Ink8r (in·cu·ba·tor) focuses on socio-technical themes, concepts, and technologies associated with large depth-of-field domains such as Observability, Resilience Engineering, API Economy, and Cloud Economics.
The perspectives herein were created for
A CALL FOR CLOUD-NATIVE
New architectural patterns such as Elastic Microservice Architectures (EMA) and Staged/Event-Driven Architectures (S/EDA), CSP innovations across their portfolios (Silicon, forked services, PaaS services), and corporate cloud assurance strategies such as frequent service repaving, have challenged the leading vendors to provide comprehensive cloud data protection coverage.
Enterprises embracing these new paradigms are finding a growing gap with their current data protection vendors, and that asymmetry is driving the need for cloud-native protection options that combine ongoing detective/corrective actions, ease of use automation to drive Product Team engagement, and complete compliance/audit traceability for continuous assurance.
VALUE DELIVERED THROUGH CLOUD-NATIVE SOLUTIONS
All new or existing in-scope cloud assets are continuously detected and evaluated against policy to determine adherence. Corrective action is invoked where drift is determined, and assets are protected accordingly.
Through automation, policy circumvention is mitigated while also providing Product Teams the flexibility to deliberately invoke exception processes.
Provide complete traceability, from IT Control Narratives to FRs/NFRs to detective/preventative controls - every element of the solution has demonstrable evidence of compliance
Products of Interest
N2WS (Not To Worry Software) - Robust data management platform with mature enterprise-class capabilities in backup and recovery. Deploys via a Linux-based virtual appliance and connects to your cloud via API. Primary support is for AWS with limited support for Azure.
- Arpio - A disaster recovery solution for AWS which automates business continuity plans. By leveraging AWS native APIs, it takes snapshots of the supported resources and saves them to a remote account. The platform promotes resiliency by isolating the replicated images and securing the recovery account.
- Druva - By leveraging the AWS native APIs, it takes snapshots of the supported resources and saves them locally or to a remote account. Uniquely, it’s capable of tracking changes in order to identify potential threats. Druva’s Phoenix provides the ability to back up on-prem resources and recovering those workloads in the AWS cloud. The product maps the workload to its cloud counterpart, instantiates the resources, then makes it available for migration or cloud recovery.
- Clumio - Architected on containers and serverless Lambda functions, Clumio focuses its protection services on AWS exclusively. Product provides insights to optimize existing backup plans and minimize waste.
ADDRESSING CURRENT GAPS
Ink8r has developed solutions to address this gap by focusing on the following areas:
Mapping cloud services that may persist data – whether through corporate mandate or through discovery we typically advocate for some classification of the assets. As a simple example,
In-scope assets that may persist data
In-scope assets that may persist data but qualify for exceptions, and
Assets that do not persist data and should therefore be out-of-scope
Building Compliant Functional (FR) and Nonfunctional (NFR) requirements – FR/NFRs connect data protection to use cases while adhering to all applicable IT Control Narratives. All FR/NFRs are thoroughly exercised through a battery of test cases. This provides confidence in the overall solution and establishes a Product Mode discipline.
NOTE: organizations that leverage tags to provide detect/correct solutions need to be mindful of IaC methods and procedures (e.g., if using declarative IaC be mindful of state reconciliation effects)
Delivering automated protection controls (centralized and/or decentralized) – after establishing whether the solution is managed by an enabling team (e.g., Platform Engineering), the developer community (e.g., Product Team), or some combination – Ink8r typically automates a codified solution to continuously protect all new and existing in-scope cloud assets
Balancing guardrails with a degree of flexibility – through the cultivation of detective/preventive/corrective controls, and ensuring a solution that works with declarative and/or imperative cloud deployment methods, our solution elegantly balances governance mandates with degrees of flexibility
Developing compliance & governance traceability – our solution produces a traceability matrix that ties IT Control Narratives together with FR/NFRs, through to detective/preventive guardrails and alerting mechanisms, demonstrating a complete end-to-end audit trail for ease of reporting
HOW WE CAN HELP!
Our data protection solution is platform-nuanced, but still cloud-agnostic, and aims to improve the overall Developer Experience while supporting current cloud initiatives and operating models. A guiding principle to our approach is one that does not further bifurcate existing data protection operations, but rather a strategy that can easily support and provide consistent requirements and capabilities for all data protection needs.
Please contact us to learn more about, or exchange ideas on, this domain!