“Data protection” is a big topic with many subsets. Breaking it down to the data center level generates three major DP domains: data loss prevention (DLP), storage system recovery, and data security. We’ll take a high-level look at major technology trends from each of these domains.
1. Data Loss Prevention: Protect data from getting lost
Modern backup and recovery (BUR) uses the cloud as a vital portion of its architecture. This is different from cloud backup’s early days, where established backup vendors tacked on new code to decades-old applications and treated the cloud as just another target – and a slow one at that. Additional challenges are spurring more new trends and approaches.
· Backup and recovery trends. BUR still elicits yawns in some quarters but, in fact, development is fast and furious. The speed of backup, rapid recovery, and application optimization are important parts of the whole, and performance advances have made cloud-based backup a primary BUR discipline instead of an afterthought. Vendors like Zetta.net specialize in protecting and recovering large data sets in the cloud.
· File sync & share and edge data protection. File sync and share is not exclusive to mobile files, but mobile data is a strong driver of continuing development and centrally managed repositories. Edge DP replicates mobile content to a central repository for strong central control and compliance and rapid recovery. Druva is the market leader in edge protection.
· Cloud-based data protection. Cloud-based DP offerings have grown along with IT’s trust level and improved WAN acceleration. Cloud backup may still be as simple as using the cloud as a backup target, or may be as advanced as creating a virtual data center in the cloud by replicating virtual server images and production data. Companies like Zerto have created ultra-fast replication products optimized for virtualization and the cloud.
2. Protect the Storage that Houses the Data
Our second DP key area is protecting the storage that houses the data. Redundant architecture is well established and key features like active/active controllers are hardly trends. However, flash developments are driving advances in RAID. Standard RAID works on flash arrays, particularly 1, 10, 5 and 6. For example, RAID10 stripes mirrored sets across the flash drives, which distributes the wear from P/E cycles. But RAID 5 and 6 parity operations slow down SSDs with high overhead data protection cycles. This is not a huge problem in hybrid flash systems but it is a serious one in top performance all-flash arrays.
· Flash RAID trends. Newer RAID architectures take advantage of flash’s high performance while avoiding standard RAID overhead and wear on SSDs. EMC’s XtremIO Data Protection is a RAID alternative that uses wide striping and an N+2 architecture. Pure Storage offers RAID 3D for its FlashArrays and Violin Memory developed vRAID for its AFAs.
3. Protect the Data against Intrusion
Privacy issues and identity theft are the primary concerns for consumer-level security. Data center security encompasses those issues as well but its primary responsibility is to guard data in-transit and at-rest against intrusion. Stored data is doubling and tripling in size and security measures are always playing catch-up to determined hackers.
· Access control trends. Part of Sony’s recent security nightmare was careless password usage, a widespread problem with any user community. Thus a growing trend is advances in familiar two-factor authentication (2FA). The basic technique checks passwords against IP addresses for a recognizable combination. More secure choices combine a user password with a secondary access control such as physical objects (USB stick tokens, cards, keys) or biometrics (fingerprints, eye scans, voice) Mobile phones supporting two-factor authentication are another growing trend.
· Encryption trends. Trends are occurring around stronger data-at-rest encryption in the cloud and on-premise. 2FA is one of these trends, especially with cloud-hosted data. Service providers offer two-factor encryption keys with the SP holding one of the factors and the customer holding the other. Another trend is automating encryption control by removing the human factor from the equation. Pure Storage automates array-based encryption by dividing keys into fragments and storing them in non-encrypted regions on the SSDs. On boot-up, if sufficient fragments present themselves then Pure unlocks the array for usage. If there are too few fragments, it does not.
Conclusion
No one data protection solution is perfect and effective. Data protection will balance products and practices from multiple protection domains. For 2015, audit your DP practices to make sure you and your colleagues are combining trends and best practices in DLP, storage system protection and cybersecurity.
Photo courtesy of Shutterstock.