When your demise is greatly exaggerated

As some of you may know one of my technology industry bug bears is when commentators start to write off a company who has had great success in the past but now they’ve decided are no longer “cool” or the “in thing”.

We’ve all seen it, the 90’s Apple, early 2010’s Microsoft, the constantly doomed HP and IBM amongst others who are either being written off or have been in the past, yet, they are all still here.

There’s all kind of reasons companies get written off, sometimes they deserve it, sometimes they don’t, but it’s always nice when you see them prove the critics wrong and turn the industry view around.

Magic Quadrant Thumbnail.jpg

The latest Gartner Magic Quadrant for solid state arrays gives me the chance to pat one such company on the back, take a bow NetApp, as you can see proudly placed in the top right hand side leaders’ quadrant.


But wait, they are not quite up there with Pure and EMC, so why the congratulations?

Let me try to add a little bit of context.

Now I’m not going to pretend that I don’t have a favouritism toward NetApp, a cursory glance at my BLOG and other social output shows I have a real affinity with the technology and put NetApp right at the top of enterprise tech companies who solve real business problems and show vision in their part of the industry.

But they certainly do not get everything right, their flash strategy has been one such area. Like many established vendors they were slow to market with a robust enterprise flash offering and seem to have been taken by surprise by new flash focussed storage players.

Why this happened is unclear, maybe the focus on completing clustered ONTAP (culminating in the excellent ONTAP9), the effort put into building the now defunct FlashRay, not seeing the speed at which flash would be adopted or just failing to communicate their strategy has all led to them being “written off” by many tech industry watchers and whether true or not, sometimes the perception is all that matters.

If we look at the 2014 magic quadrant, you can see NetApp not only lagging behind many of the established players, but also a perception they lacked the vision shown by a number of the new kids on the storage block.

However, over the last couple of years NetApp have responded to this with a huge change in how they view flash, not only technically, but also importantly, commercially.

So why did this perception grow and what have they changed?

One criticism levelled at them is they are the ONTAP company, ONTAP is the answer regardless of the question. In reality this is a perception problem because NetApp are very much a portfolio company, from ONTAP to OnCommand Insight manager, AltaVault to E-Series, there is a range of solutions to take on any business challenge.

However, is this to dismiss ONTAP? most certainly not, as the power of this robust and flexible operating system is a huge part of their turnaround in flashy fortunes.

The argument that traditional vendors putting flash into existing products is not as good a solution as those who designed and built for flash from the start, may, for some, be valid. For NetApp however, by luck or by amazingly long sighted judgement, they found ONTAP was perfectly designed for flash. In reality ONTAP has always used flash, with writes to a controller written to flash before disk and the introduction of a flash based read cache into controllers means ONTAP has exploited the benefits of flash for a very long time.

A change in focus to how ONTAP could be optimised for flash has led to two years of incredibly quick development of the platform, bringing all flash variants of NetApp FAS controllers (AFF), these deliver flash performance while maintaining all of the enterprise capabilities for efficiency, data protection, resilience and scale you would expect and demand of enterprise storage.

ONTAP is also the heart of the NetApp data fabric strategy, ensuring that your data can move freely between any NetApp repository regardless of platform or location, on-premises, near the cloud or in it, this means that unlike many flash based solutions, you can integrate flash seamlessly as part of your data strategy while avoiding the dreaded problem of flash storage silo’s.

ONTAP 9 has further enhanced this by making flash even more commercially viable, increasing not only performance but critically providing even greater storage efficiency, allowing users to squeeze even more data into their flash array with NetApp even backing this via a capacity guarantee.

No review of a NetApp flash strategy, including this one from Gartner, would be complete without mentioning Solidfire, their acquisition has further strengthened the NetApp vision. Solidfire with their unique approach to webscale storage has seen them again recognised in this report with the highest overall score for critical capabilities in the quadrant.

If we include with that, their new licence model, making your storage capacity licence completely independent of your hardware, you can see innovations both technically and commercially from all areas of the NetApp portfolio.

All of this has led to this recognition from Gartner, regardless of your view of Gartner Magic Quadrants and there are many views of their validity. For me, what they present is a datum point, where you can judge the progress made by key vendors, you can see the list in 2014 and 2016 is made up of the same players. This gives you a view of those progressing and maybe those that aren’t and it’s clear that NetApp have made some great flash progress, more to do? Certainly, but for now, take a bow and carry on.

take a bow

To read the Gartner Magic Quadrant for solid state arrays 2016 – go here and request a copy from NetApp

The Gartner Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from NetApp.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


Voting for data loss

Here’s a question for you, if you were sat in a room and someone asked;

“hands up who votes to lose their critical data?”

