In technology infrastructure terms, the idea that "on-premises is dead" has been heard quite frequently in recent times, mostly prompted by the huge impact made by cloud computing. The issue has also become evident in the world of cybersecurity, where the rush to the cloud has put data vaults, for example, at the centre of the discussion. However, while vendors and customers move away from the traditional belief that true data protection requires an on-premises storage solution, we’re left to wonder: is this justified? Or could we be neglecting the continued utility of on-premises systems?
Vaults, as a measure to protect critical business data in the case of a cyber-attack or disaster, aren’t new. Initially, they were introduced to meet certain regulatory, and compliance needs and to augment data protection solutions. The primary need? To deliver a failsafe for organisations should their defences be compromised. Add to this the inherent capabilities and convenience offered by the cloud model, and it’s simple to understand why they represent another niche of the tech industry that enthusiastically embraced the cloud.
There's no denying the attraction of cloud vaults. Their ease of deployment, the fact that there’s no need for the users to provide hardware maintenance and the convenience of a single vendor billing make them an attractive option. Yet, with these benefits come some drawbacks , primarily relating to the relinquishment of control, the inherent slowness in restoring from cloud storage to on-premises and the added cost of egress fees for getting your data out. In common with many cloud-based services, when a system is managed by a third-party vendor, organisations are forced to compromise on autonomy. This might be completely tolerable for some IT use cases, but when it relates to cyber resilience, the stakes are much higher and technology decisions need to be very carefully considered.
On the other hand, on-premises vaults offer some major plus points, including high levels of user control, the ability to make tailored modifications, better air-gapping, and unmatched recovery speeds. While for some there might be a steeper initial learning curve, with the aid of professional services and a supportive partner community, these hurdles can be managed. An on-premises data vault, combined with an isolated recovery environment, puts IT and SecOps back in the driver’s seat. Unlike vendor-managed cloud vaults, organisations (or their designated partners) have the freedom to deploy, configure, and manage however best suits their cyber resilience needs instead of being locked into someone else’s way of doing things.
Whatever approach is taken, for organisations focused on cyber resilience, isolated, offline vaults are central to achieving this objective. They not only protect but help detect major threats such as ransomware in real-time – a particularly important quality given the ability to detect and act upon a cyber threat swiftly can mean the difference between a minor hiccup and a full-blown catastrophe.
Each to their own
So where does that leave us? Firstly, it's crucial to remember that the choice between hosting a vault on-premises or cloud infrastructure isn't a binary decision. Instead, it should hinge on specific use cases. In scenarios focused on cyber recovery, for example, on-premises vaults are unparalleled. Their power, performance, and flexibility offer real-time detection of threats like ransomware can be crucial for recovery. Moreover, rapid detection limits the reach and damage caused by a ransomware attack. The faster they are detected, the quicker the recovery – and ideally, organisations should be in a position to roll systems and data back to moments before the intrusion. With ransomware presenting varying and often severe challenges, having a playbook and efficient recovery methods becomes essential and on-premises vaults can play a key role.
Looking beyond just the location of a vault, when considering the data recovery performance of vault technologies or services, organisations also need to focus on Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). This is because the consequences of extended downtime aren't just financial, they also include stalled productivity, brand damage and potential long-term loss of trust. In fact, strong RTOs and RPOs present an alternative to the choice of paying a ransom or losing data – they offer a pathway to recovery that's minimally disruptive. For IT teams, already stretched thin, efficient recovery mechanisms can be a lifesaver, allowing them to quickly pivot to forensic analysis and the broader implications of an attack.
Think of it this way: the "on-premises vs. cloud" debate shouldn’t necessarily be about which approach is inherently superior. Instead, it should be about context. On-premises vault solutions have their unique strengths, especially in specific use cases like cyber recovery, while cloud-based services bring strengths around convenience. But in addition, broader considerations, including integration with disaster recovery methods, real-time threat detection and focus on RTOs and RPOs, should drive the choice of vault technology and execution venue.
Ultimately, in a changing cyber landscape, the primary concern for any organisation must be to ensure their data protection measures are comprehensive, efficient and tailored to their specific needs. It's not just about surviving in the age of cyber threats but thriving and emerging more robust after every challenge, and this should be a driving factor in the choice of vault solutions, vendors and long-term strategy.