Site icon GIXtools

Buyer’s guide: Data protection for hybrid clouds

GIXnews

Data protection is a broad category that includes data security but also encompasses backup and disaster recovery, safe data storage, business continuity and resilience, and compliance with data privacy regulations. Data protection platforms also proactively manage and monitor data, making it available and accessible for advanced analytics, artificial intelligence, and machine learning.

Data protection for hybrid clouds thus involves security products and cloud management products, as well as implementation strategies that traverse both specialties.

[Download our editors’ PDF hybrid cloud data protection buyer’s guide today!]

In this buyer’s guide

Why hybrid clouds need data protection

In simpler times, organizational data was secured within the confines of the data center. Data is now scattered across internet of things (IoT) devices, remote endpoints, edge locations, and several types of cloud providers. According to the Thales Group, a defense-, security-, and aerospace-focused technology firm, 60% of corporate data now resides in the cloud, up from 30% in 2015. And 80% of enterprises have adopted a hybrid computing model.

Here are the key factors driving the need for data protection platforms in hybrid environments:

Ransomware: Unlike other forms of malware designed to bring down the network, ransomware attacks specifically target data. A successful ransomware attack can encrypt corporate data, bringing business to a screeching halt. Even worse, attackers can exfiltrate that data and sell it on the dark web. The last line of defense against ransomware is having multiple copies of data, backed up and stored in the cloud.

Unplanned outages: There have always been outages from natural disasters, but the impact of climate change has upped the ante — prudent organizations should mitigate the risks associated with natural disasters through cloud-based disaster recovery.

Privacy: Government regulations covering data privacy across the globe continue to tighten. Both customers and employees expect organizations to not only protect their data but also provide mechanisms letting the owner of the data control how that data is used.

Misconfigurations: In the public cloud model, the hyperscalers (such as Amazon Web Services, Google Cloud, and Microsoft Azure) are responsible for protecting their own infrastructure, but the enterprise using them — you — is responsible for properly configuring and managing its own data in the cloud. One of the most common causes of cloud-based data breaches is a simple misconfiguration of an Amazon S3 storage bucket. Cloud security posture management (CSPM) tools can help identify misconfigurations, among other risks.

Artificial intelligence: Organizations are rushing to take advantage of machine learning, artificial intelligence (AI), including generative AI, but the advanced analytics they rely on must be built on a foundation of data that is secure, reliable, and accessible.

Volume: The sheer volume of data is exploding, as well as its value to the organization. This places an increasingly heavy burden on enterprise IT to protect that data, whether it’s generated by an IoT device, a person, or generative AI.

What to look for in a data protection platform for hybrid clouds

Data protection platforms should include the following features and functionality:

Data discovery/classification: This nails down exactly what data you have and classifies data based on how sensitive the data is and whether it falls under specific regulatory requirements. Data discovery and classification let organizations apply the appropriate levels of data protection to different types of data sets.

Vulnerability assessment: This identifies potential vulnerabilities in the database infrastructure, including misconfigurations and other security gaps.

Data protection: This applies layered security measures, including encryption of both data at rest and data in transit, data masking, CASB, DLP, and other approaches, such as air gapping and data immutability.

Monitoring and analytics: This tracks performance and provides real-time alerting and reporting based on full visibility across hybrid cloud environments.

Access control: This policy-based access management restricts access to data resources, detects and blocks suspicious activity, and manages user privileges.

Audit and compliance: This enforces separation of duties, provides forensic analysis and compliance audits, and provides reporting capabilities across on-premises, public cloud, and SaaS (software-as-a-service) environments.

Performance and scalability: This makes sure that data protection mechanisms don’t create bottlenecks that slow down business processes. The data protection platform must be built with scalability and resilience.

Automation: This reduces manual intervention, eliminates mistakes, frees staffers to tackle higher level tasks, and speeds processes, such as recovery time from an outage.

Major trends in data protection for hybrid clouds

Data protection can be performed with on-premises appliances or in the cloud. And organizations can manage their data protection functionality themselves or turn to a managed service.

The trend lines are clear: Just as applications and data are moving to the cloud, data protection is moving to the cloud as well, due to the scalability, flexibility, and accessibility that the cloud provides.

The total global data protection market was valued at $136 billion in 2023 and is expected to hit $610 billion by 2022, according to Spherical Insights and Consulting. Data protection as a service (DPaaS) is a fast-growing segment within the overall data protection market, driven by organizations that have adopted hybrid clouds and need to protect data hosted by hyperscalers and SaaS providers, on top of data stored locally. The DPaaS market was estimated at $25 billion in 2024 and is expected to grow 33% a year, hitting $100 billion by 2029, according to research firm Mordor Intelligence.

Phil Goodwin, research vice president for the Infrastructure Systems, Platforms, and Technologies Group at IDC, says, “Data protection as a service remains a very important route to market for data protection software vendors. In some cases, this is data protection software vendors selling directly using DPaaS solutions, and in other cases is it via cloud services providers. Either way, [DPaaS] represents the fastest-growing consumption model and opportunity in the data protection market.”

Leading vendors for data protection of hybrid clouds

The list of vendors who provide data protection is lengthy and growing.

For enterprises seeking to piece together a multivendor solution:

For organizations seeking a single vendor platform that covers both data security and backup/restore, GigaOm’s 2023 Radar Report for Hybrid Cloud Data Protection for large enterprises cites Cobalt Iron, Cohesity, and Commvault as the most capable providers.