How many of you, be you a storage admin, IT Manager or CIO, would pop your hands up and vote yes?

None of you I guess, so imagine my surprise when I found this article a few weeks back over on Ciodive.com and as you can imagine what caught my attention was the headline

“Most business owners wouldn’t pay if hit with ransomware attack”

Or, if they were sat in the room when that question was asked they were putting their hands up saying, “yes, I’ll lose data please!”.

The article also contained some interesting statistics;

  • 84% of U.S. business owners would not pay if they become the victim of a ransomware attack, even if that means permanently losing data.
  • 65% of businesses have not budgeted extra funds to regain access to systems and data if they were to become ransomware victims.
  • Ransomware is now the most prolific cyber threat of 2016

So clearly few would pay any kind of ransom for their data even though only 33% of them felt their businesses could survive without access to critical data for any length of time, but surely our survey respondents must have had a plan.

Well some did, they felt they were protecting themselves with appropriate backup regimes, however 22% of the respondents did say they were not sure how to backup and protect their systems and even more worrying they were not aware they needed to!

Just in case you wondered if ransomware was a problem, I loved the closing statement from Adam Levin from IDT911 who said;

“We’re talking about complete and utter paralysis of systems that could spell lost revenue, viciously impacted customers and a potential near-extinction level event for a business,”

Serious stuff then and ransomware is indeed a significant issue and although much of the article focuses on US businesses the threat is no less prevalent in the UK.

With that in mind I thought it would be apt to share a little bit of experience of dealing with this problem and how I’ve worked with a number of businesses to help to mitigate against the risk of this kind of attack and if this helps a couple of you avoid the potentially devastating effects of a ransomware attack, hopefully I’ve done my good deed for the day!

Where to start then? A good starting point can be found at the end of the article with Adam Levin’s closing statement;

“Businesses need a comprehensive cyber security strategy that includes prevention, monitoring and damage control.”

What does a comprehensive strategy as discussed by Levin practically look like?

As mentioned earlier I’ve had a bit of experience with ransomware attacks over the last 18 months with a handful of our customers finding themselves victims , fortunately however they greatly reduced the severity of the impact by having an appropriate strategy in place.

So after been a little surprised at the statistics and attitudes on show in the Ciodrive article, I thought sharing the steps these businesses took to protect themselves may be useful.

As with any strategy it’s important to have the right starting point and today when discussing data threat that place is “assume breach”, that is, the threat is already inside your network. If we start with that assumption, then we can look at how we protect our critical data assets.

In my experience robust protection is built on 4 simple steps;

Spot it

It’s fair to assume signature based AV tools are not going to spot such an attack, we need to be smarter, how are we smarter? By using tools that understand our users behaviour and importantly spot the unusual and ransomware attacks are very unusual.

For example, when Billy who normally accesses 10-15 files, suddenly accesses a 1000 in two minutes, we need to be able to identify this behaviour and address it, because the likelihood is, Bill has not just become super productive, but his account is likely to be carrying out activity it shouldn’t.

Deal with it

We not only need to be made aware of a problem, but have systems that allow us to address this unusual behaviour as soon as we see it, so when Bill’s account is happily opening 1000’s of files in minutes, we don’t want an email in the morning telling us Bill was happily encrypting all of our data, we need a policy and workflow that can spot it and stop it.

Identify the damage

To effectively resolve a ransomware attack it’s important our smart tools not only spot the behaviour and stop it, but also record it, so we can quickly see the extent of the damage that our friend Bill’s account has done, why? because once we have identified it we need to be able to look at our options for recovery of the now encrypted data with a ransom on its head.

Recover it

Our recovery options are dependent on our recovery point objective for our key data, it’s important we understand how much we can afford to lose in any incident, be that loss of a storage device or a ransomware attack, so if your business can only afford a one-hour data loss you best make sure your data protection regime can meet that recovery point, there is no benefit in nightly backups if you can’t afford to lose more than one hours’ worth of data is there?

If we look back at Adam Levins’ quote

Businesses need a comprehensive cyber security strategy that includes prevention, monitoring and damage control

Hopefully you can see how the steps I’ve described help meet that comprehensive strategy of prevention, monitoring and damage control.

We’ve seen real life examples where those simple steps have saved businesses from any significant impact of a ransomware attack, so if you can put them in place, then next time you are in a room and asked “who votes to lose data?” you can keep your hands safely by your side.

If you have any comments on this or any of your own experiences you’d like to share, then please leave a comment on here or find me @techstringy on twitter or on LinkedIn and share your story.