Founder and Chief Executive Officer for Zerto, responsible for leading the company’s corporate direction and vision.
getty
Anyone interested in major enterprise IT trends should pay close attention to the continuing success story that is the containers market. Focused on agility, containers enable application developers to package small, focused code into independent, portable modules with everything needed to run the code—and critically, only what's needed across the enterprise.
More specifically, containers enable continuous development and delivery by placing the focus on applications, not infrastructure (i.e., they are application-centric). In doing so, they help organizations move quickly by unifying development and operations (DevOps) and, as a result, make it possible to align the speed of IT delivery with the speed of business. This vastly reduces the inertia and friction associated with traditional development strategies. That's a very attractive proposition for businesses and IT leaders alike.
While the underlying technology has been around for decades, container adoption has taken off in recent years due to the emergence of solutions like Docker. Today, the use of containers has grown dramatically and is quickly becoming the preferred way to run enterprise workloads, with leading platforms such as Kubernetes rapidly becoming the de facto standard for applications in large organizations.
The Elephant In The Server Room
However, with this shift in emphasis comes a need to ensure applications and data are fully protected from the ubiquitous risk of downtime, security breaches or issues like a ransomware attack. The problem is that "traditional" approaches to data protection based on taking snapshots don't meet the needs of organizations geared up for continuous development and delivery because, by their nature, snapshots are not continuous. What's more, anyone focused on containers cannot build a complementary data protection strategy by taking a copy of their storage array and then give no consideration to the applications themselves.
Consequently, most IT leaders are operating with the mistaken belief that container-based applications can be backed up the same way as individual applications. Indeed, recent research from a survey we co-sponsored with ESG showed that 75% of organizations running container-based environments were taking this approach.
This presents some serious challenges. For example, applying a "traditional" data protection strategy to containers increases important Recovery Time Objective (RTO) and Recovery Point Objective (RPO) tolerances. The same research showed that the average RTO tolerance rate for this group was 2.87 hours and the RPO tolerance rate is an average of 22 minutes. However, in an era when any downtime or data loss can quickly become hugely expensive, businesses should be aiming for much better. In fact, RTO should be measured in minutes and RPO in seconds.
The result is not only a lack of resilience but also a disconnect between the teams responsible for infrastructure and data protection. This can lead to potentially serious consequences if there is a data breach or technology failure resulting in downtime and data loss. However, by aligning the inherent agility offered by containers to deliver continuous data protection, organizations can maximize their investment in these strategic technologies and ensure they work in concert to ensure resilient agility.
Setting Containers Free
Instead, CIOs should leverage a next-gen data protection strategy that delivers on the benefits of containers via continuous data protection. Most importantly, an application-centric architecture requires a consistent solution rather than relying on snapshots and, effectively, crossing your fingers.
Next, DevOps and infrastructure teams can be brought closer by using data protection as code, built into the data protection lifecycle from day one. This requires a single solution that continuously protects across both applications and data that not only makes it easier to maintain an efficient and compliant operation that runs within budget but simplifies the creation of consistent data protection policies to make sure an entire application is protected to meet business requirements.
The ultimate objective should be that applications are born protected and remain that way. This not only equates to less work for developers but promotes consistent protection across containerized applications, which will adhere to business requirements.
As more enterprises bring containerized, cloud-native applications into production, they are faced with the challenge of meeting data protection service levels for their production applications and data. Increasingly, the objective for CIOs is to reduce the complexity and cost of multiple point solutions by adopting a simple converged platform for data protection, disaster recovery and mobility of containers across private, public and hybrid cloud.
This requires a change of mindset, shifting away from virtualization—where the infrastructure often played a leading role in IT. Instead, a new focus on containers means CIOs need to think about IT from an infrastructure-focused perspective to an application-focused perspective.
This has clear advantages, not the least of which is that instead of being bogged down in day-to-day operations and the toil to keep things running, IT can now take a more strategic role, spending time on what the business wants and needs and aligning the life cycle of applications to these requirements. This helps optimize the potential of applications and their data instead of suboptimization on the infrastructure level.
Getting there requires that IT leaders let go of the complexity of running their own infrastructure. Whether this is achieved by using public cloud, a PaaS platform or even outsourcing, freeing up the IT team's time is crucial.
In their role as a major enabling technology, container-based environments help drive agility, but only as long as data protection works as a complementary solution to deliver always-on replication and continuous protection. For many leaders, this is now a minimum requirement to succeed in an era of digital transformation, and if it's not something they are paying attention to now, they will be soon.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
