While Artificial Intelligence (AI) can be controversial, it’s becoming more mainstream and mundane in its applications.
A lot of what we think about in AI is really automation of repetitive tasks and training to recognise and respond to events, entry-level AI if you will. In the world of Data Protection & Recovery, AI could take over the important but repetitive and boring work, and escalate events to the IT/Security teams when it becomes important, complicated, and exciting.
Here are six tasks where AI is becoming important:
Automate standard tasks: Every day, IT teams see hundreds of predefined tasks fail. A backup administrator’s role is to examine, reschedule, and restart any failed jobs. AI can automate all these processes. Based on a threshold and / or the priority of the machine, or the data stored on it, you can define how often the restarted process is allowed to fail, only then alerting the administrator to decide whether to intervene manually.
Gather information: There can be thousands of reasons why backup tasks fail and AI can automatically identify and report the causes, and also proactively recommend the next steps. What operating system is the machine running and what workloads? Who has access? Was the machine offline? Has it been put into maintenance mode because a patch has been applied? What needs to happen in order to re-run the task to a successful conclusion? AI can save hours and hours of time by automating this research. As confidence grows, it can also carry them out.
Understand the Effects of Failed Backups: Suppose a critical system backup fails on a Monday, then Tuesday, and then Thursday. How do these failures affect recovery point objectives (RPOs), i.e. the time gap between a good backup and a failed system, and how do you identify what data was not backed up or potentially lost? AI can provide administrators an early warning when a critical workload is unsecured. It can provide reporting to show the risk position to the business, gaps to true DR or Cyber resiliency, potentially saving £££ should a cyber event occur.
Prioritise workloads: AI can identify the best time to schedule (or reschedule) backups and automate the process, based on different criteria. For example, if a copy of the backup of a workload is also written to tape at the end of each day, the AI knows that the fresh backup must be ready by a certain point. In this way, the AI helps to contain the risk of unexpected data loss.
Enforce minimum standards: The business sets up new virtual machines, workloads, and cloud instances every day. AI can talk directly to the control systems from the hybrid world, the ESX servers for example, and find out which VMs have been offline and may still fall out of backup. And it can then automatically enforce a gold standard to back up data to minimum levels.
Secure the crown jewels: AI can quickly analyse large amounts of data and help IT and security teams to understand the content and therefore the value of the data. On this basis, enormous results can be achieved. The AI can rank data and workloads according to their business value, giving weight to many downstream tasks – starting with event correlation, where events are prioritised based on the value of the data. Copies of the most important classified data can be automatically pushed into a virtual cyber vault, which is physically separated from the rest thanks to an airgap and holds an immutable copy of the data. AI can also answer questions related to wide-ranging topics such as compliance, legal, forensics, to provide accurate reports immediately, rather than the very lengthy eDiscovery processes seen in many companies today.
Proactive prevention: AI can also include status data of the machines and their condition. If the hardware wobbles because components have failed, AI can proactively redirect workloads to other systems or instruct the backup system to restore the affected machines to different hardware. This prevents data loss and failures. It could simply report on this to an administrator with clear recommendations without undertaking the activity itself, to allow human decisions to factor – four eyes before change.
AI can dramatically reduce the massive toll on IT and Security teams by doing many of the important but tedious tasks itself. Providing comprehensive reporting, and clear and concise next steps, giving a wood-from-the-trees perspective to operational groups that are undersized for the difficult jobs at hand. People as creative experts intervene when things become complex or important. In this way, AI can make a massive contribution to increasing cyber resilience against attacks that, ironically, are increasingly being carried out by AI.
About the Author
Mark Molyneux is CTO for EMEA at Cohesity. We’re on a mission to radically simplify how organizations secure and manage their data, while unlocking limitlessvalue. As a leader in data security and management, we make it easy to secure, protect, manage, and derive valuefrom data—across the data center, edge, and cloud.
Featured image: ©ipopba
