Cloud Providers and Agencies Share Responsibility for Data
Most cloud providers operate on a shared-responsibility model.
“The cloud service provider specifically outlines that information and data are the customer’s responsibility under this model. While the provider may use that data to deliver application services like email, the customer is accountable for ensuring backup and recovery,” Breakiron says.
A cloud provider will retain data for as long as it’s needed for operational purposes — typically, a couple of weeks — then delete it. That presents a significant risk for agencies that fail to take this into account as they strategize their cloud use.
EXPLORE: Which clouds service - hybrid versus multicloud - is best for your agency.
“We saw a major government agency lose 40,000 email accounts for which they had no backup. It was just a mistake on their part, but it was gone,” Breakiron says. “If you are not backing up, you can lose data to mistakes or malware, and you have no way to recover in the event of a ransomware attack.”
With an intelligent data management solution, agencies can safeguard their backup effectively, even in a multicloud or hybrid environment.
Backup and Recovery Systems Require Data Categorization
Effective backup and recovery start with understanding the data. It isn’t enough just to periodically dump massive stores of information. Rather, agencies need to sort and categorize that data.
“You need to know how important that data is to your overall organization. Not all data is created equal,” Breakiron says. For example, “nuclear command and control is more important than Fort Belvoir golf course scheduling.”
“You need to know that, so that if you do get attacked you know what to restore first,” he adds. “It’s also about longevity, how long you want to keep this particular data safe.”
DISCOVER: How virtualization and consolidation help agencies cut back on physical data centers.
In a modernized solution, software reads and interprets data and creates a comprehensive index from metatags. An intelligent data management solution applies automated processes for categorizing, sorting and prioritizing data, and labels the data for future reference.
Ideally, such a solution offers complete coverage across on-premises and cloud workloads. Delivered as a service, intelligent data management supports flexible data recovery, with advanced restoration options and granular search capability.
That granularity is one of the key benefits of this approach. Suppose a defense agency has a classified data spillage incident, where a sensitive document is incorrectly moved into an unclassified system.
“You don’t want to delete a month’s worth of data. You want to go get that single file or that email and erase it off your backup,” Breakiron says.