With the increase of cyberthreats, how are backup and recovery techniques rising to the challenge?

Today’s guest is W. Curtis Preston, the Chief Technical Evangelist at the data protection and management provider Druva. Also known in the industry as “Mr. Backup,” Curtis’ nearly 30 years of experience working in backup and recovery make him one of the foremost experts in the field.

On this episode of Future of Tech, Curtis talks in depth about the evolution of backup technology over the years and sheds light on what new challenges have arisen in the era of virtualization.

He also offers some candid advice to anyone interested in entering the backup industry, and it may not be what you’d expect. Enjoy the episode.

 Main Takeaways:

• The History of Backup: Drawing from nearly 30 years of experience, Curtis outlines the evolution of backup technology – from “tape” to the cloud – and the challenges that have arisen along the way. Though the industry has changed over the course of his career, he suggests that the challenging nature of the work has always been consistent. 
• The New Cyberattack Threat: Curtis describes that before the cloud, the damage to data centers was caused by temporary threats like fires, floods, and hurricanes. He explains that with the advent of the cloud came a new industry foe: cyberattackers. He asserts that containing cyber threats can be difficult because they persist throughout the recovery process. Despite cyber threats, Curtis insists that “virtualization and cloud both have allowed us to make all compute much more available [and] much more resilient in general than it was when I joined the industry.” 

• The Future of the Backup Business: According to Curtis, advancements in backup technology and design have lowered the demand for specialists in the field. He suggests that those interested in entering the industry should aim their attention toward “the cybersecurity element” which, he claims, “is going to be nothing but a growth industry.”

Key Quotes:

[07:31] “The problem the last year or two has been cyberattacks specifically against backups. Historically, ‘backups’ was in the corner and nobody really thought about it, and certainly neither did the cyberattacker. Cyberattackers are not new, but the idea of someone in the cyberspace directly targeting your backups to either use them to steal data, to exfiltrate data and use it to attack your company, to hold your data for ransom in that way, or to encrypt them in the same way that they encrypt the primary so that you then have to pay the ransom [is].”

[21:04] “The idea that you could have an RTO – a recovery time objective – of 20 minutes for thousands of VMs is, I think, phenomenal… When you go back… I was at a bank with, I'm going to say, we had like four or five hundred servers. The idea of recovering those four or five hundred servers in anything less than a couple of weeks would be unheard of. Now, if all those servers are virtualized using the cloud and advanced technology, you can recover your entire environment in 15 to 20 minutes and only lose about an hour's worth of data.”

[23:25] “Let's go back to... [the year] 2000… I'd been in IT for seven years at this point. What we thought about was hurricanes and floods and earthquakes and fires. What all of those have in common is [that] when the event has destroyed your data center, the thing that destroyed your data center is now gone. The fire has been put out, the flood has receded, the hurricane has moved on, et cetera. With a cyber recovery, that isn't the case. You need to recover your data center in the middle of the hurricane. The hurricane is still hitting your data center, meaning… the cyber attack is ongoing.”

[26:38] “I will take the security of the average cloud vendor or the average SaaS vendor over the security of the average data center any day of the week. I'm not saying you can't have better security or good security in a data center. I'm just saying that for the cloud it's do-or-die. If they don't have a solid cybersecurity plan, they basically go out of business.”

[40:29] “What has driven the backup design, I'd say more than anything, is that the things that we're backing up keep changing… So, that's why I'm saying VMware messed it up, the cloud, messed it up, [and] the latest thing to mess things up has been Kubernetes and containers… That again turned backup on its head and everybody's playing catch-up.”