Stop Throwing Away Money on Data Storage (Even When Moving it to the Cloud)

- Alan Jamieson, BOHH Labs VP of Business Development

Does moving your data center storage to the Cloud (Private/Hybrid) help with saving operational costs on increasingly challenged IT budgets?  For most people, this is an automatic answer, yes; however, recent studies are indicating that moving storage from in-house to the Cloud won’t achieve cost savings unless the storage needs are fully assessed, and anticipated savings are planned out. This is alarming, and you may ask why?

Firstly, capacity planning is an issue: how much do we need today and in 12 months’ time?  Over-estimating storage capacity is one area that can make a dent in the savings. While estimating a higher capacity can secure better cloud storage rates from vendors, if you don’t have enough data to meet this higher capacity, you are essentially paying for unnecessary and wasted space.

Secondly, while over 80% of data centers have the storage capacity in-house, it is difficult to do routine checks, so when looking to switch and invest in Cloud storage, companies often don’t have the whole picture and can be making a choice that is often not financially beneficial. The fixed costs (electricity, cooling, licenses and maintenance) of running a data center and any spare storage or processing capacity is often overlooked when formulating your cloud migration/deployment strategy.

The volume and variety (structured and unstructured, regulated data etc.) we are collecting is increasingly on an annual basis.  Data is now seen as a business asset with new Chief Data Officer roles in enterprise accounts being created, but are we realizing the value of the data assets we have?

From research done by Jonathan Koomey in late 2017, only 25% of companies would save money if they transferred their server data directly onto the Cloud, whereas 75% would see an increase in annual costs. However, all the sample group would save if the companies migrated after quantifying out how much server space they need. This unnecessary Cloud storage spends costs companies around the world an estimated $62 billion annually.

If we step back from the cost of storage, the other important and increasing challenge for global companies is extracting the value from data that is stored in the Cloud and often is not accessible.  With the massive amount of data being produced daily, operational cost challenges are pushing companies to store data over 12 months or even more recent too soon. The world has become analytically focused; however, insight is only gained when data over a significant number of years is analyzed to extract the insight to achieve greater operational efficiencies, greater insight in how to retain your customers and how to improve the quality of manufactured parts.

Another research report puts the cost of Cloud waste at about 35%. So, for every dollar spent on Cloud resources, you only get $0.65 investment value. Now that we have addressed how companies are losing money, below are six ways your company/department can alleviate some of the wasted

Cloud spend:

1. Identify and retire abandoned applications – why store what is no longer needed?
2. Choose the right storage model – What is needed today and plan.
3.  Right-size instances – Invest in only what is needed.
4. Perform licensing audits – Do your software vendors enable your licenses to be used in the Cloud at no extra cost?
5. Automate server usage for peak/off peak hours – only pay the Cloud provider for services that are needed.
6. Pay upfront – Looking at license options could save more than purely monthly subscription fees.

While the global market is focused on enhancing how data is stored and embracing the benefits of making a transition to the Cloud, having a clear idea of want storage is needed and how often you need to access your data will ensure that you select the most cost-effective model for your business.

The Dark World of Terms of Agreements: A Complicated Data Security Nightmare

Ken Hawkins, BOHH Labs CTO

Now that the Facebook fire seems to be dimming in the public eye, let’s dig into the issues that really allowed our data and our friends data to be scraped and repurposed into a means to manipulate our online social behavior, and more importantly for Facebook advertisers to sell products to us.

Before we look into Facebook’s world of privacy and allowances, let’s first address how our data can be gathered and used when we make use of websites and web-based services. The term and effective service I am referring to is generally called OAuth, or more pointedly, “Allowance Tokens. OAuth was developed in 2006/2007 and is a simple way to publish and interact with protected data. However, we’ll stick with the term Token Allowance because this is the nomenclature Facebook uses as they put their unique spin on OAuth.

The Allowance Token creation and use can be loosely described as a means to allow another person or company to act on your behalf on websites and services. This is of course to make our lives easier on the Internet. One such example is to make it is easier to sign up on a website by simply choosing the option to login using another website’s login and information. When we as users choose this option, it means we allow the website we are interacting with, as well as the website who has our login information, varying access to our data and a means to act on our behalf on both sites. These tokens that are passed around can be good for minutes to days and can be used to actively monitor your activity on both sites you have linked together. There are variances of this interaction based on the Access Token type and the agreement you made when you chose the option; however, the most noninvasive Access Token usage would simply keep you from having to keep track of yet another password. Another could post updates, etc. to let your friends know what is happening in your life. Discussing it beyond the very general really needs a use case with actor’s names etc., so let’s use Facebook as the website that we trust to keep our data safe.

