Everything is not the same for applications and data, so why treat everything the same for cloud cyber security and data protection? This question was the primary driver of a recent webinar hosted by Quest, titled Best Practices for Using the cloud for Backup, Disaster Recovery, and Long-Term Retention. The discussion was led by Technology Strategist and Senior Product Consultant at Quest Software, Adrian Moir, who highlighted trends, techniques, and best practices to optimize cloud object storage for backup disaster recovery and long-term data retention.
For many agencies and government organizations, the top questions that they will ask when determining the best cloud storage platform for their data are how many years can the data be backed up, and how much data can be stored? However, according to Moir, the question that should really be asked is how long will it take to recover data in the event of a cyberattack? “How you want to recover data really should be driving how you protect, backup, and move your data to where you need it to be,” said Moir.
In addition to storage space, most organizations view all their data from the same lens, ultimately resulting in a waste of storage. Moir continued, “If you treat everything the same, you will have a huge amount of data. If you decide you want to put it in cloud, it’s ineffective, it’s expensive, its’s wasteful, it will take you an awful long time to sort it out for restore and the only benefit you have is to tell management, Well I’ve got everything.”
Moir said that instead there are four best practices that federal IT organizations must ingrain into their data storage plans. Each bringing an added layer of certainty that, when an attack happens, they will not be caught flat-footed. The first, is to differentiate data based on importance.
Differentiating data
To maximize cloud cybersecurity and storage space, Moir emphasizes being smart about your data by recognizing what you have and how it aligns with your organization’s operation. “Stop spending time and effort on things that don’t matter when you are recovering. When recovering, you really need to know which bits are operation-critical. When your agency or organization goes down, what stops you from making money? That is the critical piece,” said Moir. Some companies want to recover all data but don’t have the budget. However, Moir noted that by understanding what your operation-critical data is, you can maximize your cloud storage appropriately.
Understanding how your data is being used, is essentially how you will maximize your storage. “The usage of the data is very important,” said Moir. As you identify which data to store, ask yourself the following:
- Is this operation-critical data?
- Is this average data?
- Is this static data?
Moir continued, “When identifying operation-critical data, determine what you can afford to wait for. This helps you identify what you need to recover first, which helps build your disaster recovery plan and allows you to determine your priorities for a more intelligent plan.”
Be smart with data on the cloud
Once you have confirmed the operation-critical data that you would like to recover, you must now determine your cloud’s size, speed, and connection. As you select the best cloud for your agency or organization, the smartest step you can take is to identify how to protect and preserve your data.
“Think about optimizing the data before you put it in the cloud. Preserving the data is not only about retention but about encryption,” said Moir. Encrypting data before putting it in the cloud is not a consideration for most companies. However, it is imperative to note that your data is no longer secure if your cloud cybersecurity credentials are compromised without encryption.
In addition to securing data through encryption, Moir shared five steps to ensure you are smartly utilizing the cloud:
- Get the right data
- Get the right size
- Get the data optimized
- Get the data secured
- Putting it into the cloud
Understanding your budget constraints and identifying a budget is vital in determining the best cloud storage for your data. “The basic price to store data in the cloud is generally less than a quarter of a cent per GB; however, that soon adds up. As you move the data up, touch the data, scan the data, move the data down, you get charged… Shop around for your vendor to determine which one will benefit you the most, as each one offers different options” said Moir. He also suggests sending small amounts of data to the cloud at a time to gauge the costs and develop a more precise budget.
Data retention
As you develop a budget, retention should be a primary factor. Ask yourself, how long do I want to keep data? Retention and the frequency you pull data will affect your budget. Moir says, “Depending on the data and usage, the cost will be impacted. For instance, if you store something for seven years, I don’t want to store that in the most expensive cloud storage if I am not going to use it regularly,” Moir continued. “You should put this data in the cheapest storage. It’s cheap to keep things in the cloud; however, you will get charged to pull things out. So, think about the type of data you’re putting there and what its use is in the cloud storage.”
For operation-critical data, you need storage that is easily accessible, which will cost you more. Knowing the time it will take to pull data out, you can align the costs you spend on cloud cybersecurity and storage with your operation requirements. “It’s not always about how much it costs to store your data, more importantly it’s how much it will cost you to restore it. Recovery budget it very important,” said Moir. Being smart about your data and where you are keeping it and ensuring you have protection and retention will give you a better understanding of costs.
Cloud storage and data protection decision making
Once you have determined your budget and how you will best create a cloud cybersecurity paradigm and data storage procedure, it’s time to choose the most effective cloud storage and data protection for your agency or organization. According to Moir, when identifying the best cloud storage and data protection, you should consider the following:
- Simplicity
- Transparent Recovery
- Automation
- Cost Considerations
- Terms and Conditions
Moir noted that many cloud cybersecurity partners have solutions that meet each of those criteria. He added that Quest specifically offers a variety of technology that incorporates these recommendations for any government agency’s program. He added that solutions like Quest’s QoreStore, are what federal IT needs to look into to create agile solutions for optimizing secondary storage in any location.
To watch the webinar in its entirety, click here.