In an exclusive interview, we find out how a new strategic collaboration between AWS and Cohesity can help organizations simplify and secure cloud data management.

Courtesy of the COVID-19 pandemic, many businesses are realizing they can’t do without the cloud and are now accelerating their move.

Marcus Loh, CTO for Asia Pacific and Japan, Cohesity

With so much data, applications and communication managed in the cloud, it’s no wonder why many organizations are overwhelmed in the rush to make things happen in the cloud.

In response, AWS and Cohesity have recently announced a strategic collaboration to provide Data Management as a Service (DMaaS) to help organizations simplify data management.

This first-of-its-kind DMaaS will also make modern data management accessible to enterprise and mid-sized businesses, helping them to accelerate their move to the cloud while supporting hybrid strategies.

In an exclusive interview, DigiconAsia caught up with Marcus Loh, CTO for Asia Pacific and Japan, Cohesity, for more details about the pain points DMaaS intends to address and how the collaboration came about.

When it comes to individual users, wherever they are working from in the new hybrid work environment, we need to ensure that the right data is in the right hands at the right time. How does an organization use Data Management as a Service (DMaaS) to simplify as well as to protect the data that is being moved around in such an environment?

Loh: The simplification and the protection process are definitely a checkbox, as far as we are concerned, because we are in that space. With the important components that include people, process and technology, organisations need to identify what is critical to them and how they want to educate their users internally. They need to strike a balance because strict management takes away flexibility. The discussion is about empowering your end-users to ensure that they are productive.

Our platform allows companies to do things like backup or storage of Files as a service (Files-aaS) which can serve as a storage layer as well. For some companies wanting to customise their environment, we provide them with a private Dropbox-like environment for themselves. With teams working with sensitive financial data, for instance, IT leaders would want to ensure that the data is deposited at the right location. How can organizations go through this entire process?

To address this, they may have a compliance officer who can identify how they want to manage sensitive data. Cohesity will back up what needs to be backed up, provide role-based access, or implement dual-factor authentication and encryption. The new norm is going to stay and organisations need to take one step back to ensure that the business is working around the 20-80 rule. As far as IT is concerned, businesses can address 80% of the use case, and then the rest can probably be managed as exceptions.

Organizations need to prioritize their people and processes, and identify what technology will work best to manage the changes. Many organisations are aware that they need to keep data for seven years. However, many do not expire their data after the set date. As far as the data retention policy goes, they can keep the data for seven years and delete anything after that. This is one way of controlling growth because if you do not delete data, it will forever be in the system.

As companies back up things that do not change, they run out of space, consume and buy more storage and spend resources on irrelevant data. Data lifecycle management is critical because the more data you keep, the more exposed you are. The data that you keep is a potential attack surface. If your attack surface is smaller, then it is easier for you to secure them. Now, of course, you can outsource data management, but you need to ensure that you have the tools to manage.

In terms of back up, businesses can choose to have a storage lifecycle policy that they can attach to some of their backup images or files that they retain. In reality, not many are going to touch data that was created two weeks ago. Sometimes we keep 10,000 emails which are stored in the system whereby somebody has to back it up, manage it and keep them for seven years. However, at any one point in time, users for instance are reading only 50 emails. With this glut of files, organisations need to know when to archive or retire their data by having a lifecycle policy attached to the data within their environment.

How did the partnership with AWS come about?

Loh: Cohesity and AWS have some joint objectives. As far as data management is concerned, nobody else in the industry is doing Backup-as-a-Service like we do. There are companies who are doing data backup as a service, but many players do not have an elegant way of doing it before us.

To begin with, we are bringing in the hyperscaler model down to the enterprise. Concurrently, we are leveraging the hyperscaler model in the cloud. The beauty here is that we are still using a single platform, and we can keep adding specific use cases. Additionally, while we are extending the use cases through AWS solutions in the cloud as well.

We do observe that some customers prefer keeping the status quo in terms of the way they are managing their data. When they purchase applications, they do it in a piecemeal fashion. Over time, they could have been using the application for seven years, which accumulates a lot of unstructured and unused enterprise storage data. The data is growing and a huge chunk of it is in the enterprise storage, backup and archiving space. Many customers do not know whether they need this data. The Murphy’s Law is applicable here. The customers think: I do not have to do anything with the data because I am not sure if I need it or not. 

