Building a modern data platform – Out on the edge

In this series so far we have concentrated on the data under our control in our datacentres and managed clouds and protected by enterprise data protection tools.

However, the reality of a modern data platform is not all of our data lives in those safe and secure locations. Today most organisations expect mobility, we want access to our key applications and data on any device and from any location.

This “edge data” presents a substantial challenge when building a modern data platform, not only is the mobility of data a security problem, it’s a significant management and compliance headache.

How do we go about managing this problem?

The aim of this series is to give examples of tools that I’ve used to solve modern data platform challenges, however with edge data it’s not that simple. It’s not only the type and location of data, but also the almost infinite range of devices that hold it.

Therefore, rather than present a single solution, we are going to look at some of the basics of edge data management and some tools you may wish to consider.

Manage the device

The fundamental building block of edge data protection is maintaining control of our mobile devices, they are repositories for our data assets and should be treated as any other in our organisation.

When we say control, what do we mean? In this case control comes from strong endpoint security.

Strong security is essential for our mobile devices, their very nature means they carry a significant risk of loss and therefore data breach, so it’s critical we get the security baseline right.

To do this mobile device management tools like Microsoft Intune can help us to build secure baseline policies, which may, for example, demand secure logon, provide application isolation and in the event of device loss ensure we can secure the data on that device to help minimise the threat of data leak and compliance breach.

Protecting the data

As critical as ensuring our mobile data repository is managed and secure, protecting the data on it is crucial. We can take three general approaches to controlling our edge data;

  • No data on the device
  • All data synchronised to a secure location
  • Enforce edge data protection

Which approach you use depends on both the type of data and the working practices of your organisation.

For example, if your mobile users only access data from good remote links, home office for example, then having data only within our controlled central repositories and never on the device is fine.

That however, is not always practical, therefore a hybrid approach that allows us to cache local copies of that data on our devices may be more appropriate, think OneDrive for Business, Dropbox or build your own sync tools such as Centrestack.

These tools allow users access to a cached local copy of the data housed in our central data stores regardless of connectivity, with managed synchronisation back to these stores when possible.

This provides up to date data copies for users for convenience, while we maintain a central data repository ensuring the authoritative copy resides under our control.

Enforce Data Protection

However, this hybrid approach relies upon users placing the data in the correct folder locations and if they don’t this then presents a data security and compliance risk.

To overcome this we can ensure we protect all of the data on these devices by extending our enterprise data protection solution, for example we can use Veeam Agents to protect our Windows workloads, or a specialised edge data tool such as Druva InSync, which can help us protect edge data on a range of devices and operating systems.

This goes beyond synchronisation of a set of predefined folders and allows us to protect as much of the data and configuration of our mobile devices as we need to.

Understand the edge

While ensuring the device and data is robustly protected, our modern platform also demands insight into our data, where it is, how it is used and importantly how to find it when needed.

This is a real challenge with edge data, how do we know who’s mobile device has certain data types on it? If we lose a device can we identify what was on it? The ability to find and identify data across our organisation, including that on the edge, is essential to the requirements of our modern data platform.

Ensuring we have a copy of that data, that is held securely and is indexed and searchable, should be a priority.

Druva InSync, for example, allows you to do compliance searches across all of the protected mobile devices, so you can find the content on a device, even if that device is lost.

Centralising content via enterprise backup, or synchronisation tools also provides us this capability, how you do it will depend on your own platform and working practice, doing it however should be seen as a crucial element of your modern data platform.

In Summary

The importance of having our data controlled even when it spends much of it’s time on the very edges of our networks is crucial to our modern data strategy. When it is, we can be sure  all of our business security and compliance rules are applied to it and we can ensure it’s protected, recoverable and always available.

Managing the data on the edges of our network is a difficult challenge, but by ensuring we have strong management of devices, robust data protection and insight into that data, we can ensure edge data is as core a part of our data platform as that in our datacentre.

This is part 5 in a series of posts on building a modern data platform, the previous parts of the series can be found below.

modern data platform
Introduction

modern storage
The Storage

031318_0833_Availabilit1.png
Availability

control
Control

 

 

what the cloud can bring
Prevention (Office365)

 

Advertisements

Availability as part of digital transformation – Michael Cade – Ep 22

There is no doubt that the world we live and work in is changing, in our personal lives we expect an always on experience and ever more digital interaction with the world. Let’s face it, who doesn’t get frustrated by having to type in 4 digit pins down the local shop, instead of been able to just touch the terminal with your card, phone or watch.

