The data center is no longer the “center” of data. As much as 40% of data is now outside the data center on user devices (endpoints) and in cloud-based applications. The workforce is no longer tied to a specific office because 75% of employees are now mobile – and most of those employees are using multiple devices. Endpoints now carry unique, often mission critical and business sensitive data. Given that endpoints operate in the wild, outside of the safe confines of the data center, they need more than just improved backup. IT needs to implement a complete end-user data strategy.
Endpoints are Asking for Data Loss
The second class citizen status endpoints get from IT is ironic given the chances of data loss on one of these systems is incredibly high. While almost every server in the data center has some sort of media redundancy (RAID 5 or 6) built into it, almost no laptops or devices have redundant media. Also consider these devices are not mounted one time, screwed into place and never to be moved again. Laptops are thrown into bags, rolled across airport conveyor belts and crammed into airplane seat pockets.
Now factor in the reality that so much data is outside the data center on these devices, much of it unique and not stored anywhere else. A media failure, loss or theft of one of these devices means hundreds of GBs of organizational data is now at risk. Also consider laptops are a prime point of entry for modern day cyber-attacks and ransomware. It becomes obvious the current status quo of backing up a few executive laptops is not enough.
IT needs an end-user data strategy based on three pillars; data protection, file sharing and data management.
Pillar 1: Data Protection
The foundation of an end-user data management strategy is a data protection solution that protects all the data on endpoint devices on a regular basis. The frequency of required protection means data needs to be backed up quickly without impact to the user. It also means that the backup has to execute from anywhere. It can’t wait until the user returns to a local office.
Part of this strategy also has to address theft or loss, which has several ramifications. First, the user is down and not productive. The user needs a new system returned to the state of their old system made available to them as fast as possible. Second, the old system needs to be wiped from the lost or stolen device so if it is in the wrong hands it has no value. Third, both of these tasks have to occur seamlessly for the IT administrator, who has other responsibilities than just recovering a particular user’s lost laptop.
In addition to protecting laptops, IT needs to start protecting cloud based applications like Office 365, G Suite, Box and Salesforce. While these services do protect data, that data protection is in case the service provider loses data, not their customers. This data needs protection from accidental user deletion and situations where entire accounts are comprised and deleted. Imagine if someone gained administrative login credentials into the organization’s Office 365 account and then deleted all the data in that account and changed all the passwords, or deleted the account altogether. The loss of data could potentially put the organization out of business.
Pillar 2: File Sharing
The second part of an end-user data strategy is dealing with file sharing. Today users want to share files from their devices to other employees and business partners. In the past email was used to accomplish this function. While not perfect, email did at least create a record that the sharing occurred. Today most users want a DropBox-like functionality and if IT doesn’t offer it users will subscribe to a service on their own. Not only does this create data redundancy as data is copied between their laptop and the service, it creates another point of data leakage because IT can’t log or oversee the sharing of files.
The end-user data strategy, then, needs to include file sharing. If file sharing is integrated into the data protection process, it can eliminate data redundancy and centralize IT administration into a single console.
Pillar 3: Data Management and Compliance
The third pillar of an endpoint strategy is data management and compliance. The first part of the pillar is archiving. There are dozens of studies that indicate that over a year, users are not accessing 80% or more of data in the data center. Most studies that include laptops show an even worse ratio, with as much as 90% of the data not being accessed on a laptop in over a year. Even migration to a new laptop does not fix the problem since users will typically migrate the old data as part of the migration. But it is also important for IT to realize that some of this in-active data must be retained for specific periods of time. There is also a need to collect and hold data in response to legal and HR requests.
If IT can archive even the oldest 50% of this data from these systems, it limits the organizational exposure and lowers the cost of new laptop deployment. But for the archive process to work, the user needs to be able to easily find and restore old data when they need it.
Beyond archiving, IT needs to also identify and find data that is particularly sensitive or is needed in response to a recovery request. How, though, does IT find data that is spread across potentially thousands of laptops? Part of the endpoint strategy is federated search that will identify with a single query data of particular value. This includes the capability to search for particularly sensitive data such as a document with a credit card or social security number stored on a salesperson’s laptop.
There are solutions on the market that address each of the pillars, and even sub-components of the pillars individually. But IT should look for more comprehensive solutions that integrate all of the pillars into a single solution. A single solution should make both IT administrator and user interaction with the strategy easier and it should reduce data redundancy.
To learn more about developing an end-user data management strategy, watch our on demand webinar, “Endpoint Backup is not Enough – You Need an End-user Data Strategy”.