For more than 20 years, CEO of HYCU, Inc., Simon Taylor, has worked in the enterprise technology industry, directing go-to-market strategy development, product marketing, and channel and sales management. Prior to his time at HYCU, Taylor held senior executive positions at Comtrade Software, Putnam Investments, Omgeo, and Forrester Research. We had the opportunity to speak with him about the state of modern data protection, the shift towards as a Service offerings, and the challenges associated with multi-cloud environments.
Assume the worst has happened: your business has fallen victim to a ransomware attack with no prevention or detection measures. How can organizations with insufficient defenses best recover from an attack?
Sadly, this is an all too familiar question that we have heard from customers and partners alike. As we all know, it’s not a matter of if in this scenario; it’s just a matter of when. Ransomware is insidious. It’s on the rise, and North American organizations, in particular, are bearing the brunt of the attacks, with more than 80% of attacks globally happening here. And, the bad actors are relentless. They are continuing to create new and innovative ways to launch attacks. As we all know, there are also no panaceas. No silver bullets and no guarantees. However, with that said, there are definitely things that any organization can do in light of an attack to recover.
The first item is to ensure you are doing frequent backups and over a period of time. Ransomware attacks occur over a period of time, so we tell our customers that it’s important to have frequent backups to be able to recover from – regardless of the attack scenario. The second item is to make sure your backups are protected. Backups need to be stored in a way that is not susceptible to an attack. The third item is to make sure you limit access to backup targets. We see customers export their backups to share to a bunch of people. That’s not a good idea, as this increases risk. Even a relatively small mistake like this can end up being very costly. The fourth item is you need to pay attention to the safety of your backup service. If a service you are using for backup is compromised, it won’t help how well your data is backed up. Any service you are using (BaaS) needs to be safe and secure. You also need to make sure your backup network over which your data is moving is safe and secure.
The fifth item is to make sure you are monitoring your backups and understand your recovery readiness, to begin with. That’s a major item and why we spent time with leading security industry partners and customers alike to develop R-Score. It’s a free service to help companies better understand what they can and should be doing to establish best practices and actionable items for recovery. Sixth and final, you need to ensure you can recover in a timely manner. The executive leadership team and Board of Directors want to know when the business will be back up and running. With the average time to recover from ransomware as long as two to three weeks, the quicker you can recover, the quicker you can repair the damage to your company’s business and reputation.
There seems to have been a shift towards BaaS and DRaaS solutions recently. What factors do you think are driving this change?
A lot of the move to as a Service stems from the Cloudification of IT infrastructure. If we learned anything from the onset of the recent pandemic, it’s that cloud is alive and real. More organizations have been moving infrastructure and applications to the cloud than ever before. Not just to support the move to remote work and work at home mandates, but also to support digital transformation initiatives. These efforts, in turn had a big part in driving the move to cloudifying specific IT functions like backup and disaster recovery.
This journey to the cloud has been ongoing. We’re at about year ten of the twenty-year digital transformation journey, and the move to the cloud has been an accelerator in many regards. You are now starting to see the inevitable marketing machines of new and emerging companies along with established and legacy players go into overdrive. “Cloud-native” and “born in the cloud” are just a couple of terms capitalizing on this effort. However, that’s only part of the value of what as a Service has to offer. Much as Salesforce did for customer relationship management years ago, at HYCU, we see the move to Cloud as a quiet revolution in simplifying backup and recovery as a Service. We envision BaaS as being ubiquitous, and the same experience that consumers have with backing up their iPhones or mobile devices should be a reality in enterprise data protection efforts. In many regards, that move is only just taking off across the enterprise.
What are the challenges associated with multi-cloud environments? How can businesses avoid those pitfalls?
There are a number of challenges. The key challenge is managing, migrating, protecting, and recovering data across the data estate – regardless of location, on-premises, or in the cloud. Addressing that challenge can be confusing to customers. Legacy providers that have developed solutions that are ideally designed to work well in some environments don’t work the same in public clouds, for example. So you may see a solution that was ideally suited for on-premises data centers being stood up in the cloud. That happens more often than you would expect, particularly with data protection solutions.
The ideal is to leverage purpose-built solutions for each cloud platform, which can also support on-premises environments. That’s the approach we’ve taken at HYCU. We fundamentally believe that to support multi-cloud environments, you need purpose-built, tightly integrated solutions for each platform delivered as a Service, without unnecessary hardware or software. And, most importantly, solutions should be easy to use and deploy. This is a significant pitfall for many businesses because you want to move to the cloud to eliminate cost and complexity.
The workplace has drastically changed in the past two years with the significant increase in remote work. Where do you see data protection going in the future as a result of this? How do you see the space evolving in the coming years, in general?
You couldn’t have a truer statement. The workplace has dramatically changed. And, it’s changed for two fundamental reasons; one good and one bad. The good reason is the move to the cloud and the cloudification of IT infrastructure. The bad reason is the rise of ransomware and the increase of cyber-attacks. When you factor in the issues with human error and natural disasters, you begin to see the rise of backup and recovery as a first-class citizen. Before, it was not as important as it is today. Our Chairman of the Board and Bain Capital Ventures Partner Enrique Salem has said it best on numerous occasions, “What really matters is recovery. You can’t run your business if your data is not available.”
While the importance is placed on recovery, now more than ever, as part of the overall data protection dynamic, you are also seeing two major shifts in the industry. The first is on simplification. Yes, it has been taken for granted, and everyone says their solution is simple. But unless you can deploy a solution in as few clicks as possible and without a host of professional services team members, are you really safe to use the word simple? This speaks to one of our fundamental beliefs that backup and recovery as a Service should be as easy to deploy and use as possible. The second is on equivalency. As many who work with cloud providers know, the model is on shared responsibility. The cloud providers are responsible for compute, infrastructure, services, etc., and the customers are responsible for making sure their data is protected along with other items.
We take this charter extremely seriously, and it’s a major reason why we are fanatic about staying true to our core values of authenticity, grit, and empathy, especially when working with our customers. We believe data protection providers have a moral imperative to ensure data is safe and available across multi-cloud environments. What helps make that happen is delivering solutions to customers that they need and can use across platforms and taking advantage of APIs to tightly integrate. You’re starting to see more around this, and you can expect to see more to come over the next couple of years. We have said it before, but this is all part of the migration to the cloud as part of digital transformation initiatives and the quiet revolution of simplification. You will start to see more automated intelligence, tighter integration with each cloud platform, and solutions that provide equal levels of support regardless of location or cloud.
- The Best IT Resilience Platforms to Consider for 2021 and Beyond - September 16, 2021
- The Best Risk Management Courses on Udemy to Consider for 2021 - September 14, 2021
- The Best Veeam Tutorials on YouTube to Watch Right Now - September 14, 2021