Today, even basic and consistent backups of endpoints are a rarity. Given all the threats that an organization faces, and the uniqueness and value of the data found on user devices like laptops, tablets, and smartphones, endpoint protection is critical to the organization. IT needs to take full responsibility for protecting corporate data whether it is on user devices, remote office or at the edge. IT, though, needs to expand its vision beyond simple endpoint protection. Organizations need to adopt a holistic approach to data management which not only includes protecting endpoints but also factors those endpoints into the disaster recovery plan as well as managing data on those endpoints to meet increasing demands for data retention and data privacy.
Step 1: Solve the Backup Problem
The first step in creating a holistic endpoint data management strategy is to ensure that endpoint data is consistently protected, even on endpoints that never get close to the primary data center. The challenge, especially with remote workers, is how to centrally backup all the organization’s endpoints to the data center when those endpoints are limited by the thin bandwidth provided by WAN connections.
Many organizations turn to a cloud-based solution to solve the problem of centralized backups of distributed devices. While the cloud does ease the backup burden somewhat, it does not remove it completely, and it adds a few challenges of its own. Most cloud endpoint backup solutions leverage deduplication and compression to optimize data movement to the cloud. A few also optimize the way the data is transferred by creating a more optimal path than traditional TCP/IP. For the most part, especially when the initial backup is complete, subsequent backups work well within the confines of Internet bandwidth.
The first challenge with using the cloud for endpoint backup is that most cloud backup solutions force the organization into a relationship with a large cloud provider, and often don’t even let it choose which large cloud provider. Additionally, these providers don’t typically provide individualized technical support. If the endpoint protection solution’s vendor finds a problem in the provider’s architecture, then it is very difficult for the vendor to work through that issue since they don’t “own” the storage.
Being forced into a relationship with a megacloud provider can also impact endpoint disaster recovery. If an endpoint or group of endpoints is lost, the organization can’t ship a box of laptops to the large cloud provider for local restores. Instead, the organization is forced to pull all the data it recovers, over the Internet to these systems, which is a time-consuming process. Additionally, the cloud provider may impose egress charges on the data being restored, which increases the cost of recovery.
The second challenge is that most cloud endpoint backup solutions backup directly to the cloud and provide no option for a local backup copy. The problem with direct only backups is that all recoveries also need to come from the cloud. For a single file recovery, pulling a file from the cloud is not an issue, however, recovering an entire laptop is. But again, since shipping laptops and other devices to the large cloud provider is not an option, the organization has no other choice.
IT needs to look for endpoint protection solutions that are flexible and can back up data to a variety of different cloud providers. For example, a custom cloud provider focused on data protection and secondary storage management can provide additional services like local restores in the event of a disaster. IT also needs to look for a solution that can store the most recent copies of backup sets on-premises so that IT can execute large restores locally.
Beyond Endpoint Backup
IT also needs to look beyond endpoint backup to endpoint data management. IT needs to offer services that are not typically part of the data protection process. For example, one of the most common problems facing laptops is not hardware failure; it is theft or loss. It is very easy to leave a laptop behind while dashing through an airport. The endpoint solution needs to provide remote wipe and geo-locating to make sure that stolen or lost endpoints don’t have their data compromised.
Securing endpoints is as important as securing the data center. It also poses a greater challenge since endpoints are literally on the frontlines of cyber-warfare. Endpoints are the most susceptible to malware attacks, so not only is protection required, frequent backups are a must. Encrypting data on endpoints, data transmitted by the backup solution and the backup storage repository are all critical to maintaining endpoint security. The endpoint data management solution should provide an enterprise key controller to make it easier for IT to manage the multiple points of encryption.
Data protection is a reactive response to the security problem. It is the process IT turns to when all the walls and barriers fall because eventually, something will get through. The reality of an eventual breach though doesn’t mean that IT should do nothing. Every attack that can be prevented should be. The challenge though is deploying and managing endpoint security on endpoints is very difficult because of the number of components and their constant movement.
IT should look for a cloud deployable solution to reduce implementation and operational complexity. The solution needs to leverage machine learning, real-time behavior monitoring, and a centralized management console. It allows IT to prevent or at least shutdown attacks before damage becomes more widespread.
Endpoint Data Management
Data on an organization’s endpoints fall under the same regulations as data within the data center yet management of that data is often non-existent. The European Union’s General Data Protection Regulation and California’s Consumer Privacy Act both outline very specific data protection and retention requirements. Organizations need to apply similar data management processes to endpoint data as those that they apply to data center data. At a minimum, the organization needs to have the ability to archive endpoint data as well as classify it for legal hold.
Data protection is an essential first step on the road to an endpoint data protection strategy. It is a step that many organizations have not taken, at least in the form a formal practice, thus far. In this case, there may be an advantage to being late to the game. IT should move quickly to establish an endpoint protection strategy but should also consider how that strategy fits into an overall endpoint data management that includes compliance, data archiving, loss prevention, data leak prevention and security from cyber-attack.
Storage Switzerland’s on demand webinar “Holistic Disaster Recovery; from Data Center to Endpoint” discusses how to establish an endpoint data protection strategy and how to use it as the foundation for an endpoint data management strategy. It is available to watch now.