The way we work has certainly changed in 2021, but has the way we protect our data kept pace?
One of the biggest and most under-appreciated challenges of running an organization remotely is managing, protecting and recovering data from traditional and modern applications across core data centers, edge locations and clouds.
With working from home becoming the default for many employees, organizations can no longer afford to manage data ad hoc. Having a consistent and strategic data management and protection process in place is vital to keeping business on track, even as regulations change on a weekly basis.
Organizations must invest in their edge and core security capabilities if they want to stay resilient in the hybrid work environment. CybersecAsia finds out how in this interview with Saravanan Krishnan, Director, Data Protection Solutions, South Asia, Dell Technologies.
The way we work has certainly changed in 2021, but how much have we changed the way we protect our data in Asia Pacific?
Saravanan Krishnan (SK): Without a doubt, the way we live and work has changed over the past year – and it will only continue to evolve as we adapt to a COVID-19 world. With vaccines being progressively rolled out, some organizations have considered a hybrid work environment while others remain in a permanent work-from-home arrangement. Either way, these new working arrangements have prompted organizations to reconsider the way data is managed, protected and recovered.
Organizations are only starting to recognize that data not only needs storing, but also protection. IDC reports that the rise of purpose-built backup appliances has led to it becoming a US$4.33 billion global market in 2020.
But even though IT spending drastically increased by 72% over the last three years, businesses in APJ are struggling with the proliferation of data. A new global commissioned study by Dell Technologies and Forrester Consulting showed that instead of offering a competitive advantage, data has become a burden due to an array of barriers, such as business silos and security weaknesses. This “Data Paradox” is driven by the volume, velocity and variety of data overwhelming businesses, technology, people and processes.
The study also found that as a result of the pandemic, 55% of businesses in APJ needed to put emergency steps in place to keep their data safe outside the company network – particularly in markets like Australia, India, Singapore and Vietnam.
As organizations continue to have data and applications distributed across multiple locations such as data centers, various work sites and hybrid and multi-cloud environments, a comprehensive data protection strategy – combining proven and modern data protection – is essential to managing the growing volume of data.
What does data protection entail in today’s hybrid work environment?
SK: Running an organization in a hybrid work environment brings its own set of challenges. According to the Dell Technologies Remote Work Readiness Index, employees indicated that access to internal company resources is one of their top priorities while working from home, but also a top tech challenge they face. When sensitive data is stored at endpoints or employee devices, it needs to be managed, protected, and recovered from traditional and modern applications across core data centers, edge locations, and clouds.
Much of the data being generated at this new home-edge is unstructured. For example, when faced with a home network that may not be as responsive as that of the internet connection in a provisioned office space, workers may opt to put important data handling behaviors to one side for the sake of convenience. If establishing a connection to an onsite server takes too long, people will eventually start saving more documents on their personal devices. This leads to exposed data and the “double handling” or duplication of data across multiple platforms. For organizations, this poses a challenge in collecting all unsecured data, accessing it, understanding it and keeping it safe.
Storing unstructured data has become easier thanks to the prevalence of all-flash, hybrid and archive NAS platforms that appeal to all budgets. Artificial Intelligence (AI) technologies are being used to explore and analyze unstructured data. Machine Learning, Natural Language Processing, Pattern Recognition algorithms and Speech-to-Text conversion all have a role to play in sorting through and understanding your data.
Making sure that data is kept safe and is managed correctly while maintaining accessibility will help mitigate the problem of employees storing it locally and potentially leaving organisations exposed. The adoption of new infrastructure will also make sure that data is kept within reach of the people who need to use it.
How should recent high-profile and widespread ransomware attacks be taken into account as organizations strategize to remotely – yet effectively – manage, protect and recover data from traditional and modern applications?
SK: The explosion in data generated at the edge has been matched by an increase in threats. Google disclosed that it is blocking more than 100 million phishing emails a day. In Singapore alone, the number of data breach alerts received by the Personal Data Protection Commission (PDPC) tripled in February-March 2021 compared with the previous two months.
With the recent slew of high-profile ransomware attacks, phishing scandals and data breaches in the last few years, users are becoming more conscious of privacy regulations, legislation and rights. In Asia Pacific, levels of awareness and concern around data protection are growing – among government institutions, organizations and consumers.
As a result, organizations today are facing increased pressure to improve trust and maintain thorough data protection programs. In addition to adhering to industry regulations on cybersecurity, the reality is that ransomware and cyberattacks can threaten an organization’s very ability to operate. A proactive approach to managing cyber risk is required at the Board and C-level, whereby organizational leaders must evolve their recovery and businesses continuity strategies, while focusing on threat detection and remediation. This includes leveraging solutions such as Dell Technologies’ PowerProtect Cyber Recovery to create secure infrastructure that optimize cyber resilience to ensure that each organization has a path to ransomware recovery from destructive cyberattacks.
With the home becoming the new computing edge, what should be some key considerations for cybersecurity investments – both at the core and at the edge?
SK: Protecting one’s organization starts with protecting data, no matter where it lives.
As the home becomes the new computing edge in this era of remote work, the number of end-users working-from-anywhere has increased exponentially. To securely manage the enormous amount of data being generated at the edge, organizations need to prevent, detect and respond to threats wherever they occur. This means investing in infrastructure that is flexible, scalable and manageable.
Taking into consideration the data sprawl with multiple devices, organizations must have an endpoint back up plan. Solutions focused on cloud-based data protection are designed to protect data residing on endpoint devices like desktop and laptops. This enables organizations to leverage the flexibility and economies-of-scale of cloud-based backup and long-term retention to protect critical data at the edge.
Additionally, as organizations increasingly leverage software as-a-Service, they need to consider investing in cybersecurity solutions that allow them to manage and protect SaaS apps across edge, core and cloud environments. For example, the Dell EMC PowerProtect Backup Service allows organizations to have centralized visibility and management of SaaS apps, endpoints and hybrid workloads despite decentralized remote work arrangements – giving peace of mind that their data is always protected.
Lastly, organizations must consider proactive prevention of security threats and data loss through the use of AI, machine learning and easy-to-implement behavioral endpoint detection. By taking simple steps such as leveraging the free Dell Technologies Cyber Resiliency Assessment tool, organizations can determine their level of cyber preparedness before planning a holistic data protection and cyber resilience strategy.
Through a mix of data protection solutions to manage, protect and recover data, organizations can move beyond cybersecurity to achieve more comprehensive approach known as cyber resilience – even in a world of remote work.