Big DataInterviews

Rethinking Enterprise Data Protection Strategies in 2022 and Beyond

safer internet

The incessant rise of ransomware attacks and other data threats has made backup and data protection services all the more essential for organizations today. While there’s no way to predict the extent of these attacks in the years to come, it is clear that a sound data protection, especially a cloud backup strategy, will increasingly become pivotal for organizations to guard against future cyber threats.

In a recent interaction with CXOToday.com, Shiva Pillay, General Manager and Senior Vice President, Asia Pacific and Japan, Veeam Software, explains how data backup and protection requirements are changing, as organizations shift to remote work amid the pandemic and adopt new working models worldwide. He also explains the company’s growth plans for the APJ region – especially the India market for the next one year.

  • In the last 20 months or so, can you tell me, how data backup and protection requirements are changing globally and more so, in the APJ region?

Data itself is becoming increasingly critical because it is the real asset when we talk about data backup and protection. Without it, not only does an organization face business continuity challenges, but it also hinders organization’s efforts to aspire for digital growth and transformation.

The COVID scenario puts the CIOs in a situation wherein they must tackle the challenge of how their businesses will run remotely. This has given rise to workplace trends like work from home (WFH) and bring your own device (BYOD), which in turn has resulted in the organizations witnessing proliferation of data, put very simply, it’s now a lot more difficult to control, manage and protect as you have many people working remotely demanding access to data. It also represents a significant increase in the potential for hacks and data loss. And that data is critical for the business’s ability to generate revenue and touch their customers.

If an organization is unable to understand data and to use it as an asset, it will inhibit their ability for digital growth. As per the  Veeam Cloud Protection Trends Report 2021, “Data is moving, and IT platforms are changing. Physical to virtual to cloud to containers, this evolution and expanded deployment mix shows that data lives in multiple places, so organizations need the flexibility to protect their data regardless of physical location, hypervisor, or application. Irrespective of where a workload is stored, it always needs protection – even when in the public cloud.”

The report states that public cloud is now a primary means of storing and delivering an organization’s data. In APJ, 49% of organizations, run their high priority workloads on the cloud, and they host as a mainstream platform for hosting data.

Another change in the landscape is cloud-hosted IT delivered models –infrastructure as a service, Software as a Service, and containers are gaining a lot  of traction for production and disaster recovery, which means legacy providers, typically, served on-premises style engagements, must keep up with these mechanisms.

Talking about containerization, in APJ 40% of back up data belongs to containerized applications separately. Majority of the organizations believe their container architecture is durable, so they don’t need to back up at all. Also, as per Veeam’s Data Protection Report 2021, 82% APJ organizations have an “availability gap” face an issue with recovering applications in an acceptable time frame and 77% of them face a ‘protection gap’.

  • Can you explain Veeam’s 3-2-1-1-0 backup strategy? How would it benefit businesses and help in the data protection landscape?

The 3-2-1-1-0 strategy is fairly simple. It stems from cyber attacks, which are becoming extremely prominent in today’s day and age. When you think about cyber-attacks, they really impact a company’s ability to drive their business and hamper their ability to move their businesses forward. The 3-2-1-1-0 strategy means you have three copies of your data, on two different media types – one copy should be off-site and one copy being offline, air-gapped, or immutable and lastly there should be 0 errors after automated backup, testing and recoverability verification.

Having an “ultra-resilient” copy of backup data that is either offline, air-gapped or immutable is an incredibly resilient specimen to help ensure data recovery in a ransomware event. It is a life insurance policy for you to get your data back up and running, while your security teams go back and solve the root cause of ransomware attack.

Also, having 0 surprises upon restore is a big benefit today. SureBackup recovery verification by Veeam is a great way to confidently know that you can restore data. This isn’t because a Veeam backup isn’t “good” it is just that certain behaviours are only manifested on restores or reboots that may inhibit a restore going as planned.