This is not just in our consumer lives. In our work lives expectation is the same, not only in the way we expect to work with technology, but also in the way our businesses expect to operate, that doesn’t matter if that’s how we interact with our customers and suppliers, or the way in which we design our supporting IT systems, it’s important to realise in all of these instances we can not and do not tolerate downtime.

But what does that mean, what does that mean to us as either IT professionals, or those trying to navigate their organisations through the trials and tribulations of our journey to a more digital way of working.

That’s the subject of this week’s podcast, as I’m joined by Veeam’s Michael Cade to discuss how this move to a more digital world is impacting the way we must treat our technology.

Michael has been talking to me for some time regarding the importance of system availability, as our businesses evolve and become more digitally driven, so I thought it was time to get him on the show to discuss why availability is so important and what we need to consider.

In this episode, we discuss exactly what we mean by digital transformation, how this is driving our reliance on communications and technology and the problems not been able to access them bring, not just to consumers, but to our organisations and the impact that has on customers and our ability to do business.

Although “backup” may not be the “sexiest” of technology trends, the importance of system availability is as critical today as it ever has been, possibly even more critical as we become increasingly dependent on our ability to access technology.

For more information on the topics Michael covered you can check out the following resources;

Science Museum Our Lives In Data

The Veeam Technical Blog Page

The Veeam Executive Blog

IDC Digital Transformation Whitepaper

And you can follow Michael on twitter @michaelcade1

Or his blog at vzilla.co.uk

If you enjoyed the show, then why not subscribe you can find us in all good homes of podcast. Thanks for listening

Subscribe on Android

http://feeds.soundcloud.com/users/soundcloud:users:176077351/sounds.rss

What you don’t know, may hurt you – John Hughes – Ep 20

We are all familiar with the saying “what you don’t know, won’t hurt you”. Well in the world of data management, security and privacy the opposite is most definitely true.

For most of us, as our organisations become more digital, we are increasingly realising the value of our data, how big an asset it is and how important maintaining it is.

However, although we understand how valuable our data is, we actually have very little insight into what is happening to it on a day to day basis.

Ask yourself, do you know exactly what data you have across your business, do you know exactly who has access to it, where it is stored, when it gets accessed, if it even gets accessed and when it’s accessed what gets done with it?

In my time administering IT systems, or working with those that do, I’ve lost count of the amount of times I’ve been asked “who changed that file”, “who deleted that file?”, “can you tell me the files that a user has accessed and copied to a USB stick?” the answer is normally no, and it’s normally no, because our standard storage solutions can’t tell us.

Imagine a logistics company asking questions like, “who’s driving that lorry”, “who was the last person to drive it?”, “where is Fred taking that lorry?”, “can you tell me the type of lorries we have?” and been told, no, we don’t know any of that information, ridiculous right? Yet we do that with our data asset.

We have talked in recent episodes about the threat to our data security and privacy, be it policies or procedures or our people. Just as significant a threat is the inability to fully understand what is going on with our data sets, a lack of insight and analysis means it’s very easy for our data to be abused, lost and stolen without us having the slightest knowledge of it happening.

That’s our focus this week, in the last of our data security & privacy episodes, I chat withjohn hughes John Hughes of Varonis. Varonis provide data analytics and insights into how we use our data, what our data is, who is using it, what it’s used for and if it’s even used at all.

We discuss a little of the history of Varonis, why data insight is so critical, why it’s a cornerstone of our ability to meet compliance requirements and how it’s a crucial part of our defence against data security attacks.

Enjoy the show and thanks for listening.

To find out more about Varonis;

Check out varonis.com

Have a look at their excellent range of BLOGS at blog.varonis.com and of course follow them on twitter @varonis

You can also request a free GDPR data assessment via their website

If you want to learn more about any of the topics in this series, and you are in the North West England on April 5th, you can join me and a range of speakers at www.northwestdataforum.co.uk

You can find the previous 3 episodes in this series here;

Best Take Care Of Those Crown Jewels – Sheila Fitzpatrick – Ep 17

Don’t Build Your Data Privacy House Upside Down – Sheila Fitzpatrick – Ep 18

Make People Our Best Data Security Asset – Dom Saunders – Ep 19

If you’ve enjoyed this episode, then why not subscribe;
Subscribe on Android

http://feeds.soundcloud.com/users/soundcloud:users:176077351/sounds.rss