In Data and Disaster Recovery, It Is Best to Trust Nothing and No One

In this age of digital transformation, you will need to embrace the fact that doomsday scenarios, like extraordinary outages, can and will happen. It is only in adopting this kind of mindset that you and your team can do the advanced preparation necessary to mitigate catastrophe and instead pave the way for near-immediate recovery. But if Forrester’s “The State of Disaster Preparedness in 2020,” report is any indication, only a few organisations are actually ready to handle an outage, as only 1 in 10 admits to feeling “very prepared,” in terms of recovering their IT services if, indeed, disaster occurs, whether due to a cyberattack, human error, or natural disaster.

That being the case, continuing reliance on a range of legacy products just will not cut it anymore, as it leads to a fragmented architecture with different point products for data protection, backup and automated disaster recovery.  This fragmented architecture complicates the IT environment to a point where management and consistent testing become significantly harder, thereby resulting in increased downtime and a larger TCO.

Your organisation, of course, deserves a better approach to disaster recovery—one that can handle 24x7x365 operational requirements and offer the kind of business continuity and disaster recovery (BCDR) that will help your organisation eliminate data loss, avoid downtime and lower TCO.

Central to this better approach is zero-trust, where zero trust design will be a requirement, whether externally or even internally. In other words, you must eschew completely the notion of a trusted internal network and an untrusted external network. Instead, you should award trust only as a result of continuous assessments of not only risk but of every piece of available information.

In other words, zero-trust assumes all data traffic on the organisation’s networks as potential threats, thus necessitating continuous scans and authorisations based on predetermined rule sets before data is permitted to traverse the network. Consider, for instance, a manager requesting access to the organisation’s data centre. With zero-trust, this request will be deemed a potential threat and scanned accordingly, and access will only be granted only after it is ascertained to be a non-threat.

Thus, with zero-trust, you and your organisation can focus your BCDR on the data itself and on critical applications rather than on the larger network perimeter. This shift in focus effectively cedes the functions of different security domains, which include network and application, into one unified strategy.

This unified strategy, in turn, will allow you to deploy disaster recovery within this zero-trust architecture but in its own security section where it can facilitate fast and secure recovery. Of course, this unified strategy should also include a great disaster recovery strategy that will keep the business going regardless of the event and its fallout, allow testing in the background without impacting users and have the ability to failover irrespective of location.

Zero-Trust security, unsurprisingly, is one of the four pillars of Cohesity’s next-gen data management, along with simplicity at scale, Artificial Intelligence (AI)-powered insights and third-party extensibility. The interplay of these four pillars enables Cohesity to address a range of challenges linked to legacy data management solutions, primarily, complexity, high costs and, yes, risks.

In particular, Cohesity provides a holistic approach to threat detection and rapid recovery, with the former accomplished throught the following features:

  • A security architecture built on the principles of least privilege and segregation of duties

  • User API access authentication and authorisation

  • Strong, multifactor authentication technologies that include access tokens, certificates, smart cards and one-time password tokens

  • Data encryption both at rest and in transit and internode communication encryption to keep the data private and the platform tamper-resistant

  • Rich authorisation capabilities ranging from role-based access control to integration with enterprise authorisation platforms like AD/ADFS and Okta

  • Granular access to data resources, such as workloads, storage domains and external storage targets, are tightly controlled such that users do not have blanket access to all resources in the system

  • Comprehensive audit logging, syslog integration with SIEMs and the Security Dashboard that enable continuous monitoring and assessment of administrative activity and security posture of the platform

  • Comprehensive granular security capabilities

The latter, on the other hand, is possible thanks to AI-based techniques, IMR at scale, air gapping and automated disaster recovery and failover to the cloud. These will enable you to collect data signals and interpret them using AI and then engage with the right people automatically. Additionally, Cohesity will allow you to accelerate resolution and learning with seamless orchestration and automation through leading security ecosystem integrations with, among others, Cisco, SentinelOne, ServiceNow and Tenable.

Just as important, Cohesity has built-in smart capabilities further enhanced by AI. This means that Cohesity will allow you to automatically scan and counter cybercrime in near real time via AI-based ransomware and threat detection. It will also  give AI-powered recommendations that will reduce costs and improve performance. 

Cohesity, therefore, enables you to unlock limitless value from your data, with its next-gen platform able to reduce data infrastructure silos and, critically, protect it from ransomware and similar cyber threats. And in case of the worst, Cohesity’s holistic, zero-trust-based approach to data management will enable faster, more efficient disaster recovery by simplifying BCDR via continuous data protection, snapshot-based backup and automated failover and failback orchestration. Equally important, these are all done across business-critical applications, service levels and environments but with very little downtime and no data loss.

This approach to disaster recovery is the way forward because a worst-case scenario hitting your organisation is no longer a matter of if but of when. So, to ensure resiliency, it is imperative that you put in place now a zero-trust disaster recovery to ensure both business continuity and resiliency.

Sleep Better Knowing You are Prepared for Disaster

When it comes to Disaster Recovery, businesses are struggling to optimise spend and operational demands while meeting a range of business SLAs. Join this session to learn how Cohesity SiteContinuity provides automated orchestration for DR to protect and fail over applications site to site, or site to SaaS.


share us your thought

0 Comment Log in or register to post comments