Gartner Report: Critical Capabilities for Enterprise Endpoint BackupTop companies: Druva, Code42, Datacastle, Infrascale and Ctera
This is a Press Release edited by StorageNewsletter.com on 2015.11.26
This report, Critical Capabilities for Enterprise Endpoint Backup (12 November 2015 ID:G00279272), was written by Pushan Rinnen and Robert Rhame, analysts at Gartner, Inc.
Endpoint backup has gone beyond simple backup/restore to a broader end-user data protection solution reducing various risks and increasing user productivity. This research helps I&O leaders evaluate enterprise endpoint backup solutions in two scenarios: cloud deployment and on-premises deployment.
- Endpoint backup is no longer a tactical product providing laptop file or device data recovery; IT leaders are looking for a more strategic solution to centrally manage user data that is typically unmanaged today.
- Product capabilities specific to laptop user file backup and restore are becoming increasingly similar, with the key differentiation being on capabilities to support frequent backup and more security features.
- Other key differentiations focus on protecting user data created on mobile devices or in the cloud, PC migration, and built-in compliance and e-discovery capabilities.
- The vast majority of the products are offered as a software as a service (SaaS) solution.
- Make full use of product capabilities when possible, including PC migration, mobile device support, remote wipe and compliance functions.
- For organizations using public cloud applications, such as Google Drive and Microsoft OneDrive, select products that offer a centralized protection and management platform for end-user data on local devices as well as in the cloud.
- For organizations with legal hold and e-discovery requirements, work closely with the internal legal and compliance team when making a product selection to ensure that important requirements are met.
What You Need to Know
Endpoint backup is fundamentally different from server backup. While server backup is mandatory to protect mission-critical data on servers with predictable operation schedules, endpoint backup deals with unmanaged data generated by users with unpredictable schedules and locations. With device proliferation and more user data residing in the cloud, endpoint backup is gradually morphing from a simple PC backup focus into a more comprehensive, end-user data protection and management platform - a foundation to build centralized and consistent policies to manage and govern end-user data no matter where it is located (on endpoint devices or in the cloud). Vendors are developing native capabilities or API plug-ins to provide e-discovery and compliance governance, as well as business analytics.
The industry has gone beyond the debate about whether enterprise file sync and share (EFSS) can replace endpoint backup (the answer is still "no," mainly due to security reasons). In fact, some vendors are developing capabilities to back up cloud EFSS applications at customers' requests.
From the user perspective, all products evaluated in this research received high satisfaction scores from 62 customer references on user file backup and data retention upon employee departure. Other functions such as PC migration (focusing on personal settings, not just user files), remote wipe and data governance showed greater variation in scores, as some products have no or limited capabilities in those areas. References cited higher satisfaction with Windows PC backup than with Mac backup, with few applying the solution to mobile devices.
I&O leaders who worry about security because of unpredictable human behavior should adopt endpoint backup solutions to augment other security products and handle data loss risks.
Code42 is one of the fastest-growing and leading enterprise endpoint backup vendors. While many large enterprise customers in the past have used the technology on their premises, new enterprise customers are increasingly adopting Code42's hybrid cloud deployment model where the encryption keys are stored on-premises and some or all backup data is stored in Code42's seven global data centers. The company's public cloud backup offering is primarily used by consumers and SMBs. Code42's product, CrashPlan, appeals to enterprises that desire field-proven, scalable endpoint backup with frequent backup schedules and on-premises or hybrid cloud deployment models. Code42 has discontinued its EFSS solution in favor of ongoing development of e-discovery capabilities and backup capabilities for established popular cloud EFSS solutions. Weak areas include the limited use case of PC migration and mobile device support.
Commvault is best known for its enterprise server backup. A small percentage of its customers use Commvault Endpoint Data Protection (CEDP) today, although many of them have deployed it on thousands of laptops and desktops. CEDP shares the same data repository as its server backup, allowing its Web console and mobile app to be able to download user files from laptop backup as well as file server and Exchange backup. It also leverages its native legal hold and e-discovery capabilities to protect endpoint data. The product supports a file modification option to enable backups to occur in a near continuous mode and only when there is changed data. The GUI has a useful preview feature before restore. On the down side, CEDP has weak public cloud (non-MSP) integration. Most customers have low backup frequency (long RPOs) and don't use CEDP for PC migration. Administrative experience is relatively more complex.
