Jason Gerrard, Senior Director of International Systems Engineering at Commvault, explores the possibilities for change within the backup and data protection industry.
Data protection has changed significantly over the past few years as business needs have altered. With hybrid working becoming the norm, companies require data protection solutions that can be applied to various environments, no matter where they are located or accessed. With some business leaders no longer wanting to invest in data centres, servers, and other hardware, cloud-based Backup-as-a-Service has undoubtedly taken off.
But with cybercriminals growing in sophistication and ransomware hitting the headlines daily, are backups enough? The latest innovations are at our fingertips and the possibilities of AI are set to transform the data protection landscape even further. So, what does the future hold for the data protection industry?
The blurring lines of data protection & security
Whilst data protection and security have previously been considered separate pillars, the two are beginning to merge in a way that has not been seen before. Traditionally, data protection was concerned with data storage and backups, whilst security solutions were the preventative measures, such as firewalls and anti-viruses.
But, in recent years, bad actors have switched tact, forcing organisations to also adjust their strategy. Previously, cybercriminals would encrypt data, so that organisations could no longer access or understand it. Now, they take a copy of the data and threaten to publish it or give it to competitors if a ransom is not paid. Whilst a backup could have provided protection from encryption, as the data could be restored, it unfortunately doesn’t protect you from a bad actor sharing your data and the GDPR fines and reputational damage that come with it.
As a result, preventative measures must come hand in hand with backups, and a strong data protection strategy must have security at the heart of it. It also means that the industry is having to think smarter about backups – they will remain important but need to adapt with the threat landscape. Luckily, emerging technology is on hand to help and push the data protection industry forward.
Building on the foundations
Over the next few years, the data protection industry is likely to build on existing technologies to improve their offerings. For example, we can expect to see an acceleration of continuous backup and a move away from point-in-time backups. We are already starting to see this trend, but it will definitely become more prevalent in the near future. This will ensure that everything will be protected, at all times, no matter where it is stored. No longer will businesses be left with an outdated backup. Looking ahead five to 10 years, it is likely that point-in-time backups will be a thing of the past.
Similarly, immutability is increasingly used today around applications and software, ensuring that nothing can be changed or modified once it has been created. Most backups are already immutable to ensure that, in the event of a cyberattack, they are not tampered with and rendered useless. Yet, there is no reason why all non-live data sets can’t also be immutable. This would support the backups and ensure that legacy data is accurate by taking away the possibility of it mistakenly being changed by employees or purposely modified by an insider threat.
The rise of the machines?
It is not just technology that we are already familiar with that has the potential to move the data protection industry forward. The possibilities of artificial intelligence (AI) have been discussed far and wide over the past few months, and it certainly has the ability to transform data protection.
Currently, the management of backups is still typically done by humans. Whilst many data protection providers are integrating AI and machine learning (ML) into their solutions, for the most part, it is humans who decide what to backup, where it should be stored, and to what schedule. But the new possibilities that AI is presenting means that, in the not-so-distant future, humans won’t need to be involved in the process. Soon, systems will be clever enough to recognise data sets and determine how best to protect it without human intervention.
Looking further into the future, and the further development of AI, it is plausible that applications will one day become self-aware enough to not need a separate backup or data protection solution to secure it. It could back itself up without needing a centralised solution to do so.
This is not to talk the data protection industry out of existence, because backup technologies will still be required to power it. But the future of backup will no doubt be built into applications, rather than being deployed as a separate entity. To quote the Terminator movie, the future of the data protection industry is certainly going to be characterised as the rise of the machines.