Research firm GigaOm puts four additional vendors in the leadership category based on their broad platform for data protection as well as their level of innovation: Dell, Druva, HYCU, and Veritas. Top challengers are Rubrik and Veeam. The following vendors are identified by GigaOm as platform providers whose offerings are more mature but less innovative: Arcserve, Atempo, Bacula, IBM, and Unitrends.

Here are quick snapshots of the overall leaders:

Amazon Web Services: Under its shared responsibility model, customers are responsible for managing and securing their data in AWS, but AWS offers services for identity and access management, compliance, auditing, governance, encryption, and key management.

Cisco Systems: Cisco offers a full complement of data protection products and services, some developed in-house and others delivered through partners. Cisco’s core strength is on the security side, but it also provides an advisory service that helps customers develop a framework for data protection.

Cobalt Iron: Cobalt Iron offers strong data protection delivered as a service, with strong ransomware protection, advanced analytics, and comprehensive workload support, including Kubernetes. However, disaster recovery requires third-party integrations.

Cohesity: The Cohesity Data Cloud Platform provides ransomware protection based on immutable snapshots of enterprise data, backups, continuous data protection, a strong Zero Trust module, automated threat intelligence, and support for compliance requirements.

Commvault: Commvault’s Complete Data Protection portfolio covers data protection, security, data management, backup, and disaster recovery. Customers can choose a self-managed, on-premises model or a fully managed service.

Dell: Dell’s PowerProtect Data Manager and APEX Backup Services provide data protection, backup, disaster recovery, and long-term data retention across single- or multiple-cloud environments.

Druva: The Druva Data Resiliency Cloud delivers a cloud-native, fully managed data protection and management service.

HPE: HPE offers DPaaS as part of its broader GreenLake edge-to-cloud platform. The GreenLake managed data protection service helps organizations modernize backup, automate processes, protect against data loss and ransomware, and recover from disasters.

HYCU: HYCU offers deep integration with on-premise or cloud data platforms through its agentless, application-aware solution. HYCU’s strength is disaster recovery; the company offers an automated disaster recovery service with a guaranteed recovery time objective (RTO).

IBM: IBM’s Security Guardium provides data discovery and classification, data activity monitoring and analytics, near real-time threat response workflows, and automated compliance auditing and reporting.

Oracle: Oracle offers multiple data protection products and managed services covering data classification, encryption, key management, and backup and restore across hybrid environments.

Rubrik: Rubrik’s strong suit is data security. The Rubrik Security Cloud offers a comprehensive analytics platform with a strong emphasis on metrics and anomaly detection.

Veeam: Veeam offers a flexible data protection platform delivered through a modular suite of products, covering a broad set of enterprise workloads. It offers backup as a service through third parties.

Veritas: Building upon its Net Backup data protection offering, Veritas has added the Alta cloud policy engine that includes ransomware protection with data immutability and data recovery.

What to ask before buying data protection for hybrid clouds

Because every enterprise is different and because hybrid clouds are both complex and varied in their handling of data, you need to get a clear grasp on your specific needs, capabilities, and resources before engaging prospective vendors and then choosing specific solutions for data protection.

12 key questions to ask yourself before buying edge data centers

  • Do I know my data? Do I have an accurate assessment of how much data I have, where it’s located, and how it’s stored?
  • Do I have a process to classify data based on a risk assessment that determines which data is mission-critical to business continuity and which isn’t?
  • Do I have systems in place to apply continuous vulnerability assessments to identify gaps in security coverage?
  • Have I deployed data protection tools designed to guard against data loss across the entire hybrid cloud environment?
  • Do I have data backup systems with multiple copies of cloud-based data to protect against ransomware attacks?
  • Have I done an assessment of how long the company can endure an outage before critical business processes are affected?
  • Do I have a disaster recovery plan that meets those recovery-time objectives?
  • Do I conduct regularly scheduled tabletop disaster-recovery exercises?
  • Do I have a disaster-recovery playbook that provides step-by-step instructions to key stakeholders in the event of an outage?
  • Do I understand the data protection regulations that apply to my company, and do I have a plan for compliance and reporting?
  • What is my biggest pain point? What are the strengths and weaknesses of my current data protection infrastructure?
  • Do I need a vendor with a specific area of expertise that I can plug into my existing infrastructure, or am I looking for a platform partner that can take over my entire data protection functionality?

    • 12 questions to ask vendors on data protection for hybrid clouds

  • Does your solution cover all my data types no matter where they are located across my hybrid cloud infrastructure?
  • Do you have a platform that covers all my data protection needs, or do you partner with third parties to fill out your data protection portfolio? If the latter, how well are those components integrated?
  • Does you solution provide multiple backups that protect me against ransomware attacks, including advanced methods such as data immutability and air gapping?
  • Does your solution provide recovery times that meet my requirements for business continuity?
  • What types of service level agreements do you offer?
  • Do you support all of my computing platforms; for example, Kubernetes, Microsoft Hyper-V, Red Hat, and VMware?
  • Will your data protection solution scale to meet my rapidly expanding data protection requirements?
  • What type of automation do you provide to help orchestrate disaster-recovery processes?
  • What type of analytics and reporting do you provide?
  • Can you conduct disaster-recovery testing without taking any of my systems offline?
  • What are your procedures for safely disposing of data that is no longer needed?
  • What are your pricing models, and how do you help me calculate ROI?

    • Essential reading

    Source:: Network World

    Exit mobile version