cases. A company has realized it needs to provide security to its tenants while using clouds more securely at the same time. This is a hybrid cloud. The company provides a cloud, yet uses tools from Box, Salesforce, Google, Microsoft, and the like. So, where do we start with IT transformation? With architecture that includes security.
I have written many times about hybrid cloud security, but there’s a fundamental security requirement that happens as you access the hybrid cloud. In our previous back to basics article we wrote about the need for situational awareness. We’re going to expand on that topic some more. The real success to hybrid cloud security is understanding how the users access the hybrid cloud: where they access it from, why they access it, and what is accessed or used. From a security standpoint, it starts with one organizational item: people.
We are curious about which cloud or clouds everyone uses, as the market is rather diverse, ranging from Amazon Web Services to clouds based on OpenStack, VMware vCloud, and community clouds that meet specific needs. Are you using multiple clouds, just one cloud, or no clouds? We’d like to hear your answers to these questions. We have our heads in the clouds, as we not only write about them here but also use clouds in our daily business. This will be the first in a series of polls in which we invite you to share your opinions by voting. We’ll share the results of these polls with you in return.
I have written many times about the need for application-centric data protection and data-centric security. But what these both require is that our data protection, security, management, and networking are data-aware. We use applications, but we thrive on data. The more data we have, the more chance we can make use of it, which has resulted in big data tools and big data extensions, even to hypervisors. We talk constantly about moving data closer to processing, with flash and other techniques at the storage layer. But we have not grown other aspects of our systems to be data-aware. It is time this changed.