Ctera is a privately-held company founded in 2008. The Ctera endpoint backup and EFSS products share a common architecture, and users of both do not require additional storage space. Customers may opt for a private cloud managed by its Web portal or have the flexibility to select from the wide range of supported public cloud deployments in an open or virtual private cloud deployment. Ctera's gateway appliance may be used for fast local restores and for remote locations with poor network connectivity. Ctera features client-side, block-level incremental forever backup with global deduplication and compression for storage and bandwidth reduction. The solution is missing federated search, full-text index and legal hold, and has very limited remote wipe capability for mobile devices only. While two-factor authentication is not available, Ctera does have the capability to restrict administrator login by IP address.
Datacastle offers backup software technology for managed service providers and does not provide its own BaaS services. Its largest service provider partner supports hundreds of thousands of devices in a single vault. Microsoft has been a key Datacastle partner and offers select large Azure customers a first-year free endpoint backup service promotion. Many other global IT service providers have adopted Datacastle technologies due to strong capabilities that are desired by service providers, such as the patented ability to encrypt data blocks before they are deduplicated; a centrally managed, encrypted local cache to speed up backup performance and secure global deduplication with multitenancy for more efficient backup storage. Endpoint backup services based on the Datacastle's solution appeal to organizations that desire frequent backup schedules, strong roaming detection and remote wipe capabilities. However, it is rarely deployed on-premises and is rarely used for PC migration. It lacks functions related to e-discovery and compliance governance.
Druva has been growing fast since 2010, when it launched its inSync endpoint backup software and online services using AWS native database and infrastructure. Unlike its competitors, which often started out with a consumer focus, Druva focuses entirely on midsize to large enterprise customers, the vast majority of which use the cloud deployment model. Druva has been aiming to go beyond simple backup by offering an integrated end-user data protection and management solution. The company was early to market with a unified platform for endpoint backup, sync and share, mobile support, and data loss prevention (DLP). It has since added more compliance and governance and analytics capabilities, as well as backup capabilities for cloud file sync and share applications. More recently, Druva added support for Azure global data centers as backup storage destinations to expand its global presence. It should be noted that although inSync allows customers to back up as frequently as every five minutes, most customers use the default four-hour or less frequent settings, which could result in undesirable data loss windows.
Mozy is part of EMC's Data Protection Suite and is primarily positioned for customers who want traditional cloud BaaS. Mozy guarantees same-day support for new OS releases from Microsoft and Apple. Mozy offers an idle system sensing function that enables it to perform frequent backups throughout the day, although Mozy does not support continuous data protection (CDP) or near CDP. The Mozy sync functionality is bundled at no additional cost and allows users to synchronize files between their own devices. Mozy has broad support for single sign-on providers, multiple attribute access validation capabilities, and an IP whitelist, but still no integration for two-factor authentication. Mozy does not offer advanced functions such as remote wipe, PC migration and data governance. Back-end cloud storage options are limited to EMC data centers in the U.S. and Europe with no cross-geographical redundancy.
HPE introduced in the 2015 Connected MX PC backup, a new design from its traditional Connected product. The MX solution is available either online or hosted in HPE's cloud. It has delivered numerous features to close long-standing gaps that exist between Connected and competitors, including CDP, global deduplication, a unified engine, and UI for backup and sync and share. Connected MX's mobile app allows content preview before download/restore. Still-missing features include a lack of mobile device backup capabilities, remote wipe, and limited backup throttling. Of particular concern for the SaaS solution, HP manages encryption keys in their data centers, and there is currently no other option. On the data governance side, there is no native full-text index/search, nor an embedded governance dashboard. Those functions are only available through its integration with Autonomy's Intelligent Data Operating Layer, a full-fledged large enterprise archiving and analytical platform with conceptual understanding of information. As the Connected MX product is fairly new, no references surveyed for this research have used the CDP function.
Infrascale started out as a PC backup technology and service provider targeting consumers and SMBs. Today, it offers an integrated server/endpoint backup and disaster recovery as a service solution for small and midsize enterprises. Its largest endpoint backup customer supports 45,000 devices, and several MSP partners back up over 100,000 devices. Infrascale has a comprehensive feature set and a single-client agent for both endpoint backup and file sync and share. Customers that purchase the Cloud Failover Appliance receive endpoint backup free of charge. For a small vendor, it has surprisingly wide geographic coverage for its cloud service offering, including Brazil and South Africa. Infrascale's technology can be used in a private cloud or a public cloud IaaS environment. Although backup can be scheduled as frequently as every 15 minutes with a near CDP option, many references schedule backup only once a day with 24-hour data loss windows. Some of Infrascale's references are relatively small, and the product lacks data governance functions.
Vendors Added and Dropped
- Two vendors are added this year: Ctera Networks and Infrascale.
- Asigra was dropped this year due to its failure to meet the new market presence criterion.