Complexity is the enemy of IT. And for many organizations, that enemy is getting stronger.
The demands of any enterprise require IT departments to ensure that applications, workloads, and data are always available across physical, virtual, and cloud environments. It is critical for business leaders to have granular insights into the data to ensure business-critical information is always protected and recoverable, and meets compliance requirements. If an enterprise is hit by a ransomware attack, IT must be able to ensure it can get the data back quickly, minimizing business disruption, cost and mitigating any impact to its reputation.
Yet complexity threatens to prevent enterprises from reaching these goals.
Many enterprises today still have mainframes for bulk data processing or applications, running alongside client/server systems and virtualization. They’re also adding new technologies like open-source, serverless computing, and hyperconvergence and are becoming increasingly reliant on containers and Kubernetes to accelerate software releases.
An expanding threat surface
It’s no wonder that given the increasingly heterogeneous environments and adoption of hybrid multi-cloud architectures many enterprises aren’t confident about their ability to mitigate ransomware threats.
Veritas’ 2020 Ransomware Resiliency Report had a few startling findings. Respondents who said their company was attacked by ransomware and paid the full ransom were using a mean of 14 cloud services (IaaS, PaaS, and SaaS). Those paying part of the ransom had a mean of 12.6 cloud services. Those not paying any of the ransom had a mean of 7.2 cloud services.
Respondents whose enterprises were using more than 20 cloud services were less confident in their ability to recover their data than those using fewer than five.
The explanation is straightforward: increased multi-cloud adoption is expanding the IT threat surface and enterprises are less able to detect malicious activity or recover their data to meet recovery time objective targets. Ransomware attacks rarely impact just a single system: often, one device infected with malware can snowball into an entire data center impacted. This effect complicates data recovery.
We’ve talked about best practices in recovering from a ransomware attack and having a zero-security mindset. But getting an organizations’ proverbial arms around, and reining in, IT complexity, presents a new challenge.
The concept of abstraction
Most companies can’t rip everything up and start over. They need to work with what they have. So the most effective approach to mitigating the effects of complexity can be summarized in one word: abstraction.
Abstraction isn’t a new IT concept. It’s been around for a while. Essentially, abstraction shows you what you need to see, and filters out everything else. You can distinguish signal from noise if you can view and analyze the details and patterns that matter and hide irrelevant details.
Abstraction also allows IT departments to focus on what matters: outcomes.
With effective IT infrastructure abstraction, you can ensure three things:
With malicious actors spinning up new and more complex ransomware threats daily, growing complexity is a constant worry for IT leaders, who are under constant pressure to mitigate the financial and reputational risks of ransomware.
With effective abstraction, making sense of IT complexity doesn’t have to be like boiling the ocean. IT can attain increased visibility, availability, and protection of their data, giving them another critical tool in the fight against ransomware.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.