We have seen quite the evolution of backup since the late 90’s when it was called plain old backup. In the early 2000’s backup evolved to backup and recovery, because at the time it really was all about recovery.  During the burst of the bubble in 2000, the term morphed again to data protection.  This term was a result of all the compliance and regulatory laws that came into place and customers wanted to ensure their data was “protected” and they could meet federal, state and local requirements.  The next evolution that came was next generation data protection or modern data protection.  The thinking here was really to put a fresh coat of paint on some of the legacy products in order to prove they could compete with the new money VC’s were spending and the newer vendors in the data protection space.   

Today we are seeing newer backup vendors, in an effort to get ahead in the data protection space, calling themselves security companies, or better yet, Zero Trust companies.  To me, this is a step way too far.  The main reason these vendors are doing this is because they are really single product companies and really, all they do is backup.  I am not saying backup is easy, and some of these vendors do backup well.  But at the end of the day, they make a copy of production data, and hopefully store it safely, in case it needs to be recovered in case of a loss.  Sure, they need to protect data on prem, in the cloud, and at the edge, but it’s backup, not security or Zero Trust.  Data protection is an element of security and Zero Trust, but a customer can’t buy a data protection solution and assume they have a proper security implementation or have lived up to all that is needed for Zero Trust.  Another example is this article about Zero Trust being so overused that security teams are losing trust in the term zero trust. 

It's important to understand that there are probably only a small handful of vendors that could be provide you most of the security or Zero Trust capabilities you need.  Dell is one of these companies, specifically due to the fact we are in the unique position in the enterprise that sees everything regarding your infrastructure from laptops at the end points, to servers, networking, storage, hyperconverged systems and data protection on prem and in the cloud.  This perspective enables us to see how threat actors can attack each area of your infrastructure.  Based on this, we have the ability to try to close some of these vulnerabilities or work with partners who can help. 

At Dell, while we have evolved our messaging and marketing around data protection, it has always been focused on the protection of data and the ability to get your business back to operational when needed.  At Dell, we do talk about data protection as a key component to security, resilience and Zero Trust delivering capabilities that are necessary for a cyber secure environment.  When building a secure infrastructure, you need to look at 6 key things: 

  • Operational Security 

  • The ability to Identify and Monitor your environment 

  • Utilize encryption everywhere 

  • Have SLA-based recovery capabilities 

  • Utilize some sort of immutability and isolation 

  • Take advantage of automation  

These are best practice capabilities that are needed across your infrastructure, including being a part of your data protection solution.  Dell’s data protection solutions help to ensure that when thinking about cybersecurity and data resilience, our solutions provide each of these things.  Here are a few examples: 

Operational Security 

  • MFA / RBAC 

  • Dual Authorization for destructive/sensitive events 

  • NTP clock tamper controls 

Identify & Monitor 

  • AI scanning – data integrity checking 

  • Pattern anomaly detection  

  • User tracking & user identification 

Pervasive Encryption 

  • Encryption / Dedupe – inflight – at rest  

SLA-based Recovery 

  • Replication / sync copy 

  • Snapshot based recovery 

Immutability & Isolation 

  • Vaulting – isolated network 

  • Retention Lock – Compliance / Governance 

  • Sheltered Harbor  

Automation & Orchestration 

  • Automated / Ransomware Recovery 

These are a few of the many capabilities that Dell Technologies data protection solutions provide to keep your business safe.  We don’t need to market our backup solution as a “security solution” in order to provide our customers with the best, and most comprehensive solution on the market that helps to ensure your business is safe, protected and can be successfully recovered.  Dell’s data protection solutions fit seamlessly into your Zero Trust architecture or your security posture as a critical component to the overall security story. 

Our advice is don’t let vendors that only sell data protection solutions fool you into believing that they are a security or Zero Trust company.  There are several capabilities that are needed to build a secure and resilient environment and an architecture that supports Zero Trust.  Data protection is only a part of it and Dell does a great job, as described above, at supporting security, resilience and Zero Trust.  We realize there are more capabilities that are required to build a secure infrastructure, and since Dell sees every aspect of the infrastructure, we have the capabilities necessary to help you with your security journey.  Please see – dell.com/securitysolutions for more information and how Dell can help you, end to end with your security and resiliency needs. 

Tags:

Backup, Recovery, Cybersecuity, Data Resilience, steve kenniston, the storage alchemist, Zero Trust, Dell