Armed with that cliff note of knowledge and confident that I trust CompanyA I have found this great new website and want to use my Facebook identity to sign up and log into it. Because I’m boring let’s call the website CompanyB. We have all seen the dialog for this right? Simply click the login with the Facebook button, agree to the terms, and use and the connection is made. Once we have made that connection (CompanyA with CompanyB) CompanyB can now perform varied actions based on what you agreed to. Those actions can range from simply looking at your profile and posts to posting updates on your page. You still might be thinking this is fine because now if I do something on CompanyB’s site then all my friends on CompanyA will know, and I don’t have to return to CompanyA to announce my actions. I trust CompanyA, so there should be no problem.  However, I have a question for you – did you read the agreement? Did you look into exactly how CompanyB was going to use your CompanyA generated Access Token? Before we answer that, let’s get a bit more specific and call CompanyA by the name we were all thinking. Let’s talk about Facebook’s applications – and specifically the quizzes that come up.

So, we are perusing our Facebook timeline enjoying the morning coffee and what comes up in our feed? A fun type of quiz my new best friend took to find out how great they are. Out of habit or boredom, we sometimes click through to take the quiz before we really think it through. What are we presented with to take that super cool quiz? Use your Facebook login to take the quiz. It’s ok you might think I trust Facebook, this is on Facebook what is the harm? Besides I’m too lazy to not use Facebook to login and take the quiz. It is an almost certainty that the super cool quiz company will gather any and all data it can about you and your friends (if you allow it) and then in return inundate you, your friends and friends of friends with the coolest quizzes and chances to win posts for you once do this. What are they doing? Gathering trends about you and your friends for the purpose of marketing to you, or worse manipulating your feed to gently nudge your thinking in a particular direction.

OAuth, Allowance tokens and their use is a wonderful ideal, but is woefully lacking in implementation and seriously blurs the lines regarding the ownership, security and responsibility of your data. As an end user it is incredibly convenient to let the world know what I’m doing or share information via this mechanism. Interacting with Facebook and the applications/websites using its tokens to access really do make our digital lives easier. But, what is the price for this convenience? I would argue that minimally your digital life is no longer wholly in your control. Agreeing to Facebook’s terms of use is just that, an agreement with Facebook. Facebook’s agreement of terms with its development community is another. The agreement you make with another website, say our famed CompanyB, would be the tie between the three of you. Once that connection is made, Facebook and CompanyB decide how your data is captured and used between them.

This is that blurry finger pointing area between the companies and you, the person who is allowing your data to be accessed. Facebook can be in compliance with CompanyB concerning the agreement they have, and Facebook can be in compliance with you concerning its storage of your data. Now did you read the fine print when you allowed CompanyB to use your Facebook identity? This is the area of concern that is clear as mud when it comes to responsibility. We are in control of how our data is captured and used and we the end user just allowed CompanyB to gather any and all data from us and possibly our friends by choosing the easy login option or taking that funny quiz to see which movie star we looked like. One need only to look at the latest Facebook and Cambridge Analytica revelation. Each party believes they were acting within the terms of their agreement and we are left to fend for ourselves after that.

From my point of view, I think it’s ultimately our responsibility to know that is going on with the transport of our data, and even though we might not want to, read and know what we are signing up for. To that end we owe it to ourselves to truly grasp what we are doing when we choose convenience in our lives. The use of OAuth and its implementations makes our lives easier but truly not safer. It is my opinion that OAuth makes our digital lives more encumbered and our data less safe today.

With Storage Solutions on the Brink of Disaster, Analytics Cannot Work

Yes, I said it. Storage solutions are on the brink of disaster. They are costing companies money, while moving to the Cloud can compromise data security and leads to potentially valuable data being lost or unable to be used. The same old vendors are promising new and exciting solutions to protect, manipulate, and visualize your data. In the past they promised Big Data Lakes of usable information enabling analytics. Today, it is Artificial Intelligence (AI) with security and learning capabilities  placed on your data. But, they failed in the past. Is today any different?

What is missing is a solution that enables secure, real-time data access and secures all compliant data held within storage systems without any impact to the user experience or putting the data at risk. Enter BOHH Labs – we are introducing Secure Storage as a Service to address these needs.

So why are we any different? We believe in privacy. Privacy of the individual with GDPR and PII, privacy of health records with PHI, and privacy of the state and corporation with secret and sensitive data being stored correctly. However, we also believe that data is an asset and has a value companies should be able to strategically leverage without fear that sensitive data will be leaked, lost, or stolen.

