How Carbonite secures cloud data as cyber threats get more sophisticated

Norman Guadagno, SVP of marketing at Carbonite, explained how his company guards business and personal data against increasingly complex security risks.

TechRepublic's Dan Patterson spoke with Norman Guadagno, senior vice president of marketing at Carbonite, about securing data stored in the cloud.

Guadagno: We're really excited to talk about cybersecurity, the cloud, and Carbonite. My role here is as senior vice president of marketing and chief evangelist. I'm out there talking to the marketplace a lot about why protecting your data is important. We'll get back to that.

Carbonite's been in business for 12 years now. We were the first cloud backup for consumers. Really originated when one of our co-founders had his daughter lose a term paper because when her computer was damaged. So, we started right from humble beginnings. But interestingly enough today, we have more than two-thirds of our business comes from our business customers. For the folks out there who run small medium businesses, they're our target, because that's what we're delivering solutions for today. And then for folks like yourself and myself, who have home PCs, we still protect those. We have lots of those customers around the country and around the globe, but we're actually seeing all of our growth now in businesses as they create so much data.

Patterson: Norm, I'm glad you touched on a moment ago that data is valuable. That seems almost like a no-brainer, but time coupled with data is almost more valuable. Can you tell me a little bit about, not just why Carbonite and cloud backup solutions are important? I think everybody understands that it's important to back up, but why the efficiency provided by the cloud makes Carbonite really unique in the space?

Guadagno: Yeah. It's a multi-faceted question there, but let me first just reiterate: Data is far more valuable than almost anybody really believes. And, if you ask the typical business person, "What's the data worth in your business?" if they don't look at you quizzically and go, "Huh?" their answer's going to be all over the map. We actually believe that it's probably one of the greatest, if not the greatest, sources of value in a business today. We start from that premise, and then we say, "Well what do you have to do with that data?" You have to back it up. You have to make sure that if something happened, whether that be a disaster, the natural kind, or a malicious attack, as we'll probably talk about, you want to make sure that you protect and preserve your data. The reason that Carbonite uses the cloud as our primary method of protecting data is because the cloud gives us the ability to take large amounts of data, secure it in a secure offsite installation, have it encrypted, and have it available no matter where you are or where your computer is, if you need to get it back.

SEE: Cloud computing policy (Tech Pro Research)

And that's the beauty of the cloud, is it allows us to be mobile with our computers and allows us to feel safe that it's in the hands of businesses like our own, and our competitors who have all invested in building really strong powerful secure infrastructures to protect that data. We started in the cloud. It wasn't even called the cloud when we started. But we realized that we could evolve. And over time, what we have found is we're very, very efficient in our use of data, storage and the way in which we keep data. And whether we do that in our private data centers or as we do in some places, partner with large cloud providers, we're in the business of making sure that we can be highly efficient and give you a really great value for being able to back-up large amounts of data.

One of the evolutions that we've seen is for some of our customers, our business customers, in particular, they may want more than one copy of the data. Some of them want what we call hybrid solutions, where they have data onsite. We provide a simple appliance that they can have onsite, and data in the cloud, so that they can have data readily available local in case they want fast recovery, but that appliance can only hold so much data. And then it's all available in the cloud because the trick with the cloud is it can store an infinite amount of data, but you still have to get the data back and forth. So, if you have to do a big recovery, hundreds of gigabytes, or even terabytes, it can take a while, depending on your bandwidth, to get it down back to your machine.

Patterson: How does the technology, especially with the appliance, how does the technology in Carbonite work? There's a lot of back-up solutions out there from Dropbox or Google Docs, Microsoft. Everybody has a cloud solution. How does Carbonite's technology work?

SEE: Disaster recovery and business continuity plan (Tech Pro Research)

Guadagno: I'd love to tell you that it's magic because everyone wants it to be magic, right? The thing that we do — and that's really critical — and you called out things like Dropbox and Microsoft's solution. Most of those are actually data storage solutions. The difference between storage and back-up is pretty straightforward. In storage, people deliberately put things into storage. In backup, we intentionally back up everything. That's an actually really important distinction. So, if you or I are using Dropbox, for example, great product, but we're probably putting certain things in there, but we may still be keeping things on our desktop. And we probably have our own unique architecture for how we're keeping those files updated in a Dropbox or a Box, right? What back-up does, and what Carbonite has mastered, is we take everything from your PC and we create a copy in our cloud, so that when you want to restore, you get it all back, even that poem you wrote five years ago and you wanted to really forget about, but it's still there. It's all going to be up there, so that you can get it back.

