Q&A: StorageCraft sales engineer on security risks and the importance of standardisation
Last week, TechDay spoke to StorageCraft sales engineer Gerard Burgess about technical and engineering challenges the company faced due to pandemic-related restrictions, the rise in security threats, and how partners and customers can best navigate the new year.
Here is a transcribed version of that interview, condensed and edited for clarity.
The shift to working from home was the most dramatic change we saw, and it presented a lot of challenges to service providers. They couldn't go on-site to see their customers or carry out removable media changes.
Additionally, since we weren't working at the office, data wasn't stored where it used to be. People were saving their data locally on their laptops while working from home because it was easier and faster.
This meant the whole strategy around protecting data had to be looked at. Priorities were shifted to safeguarding similar data now in different locations, as well as things like off-site backups.
A lot of processes needed to change. Systems needed to be put in place to standardise how people access and store and protect data, ensuring that recoverability is achievable if something goes wrong.
Phishing is a big one. With the adoption of remote collaboration tools like Microsoft 365, more people were clicking on links, more people were getting spam. This led to a need to adopt two-factor authentication.
Ransomware is another one of the big ones, which led to a need to secure data. But this brought up another problem — where do I recover this data to?
Now, there's a focus for service providers to provide data recovery services to its customers, especially since many of them couldn't go on-site and recover the data. Because of this, service providers needed alternative locations to stand it up somewhere else.
But the big thing service providers should be asking is ‘how do I test the functionality to be able to restore data? How do they get the confidence that if something does go wrong, they actually have the processes and procedures in place where they can actually recover that customers data quickly?'
We released a product about two years ago for the service provider space called Shadow Safe.
With this solution, service providers have a single console where they can manage all of their customers, as well as restore data. They can perform end-to-end data protection and recovery without going on-site to a customer.
The platform is cloud-hosted, so service providers can recover machines from anywhere in the world. The great thing about it is that we can start reducing the amount of staff we need — high-level techs are no longer required to physically log into machines and validate backups.
This means service providers can scale up the amount of customers they're looking after.
The big thing is around standardisation. It's part of why we brought Shadow Safe to the market. Now, we can go to a customer and standardise on a single data protection strategy. It's all about simplifying a service provider's operation.
Some of the really successful service providers are taking an almost cookie-cutter approach: they have bulletproof processes, leveraging technology as part of a documented process.
Testing is a key part of these processes. It validates the technology and allows service providers to really stand behind the service that they're providing to their customers, so that they can sleep easy at night knowing the solution actually works.
And because of standardisation, if something did happen, they can then guarantee to recover the data by pulling out their operating procedure.
Automation is another one. The reporting, the analytics — these can go into monthly, automated reports where service providers can benefit from them and also provide them to customers. This provides customers with even more value than before.