Data security starts and ends with data
When DataGravity decided to expand our vision and tackle the larger problem of securing and protecting data, we stepped back and looked at the landscape of where data lives today and where it’s going.
We talked to customers, vendors, analysts, data experts and security experts. Here are a few of things we learned/confirmed about data:
- Data generally lives in a virtualized environment, with VMware, Hyper-V and/or some version of KVM being the most prevalent. NAS seems to be waning. With that, data mobility is now a constant.
- Folks have very little idea of what is in their data. They feel exposed.
- Ransomware is well understood as a major threat to data, and the strategies for dealing with it are still evolving.
- Hybrid cloud environments, with some data living on premise and other data going to cloud, is a long-term strategy for many customers we’ve spoken with.
- For companies with regulatory requirements, which is almost everyone, one of the speed bumps to the cloud is not understanding what’s in their data. There’s generally a fear of moving data to the cloud and causing security or regulatory issues. This is purely a translation of the problem to another destination without fixing the underlying issue of not knowing what you are sending.
- Test and dev are the first teams to move data/applications to the cloud.
- Backups and DR are to going to the cloud.
- Customers aren’t looking at moving data-heavy applications to containers.
- Audits are time consuming and painful, especially when third parties are doing them on their schedule.
- About 25 to 35 percent of data on production systems has not been accessed in months or even years, and there are no tools available to easily see it or who owns it. In some cases the VM has been powered off for months to years, and people are afraid to power it on to see what’s in it. There is a great opportunity to reduce your data exposure and to recover lots of dormant space, which will also translate into cost savings.
No real surprises here. What was surprising is that there are zero products focused on securing and protecting data in a virtualized environment. There was also very little understanding of how to protect and recover data from virtual threats such as ransomware. Basically, there was a huge gap. To protect and recover data, you need to understand security and data together. Your products can’t be built for a silo, since your data no longer lives in a silo.
What became obvious was virtualized environments need data security, protection and recovery designed work seamlessly in this environment. Customers want a lightweight, efficient method to secure and protect their VMs. The solution needs to be designed to quickly determine what data has changed, without crawling the file system each time or relying on unreliable external means to alert when something has happened. Also, solutions needs to adapt automatically if disks are added or removed from a VM, or even if the VM itself moves.
Today, we’re introducing DataGravity for Virtualization (DGfV), the first product designed to secure and protect virtualized data. It deploys in a virtual machine in about 15 minutes. Just select which VMs you want DGfV to monitor and protect, and DGfV does the rest. It was built for virtualization, so after the initial deployment, it knows exactly what changed and by whom. It automatically detects how the data is changing and adapts.
DGfV has a simple mission: secure and protect data in a virtual environment. If something unforeseen happens, the software helps you recover/repair issues. At a high level this means being able to track people, content, activities over time. Using this information, DGfV will:
- Provide a 360-degree view of data within and across VMs, including:
- Data demographics
- Sensitive data detection
- Content search capabilities for more than 600 file types
- Track file and user activity over time, which allows you to understand:
- What data your users are interacting with and who’s seen or has sensitive data
- If a user is doing something outside the norms, for example, if a backup user is writing to the data
- Take action if anomalies are detected to protect your data. For example, in the case of ransomware:
- Take a snapshot if a suspected ransomware virus has been triggered
- Index the snapshot to show all files that have changed in the snapshot and which users made the changes
- Provide the ability to recover the data by doing file level recovery for the files locked by ransomware
DataGravity for Virtualization is deployed at numerous customer sites and protecting data at its core. It makes me smile when I hear stories of how DGfV has helped customers understand, protect, secure and some cases recover data. It also makes me smile that both the IT and Security teams are experiencing great value from the product.Moving forward, DataGravity will continue pursuing its vision to secure and protect data, with DGfV making it possible to accomplish this goal in the virtualized environments where critical data lives.
Learn more about DataGravity for Virtualization.2 Likes