You don’t need to use a sledgehammer to secure all your data

Is more better? If we’re talking about (very) nice bicycles—you bet! According to an old saw, the perfect number of bicycles to own is n+1 (where “n” is the current number of bicycles you own), and what the heck, my wife needs a new one, too. Money? Time off? Cheetos? Most folks would agree that more of this stuff is almost always better.

Can you have too much of a good thing? As noted before, I have a predilection for fine wine, beer, and whiskey. I also fully understand the ramifications of taking some indulgences too far. Yes, moderation can be a virtue—most of the time…

Can a company go too far in securing its data in pursuit of “resilience”? Yes—perhaps, counterintuitively, a company can go too far in securing all of its assets. Before going into how much of a good thing is too much, let’s define how we speak about resilience.

According to McKinsey’s Technology survival guide for resilience, “Resilience means understanding the criticality of a business process, the capability of the underlying technology, the business impact if the technology fails, and the organization’s risk tolerance.” So, basically, not all business processes (and their data) are equal. The business impact and tolerance for risk will be different for the cafeteria’s online menu than for the online transaction and billing systems. Makes sense.

The same notion applies to your applications and data when you’re looking through a cybersecurity lens. In Protecting your critical digital assets: Not all systems and data are created equal, McKinsey provides an example:

A global mining concern focused on protecting its production and exploration data but failed to separate proprietary information from information that could be reconstructed from public sources. Thus, broadly available information was being protected using resources that could have been shifted to high-value data like internal communications on business negotiations.

At NetApp, we get it. Not all data is created equal. Or, to put it another way, some datasets are more equal than others. Sure, it’s easy to just “protect everything” with RPO 0. Thing is, in some cases, that’s like hitting a finishing nail with a proverbial sledgehammer. As a somewhat orthogonal example, most S&P 500 companies (NetApp is one of them) maintain thousands of applications, and only a (very) small handful of those applications require the performance of SSDs. A relatively small, and very important, portion of your data truly requires the most stringent protection.

We understand your pain. NetApp^® ONTAP^® data management software can simplify data protection with set-it-and-forget-it policy management while delivering business continuity with NetApp MetroCluster and zero RPO for critical application data. NetApp SnapMirror^® software offers fast, efficient, array-based data replication for backup, disaster recovery, and data mobility. SnapMirror Business Continuity is a continuously available storage solution with application-level granularity, available for ONTAP running on NetApp AFF or NetApp AFF All SAN Array (AFF ASA) storage systems, to meet the RPO 0 and RTO 0 needs of the most critical business applications. As if that weren’t enough, we’ve addressed the largest part of TCO by offering simplified management through the centralized NetApp BlueXP^™ control plane.

NetApp solutions enable you to apply the most appropriate level of security to your data. Whether it’s transactional database files or home directories with pictures of the company picnic, NetApp lets you decide the right level of protection. No one size fits all. No sledgehammer hitting a finishing nail.

To see what NetApp can do to help you secure your data, visit our cyber-resilience webpage.