actionitem

as @davidchapa said in the video - probably don't start with a conversation about #RPO and #RTO - that will make business people's eyes glaze over...

This is hard - some of the current approaches are "let's gather all your data while giving enough value on the backup side to do 'new cool things' with it". The catch is....customers want vendors to show them the "new cool things" and vendors are looking to customers.

People approach - training: prices approach - policy and procedures. Tech approach - Latest technology with collaboration. At dentist now. He is back ... sorry I will miss the rest

Ask business questions like - what's your most critical data (i.e. what's the value profile of your data) and what happens if you lose access to that data...and how much is it worth to you to not lose access to that data...or what happens if it gets stolen?

If you focus on core business needs--robust processes, efficient transactions, high-quality decision support--you can quickly identify "for want of a nail the kingdom was lost" showstoppers if key data is unavailable. Prioritize data protections accordingly.

(edited)

@dvellante Exactly; prioritize depending on use case. Sharing sales or marketing plans with freelancers not the same as sharing PII with outside consultants or PHI with insurer partners. What's the reputational risk? (And sharing sensitive info is core in some industries)

@jameskobielus Really agree with this - requires (relatively rare) folks with solid tactical & technical understanding paired with strategic level analysis capability. Business analysts/architects/etc. - they're rare and costly but can bring outsize value.

@andriven Data valuation may be a predicate to do this right. Laney's "Infonomics" is a good, but incomplete step in that direction.

Thanks! Feels like good sabbatical reading...just bought on Amazon. ;)

I'm in

good to see you tom...important topic - protecting data for digital business #backup #recovery #digital #cloud

I'm here today as well.

Totally agree. In era of deeper partnerships, and regulation, sharing digital data via cloud is essential, thus data protection is strategic. Must keep control and still be able to work!

I'd love to see research around average customer internet speeds+reliability by customer type/locations/etc. Internet speeds are the lifeblood of multicloud (especially if your data protection lives in the cloud).

This also makes me think of @mitchellh at #HashiConf stating his desire to be "militantly clear" that multicloud solutions can't abstract/hide underlying cloud platform capabilities. That only works in a stagnant and commoditized market.

In case your wondering: Wikibon says Hybrid cloud = multiple clouds, same environment; multicloud = multiple clouds, multiple environments.

it's often hard/costly to move data among clouds, guaranteeing consistent security policies and SLAs across clouds is tricky, and just keeping track of what's where can be tough (depending on the capabilities of the software you use, of course)

Multicloud creates a key challenge for data protection: how do you ensure consistent backup/recovery policies and schedules across disparate cloud data domains.

single point of control? distributed data? laws of physics? cost optimization...Compliance #backup #recovery

@ekaulberg Right. Let's also consider multi-cloud data stewardship/quality akin to a data protection challenge. How to ensure that you're ensuring continuous consistency across data domains persisted in two or more clouds?

Different API's/services per cloud with different levels of maturity. Have seen this firsthand where services may not perform as advertised at scale then data protection services use them in different ways than regular applications.

@ekaulberg Does multicloud (multi-environment) mean disparate data protection?

@plburris it shouldn't have to mean separate data protection silos. But that's also a philosophical question for the organization - do they want to centralize EVERYTHING or are they ok with certain environments locked in to particular silos?

@ekaulberg Yes, migration is super challenging, and there are reasons. It's nice to use cloud for flexibility, but reality is when OneDrive is free with Office365, there is a savings opportunity too.

@ekaulberg Multicloud data protection: Centralize management without centralizing data?

a great idea in theory, but I'm not sure existing offerings can do that at scale

I'll split the difference: data lies everywhere now, and everywhere is where it should be protected. There should be nowhere where data is outside the "protection" envelope.

All about cost and operational complexity after that. AWS charges an arm and a leg for egress? Protect in place coordinating AWS resources. Application can be multi-writer to different clouds? Centralize protection at the least expensive spot.

The constantly changing price dynamics make this REALLY hard though. Today's least expensive option (with lots of work to build out technology + processes on top of it) may be tomorrow's more expensive option. I'm back to API-first here as a risk hedge.

Protect sensitive data whenever it is not in your control, no matter how secure the "storage" appears. You don't want it ending up in public.

protect the data where it lies, but move whatever you can move to where there is higher level of protection.

it should be available self service across the entire organization to every user where ever they are. Give me file X because I deleted it.

Backup/restore is becoming an automated function that the IT administrator monitors and sets policies but doesn't manually do much of anything to ensure in an operational setting. In the multicloud, it's becoming entirely automated in the back-end.

data protection is becoming a fundamental component of digital strategies, data strategies and application deployment. It's going to increasingly be a team sport...admin function will be there to make sure it works properly but the strategy will belong to sr. leaders

We've already seen a "back and forth" here. Take NetApp with their SnapManager products that sold directly to the application/database teams...operationally that had problems at scale however (as you'd expect).

In a perfect world, the app owners choose via self-service (let's talk imperative vs. declarative) and don't really care...until there's data loss. It will be interesting to see if we have high profile data loss scenarios that drive things back to centralized teams.

I'd add edge storage as a key area of innovation in data protection. I see the future as one where you will protect the data in part by radically distributing/replicating it to avoid single points of storage failure. Blockchain plays into that.

- maybe drilling down a bit - how you apply machine intelligence / #AI - simple example is proactive maintenance and support - you have this corpus of backup data - what does it say about the health of your infrastructure - also anomalous behavior for security concerns

There's security in the sense of data security and also in the sense of mining the data for ransomware detection (DLP-ish items if you will).

I think also that some of the next gen data vendors are holding certain ideas close to the chest in this area. ;) Competitive moat concerns are real.

@andriven And diminish API-first, don't they.

@andriven Tech industry's gotta learn to keep up!

That their current approach is probably: 1/ not adequate; 2/ stovepiped; 3/ either too expensive or too cheap - i.e. it's a one-size-fits-all approach; 4/ is probably not holistic; 5/ Is really challenging and 6/ they need a better plan

that security is everyone’s business in an enterprise. Educate educate educate, as humans are #1 vulnerability in digital security.

There's LOTS of potential in this area and you're investing as much in a company's vision for their platform as their current capabilities. Current capabilities and speed of development are the metric to grade the likelihood their vision will come true however.

Don't get stuck in checkbox comparisons which often hide the real operational impact to your team (which shows up majorly in operational flexibility and staffing levels). Legacy vendors always win the checkbox comparisons but often have high hidden operational costs.

Senior business leaders must know that digital business without robust data protection is risky business. Transactions crash, analytics fall flat, processes stall, etc.

@sarbjeetjohal The relationship between security and data is evolving rapidly. We think it's deeper than most suggest. Future conversation!

@sarbjeetjohal So true, but last time I asked a crowd of people at a tech show to raise their hand if they received more than 2 hours of security training a year - crickets! Was similar at financial service events (but not mortgage - more hands went up at that show.)

Treating it? Not hugely differently...yet. Thinking about it? Much differently...which is why you see the huge interest and sales of next gen data protection platforms which offer some next gen features but more importantly offer a next gen vision with a foundation.

Businesses today are treating data as an asset to feed the maw of the AI pipeline (modeling, training, inferencing). That wasn't on anybody's radar 10 years ago. I remember 2008 very well.

@andriven it's true - thinking but not so much acting yet

Big data, AI, and ML environments are driving demand, and as for how to support that demand - scale, security, regulatory factors all drive companies to make very different data infrastructure and governance decisions than a decade ago