At Barkly, we've been talking with our customers about the importance of a holistic approach to their defensive strategy, particularly with the growth and increased virulence of ransomware. Over the coming weeks, we'll be publishing a series of conversations we've had with leaders in the security market, providing IT and security professionals with ideas on how they can develop a balanced plan to improve their protection and create a forward-looking security budget based in a an understanding of the key issues.
I’m very happy to be spending some time talking about modern defenses against attacks like ransomware with Norman Guadagno, who is the SVP of Marketing at Carbonite. As we all know, ransomware has become increasingly prevalent, owing to its anonymity and profitability. Carbonite’s long history of solid backup solutions made them a natural source for insights on the topic of security investments to address these attacks.
Norman, security teams have definitely been looking for new ways to protect themselves. Nobody wants to see organizations putting all their money on prevention alone, because we know that preventative security is never 100%. But we also think they can make the job really hard for themselves if all they do is invest in recovery and response solutions.
You guys have been supporting the same kind of clients that we're trying to help out for a lot of years. How have you been helping them with this balance?
It's actually really a great issue, Jack, because you're absolutely right. They're acknowledging that nothing is 100%. There's going to be front-end issues and things will get through.
I was at the RSA Conference last week. And one of the things one of the speakers said was, in every company there's one person who will click on anything. And that's just it. It doesn't matter how good your perimeter security is going to be, there's still that person who's going to say, "Ooh, look! I can click on this link," and boom, you have a problem.
So, given that reality, what we continue to see from our customers is an increasing awareness of the potential threats that are out there, but they haven’t yet caught up in terms of their ability to prepare for those threats. And this is where we see we have to educate them, educate every customer, that it's not just about awareness of the threats, but that something could get through. They need to be prepared for whatever may happen, which of course, for us, means helping make sure that people backup their data.
We see that customers are really taking into consideration that they can't just lock the door and hope for the best — they actually have to make sure that they have the things that are important in a secure place.
We see them thinking through what happens if these assets go away and how they can get them back.
It sounds like you are helping them to develop a more holistic view of the challenges in protecting and potentially recovering their data. Do you find that they’re thinking about backup as a form of protection differently, or do you need to bring them to a new perspective?
At the most basic level, we’re first helping them to optimize what I think of as relatively core backup functionality.
Be really, really smart about what to back up. Be really, really concise in the way you do incrementals. Be fast. Make sure you've got the right authorizations for people to unwind it, be able to replicate it back onto a system for cleanup as fast as you can. That's really been a primary focus of the entire industry — people have been trying to make all of these areas better as technology has evolved over the years.
Do you see it changing much going forward? Are these strategies changing? As more things move into the cloud, how do you see Carbonite — or the industry in general — maintaining the capacity to simplify disaster recovery, backup, or restoration? What do you see changing as this security landscape changes? Do you see that primary functionality changing a lot for you guys in the next five years or so?
Yes, that's definitely something that we think a lot about. The strategies we recommend are becoming multifaceted. First of all, we’re making sure our customers are thinking about their data as not simply just data, but all sorts of different types of data. Data is, of course, both actual data documents and applications. We want them to assign priorities to those applications and data in terms of their business value, and then ask themselves questions that we can help them answer:
Is this asset something that needs to be encrypted? Does it need to live on premise, in the cloud, or is it a hybrid of both? Is this asset something that I need to be able to recover quickly, or can I wait a little while? Is this something I need to have the most current data available to me if something goes wrong, or can I lose a day?
We want to give them the tools to enable them to think holistically about their data and to be able to make those decisions in an almost real-time way. This way, data protection doesn't become a concern after-the-fact.
We advise our customers to be proactive, to think: "Okay, now we're building this new server. These are the apps that are going to run on it and these apps will create data. Let's, from Day One, have a strategy for thinking about the value and priority of that data, how we're going protect it, how we're would bring it back. Let’s figure out if we have to encrypt it, or if we need multiple copies in multiple locations."
Those are all the kinds of questions that we want to make easier. We help people to do that up front, and give them the tools to continue to do it over time.
As people begin to execute to that vision, as they start moving towards more granular understanding of the right way to minimize the amount of down time they have and minimize the amount of risk that they put this data at, do you see them likely doing a different kind of integration between Carbonite and other types of tools?
As an example, do you see them integrating at the application or transaction level to feed the Carbonite system so that they will later understand exactly when to start with even just a session backup? Or do you see SIEM vendors talking with their customers about the right thing to do when they see an event, integrating recovery functionality? They might immediately flag their backup system to tell it stop taking updates from an potentially corrupted system, or start doing a recovery because they know there is some sort of issue?
That's a great question, because the fact of the matter is: Not yet. We think that's a critical next step. We want to make sure that we get our customers and our partners to start thinking holistically about this very issue. That isn’t in place yet, but we think that there's a lot of opportunity to really drive forward on thinking holistically.
That means coming to the table with prevention, response, perimeter, however you want to describe it. Security, data protection, all of those things — they've been having integrated conversations, but we're not there yet.
I'm excited about what we're going do in terms of starting to bring holistic thinking to the model and encouraging customers not to think about these pieces in isolation. We want them to actually understand this is one of the most important things you can think about in your business. You have to think about it proactively from the beginning, and you have to do it in a way that is going to protect your data, protect your users, and protect your business.
We want every customer out there to realize that their data is probably the most valuable thing they have in their business, and they're probably spending the least to protect it.
To close out: You've spent a lot of time with customers. It's clear you're working with them to develop plans which are broader, more holistic. You've talked to them when they ask questions particularly about ways in which they can organize their plans to be more integrated across the different kinds of protections they have.
Today, as you're looking out what's the one tip that you would give to some of these organizations who may not be on your list, or who may be new to Carbonite? What would you tell them to make their security stronger and maybe a little bit less intimidating?
It comes down basically to this: Don't put your head in the sand. Just because security is complex and because it's changing all the time, it's not sufficient for you to say, "I just can't understand it. I don't know what to do." That may be true, but if you put your head in the sand, bad things are going to happen.
We suggest that people focus on taking the first step. There are a lot of great resources online. There are a lot of great resources working with IT vendors and system integrators and value-added resellers. There are a lot of great resources from vendors like yourselves and ourselves that help companies take that first step.You don't have to be an expert to be safe. That's just one of the things that I remember all the time when I think about this problem.
Once upon a time, when we got into our car and we drove it around, I actually knew how to change the oil and the spark plugs and fix a bunch of things under the hood of my car, at least I know I did. You've been around long enough that you remember this too, I'm sure. I drove my car around and I wanted to be safe. Today, my car's a computer and I don't even open the hood on it. I have no idea what's going on inside there anymore, nor could I do anything inside there.But I know enough that if the little red light comes on, I go to my dealer and investigate the little red light. I don't pretend it's not on. This is where we are with security and data protection. It's complex. There's a lot of stuff going on under the hood. We can't wait for the little red light to come on. We have to make sure we know what to do. Then when the little red light does come on, we know what to do. We know how to react. That's where I think the big opportunity is.
For more information on Carbonite, visit https://www.carbonite.com/
Stay tuned for more conversations in our Fireside Chat series by subscribing to the Barkly blog.
Get the latest security news, tips, and trends straight to your inbox.
Get the latest security news, tips, and trends straight to your inbox.