Patterson: Preserving the architecture is an understated, but pretty important distinction between just storing something and really backing it up. What you guys do is an interesting version or an interesting type of version control. How does the database system on the back end work to distinguish different versions of the architecture as you're backing up? And then how do you make that simple in the front end for me to go and say, "Oh, I want that version of the back-up?"

Guadagno: Yeah. That is one of the key things I think is part of the innovation that our founders here, and every engineering team we've had since, has continued to refine the system that we use, some of which is proprietary in that it allows us to very selectively only take the changes once we do what we call a seed, which is where we back up everything the first time. We then can selectively just take the changes. And we track the changes with the data and then the metadata. The metadata is where is it, when is it, when was it created. So we can then version based on all of the metadata over time. And when you look at the data, if you want to just selectively restore something, for example, you'll pretty much see the exact same direct restructure that's on your machine. We don't want people to learn anything new. We want them to have the same structure that they keep on their machine.

Then this again is the difference between back-up and storage. In storage, typically, you create a whole new file structure in storage. Hey, I'm using Dropbox or Box to share files with my team. Well, we're gonna do it by project. But that's probably not how your local machine is organized. We organize the data in the exact same way as your local machine, and then allow you to figure out where to apply a restore, based on how long we're actually keeping the data for you, which varies depending on the solution or the plan that you have from us.

We're seeing more and more attacks. We're seeing more creative attacks. And it's putting everyone at greater risk. The reason Carbonite focuses on this issue, is because ultimately we're in the business of protecting data. The data is what malicious hackers are typically going after in one form or another. We want to make sure that with every layer of defense that a business or an individual may have, that that core data, that most valuable assets are protected no matter what. So when we're backing up, we're securely backing up. We're encrypting appropriately, and we're keeping the data separate.

SEE: Businesses can't blindly trust the Microsoft cloud—or any other cloud for that matter (TechRepublic)

Typically, what happens in a cyberattack is, whether it be a ransomware attack or someone is trying to exfiltrate data, they go after your machine or after your network and they either steal or encrypt and you are basically now at their mercy. But you're not at their mercy if there's a clean, secure copy of your data somewhere else, which is what we do. And that's why this is so important to us. And like you said, we are seeing an ever increasing number of attacks every day. I think the near term future, 18-, 24-, 26-months, we're going to see a few big trends. We're going to continue to see ransomware grow. We know that. We'll see variants on ransomware grow. But what we're also going to see is the continued increasing sophistication of the delivery of threats.

As we saw just yesterday, in the Gmail threat, it quickly caught people off guard, because it went out fast, it went out big, and it seemed reasonable. It was like, yep, click. And people were taken by surprise because it was a simple, yet sophisticated attack. So we're going to see more of that. As we see this proliferation, as you said, of IoT devices and mobile devices and more laptops and every device potentially being a gateway, we're going to see cyber criminals look for new entry points into the network of data. And that, I think, is something really critical. And the other part of what's important to us, all we see is more and more data being created and, in fact, fewer and fewer people realizing how valuable that data is, or even sometimes where that data is, or that it exists. And nobody can keep track of the amount of data, even the amount of data you or I might create every day.

We can't even keep track probably of the number of logins we have to all the cloud services we use. That represents a vulnerability, and that represents opportunity for the cyber hacker. And the smart ones are going to continue to find those opportunities which are our not being able to keep track of the data, the passwords, all the different entry points, and spending our lives, click, click, click, click, click, clicking.

Also see

  • The 6 reasons why we've failed to stop botnets (TechRepublic)
  • How advanced behavioral analytics will fight more cyberthreats than ever in 2018 (TechRepublic)
  • 3 ways to minimize cyberattack threats by reducing attack surfaces (TechRepublic)
  • Why R9B takes a proactive and 'active adversary pursuit' approach to cybersecurity (TechRepublic)
  • Email fraud warning: Now hackers want your data as well as your money (ZDNet)
  • Chafer: Hacking group expands espionage operation with new attacks (ZDNet)
  • Cybersecurity: Understanding the attack kill chain and adversary ecosystem (TechRepublic)
  • 20180517normgdprdan.jpg

    About Dan Patterson

    Dan is a Senior Writer for TechRepublic. He covers cybersecurity and the intersection of technology, politics and government.

    Editor's Picks

    Free Newsletters, In your Inbox