Ransomware attacks are inevitable in today’s time. It is not something that you can defend against. So, my advice to companies having worked in both security and the data backup space is if you have an immutable copy of that data, that’s the ideal way of ensuring that you’ve got zero errors and you protect the integrity of the data.

  • How are emerging technologies like AI, blockchain and IoT helping enterprises enhance productivity and efficiency? How is Veeam leveraging the same to help businesses?

New-age technologies, techniques are changing the game. Talking about how Veeam is playing in that space, we have had 20 new product releases in the last year. This spans the ecosystem of not only the cloud business, which is what we’ve started talking about, but the virtual, physical infrastructure, SaaS and application-specific environment.

Last year, Veeam has released the v11a – a product, which is, even stronger and more robust platform. It comprises of a number of things which are quite interesting for our cloud users. One, it has increased value for customers as they expand to the cloud, including native and advanced protection for AWS, Azure and Google Cloud. It has also delivered massive new support for leading public cloud platforms to help organizations accelerate cloud adoption by ensuring data is reliably secured, protected, and managed, while optimizing spends.

Our fastest growing product, Veeam Backup for Microsoft Office 365 reported 73% growth YoY in Q3’2021. The #1 backup and recovery solution for Office 365 enables users to securely backup to any location, including on premises, in a hyperscale cloud, or with a service provider.

Moving on to Kubernetes, we are now doubling down on modern infrastructure in this space, with the recent acquisition of Kasten. This acquisition enables us to deliver not only in the physical-virtual but also in the container-based environment; it has enabled us to offer K10 platform to our customers across the region.

With Kasten K10, organizations can store backups in the cloud, on-premises, and ransomware-proof immutable environments. It further enhances the data security posture and will add value to the data protection solution.

The intent for us is to deliver modern data protection solutions for the multi-cloud enterprise and help customers manage and back-up all the new types of data that are critical to their environment.

  • Which industry verticals are you targeting with these new products? Tell us something about your SMB focus as well.

We have the same code that runs on an SMB environment. For instance, if you are backing up on Veeam, the same license will protect hundreds and 1000s of machines for enterprise customers. It really goes down to the concept of where we differentiate ourselves in the market and what we feel is one of the reasons for growth is the simplicity of the product and how it applies to an SMB customer all the way through to very large, complex enterprise customers.

In fact, 100% of our solutions cater to all enterprises across sectors. Veeam is continuously innovating with its solutions and the strong focus on innovation has helped the company reach where it is today. Veeam continues to deliver consistent, double-digit revenue growth because of its unmatched scale and market expansion.

Globally, in Q3 2021, Veeam witnessed a double-digit growth with an annual recurring revenue (ARR) increase of 28% year-over-year (YoY). With the fastest revenue growth YoY (25.3%) in the most recent IDC Semi-Annual Software Tracker for Data Replication and Protection 1H 2021. Globally, we achieved double-digit growth for the 15th consecutive quarter. In APJ, Veeam reported an annual recurring revenue (ARR) increase of 30% year-over-year (YoY). Veeam’s momentum was fueled last year by new product releases and major feature updates, and the company is gearing up for a couple more this year in Q1 2022, including Veeam Backup for Office 365.

  • Can you please outline your growth plan for the APJ region and especially for the India market in the next 12-18 months?

The APJ region we have expanded our partnership with Ingram Micro – following the launch of Veeam on Ingram Micro’s cloud marketplace in ANZ, we’re also now available in Singapore, Malaysia and Hong Kong. Recently, Veeam expanded its business partnership with Ingram Micro India by signing a distribution agreement in India.

This quarter we added some great referenceable customers to the region, including: Parul University in India, Qingdao Huanghai Pharmaceutical in China, Diamond Group in Indonesia, Midosuji  Tax Office in Japan, TRC Thailand, Lembaga Lebuhraya Malaysia and Essilor Group in Singapore – spanning across multiple verticals such as education, healthcare, construction, F&B and government. This is a testament to our commitment in providing the best-in-class data protection technologies to businesses across all industries and markets.

