Advice for CIOs: Build Digital Resilience for Long-Term Development

As data increasingly becomes a core asset for enterprises, digital resilience is a major metric for building enterprise resilience frameworks. Enterprises must prioritize digital resilience, to build sustainable long-term supply chains, legal compliance, financial transparency and health, and operational continuity.

Trends analysis

1. Digital resilience is key to building leadership

Digital transformation empowers enterprises to carry information in their data. The acquisition, storage, transmission, exchange, and processing of digital information depends on highly reliable and stable infrastructure. Data infrastructure is the foundation of digital information, which in turn is the upper-layer application of data infrastructure. The integrity, confidentiality, and availability of digital infrastructure play a key role in economic and social informatization and digitalization. If critical IT infrastructure is damaged or data is breached, it can significantly affect society and destabilize digital economic systems.

IDC predicts that 65% of global GDP will be digitized by 2022. This makes digital resilience more important than ever, with 80%+ of enterprises at medium- or high-risk of a data breach.

2. Natural disasters and human error make digital resilience essential

Today, data is a new means of production and the lifeblood of organizations. However, IT systems tend to be vulnerable under unprotected conditions. System faults, natural disasters, and human error can cause system breakdowns, the losses from which cannot be understated.

In March 2021, a fire destroyed four major data centers operated by OVH, Europe’s largest cloud infrastructure operator, paralyzing a large number of customer websites, and rendering some customer data lost and unrecoverable. In October 2021, the Tokyo Stock Exchange, the world’s third largest stock exchange, was suspended for one day due to storage device failures. The lack of emergency protection and DR solutions impacted stock exchanges across the globe.

Backup and DR measures are essential in any IT system. If a core IT system fails, service systems of governments and enterprises will be greatly affected.

Statistics indicate that 60% of businesses who suffer losses due to a lack of service redundancy and data backup plans will become insolvent within two to three years, with 50% of daily turnover lost in the first two days. Thus, there is an urgent need to improve digital resilience through backup and DR technologies.

3. Data protection technologies for new services are booming

Breakthroughs in emerging tech, such as 5G, mobile Internet, and IoT, have been the catalyst for industry developments, such as those in online financial transactions, smart manufacturing, e-governments, and digital culture and tourism. Full-lifecycle data protection faces new challenges in terms of protection level, object, performance, and scale.

Protection level: Varying levels of protection depend on the scope of assets. For example, a bank with assets worth under 100 billion yuan (approx. US$14.06 billion) can adopt an intra-city DR solution for its IT systems. Those with assets exceeding 100 billion yuan are better served with a geo-redundant 3DC DR solution.

Protection object: Both structured and unstructured data need protection. For example, big data is helping in production decision-making for enterprises and mass unstructured data on which it depends also needs DR protection.

Protection performance: Cold data in the DR center is converted to warm data to maximize value. For example, the number of CDRs generated by a million 5G users increases by 7-fold, requiring higher protection performance.

Protection scale: The amount of data to be protected has increased from PBs to EBs. For example, an L4 autonomous car can generate 60 TB of data per day, 50 times that of an L2 car.

Given this background, there is huge emphasis on zero service interruptions or data loss. For service continuity, data protection solution vendors offer integrated SAN/NAS active-active solutions to protect both structured and unstructured data. For data retention in new application ecosystems, the retrieval and backup of mass unstructured data are used to protect mass small files.

What we suggest

• Achieve the goal of ‘Three Zeros, Two Always’ for secure, trustworthy data

Different workloads face different data security challenges and threats. To improve digital resilience, the goal of ‘Three Zeros, Two Always’ for data security and trustworthiness must be achieved:

Zero data loss: Customer data must not be damaged or lost due to software and hardware problems. Even in the event of an abnormality, damaged data, or mis-operations, the system can be recovered and continue without major disruption.
Zero data leakage: Data must not be accessed or obtained without authorization during storage, transmission, and processing.
Zero data tampering: Data will be protected from unauthorized modification or damage during storage, transmission, and processing, and even if an unlikely infiltration occurs, tampered data can be recovered upon detection.
Always-on services: The fulfillment of customer service specifications ensures storage services, but if storage services are interrupted due to customer environment problems or a malicious attack, the services will be recovered within the customer’s tolerance period after the environment recovers or the malicious attack is resolved.
Always compliant access: Data storage, transmission, and processing must comply with laws and regulations such as General Data Protection Regulation (GDPR).

• Enhance DR security for core data to ensure service continuity

Enterprises should enhance protection grades to fully upgrade service continuity.

For enterprises that lack sufficient DR and data backup measures, a comprehensive protection framework is essential for full DR of mission-critical services and full data backup.

To improve service continuity and data reliability, the following preparations should be met: examine enterprise services, check for the lack of DR for key services, and help enterprises build redundant data centers. If DR systems are already set up, upgrading the local active-passive DR solution to an active-active solution to ensure zero loss of key data, and develop intra-city, active-active DR architecture to a multi-site, multi-center protection solution to facilitate multi-copy, cross-region recovery. Enterprise data should be backed up by level and class, while local backup can be upgraded to local + remote data backup for core data. Anonymized and unimportant data can be backed up to online public clouds or low-cost storage media.

Another best practice is to regularly perform DR drills, recovery verification tests, and data application to ensure the health and effectiveness of the DR system.

• Improve enterprise resilience and DR capabilities for new production platforms and applications

As enterprises invest more resources in innovative technologies, it is recommended that elastic architectures and agile iteration capabilities be built for emerging production platforms and applications such as distributed databases, big data, AI, and containers.

Efficient incremental protection, compliance with laws and regulations, and mass retrieval should be offered for unstructured hot data. Because of high service complexity and insufficient solution measures in emerging ecosystems, enterprises and storage vendors should work together to develop scenario-specific solutions

Learn more about Huawei’s Data Storage solutions.

Disclaimer: Any views and/or opinions expressed in this post by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Huawei Technologies.