How Hyperconverged Infrastructure Keeps Enterprise Data Safe And Secure
by Shirish Phatak on June 1, 2017
In May of 2017 much of the world was stunned by the swift spread and extensive reach of a ransomware attack that affected thousands of organizations throughout Europe, Asia, and elsewhere. Many companies lost access to irreplaceable data. Hospital emergency rooms shut down and operations were postponed. The economic damage was extensive. The psychological toll was incalculable.
However, for CIOs and other IT professionals, there may have been at least one positive result. The attacks exposed the fallacy, still believed by many, that they can keep their data safe by retaining it within the walls of their own corporate facilities. The ransomware attack struck at companies’ internal networks, and it didn’t really matter whether the data was on-site or in the cloud. Once the attack began spreading throughout an organization's internal network, all their data, wherever located, was at risk.
That fact highlights the need for an approach to data security that offers the same level of protection regardless of where the information may physically reside. And that’s exactly what hyperconverged infrastructure (HCI) is designed to provide.
Why Traditional Data Protection Methods Are No Longer Adequate
The ransomware threat highlights a major weakness of the traditional approach to data protection. Historically, IT security measures focused on the perimeter, attempting to keep an organization’s data safe behind a strong firewall. But today’s most dangerous attack vectors essentially do an end run around firewall barriers by tricking legitimate insiders into authorizing access.
As recent attacks have demonstrated, a “social engineering” strategy that succeeds in deceiving even one insider into taking an imprudent action, such as clicking on a bogus email attachment link, can compromise an organization’s entire internal network. The fact is that in a large organization, a determined attacker has a very good chance of eventually penetrating even the most technically sophisticated perimeter safeguards.
Companies need to plan their data protection strategies based on the assumption that a perimeter penetration will sooner or later occur. And one of the most powerful tools available for implementing such a protection strategy is hyperconverged infrastructure.
HCI Centralizes and Standardizes Data Protection
The Gartner research firm defines HCI as “a platform offering shared compute and storage resources, based on software-defined storage, software-defined compute, commodity hardware and a unified management interface.” All elements of an HCI system are controlled by software and are managed through a “single pane of glass” standard portal.
HCI is hardware agnostic, meaning that details of the various hardware configurations included in the system are hidden from users behind the software interface. All these devices are treated as a single pool of compute and storage resources managed according to policy directives implemented in the HCI software. Thus, complex behaviors encompassing all or parts of the infrastructure can be controlled from a central point.
How HCI Enables a High Level of Data Protection
The strength of HCI as regards data protection is that it not only allows for but strongly encourages, the consolidation and centralization of a company’s data storage infrastructure. This is especially important for companies that have remote and branch office (ROBO) sites, each generating and storing significant portions of the organization’s business-critical information. The data protection strategies implemented in such locations are often haphazard and, from the perspective of a technically sophisticated would-be intruder, laughably inept. Small remote sites simply don’t have the technical expertise or the financial resources to put a first-class data protection regime in place.
But with HCI, the necessity for implementing sophisticated data protection schemes locally can be eliminated. Rather than having pockets of important information scattered among different business units or ROBO sites, all data can be consolidated into a central repository. Users throughout the organization, wherever they may be geographically located, interact with the single authorized instance of the data as if it were local, rather than with often inconsistent copies existing in various on-site servers.
This allows best-of-breed data protection procedures to be put in place once and applied to all the company’s data through the HCI software. Enterprise-class features such as in-flight and at-rest encryption, remote replication, deduplication, compression, and snapshots can be implemented and supported by expert staff at a central headquarters location, rather than relying on the efforts of less knowledgeable workers at remote sites.
Based on policy directives, HCI software can ensure that data is automatically backed up and replicated to geographically diverse locations. Frequent snapshots can be taken and retained through a specified number of versions. Thus, even if a ransomware attacker is successful in corrupting current data, a recent snapshot can be used to quickly restore the latest valid version. And with comprehensive encryption in place, even if an intruder succeeds at copying data from the company’s systems, it would be useless to them.
It All Depends on the Software
The key to centralizing data protection and applying it across the board is having HCI software that allows all users, wherever they may be, to interact with information in the central repository as if it were local. Talon FAST™, for example, presents users with a local cached copy of just the data they are currently working with. When changes are made, the software transmits only the different data back to the central repository, where it is incorporated into the authorized instance of the dataset.
In addition to this intelligent caching feature, Talon FAST™ also has a universal file locking mechanism that prevents users from causing inconsistencies due to simultaneous changes to the same datasets at different locations.
If you’d like to know more about how a top-flight HCI solution can maximize the safety and security of your company’s data, here's how you can learn more about the TalonFAST solution.