As an obvious statement, what information is being kept by an IT organization is important to know. There are a number of aspects about “knowing” that include specific details:
These are some of the requirements regarding understanding an organization’s information and there are additional ones. Information in this context means an understanding of what the data is and its value. For brevity, most simply refer to it as data.
There is a new requirement about understanding the information with the aspects noted earlier that has elevated data management to the CIO level. This has to do with the recovery from ransomware (an umbrella term for cyberattacks in general conversations) that have continued to evolve. The recovery need has gone beyond just a massive restore of data. Certainly the sophistication of keeping copies of data beyond the 3-2-1 process (see Evaluator Group’s information on 3-2-1) and an immutable copy — even beyond an air-gapped copy.
In-depth analysis of impacted data is a complicated process where individual elements in databases and files may have been altered and the digital signature from an attack is not simply a scan to look for a match. The forensics to determine what the attack was and then to find what information was affected can take some time but, the rush to restore data to be ‘back in production’ may be risky. Not only may the current attack be triggered again, altered data may create integrity issues from that point. The ‘take the time to be thorough approach’ has become critical for CIOs because of the disastrous potential of data integrity issues.
This has led CIOs to look to Data Management. In the broad sense as noted at the beginning of this article, the objective is to provide information regarding where all the data is, when last altered, where the copies are, etc. so as to be able to make an assessment for recovery that is very targeted. Understanding what could have been affected/altered and expediently getting just that data recovered adds another means to the arsenal for recovering from a ransomware attack. Not having a global view across on-premises datacenters and multiple clouds places the burden on the inventory maintained by data protection software with the tools available to work with that format of data.
Data management solutions have continued to evolve, and some have the ability to span the on-premises datacenters and public clouds. It is these data management solutions that can present the requested information to the CIO about where the information is and the aspects regarding storing and managing. Without a comprehensive data management solution that goes beyond a backup software inventory or is limited to a single environment or data on a select set of storage devices, it would be tough to answer the CIO question: “Where is the data needed for recovery.”
This leads to a new examination of Data Management solutions with a comprehensive set of requirements. Evaluator Group covers this space because of the executive interest in the aspects of storing and managing information.
More information and insights from Evaluator Group:
Data Management in a Multi-Cloud World
Evaluation Guide on Multi-Cloud Data Management
EvaluScale Comparison for Multi-Cloud Data Management on http://evaluatorgroup.com.
Disclosure: Evaluator Group, part of The Futurum Group family of companies, is a research and analyst firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article. Analysis and opinions expressed herein are specific to the analyst individually.