This all sounds great, but first we must look at what has gotten our industry to a place where storage is about to implode.

Storage. It is an old technology with a big future. Why? Because we need it for lots of reasons: from having somewhere to place our existing application data, archive storage, document & Image storage and videos.

We Need Storage.

Add to that the fact that we as a digital society produce a massive amount of data daily that needs to be housed somewhere, meaning that we have lots of data. Big amounts you may say. Apart from current data having immediate requirements, the analytical value of our historical data is enormous and can be deployed everywhere from sales cycles to help organizations plan better, to health data to see how well a specific treatment has worked over the past decade. If used correctly then this Big Data (yep 10 years of data can be classed as Big) can have a useful purpose and become an organizational profit center in its own right.

As such, storage solutions peaked in demand. And, as always when a market is in demand, vendors jumped on this market to sell promising solutions that would ostensibly provide businesses with competitive advantage, with the first major wave focusing on Big Data enabling valuable analytics.

Big Data Analytics.

One of the many overly hyped-up terms, Big Data Analytics was big in 2015. But now? Not so much. Why? Well it could be for many reasons:

1.      It was always a marketing hype. We have data in many huge storage silos. Why name it?

2.     The hype could never live up to the use cases. Hadoop, great storage, not so great for data usage.

3.     Why do we need it separated out? Data is data. Big data, small data lakes, ponds, puddles. It is data and it has a use, a value and is required.

It was the only thing people talked about years ago, with planes trailing banners and television adverts stating how it would change our lives.     But now… Naturally, when a fad dies, a new one begins. Enter AI.

AI.

Well when it comes to hype, AI is king pin. However, unlike Big Data, it is for good reasons. While AI is currently being over-hyped as a technology savior, it can actually help us in many ways, especially with storage needs, the security of data and the use one can extract of it. But will AI alone be a fix to our storage solution needs? No.

This brings us to Security. Everything above is all well and good, but storing data for the sake of it is expensive. Placing AI onto a store and learning from the data is a worthy cause but then turning it into a profit center through use becomes problematic, due to the increase in regulations and the information held within the data. Whether it be PHI (Protected Health Information), PII (Personal Identifiable Information), GDPR (General Data Protection Regulation), or data that is secret to an organization or government that must not be let in to the public domain. Using stored data with any of this information as part of it can be costly if that data is accidentally or maliciously leaked.

Secure Storage as A Service

This is where BOHH Labs can step in and help. Our Secure Storage as A Service (SSaaS) acts as a layer between the user/application and the back-end data store and enables total security on all your stored data, without changing the data structure, while making certain data points visible only to those with the correct permissions. Whether this is in a database or a document, the BOHH SSaaS enables full use of data without the security or accessibility concerns.

Our solution uniquely offers database or specific field level security. All data that needs to be secured is removed from the source, encrypting it and storing it separately without changing the structure, enabling prioritization and control over sensitive data such as PHI, PII or GDPR. We do this because it stops the inside hacking job. If the database does not contain the data, then a malicious actor who has gained root or admin privileges cannot run a simple query on the data, extract it, and have it available to them to sell to whoever they like, unlike traditional TDE Data Encryption or homomorphic encryption technologies! Also, the original data structure is maintained which helps negate the needs for costly application updates.

Traditional Data Masking solutions and TDE Data File encryption solutions do not hide your data. It can remain visible in its original format to inside threats. While application level security may have thwarted the hackers of the 90’s and early 2000’s, it does nothing against today’s more sophisticated hackers. BOHH Securely hides your data, making it inaccessible to bad actors, whether internal or external. In this way your data becomes usable by a wider audience without compromising your analytics and without the risk of PII, PHI, GDPR or other sensitive data being leaked or accessed. This same process can also be utilized on document and email stores, allowing your analytics engines to work on your entire storage not just a small subset!

We believe that BOHH is the only organization that is able to secure your data, without leaving a neon sign above an unlocked backdoor. Traditional security measures, such as TDE, Homomorphic encryption, Data Masking, and Application Level Security have proven ineffectual and left your data at risk, and in many cases your organization at risk of legal ramifications. Just look at the theft of data over the past 2 years!

BOHH works on all current data stores, document stores, and email systems; it works in the background without impeding users and enables you to work with your data without risk of theft or malicious data manipulation. BOHH has been architected in a way that does not compromise speed and that is infinitely scalable. If you want proof, and why wouldn’t you? After all you have heard all of this before and yet …  Contact us and we will be happy to place a POC on your storage system, to show how we secure, scale and enable easy access to your valuable information stores.