Five Questions With: Mitch Coopet

Mitch Coopet is the product manager and founding partner of Minneapolis-based Code 42 Software, a company specializing in data protection solutions.
Coopet talked to Providence Business News about data protection, storage and common mistakes companies make regarding data security.

PBN: Why do you call data “the new business currency”?
COOPET:
The World Economic Forum views data as an asset comparable to paper money or gold. What’s more, industry analyst firm IDC estimates that data more than doubles every two years. From customer data used to gain key insights, to mission-critical data necessary for daily operations, data’s never been more valuable. A 2012 survey found that 60% of companies that lose their data will go out of business within six months of the disaster. Like any currency, companies of all sizes are seeking ways to protect this valuable corporate asset.

PBN: What are some basic things business-owners can do to protect their data and their customers’ data?
COOPET:
Times have certainly changed in regard to data protection. Traditional backup protected information stored on servers in data centers, and it was very manageable. A predictable, controlled, contained environment that underwent scheduled backups and updates.
But then the inevitable happened: office employees began saving information to desktops; mobile workers began doing the same with laptops; and backup admins began losing control. Add to that bring your own device (BYOD) and IT consumerization, and IT’s job has shifted to the other end of the spectrum: an unpredictable, de-centralized environment that needs to protect the data stored on endpoint devices—such as desktops and laptops—while supporting an ever-increasing variety of platforms and user needs.
For today’s business owners, the first step is to protect data created and stored on endpoint devices through a secure, scalable endpoint backup strategy. Implementing a solution that securely backs up data to multiple locations—without interfering with employee productivity and workflow—provides the basic foundation for disaster recovery.
When building an endpoint data protection plan, business owners should look to solutions that offer:
Comprehensive, cross-platform, continuous endpoint backups – Every laptop and desktop should be backed up, regardless of manufacturer or operating system. And backups need to happen automatically, without user intervention.
Iron-clad security – Data must be secured before it even leaves the device, then remain encrypted in transit and on servers until restored to an authenticated device.
Scalability – A backup solution needs to scale as the business grows. Unlimited file size and file types plus unlimited versioning and file retention provide the basics for comprehensive disaster recovery.
Powerful, real-time admin tools – Admins control settings for any platform from a single management console. This way, one admin can manage thousands of users.
Employee self-service – Save valuable time by letting employees restore any file themselves – without IT assistance – from their computer or mobile device.
Easy, on-the-go mobile access to data – Unlike consumer sync technologies that pose security risks, effective backup solutions provide users secure access to data from any mobile device.

PBN: What are some common mistakes businesses make in regards to data security?
COOPET:
Storing data in one location – By storing data all in one location, businesses expose themselves to catastrophic data loss from natural disasters and other events. Backing up data to multiple locations provides the highest level of availability, convenience and protection.
Retrofitting existing server backup – Server backup vendors tried to retrofit solutions to capture the endpoint backup market. But that shoehorn approach simply doesn’t work. Users resist backing up—and often turn backup off altogether—because it slows down their system and prevents them from doing their work.
Manual, user-initiated backup to external drives – Some companies still attempt to protect endpoint data by requiring users to manually back up data to external drives. This approach can be very costly, especially if the company has thousands of employees purchasing and expensing external drives. And even if backup is completed, external drives are frequently stolen – along with the computers they were supposed to protect.
Restricting/prohibiting data save on endpoints – Some organizations take a completely different approach. They don’t install an endpoint backup solution at all, but instead create policies prohibiting or restricting users from saving data to their laptop or desktop. Unfortunately, for this approach to be successful, users have to change the way they work. This rarely happens. Instead, users ignore the policy and save data to their endpoint device anyway, leaving IT back at square one and potentially exposing the organization to compliance issues and information security risk.
Gluing together different solutions – Another misguided approach to endpoint data protection is trying to leverage multiple, disparate technologies to piece together ad-hoc endpoint backup. What usually results is an inconsistent, unreliable tool that doesn’t protect everyone or every platform, and is a nightmare for users and admins.

- Advertisement -

PBN: How secure is “the cloud” for storing data or backups?
COOPET:
There are two types of cloud storage—public and private—and the security of each depends on two main criteria: 1) how and where data is encrypted, and 2) where the encryption keys are housed. Uniquely, Code 42’s CrashPlan enterprise endpoint backup solution provides end-to-end data encryption in both the public and private cloud settings. In each, upon backup activation, data is automatically encrypted on the device via 448-bit encryption before it is saved to a local backup device or transported across the LAN, WAN or Internet; data remains encrypted during transit and storage.
As for encryption keys, different from other cloud vendors who keep your keys, Code 42 provides options for encryption key storage – either escrowed in our secure public cloud, or stored in an onsite master server. This onsite master approach offers strong appeal for organizations demanding the highest levels of control, privacy and security because you’re able to keep the encryption keys behind your firewall.
So, public or private cloud storage?
Typically, public clouds appeal to organizations seeking quick-to-deploy solutions requiring a low, upfront investment. But third-party public clouds that co-mingle data from different organizations expose corporate data to security risks. Code 42’s public cloud offering provides self-service backup and restore capabilities to end users via a trusted, offsite data center. And because you have the choice of escrowing your keys in the public cloud or storing them behind your firewall, you have ultimate control over your data security. Larger, global organizations lacking data centers in certain geographic regions, or those who’ve adopted a “cloud-only” application strategy appreciate this secure, on-demand and convenient endpoint backup approach.
In addition, Code 42’s performance-driven private cloud runs on purpose-built, highly tuned infrastructure managed 24/7/365 by Code 42’s support team. This “managed private cloud” option also offers the flexibility of adding additional storage destinations—for example public cloud storage—in support of a comprehensive multi-destination, disaster recovery strategy. Organizations with IT strategies that mandate on-premises or inside-the-firewall solutions choose managed private cloud; it gives you total control of your data along with expert monitoring and support.

PBN: What advice do you have for business-owners who aren’t the most tech-savvy?
COOPET:
Your goal with any disaster recovery initiative is to mitigate data loss risk, so start with a plan to protect endpoint data. Review your organization’s laptop and desktop backup considerations, such as security needs and storage options, and select a backup partner that can provide the security and scalability you need with the self-service features your users will love. Not the most tech-savvy? No problem. Solutions such as CrashPlan PROe offer intuitive, free trials that give you first-hand experience with the software’s ease of use and simplified management/administrative tools. It’s an easy, risk-free way to put you on the path to data protection.

No posts to display