How can I increase data security and resiliency while keeping costs down? originally appeared on Quora: the place to gain and share knowledge, empowering people to learn from others and better understand the world.
Cyber security threat continues to be a latent risk that does not rest during the COVID-19 times; to the contrary, they exacerbated and intensified while the Systems Administrators are focusing on maintaining operation-critical processes with minimal resources on-site or at customer’s locations. In this context, clients need to protect their business with a resilient, flexible IT infrastructure. They need to strengthen their business continuity with the right tools, technology, and skills to deal with crises. They also need to protect and recover from cyber attacks by having a robust cyber recovery plan while securing data storage to ensure smooth operations of their environments if a crisis impacts physical access to data centers.
From a storage infrastructure perspective, cyber security and cyber resilience are complementary areas addressing security challenges in today’s IT industry.
–Security: Is about “Locking the doors! Prevent bad actors from entering my system!”
–Resiliency: If my system has been hit or corrupted by internal or external bad actors, how do I recover? Do I have the means to recover quickly and continue business operations?
Cyber resilience is defined as the organization’s ability to continue to deliver business services in the face of cyber incidents. From a storage point of view it is a combination of hardware and software-defined storage brought together to deliver improved threat resolution, reduce costs, and quick recovery.
Infrastructures that are only focusing on DR (disaster recovery) and HA (high availability) are not enough to face cyber security challenges; we need to add a cyber resilience infrastructure leveraging the following capabilities:
–Isolation: protected copies from the active production data so that a compromised host system cannot corrupt it. This is also known as an air gap.
–Immutability: The copies must be protected against unauthorized manipulation.
–Granularity: We must create multiple protected copies to minimize data loss in case of a corruption incident.
Special mention is required of the need for physical air gap capability. Some people call it the last line of defense against cyber-attack. It brings a complete protection approach that provides no network or software access to protected copies and can be implemented using a tape library. The offline by design nature of tape offers a true physical air gap and provides one of the most secure protections to confront cyber crime. Tape technology provides the lowest cost per TB in the market (9x-11x times less expensive than traditional HDD) while delivering the highest availability rates in the storage industry.
While IBM has the technology to help organizations with their cyber security and resilience, there is an important ongoing activity that organizations must continue to perform, which is simply to test and learn, especially as organization’s infrastructure evolves with modern technology.
All of these security and resilience capabilities can be combined with other additional storage features to dramatically reduce costs:
1) Use data compression and de-duplication techniques which typically provide 4-5x reduction, reaching in some cases a x15 reduction depending on the data type.
2) Effectively put the data in the right medium throughout its entire lifespan while keeping it safe and available.
- 3) Consolidate your traditional and cloud native workloads considering current requirements and future growth. Consolidation provides important saving in CAPEX and OPEX due to the reduction on physical space, complexity, management and power consumption.
You can follow Quora Sessions here.