Once created specifically for data security for IT backup landscapes in the Empalis security forge for IT backups: the VIKING Applicance. As a plug and play solution of HW, SW and services - complemented by Empalis standards and a strong security concept - this appliance already offered data protection and backup at the highest performance level. Being able to perform fast backups and restores in a production-isolated environment based on IBM Spectrum Protect Plus on premise or in the cloud was initially VIKING's strength. But real security professionals wanted more - which led us to further develop the VIKING solution.
And so, as IT backup experts, we set out to find the "Valhalla" of the backup world: a VIKING backup strategy to surprise our customers with even better service and stronger performance.
Starting from the VIKING appliance, Empalis customers have so far received a combination of hardware, software and services, served by our Empalis Service Plus team. A hardened appliance that performs fast backups and restores at the customer's site - at that time based on IBM Spectrum Protect Plus. This appliance still exists in this form.
But not only the most diverse HW and SW hosts - such as IBM Spectrum Protect (Plus), Veeam, Microsoft 365, Linux and other IT heroes - conquered our team of experts. Today's risk factors also want to be conquered. They clearly show that a vendor-specific appliance alone is not necessarily enough.
To create a real solution for our customers, the fortress of data should be Cyber Resilience-certified. Ransomware-proof. Because the high incidence of cybercrime today presents IT with yet another set of key W-questions:
- What are we doing today?
- Why are we doing it this way?
- Where do we want to go tomorrow?
- How do we want to get there?
What does your IT backup strategy needs to accomplish? - Complexity-reducing approaches
At Empalis, we discuss these questions along with our customers and their issues and goals: An individual strategy and solution based on it, which can look different for each customer and be based on different technologies, is what we consider to be a main component of our best practices. Which hardware, software, cloud or other components are used here depends largely on the customer's requirements - but also on the infrastructure and licensing already in place.
Of course, we are familiar with the existing manufacturer solutions on the market, which have their raison d'être. All manufacturers offer self-sufficient, functioning answers to the questions of Modern Data Protection. However, with ever-increasing complexity, a combination of different vendors can result in a higher quality cyber resiliency strategy.
The main challenge is the smooth implementation, integration and operation of the new components in an existing environment. This requires a strategy, a concept, an approach... and this is where we usually come in.
As a consulting company, our focus is on the customer and his data protection environment. Therefore, we see our VIKING first and foremost as a strategy process or concept that is built for and together with the customer.
The 4 phases of the VIKING strategy
In our VIKING strategy process, we best accompany the customer through all four phases, which are defined as follows: Analysis, Optimization/Redesign, Staging and Run.
For this purpose, the customer is assigned a technical Senior Consultant Engineer Architect, who both accompanies the strategy development and is available as a contact person in the later implementation phases up to the final Run phase in the role of Technical Manager / Service Delivery Manager.
Where possible, we use various proven monitoring and reporting tools in all four phases to ensure that the consulting and service goals in the SLAs are met.
Health Check: Audit of your data security environment
The strategy process begins with the Analysis phase. Here it is very important for us to answer the following questions together with the customer:
- "What is the customer doing today"?
- "Why is it so".
The focus is on recording the ACTUAL state in the data protection environment, checking for best practices, reviewing the current operating manuals and emergency documentation, and - if the operation has already been taken over by an external provider - also the fulfillment of the agreed SLAs. Often, there are already specific issues and challenges in the existing environment, whether of a technical or process nature, which we then also take a close look at.
The goal is to provide both us and the customer with an overview of the state of their environment in terms of cyber resiliency and to answer specific questions such as:
Are we well armed for today's attack scenarios: Ransomware, Other?
What happens when an attack occurs?
Are the backups recoverable?
What kind of data loss should I expect?
Am I prepared for future workloads?
Is my environment performant enough?
What license costs should I expect in the future?
Are we missing something or have we not considered something?
The result of this health check, as we call our review/audit workshop, is documented and presented to the customer for planning the next phase.
