Advertisement
Security solutions that work well locally or in the cloud can be vulnerable when used in a hybrid data center, and organizations need a new approach to meet the data security needs of hybrid data centers.

As organizations respond to emerging trends and threats affecting the way they operate their business, they are turning to hybrid data centers for greater flexibility in data management. According to IDC, the majority (more than 80 percent) of organizations in the Asia-Pacific region operate in hybrid and multi-cloud environments.

Hybrid data centers are adaptable and flexible IT environments that provide organizations with viable and practical systems that can respond not only to ransomware, but also dynamically to a variety of evolving business issues.

But deploying and supporting a hybrid data center presents a number of management challenges. While it enables organizations to more efficiently store and move workloads as needed and better control sensitive data, hybrid environments increase the complexity of managing servers, storage, networking and software across the IT infrastructure.

Here are three ways organizations can successfully manage and protect data in a hybrid data center.

1. Centralized Backup

Centralized backup management is the key to successful data protection in a hybrid data center. A centralized backup management console is the foundation of an effective backup solution.

Many backup software providers integrate their backup software with management consoles provided by cloud, hypervisor, or operating system providers. It makes it easier to manage backups as part of operations in a given environment. However, a cloud-centric, hypervisor-centric, or OS-centric management approach is not practical in a hybrid data center.

A separate centralized console can better manage data protection in a hybrid data center. Users and administrators can monitor and manage backup and recovery of workloads running locally and in the cloud. Equally important, policies such as service level agreements can be centrally created for each environment and then applied appropriately in each environment.

2. Workload Migration

In a hybrid environment, workloads reside in the cloud, locally, or both. The data protection solution must do more than just identify where the backups are located; it must also identify the environment to which the workloads are restored. This is critical if the solution is to take the steps needed to successfully recover data.

This ability to back up and recover workloads in both cloud and local environments is essential. Organizations can do this by backing up a solution of physical machines and then restoring them to virtual machines hosted in the cloud or locally. The right solution should also integrate with cloud, hypervisor and operating system APIs to perform backup and recovery.

3. Protect against ransomware

As more and more organizations rely on backups to defend against ransomware attacks, attackers have targeted backup software. If they can compromise backups or backup software, they are in a better position to demand ransom. Backup software deployed in hybrid data centers should provide measures to mitigate and repel these attacks.

Backup solutions should authenticate and authorize any user who wants access. With available multi-factor authentication tools, the backup software can first verify the identity of the user. Identity and access management can then be used to monitor and standardize the actions taken by users. Multiple individual approvals may even be required before specific tasks can be performed, such as changing backup schedules or deleting backups.

Backup software should also provide the ability to manage immutable storage technologies. Immutable storage saves backups in a readable but immutable format, which prevents ransomware from encrypting them. Products for immutable storage that run in the cloud and locally are now available.

Backup software should provide the ability to manage air-gap technologies. These technologies are a proven way to protect backups from ransomware, and they logically or physically separate backups from the production environment. With logical air gaps, immutable storage resides in the cloud or locally. With a physical air gap, organizations can back up data to disk or tape, which can be physically separated from the production environment.