MeriTalk connected with David Siles, Global Field Chief Technology Officer at Rubrik, to discuss the Continuous Diagnostics and Mitigation (CDM) program and the importance of data protection and cloud management in the Federal government’s new telework environment.
MeriTalk: How has COVID-19 changed agencies’ approach to CDM, risk management, and data protection?
David Siles: The pandemic has refocused energy on data protection, and data and risk management. Agencies need solutions that are ready for automation and remote operation in a distributed environment. This has also led to agencies reevaluating how they do remote computing and how they transfer data into government clouds and other locations. IT teams need to manage data globally, no matter where it lives – whether it is in the primary data center, in the cloud, or another location for emergency use.
Rubrik has a simple approach to data protection that aligns closely with Federal CDM strategies. Our API-driven solutions, like Rubrik Polaris, give agencies a single-pane-of-glass view of their data and protection against ransomware. And, Polaris Sonar gives agencies data intelligence and discovery around sensitive information, which is classified and maintained for agencies. As agencies shift to off-site work environments, our goal is to help them reduce their need to be on-site to manage data backup and recovery.
MeriTalk: In what ways do agencies need to change their approach to data backup and recovery in a more mobile environment?
Siles: Agencies need global visibility of data, easier policy governance, and cloud-enabled solutions that do not restrain operations to a traditional data center. We take a platform-approach at Rubrik, which gives IT teams the ability to bring data under management, no matter where it lives. That allows us to mobilize data as well since teams often need to take data to the cloud and enable their remote workforce – not just during COVID-19, but in the future as well.
MeriTalk: While CDM has continued to take priority through the pandemic, risks are evolving. When it comes to risk management and data recovery, what challenges do agencies need to be cautious of now and in the future?
Siles: The threat of ransomware is the pandemic within the pandemic. The bad actors in the world have taken COVID-19 as an umbrella to cover their crimes. The Federal government, as well as state and local government, has seen an increase in cyberattacks. It is important to have a resilient platform with immutability and defenses in place to help enable recovery in the event of a cyberattack. Because of the remote workforce, data is moving beyond the four walls of the primary location. We need to ensure that data is moving securely and staying protected. Having a platform that gives you that basis of security, resiliency, and immutability is fundamental in the landscape of today.
MeriTalk: How is Rubrik uniquely positioned to help agencies stay ahead of new risks and protect data in a rapidly changing security landscape?
Siles: At Rubrik we offer security by design – solutions that offer natural protection by using immutable file systems and strong end-to-end encryption. Our Polaris Radar solution does anomaly-based detection, looking for both internal and external threats. And, our data classification features offer customers the ability to understand where their sensory information lives. This provides insights into the risks present for their data and steps that need to be taken from an audit compliance perspective to mitigate future incidents.
MeriTalk: When it comes to Rubrik solutions supporting policy automation, why should agencies prioritize data management automation?
Siles: In a remote environment, automation is everything. Data is compounding faster than it can be managed manually. Agencies need a policy-based approach that starts with aligning government business requirements to data protection requirements. From there, teams can plug into existing frameworks for IT service desk management, for automation at scale.
We bring automation to the entire lifecycle of the data using our API/programmatic-based solutions like the Polaris data management platform. This translates to data protection, backup, and recovery from the time data is created and managed, to the time it is expired.
Agencies have data management guidelines that require data to be maintained for up to 30 years. The best way to accomplish this is by moving data to an economical storage location. However, the data still needs to be secured and expired in a compliant manner. We give agencies the ability to create global policy, move data through its entire lifecycle, and manage data with a single-pane-of-glass view – whether it is on Rubrik or in a public cloud.
The only way for agencies to truly achieve digital transformation at scale is through automation and effective policy. It is a core requirement of many agencies already, and CDM is going to leverage automation as much as possible to reduce data risks.
MeriTalk: How can agencies improve CDM integration in mobile and cloud environments? How do Rubrik solutions accelerate scalability, data protection, and recovery in the cloud?
Siles: It starts with agencies getting data to the cloud through cloud archiving or Rubrik’s CloudOut management solution. Agencies who make the journey to the cloud typically start with archiving and then bring workloads to a cloud-native format. Rubrik helps agencies shift data sets and applications from on-premise formats to cloud-ready formats so they can operationalize cloud and secure their assets. We take customers through the entire journey – from on-premise to hybrid to fully cloud-native environments.
MeriTalk: What advice do you have for agencies looking for new solutions to implement on their CDM journey?
Siles: Agencies must understand their data and how to protect it. A lot of customers start with the idea that they need better protection via a better solution. As part of their journey to embrace CDM, agencies need to look at their goals first, and then find solutions that align with those goals. Rubrik works with agency customers to ensure that, above all, our solutions validate their goals. Then, we test those solutions with their unique operational environment. Remember no matter how good a solution looks on paper, what matters is how it is put into practice and validated in your unique scenario.