Cyber-resilient optimization of the backup landscape
In the Optimization/Redesign phase, we focus on the concrete modernization of the data protection solution through the use of the latest technologies (blueprints), the standardization, simplification and increase in efficiency of the customer environment. The focus here is on holistic optimization, especially with regard to cyber resiliency - through hardening, automation, continuous data protection and zero trust. If desired, we also take a look at the optimization of licensing.
In this phase, it is important to pay attention not only to today's challenges, but also to those that may arise in the future. Like looking into a crystal ball, we want to look ahead and think outside the box.
Basically, this is a very intensive conceptual phase in which not only technical but also financial aspects are considered. The result is divided - depending on the customer's wishes - into short-term measures and long-term realignments, which are presented and evaluated in a rough concept. The measures to be implemented are then described in a detailed concept and the implementation is discussed with the customer.
Implementation and automation of your backup according to best practices
The Staging phase marks the beginning of the pilot implementation of the defined modernized data protection solution in order to demonstrate the implementation of the concept in practice and to identify and eliminate any technical stumbling blocks at an early stage. Here, our architect not only implements the known rules of data protection, such as the 3-2-1 rule, Airgap and defined methods for ransomware protection - but implements the standards defined by our Viking strategy to increase the resilience, management and performance of the solution.
This is an important step because, despite best practice experience, every environment is different. Often, a new concept involves a mix of existing and new components, whether hardware, software, or cloud approaches. Transitioning to a Modern Data Protection environment happens in parallel with the existing business and gradually replaces previous solutions.
At this stage, we conduct detailed performance and disaster recovery (DR) tests, partly automated, partly manual. The main focus is on achieving the highest possible level of automation.
During this process, we provide updates to the operating manuals and emergency documentation, as well as customizing or possibly implementing a tool for monitoring and reporting in the data protection environment. Finally, training can be scheduled in order to learn about the new architecture and elements. The pilot environment is handed over to the customer with a final approval.
Implementation and operation
Once the staging phase has been successfully completed, the final rollout of the implementation of the agreed measures on all systems takes place in the run phase. The further standardization and automation of the operating processes is essential here. An operating concept outsourced to Empalis ranging from a partially managed environment up to a fully managed service is also established in this phase. These processes can be delivered and measured optionally through the standard Empalis Service Plus solution Predatar , as well as in the customer's existing ITSM solution and additional monitoring and reporting solutions. The measurement of compliance with SLAs and other KPIs is ensured by recurrent service reviews, which are essential for ensuring and optimizing service quality.
Simultaneously, testing restores is very important, as well as taking full advantage of new capabilities and cutting-edge cyber resiliency features such as anomaly detection, ransomware detection and prevention, and recovery orchestration.
The focus is to continuously advance Modern Data Protection by keeping up with service goals and refining documentation, to the point of creating an application-driven backup strategy. This approach is no longer focused on data or monolithic infrastructures such as storage systems, servers, VMs or containers, but on business processes as a whole. Thus, DR processes and restore tests are also designed with this strategy in mind. As a result, crucial business processes are identified from a backup perspective, then prioritized and redefined in terms of availability, resiliency, restore compliance and performance.
Conclusion: VIKING is the name of the game
We decided to use the powerful brand VIKING for our IT backup strategy and appliance. Vikings are historically and cinematically depicted as fairly aggressive, vicious attackers who penetrated the territories of today's England and Northern Europe. At the same time, Vikings were simple farmers who were capable of self-sufficiency throughout the years. In those times, people were also concerned about improving their own lives and gaining access to new resources.
Thus, we see the qualities of the Vikings in light of curiosity - that is, innovative spirit, courage and strength to explore other territories. Strategically and tactically, they tend to be extremely well organized, with a distinct sense of orientation, either on the open sea or ashore. Being self-sufficient, agricultural workers and family people, they already knew how to well conserve and store - i.e. save - resources or produced food at that time!
Certainly, a different name could have been given to our solution. However, having a name also contributes to the customer's feeling of knowing that their data is safe and secure with us.
In 2022, we have fully realigned VIKING again, in both strategic and conceptual terms. Take a few minutes to watch Chris, our very own Viking, presenting the strategy behind it in six fantastic clips, as well as the original Viking solution.
