Security Benefits of Enterprise Data-as-a-Service

By David Chang (SVP of Products and Co-founder at Actifio)

Hopefully, you have seen our recent blog on Enterprise Data-as-a-Service (EDaaS) revolution as the next big thing.  We are truly excited about what DAAS being the final lynchpin that completes the required capability for our customers to truly realize the vision of hybrid cloud.  

An EDaaS hybrid cloud will provide the following benefits to our customers:

  • Agile – Providing instant access to data, anywhere,
  • Resilient – With data protection built right in, instead of bolted on,
  • Independent – Meaning no vendor lock-in, on the box or in the cloud,
  • Secure – Hardened for enterprise security, governance, and
  • Scalable – From a single application to a global enterprise.

Today, I would like to focus on the “secure” benefit, as customers have been telling us for years that we now have given them the confidence that they “feel” better protected against:

  • Data resiliency (data loss, corruption, and site outage)
  • Infrastructure security

The first benefit is a well known attribute of what we deliver, so I won’t go into it with much details in this blog but rather focus on infrastructure security.  To be frank, initially we were kind of surprised that customers believe our solution provides value in infrastructure security. So we finally asked a few of our forward thinking customer CIOs why?   They told us EDaaS benefits security in the following high level ways:

  • Significant reduction in infrastructure attack surface
  • Ability to instantly bring back systems that have been attacked at near full production performance with fine granularity
  • Instant application stack reconstitution (both data and VMs) for security scans
  • DevOps automated workflow to mask production data prior to giving to the test team or big data analytics
  • High speed and low RPO replication of the entire application stack for remote vaulting with full history

Significant reduction in infrastructure attack surface – With EDaaS, our customers design a SLA that encompasses the entire application and data lifecycle.  This approach not only drastically simplifies the customer’s management requirements and reduced the number of copies (and cost), it also represent a full accounting and controlled access point for your data.  A high number of security incidents in the past have been focused on third party gaining access to a lost copy data.   Actifio significant reduced this attack surface and provide a single control point for how employees access the copy data.

In this 24×7 new world, application downtime is a very unpleasant subject.  Imagine if a hacker penetrated your network and ransom encrypt your data, how fast can you bring application back online to a state just prior to that event?  This is another area that we look to shine in, from daily VM RPO or continuous database granularity, we can reconstitute your entire application stack back online either locally or in a remote location near instantly regardless your data size. This is great insurance against that “what if” scenario.

One philosophy in security is that hackers can’t attack what is not there. Through the automated DevOps workflow data masking process, our customer can keep the sensitive data in production and only provide post masked data for testing and analytics.  This is how we can help!

Let’s be perfectly clear, what we do is not about delivering a security product!  We do not scan your network for vulnerability, detect intrusions, or do identity management.  However, we do provide you with an agile infrastructure that is less prone to attack, reacts faster after an incident, and designed in the right way, and is more resilient to potential penetration.