Authored by Nikhil Korgaonkar, Regional Director, Arcserve India & SAARC
With a hybrid data center, enterprises can better manage their data either on-premises or in a private or public cloud. This flexibility is now critical because organizations must deal with continuously emerging trends and threats affecting how their business operates.
Let’s take ransomware, for instance. It poses an ever-increasing threat to companies, large and small. To successfully defend themselves against ransomware attacks, organizations must secure their workloads wherever they are, whether on-premises or in the cloud.
A hybrid data center is an adaptable, flexible IT environment that provides organizations with a viable and practical system to respond not only to ransomware but to various evolving business issues—on the fly. A hybrid data center delivers better security, performance, reliability, agility, scalability, and cost savings.
But it’s easier said than done because deploying and supporting hybrid data centers presents several management challenges. While they enable companies to store and shift workloads as needed more efficiently and gain better control of sensitive data, hybrid environments add complexity to managing servers, storage, networks, and software throughout the IT infrastructure.
For example, organizations must protect data and applications in the cloud and on-premises with a hybrid cloud. They must be able to recover data and applications in the cloud or on-premises, regardless of where the organization initially hosted the data and applications. They must also manage backup and recovery across the hybrid environment.
Here are three attributes companies should look for if they want to successfully manage and protect their data in a hybrid data center.
1: Centralized backup
Centralized backup management is essential to successful data protection in a hybrid data center. A backup solution must have a centralized backup-management console to be effective.
Many backup software providers integrate their backup software with the management console offered by the cloud, hypervisor, or operating system provider. It makes managing backups as part of operations in a particular environment simpler. But a cloud-centric, hypervisor-centric, or operating system-centric approach to management is not practical in a hybrid data center.
Instead, a separate, centralized console can better manage data protection across a hybrid data center. Users and administrators can monitor and manage the backup and recovery of workloads running on-premises and in the cloud. Just as important, they can centrally create policies like service-level agreements for each environment, then apply them as appropriate in each environment.
2: Workload mobility
In a hybrid environment, workloads reside in the cloud, on-premises, or both places. A data-protection solution must do more than identify the location of the backup. It must also recognize the environment into which a workload is recovered. It is vital if the solution is to take the steps necessary for successful data recovery.
This ability to back up and recover workloads in either a cloud or on-premises environment is essential. Organizations can accomplish this with a solution that backs up physical machines, then restores them to virtual machines hosted either in the cloud or on-premises. The right solution should also integrate with the cloud, hypervisor, and operating system APIs to perform backups and recoveries.
3: Protection against ransomware
As more companies rely on backups to defend against ransomware attacks, the attackers have put a target on backup software. Because if they can compromise backups or the backup software, they’re better able to extract a ransom payment. So backup software deployed in a hybrid data center should provide measures to mitigate and repulse these attacks.
The backup solution should authenticate and authorize any users who want access. With available multifactor authentication tools, the backup software can first verify the user’s identity. It can then use identity and access management to monitor and regulate actions taken by users. It can even require the approval of multiple individuals before specific tasks can be carried out, such as a change to the backup schedule or the deletion of a backup.
Backup software should also offer the ability to manage immutable storage technologies. Immutable storage keeps backups in a format that is readable but not changeable, which stops ransomware from encrypting them. Immutable storage offerings that operate in the cloud and on-premises are now available.
Furthermore, the backup software should offer the capacity to manage air-gapping technologies. These technologies are a proven way to defend backups against ransomware. They either logically or physically separate backups from the production environment. With logical air-gapping, immutable storage resides in the cloud or on-premises. With physical air-gapping, organizations can back up data backed on disks or tapes, which can be physically separated from the production environment.
Hybrid data centers offer organizations many benefits, including the flexibility to host workloads on-premises, in the cloud, or both. But this flexibility alters the dynamics of data security. Security solutions that work well on-premises or in the cloud may have vulnerabilities when used in a hybrid data center. Organizations need a new approach to meet the data security needs of a hybrid data center.