Put Data Protection in Context – DCIG

This report was written by Jerome M. Wendt, president and founder of DCIG, LLC, on October 31, 2019

Almost every backup, hyperconverged, security, software, and storage vendor claim to provide data protection in some way. The challenge becomes identifying the exact context in which they use the term data protection to describe their offering.

Data Protection’s Umbrella
Providers of these software use the phrase data protection to describe the functionality that its product or solution delivers. While the features of these products may fall under the general umbrella of data protection, organizations should subscribe to the following axiom: All products offer data protection, they just deliver it in different ways.

Here are just some of the different ways in which they deliver it:

Anti-Virus Software
This software protects computers in general and data specifically from getting a virus. It scans files, emails, email attachments, and other data for malicious software that runs in the background. This malicious software harms data, such as encrypting it, deleting it, or in some way making it unusable or inaccessible. If anti-virus software detects malicious software, it attempts to stop it from acting on the data.

Archiving Software
Archiving data can take many forms. Archives often include important data that companies access very infrequently that they must retain to satisfy compliance, legal, or regulatory requirements. Archiving software may protect data by storing it in a format that cannot be easily changed or erased. It may also store data on immutable media that lasts for decades, such as on optical media.
 
Backup Software
Backup software makes one or more copies of production data at different points in time. Most backup software gives companies the flexibility to store and manage copies of data on one or more media types. These can include cloud, disk, tape, and perhaps optical.

CDP
Like backup software, CDP makes an initial full copy of data. However, it then tracks and logs every change to the data. CDP gives companies the flexibility to recover to any point in time since the initial backup. This software only uses the cloud or disk as a storage target.
 
Data Loss Prevention (DLP)
DLP software monitors all data leaving an organization. Most data exiting an organization, such as emails and file transfers, leaves for legitimate reasons. DLP software monitors and looks for data that should NOT leave an organization. In some cases, the software is used to identify and prevent data that contains social security or credit card numbers from leaving an organization. Organizations can also use this software to identify data leaving an organization as a result of insiders committing espionage.
 
RAID
It prevents data loss due to the failure of a disk drive. All storage arrays, enterprise servers, and even desktop computers often possess this technology. It distributes data across two or more disk drives so that should one drive fail, no data loss occurs.
 
Put Data Protection in Context
All these technologies provide data protection in some form and there are more iterations of data protection than what is listed here. Taken together, they illustrate the need for companies to critically examine each vendor’s claims as to how it delivers data protection.

I do not dispute that a specific vendor’s claims to deliver data protection are accurate. In fact, every technology vendor in some way probably provides data protection as part of its offering.

However, each company needs to quantify:
• The type of data protection a vendor delivers
• How the vendor delivers it
• If the company needs that form of data protection
• If the company already owns that type of data protection
• What additional value, if any, this vendor’s implementation of data protection delivers

Only after a company establishes exactly the type of data protection that a product delivers can it determine:

• how the feature will contribute to its abilities to protect its data;
• if the offering complements or competes with its existing data protection techniques; and, ultimately,
• if it has implemented a comprehensive data protection strategy that protects its data from every way in which it could be compromised.