Chris Rogers, Senior Technology Evangelist at Zerto, a Hewlett Packard Enterprise company, discusses the differences between on-premises and cloud infrastructure and how they impact companies longterm.
The rapid expansion of the cloud infrastructure and services sector has sparked widespread debate about its long-term impact, including what its success means for the traditional on-premises approach to IT delivery.
According to Gartner, for example, more than half of enterprise IT expenditure in key market segments will shift to the cloud by 2025, overtaking investments in traditional IT approaches in the process.
In the context of cybersecurity, the growth of outsourced, cloud-based services has ignited similar discussions, including their relevance and impact on data storage strategies, such as those relying on the use of data vaults. The prevailing belief that effective data security is synonymous with on-premises storage is gradually losing favour among providers and users. However, in the haste to adopt cloud solutions, are organisations overlooking the powerful and enduring value of on-premises technologies and, in doing so, potentially missing out on a range of important benefits?
It’s important to note that the cloud’s popularity does not automatically detract from the inherent strengths of in-house solutions. In fact, certain critical applications and sensitive data may be better suited to on-premises storage due to security concerns and regulatory compliance. Organisations must carefully evaluate the nature of their data and the specific security requirements it demands. For example, this should include an understanding of the importance of geographical location in data storage, as some regulations require data residency within specific borders.
Looking specifically at the role of data vaults, these technologies were designed to align with regulatory standards and improve data security, primarily serving as a reliable backup for data protection in the event of cyberattacks or other security issues. Immutable data vaults store data in a way that prevents any alterations, deletions, or unauthorised changes to the data once it is stored. This is especially key for use cases and industries subject to strict data retention and compliance requirements, such as healthcare and finance.
The cloud’s efficiency and convenience make it a popular choice for immutable data vaults, offering benefits like easy setup, no hardware maintenance concerns, and simplified billing processes with a single service provider. However, this approach also has its downsides, including a loss of control due to third-party system management and reduced autonomy. In addition, delays in data transfer from cloud to in-house storage, coupled with additional egress fees, deter some IT leaders from choosing cloud-based solutions for their vaults.
In contrast, in-house vaults offer some specific advantages such as heightened control, the ability to customise more effectively than cloud-based alternatives, enhanced air-gapping and better recovery speeds. Despite a potentially steeper learning curve initially, with expert assistance and a supportive community, these challenges are manageable.
Additionally, an isolated recovery environment in an in-house setup returns control to IT and security operations teams. Unlike cloud-based vaults managed by service providers, in-house systems allow organisations to tailor their deployment, configuration and management to suit their specific requirements, offering flexibility absent in the more rigid cloud model.
Striking the right balance
Regardless of the situation or technological approach taken by a given organisation, the cornerstone of robust cyber resilience ultimately lies in the deployment of isolated, offline vaults – wherever they are hosted. These are essential for data protection and play a pivotal role in real-time threat detection, such as identifying ransomware attacks. The swift detection and response to cyber threats are critical, as they can prevent incidents from spiralling into major crises.
When evaluating immutable data vault solutions for robust data protection, a key consideration beyond just data security is recoverability. After all, the most impenetrable vault is useless if the data inside cannot be efficiently recovered when needed. The best options ensure both immutable storage to prevent tampering as well as rapid, reliable recovery.
It’s also crucial to recognise that choosing between hosting a vault in-house or on the cloud isn’t a binary decision. Every organisation has distinct needs and limitations, and decisions regarding investment should be guided by specific scenarios. For instance, in cases where the focus is on cyber recovery, the capabilities of on-premises vaults are unmatched.
In situations where immediate threat detection, like that of ransomware, is vital, the performance and adaptability of on-premises vaults are also particularly effective. These systems enable organisations to swiftly revert systems and data to a state just before the attack, an essential capability ideally suited to on-premises solutions.
Factors such as Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) are also crucial in evaluating the data recovery efficiency of vault technologies or services. These metrics are vital, as the repercussions of prolonged downtime extend beyond financial losses to include reduced productivity, reputational damage and potential long-term erosion of trust. Strong RTOs and RPOs empower organisations with choices during a ransomware attack, offering effective and minimally disruptive recovery options.
The ideal data vault blends immutable storage with efficient recovery rather than treating them as isolated objectives, with purpose-built solutions enable rapid restoration from isolated vaults to production systems. This best-of-both-worlds approach future-proofs organisations against intensifying cyber threats without sacrificing accessibility or continuity.
For IT teams, often working with limited resources and budgets, access to efficient data vault-based recovery tools can be a game-changer. In heading in this direction, decision-makers should weigh their options based on their specific context, recognising that there is no universally right or wrong choice. While in-house solutions excel in cyber recovery, cloud services offer convenience. In a rapidly evolving IT and security landscape, the primary goal should be to develop a data protection strategy that is robust, comprehensive and tailored to the organisation’s unique requirements. By embracing this mindset, organisations position themselves to better face the cybersecurity and data protection challenges they will inevitably encounter.