Additionally, since they have no visibility of the data, it is difficult for the clients to make a decision and they deal with this problem by buying more storage. However, simply moving their data to the cloud does not solve the problem. To address this issue, we give them that visibility as part of the migration process. With visibility, they have that conscious choice of culling unnecessary data. Before moving to the cloud, organisations need to identify which information they need. I am seeing more customers and large enterprises asking me: How do I modernize my infrastructure so that I have a proper framework? 

Business directions and applications can change, but we know that backup will always be a necessity. Similarly for governance. Once a framework has been established, organizations can free up time and human resources to focus on the business-critical aspects of operations.

The second thing that I am seeing a lot right now is the word “compliance”. Compliance and data governance is not for the faint-hearted. For governance to happen, it is beyond technology, it is about the process and the people as well. We need to educate more of the C-level people because they start to hear a lot about ransomware attacks. There are numerous such cases out there where sensitive information has been exposed. Customers are starting to ask: How do I tap information? How do I classify information, so that I can better secure that drive? 

Again, if data is the new oil, which we all agree, we should try as much as possible to get that clarity and to have that control. Based on my observations, customers need more time to investigate and understand compliance and data governance requirements within the enterprise.

What are some of the security concerns, apart from ransomware, surrounding cloud backup in data management?

Loh: Outside of ransomware, the biggest security concern with the cloud is issues relating to policy management. This refers to moving data and not applying appropriate IT policy, which leaves it exposed publicly or with incorrect access for staff. The impact of these attacks can be mostly attributed to a combination of unresolved software vulnerabilities and internal human actions or errors.

When staff are given incorrect access to data and are not properly educated to use security tools, this leaves the organisation in a vulnerable state as cybercriminals have already started targeting backup data and infrastructure. Users could also choose to leverage their own keys, include multi-factor authentication to be built in, and implement role-based access.

Does the problem of replication and deduplication still exist when it comes to backup and recovery?

Loh: A lot of the technology that is in place right now is about 30 years old. We get feedback from customers pointing to certain old technologies, and they are looking for better ways of doing things.

What separates Cohesity from other players out there in the market is the single platform. We provide visibility in all the ingested data such as backup or files. When we do compression for our clients, what we do is global compression and deduplication, so that when everything is loaded into the platform, items are indexed, and data can be retrieved easily. We are removing the complexity and we are trying to resolve data fragmentation and data growth. Yes, data is growing but it is fragmented. After a while, it is going to be impossible to manage these data.

Organizations are happy that they can leverage our scale-up model which is software-defined and hyperconverged. This means companies can add more platforms accordingly when they run out of space. It is straightforward and quite easy to manage. On top of that, our clients can actually do Files as a Service or Storage as a Service. They can add more use cases and reduce as much clutter as possible. With rows of a single Cohesity cluster using the same hardware or any commodity service, our clients are able to lower the total cost of ownership for their data center.

We did make progress in consolidating the fragmentation and all the silos into one single data plan. However, in the fragmented legacy world, this problem still exists because of the scale-up model. Organizations have different solutions to the target, which is the backup. For Cohesity, it can be resolved by just one single platform. Organizations stand to benefit more by shifting to the cloud, instead of deploying servers on-premises. For a mid-sized organisation trying to optimise based on OPEX, the problem really resolves itself in the cloud.

What is the business advantage of partnering Cohesity?

Loh: Cohesity is leapfrogging in terms of infrastructure. It is a web-scale, hyperconverged, software-defined technology. Users can decide whether they want to use it as a service or on-premises solution. Cohesity goes beyond back up as we provide more use cases to our clients.

As customers continue to think about how they can minimize their costs, we are focused on data transformation and how we can help our clients modernize. We assist them by establishing frameworks such as their disaster recovery plan or anti-ransomware playbook. With established frameworks, C-suites have visibility on how the business is doing and are able to simplify and modernise as far as data management is concerned.

Our goal is not just to give clients point solutions but help them to address the data management issues holistically.