In India, we also work with major companies like Hero MotoCorp, Future Generali, and 63 Moons to name a few. Automotive, BFSI, healthcare, telecom, ITeS and PSU are the key focus verticals for Veeam in India. We cover the whole gambit of these types of customers.

Our plan is very simple in terms of growth. We will be driving high growth. And it needs to be a sustainable one for our customers, our channel partners, our own team, and the organizations we partner within

The alliances ecosystem will be focused on vertical lead orientation. We have a great leadership as well as sales team and I have a focus that will be on taking share. So, we continue to take share in India, we’re pushing towards that number one spot

Secondly, we will build more scale by investing into headcount and the areas that help our customers and partners use our products more effectively

And then lastly, we will continue to invest in futures and the way we drive our business. Veeam is continuously innovating and the strong focus on innovation has helped us reach where we are today. From doing $100,000 sales in 2008 to reaching over 1 billion dollars (globally) in 2020, our innovation-driven approach has paid off well.

  • Today, ransomware attack is a key concern for every business; can you tell us some of the best practices that CISOs should adopt, to mitigate the risks of ransomware attacks and ensure business continuity?

Ransomware attack volumes have increased 151% globally, in the first six months, businesses of all sizes are aware of the threat. Rick Vanover, Senior Director of Product Strategy at Veeam has written a whitepaper which suggests five best practices CISOs should look at adopting if they want to drive and guarantee business continuity.

  1. Identify: Determine what environments exist which an attack might affect, what risks are associated with those environments, and how this all relates in context with your business goals.
  • The human firewall – probing
  • Plan for business continuity
  • Tag your digital assets
  1. Protect: Develop and implement appropriate safeguards to ensure critical infrastructure service delivery by proactively supporting your ability to limit or contain the impact of a cyber-attack.
  • Educate your human firewall
  • Invest in your digital hygiene
  • Implement The 3-2-1-1-0 rule
  1. Detect: The detect function allows for a timely discovery of cybersecurity events and is a critical step to setting up a robust cyber strategy. The faster an event is detected, the faster its repercussions can be mitigated.
  • Set up detection systems
  • Place virtual tripwires
  1. Respond: The respond function helps users develop techniques to contain the impact of cybersecurity events by ensuring you develop and implementing appropriate actions.
  • Create an incident response plan
  • Be calm and accountable
  1. Recover: Not all cyber-attacks can be averted, so make sure you have a recovery strategy in place for those moments when your cybersecurity defenses have been breached.
  • Define your recovery strategy
  • Design your recovery

If you have the five best practices in place and have great backup solution that can help you repopulate your data, you’re in a better position to not succumb to ransomware attacks.

  • Do you see any stark difference between global and APJ trends in terms of attacks and also data protection strategies?

In APJ, we are seeing some positive trends around the movement to cloud and containers, it is far more accelerated than we see in some of the other markets. And as you know, India is very central to innovation and driving cost efficiency. The new economical alternatives to build infrastructure become increasingly critical and explosive in those markets.

I always see India as a place of great innovation and forward-looking in terms of tech and driven from a cost efficiency standpoint, but then that has high demands on the type of technology. You must be present as a technology leader to be successful in that marketplace.

All in all, the criticality of data is one of the key messages from here. The move to cloud and the move to different types of Cloud – container-based, SaaS, infrastructure as a service – means that to keep your data available, you need modern data protection strategies. Veeam is doing well because we’re so focused on our customers, partners, and are so close to their trends. And as I said earlier, it is important for CXOs to address the changing data protection requirements and start thinking about a layered data protection approach i.e., identify, protect, detect, respond, and recover.

Leave a Response

Sohini Bagchi
Sohini Bagchi is Editor at CXOToday, a published author and a storyteller. She can be reached at [email protected]