Ink8r (in·cu·ba·tor) focuses on socio-technical themes, concepts, and technologies associated with large depth-of-field domains such as Observability, Resilience Engineering, API Economy, and Cloud Economics.
The perspectives herein were created for
CLOUD-NATIVE
DATA PROTECTION
A CALL FOR CLOUD-NATIVE
New architectural patterns such as Elastic Microservice Architectures (EMA) and Staged/Event-Driven Architectures (S/EDA), CSP innovations across their portfolios (Silicon, forked services, PaaS services), and corporate cloud assurance strategies such as frequent service repaving, have challenged the leading vendors to provide comprehensive cloud data protection coverage.
Enterprises embracing these new paradigms are finding a growing gap with their current data protection vendors, and that asymmetry is driving the need for cloud-native protection options that combine ongoing detective/corrective actions, ease of use automation to drive Product Team engagement, and complete compliance/audit traceability for continuous assurance.
VALUE DELIVERED THROUGH CLOUD-NATIVE SOLUTIONS
Continuous Protection
All new or existing in-scope cloud assets are continuously detected and evaluated against policy to determine adherence. Corrective action is invoked where drift is determined, and assets are protected accordingly.
Codified Guardrails
Through automation, policy circumvention is mitigated while also providing Product Teams the flexibility to deliberately invoke exception processes.
Auditable Compliance
Provide complete traceability, from IT Control Narratives to FRs/NFRs to detective/preventative controls - every element of the solution has demonstrable evidence of compliance
MARKET TRENDS
ADDRESSING CURRENT GAPS
Ink8r has developed solutions to address this gap by focusing on the following areas:
-
Mapping cloud services that may persist data – whether through corporate mandate or through discovery we typically advocate for some classification of the assets. As a simple example,
-
In-scope assets that may persist data
-
In-scope assets that may persist data but qualify for exceptions, and
-
Assets that do not persist data and should therefore be out-of-scope
-
-
Building Compliant Functional (FR) and Nonfunctional (NFR) requirements – FR/NFRs connect data protection to use cases while adhering to all applicable IT Control Narratives. All FR/NFRs are thoroughly exercised through a battery of test cases. This provides confidence in the overall solution and establishes a Product Mode discipline.
-
NOTE: organizations that leverage tags to provide detect/correct solutions need to be mindful of IaC methods and procedures (e.g., if using declarative IaC be mindful of state reconciliation effects)
-
Delivering automated protection controls (centralized and/or decentralized) – after establishing whether the solution is managed by an enabling team (e.g., Platform Engineering), the developer community (e.g., Product Team), or some combination – Ink8r typically automates a codified solution to continuously protect all new and existing in-scope cloud assets
-
Balancing guardrails with a degree of flexibility – through the cultivation of detective/preventive/corrective controls, and ensuring a solution that works with declarative and/or imperative cloud deployment methods, our solution elegantly balances governance mandates with degrees of flexibility
-
Developing compliance & governance traceability – our solution produces a traceability matrix that ties IT Control Narratives together with FR/NFRs, through to detective/preventive guardrails and alerting mechanisms, demonstrating a complete end-to-end audit trail for ease of reporting
HOW WE CAN HELP!
Our data protection solution is platform-nuanced, but still cloud-agnostic, and aims to improve the overall Developer Experience while supporting current cloud initiatives and operating models. A guiding principle to our approach is one that does not further bifurcate existing data protection operations, but rather a strategy that can easily support and provide consistent requirements and capabilities for all data protection needs.
Please contact us to learn more about, or exchange ideas on, this domain!