Should we still care about endpoints? Isn’t the age of home shares or local data a thing of the past, now that cloud reigns supreme? Under the guise of clickbait, this is still a relevant topic to be discussed. I was at Cloud Field Day 8, where not one, but three (out of six) companies are well-known data protection companies, and that topic kind of struck a nerve, for several reasons.
First, I’m happy to have moved away from the early stages of my career in IT where I’d have to support endpoints and end users, two categories with their own peculiarities. Second, I am not overly interested in endpoints, and this was my first Cloud Field Day, being more a Storage Field Day kind of delegate. Third, some of the solutions recently presented made me travel back to the not so glorious days of EMC Networker and CA ArcServe Backup 11.
Endpoint, or Data?
Is it accurate to talk about endpoint backup, when what matters is the data? A significant amount of data still resides on endpoints. Despite centralized or SaaS-ified applications, code repositories, and more prosaic network shares, most creative minds end up storing data locally, whether on their laptop or desktop, at least during the early creation stages, after which they end up moving it to some kind of protected repository.
Millions of people work differently, and despite restrictions imposed by IT departments, some still work outside of the boundaries, saving data on their C drive instead of relying on usually synchronized folders (Users folders, Desktop, etc.).
Faced with this apparent chaos, organizations must make choices. One choice is to indiscriminately backup the entire endpoint data (some going even to the point of backing up programs and OS files, a dubious choice indeed). Others focus only on key folders, such as the user profiles, with varying levels of granularity.
What is most frequent these days however is user profiles being synchronized to a central file share, with replication in the background. Data is then backed up not locally on each endpoint, but centrally, giving a bit of relief to overworked sysadmins.
Then, the next level are organizations who have adopted online collaboration solutions such as Office 365 or Google Suite. In that case, most of the work is done online, with files & folders directly stored on SharePoint libraries, OneDrive or Google Drive (excuse my ignorance, but I am not too fond of the Google ecosystem due to their propension to prematurely kill products). You might agree though that Office 365 is the enterprise standard for collaboration (even if MS Teams’s sugar icing on top of Sharepoint sucks, but that’s another story).
In-Band, or Out-of-Band Data Protection?
What the heck does this even means? By lack of better words, we’re going to call In-Band Data Protection as a way to protect data that is integrated with collaboration tools and somehow data-aware. We’ll use Out-of-Band to define traditional, indiscriminate backup of endpoints with limited awareness of the data being protected – without data awareness.
Clearly, In-Band delivers more value, but supposes a higher level of effort to build the data protection architecture. It also assumes that the organization is actively using online collaboration products by default. This gives assurance that collaboration data is effectively backed up across all tools with the collaboration platform, whether data is stored on-premises (for example Exchange or SharePoint) or through Microsoft Office 365.
On the other hand, Out-of-Band tools are simpler to configure and cater the needs of smaller organizations that do not have the budget or in-house IT critical mass to adopt collaboration projects. That said, some smaller organizations might also be using online collaboration tools, but in a sort of one-to-one relationship (endpoint to cloud), not at an enterprise integration level.
Why Protect Online Collaboration Data?
Office 365 is a SaaS offering: the infrastructure and software are no longer hosted and managed by each individual organization – Microsoft now takes care of that. But data needs to be protected, and while Microsoft talks of data resiliency, a vast majority of the related articles refer to resiliency, availability of services, clustering and avoiding data loss, but nothing refers clearly to data protection in the sense of backups.
By shifting infrastructure and application management responsibility to Microsoft, organizations do not waive the need to protect their data. Major incidents and ransomware attacks have proved that having backups safely stored outside of the production environment is always a wise idea.
Data Protection Is Also About Storage
Protecting data is great, making sure it is safely stored somewhere is better. There, another important aspect comes to mind: can we optimize the data that is being backed up? Are compression and deduplication possible? Can we take care of this before the data hits its final storage destination?
Cost aspects are equally important: will the data be stored on premises, in an S3-compatible object storage array? Will it be backed up in the cloud? Have we taken in consideration egress transfer charges?
Although user data restores are expected to be much smaller than applications / databases, it might not always be about that important Excel spreadsheet. Even mailboxes get huge and corrupt from time to time, it’s therefore important to adequately assess restore times, especially if the impacted mailbox is that of the CEO (been there, done that: IBM Notes / Domino anyone? You’ll get my point).
Several solutions exist on the market, it should however be noted that Veeam started building their own solution in 2016. At Cloud Field Day 8, Veeam presented version 5.0 of Veeam Backup for Microsoft Office 365 through a detailed demo, which will say much more about the product that I’d even could, courtesy of our IT community friend Michael Cade.
Interestingly, the video preview below shows as its default cover picture where Veeam comes from in terms of features & capabilities. As product support & features were added, scalability, manageability and performance also followed.
Interestingly, Veeam has a huge community of fans which worked on several community initiatives, such as providing Grafana dashboards to the solution. Even tiny organizations which rely heavily on Microsoft 365 can give a go to the solution through the Community Edition that supports up to 10 users.
So, should we care about endpoint data protection? In the public consumer space, all efforts are going towards providing customers with data portability options. The term is perhaps inappropriate, maybe mobility would suit best: I, as a user, move along from device to device as needed, and my data follows me. That’s what we have with iCloud or OneDrive (spoiler: Mac user, not sure how Microsoft fares in these areas).
Recently, a friend needed to refresh his venerable corporate laptop. Even though we can blame corporations for being sluggish, he reported the operation went along very smoothly. He ensured all his data would be on the proper synchronized network share, verified that replication had succeeded, turned in the old machine, grabbed the new one, and went along to configure a few basics. Outlook was back, so were his files.
In that context, do we really care about endpoints anymore? I would dare to say that endpoints are no longer relevant, provided that organizations have adopted online collaboration platforms such as Office 365, and that users are storing their data within the collaboration platform.
And, of course, that data on the collaboration platform is being backed up.