Every quarter IBM seems to advance the cause of storage along multiple fronts, and this is no exception with enhancements along four key drivers. The first is IBM storage for containers and the cloud. This includes reference architecture “blueprints”: IBM Storage Solutions for blockchain, IBM Cloud Private, and IBM Cloud Private for analytics. The second continues to emphasize the cause of storage in conjunction with artificial intelligence (AI). In this case AI is used to address how to improve capacity planning. The third is “modern” data management which emphasizes how data protection is needed for data offload for hybrid multicloud environments. The fourth is cyber resiliency, enabling enterprises to use their storage effectively to plan, detect and recover in the world of cyber security threats.

All four are based on the way IT organizations are rapidly moving to a more complex, but desirably more cost efficient, as well as more productive world, supporting the business objectives of increasing revenues and profits. This is accomplished by rapidly changing IT infrastructures to adopt to a hybrid multicloud world as well as by introducing new technologies, such as blockchain and containerization, that help transform the way that they do business.

Since I recently covered the use of reference architecture and AI (see https://mesabigroup.com/ibm-spectrumai-with-nvidia-dgx-reference-architecture-a-solid-foundation-for-ai-data-infrastructures/ , I will focus this piece on modern data protection and cyber resiliency.

Multicloud data protection requires modern data protection

IBM emphasizes the need for modern data protection to play in the multicloud (see https://mesabigroup.com/ibm-continues-to-deliver-new-multicloud-storage-solutions/). By modern data protection IBM means that data protection has to encompass traditional IT infrastructures (such as a local data center that also uses a remote data center for disaster recovery purposes both of which are on-premises at company facilities) with multiple public cloud instances that are off-premises, as well as the ability to reuse secondary datasets (e.g. Backups, snapshots, and replicas). This ups the ante in managing data protection for data offload in such hybrid, multicloud environments.

Using multiple public clouds in conjunction with private clouds means managing ever changing cost structures in order to determine when it is appropriate to move a data protection workload from one cloud to another. This has to be done while ensuring the necessary cybersecurity levels are met (as will be discussed under cyber resiliency for software or hardware IBM-managed-storage) as well as ensuring that the necessary service levels — such as RTO (recovery time objective) or RPO (recovery point objective) — are still met.

IBM provides a blend of Spectrum Protect (for traditional IT infrastructures) in conjunction with Spectrum Protect Plus (for virtual infrastructures) to enable those responsible for enterprise data protection to successfully raise the management ante.

The most recent IBM storage announcement enhances Spectrum Protect Plus capabilities with a focus on delivering cost-effective, secure, long-term data retention. Spectrum Protect Plus can now support key cloud providers, namely IBM Cloud Object Storage, heavy hitters Amazon Web Services (AWS) and Microsoft Azure, and on-premises object storage with IBM Cloud Object Storage. It does so through the efficient use of incremental forever offloads of only changed data. It also offers critical application/database support by adding Microsoft Exchange and MongoDB database support that complements support for existing products, such as IBM DB2, Oracle Database, and VMware ESXi.

In addition, Spectrum Protect Plus offers enhanced data offloads to Spectrum Protect to further improve the partnership blend between the two. Meanwhile, Spectrum Protect simplifies management by enabling the use of retention sets that govern both backups that are used for recovery of production data as well as longer-term retention, such as for archiving. It also offers support now for Exchange 2019.

IBM’s storage portfolio supports IBM’s cyber resiliency initiatives

The need for cybersecurity does not require a lengthy discussion as even the general public is aware of such issues as illustrated by the numerous, continuing tips-of-the-iceberg data breaches that have permeated through the media. A tremendous amount of work is being performed to deal with these issues though much more needs to be done in what appears to be a never-ending battle. IBM has long been a white-hat vendor combatting the black-hat bad guys. The latest of its efforts goes under the label of cyber resiliency that it applies to its entire storage portfolio to combat potential negative cybersecurity events.

In discussing its cyber resiliency storage portfolio, IBM shows how its work follows the NIST (National Institute of Standards and Technology, a part of the U.S. Department of Commerce) Cybersecurity Framework Version 1.1 (April 16, 2018). This standard framework aids enterprises in how to plan for and recover from a compromising cyber event, such as an identity-stealing data breach. IBM has long espoused openness (such as promoting open source and open systems), support for reference architectures, and adherence to common standards. Even though IBM naturally wants to encourage organizations to acquire its own software and hardware, it does so (and has prospered by so doing) in that openness context. Showing how it provides cyber resiliency for its storage portfolio as it fits within the open NIST Cybersecurity Framework enables organizations to clearly understand and assess what IBM brings to the table.

That is not to say that IBM meets all the framework requirements (as no one can), but organizations can carefully examine the major contributions that IBM delivers.  The NIST framework discusses five phases — identify, protect, detect, respond and recovery. IBM addresses these as plan (identify and protect), detect and recover (respond and recovery). Planning relates to what an organization should do to get ready for the inevitable compromising event. Detect is about monitoring for and alerting abnormal behavior that signals that a negative cyber event is occurring or has already taken place. Recovery is about what actions need to take place to mitigate any negative effects following the event.

Touching lightly on what IBM delivers, in the identity phase, IBM Spectrum Control and IBM Storage Insights — two of its storage infrastructure management tools — enables organizations to understand their infrastructure deployment as well as its day-to-day usage. Deployment facilitates understanding of which systems are critical to the business operation as well as where they are located. Day-to-day usage by the baseline for how those systems are “normally” used. In the detect phase, abnormal usage of storage may show that a compromising event is happening as well as isolating the currently impacted systems. IBM Spectrum Protect shows what is normally protected every day plus the attributes of that normal usage, such as number of changes and volume usage. Spectrum Protect and Spectrum Protect Plus provide key support to the protect and recover phases.

IBM emphasizes the use of “air gap” data protection, which orchestrates the ingestion and automatic creation of copies of critical data onto a secure infrastructure that is isolated from a network-based attack. That could be tape copies removed from a tape library (which is a traditional strength of IBM) or a cloud-based air gap scenario, where the data sent to the cloud is physically isolated from a network. This reduces the risk of corruption, such as due to ransomware or malware attacks.  IBM also emphasizes the use of universal data encryption – including data-at-rest encryption, encryption of tape, backup data set encryption, and encryption of primary or backup data sets when sent to cloud repositories. These, and other capabilities that IBM provides, help mitigate the risk of cyber destruction, unlawful encryption, or modification, as well as unlawful copying of sensitive data. In combination with the appropriate architecture, infrastructure, and processes, these are just some of the ways in which IBM’s storage portfolio offers cyber resiliency to deal with the inevitable attempts to compromise one’s cybersecurity efforts.

Mesabi musings

The business storage arena is in constant flux. IT infrastructures are being transformed from on-premises infrastructures to a hybrid environment that combine on premises infrastructures with cloud. Consider this along with the fact that the bad guys are always trying to compromise organizations’ cybersecurity. This increases the need for modern data protection that IBM delivers with Spectrum Protect and Spectrum Protect Plus. It also expands the need for strong cyber resiliency efforts to prevent the negative impacts of cybersecurity events. With these latest additions, IBM is focused on providing cyber resiliency across its entire storage portfolio and emphasizes the use of strategies, such as air gapping and universal encryption, to enhance cyber resiliency. There is never a dull moment as to what IBM is doing to strengthen its storage portfolio.