The past few years have been volatile ones for the energy industry. Facing disruption on many fronts, companies see an urgent need to become more agile, resilient and competitive, and they realize that requires a stronger commitment to digital transformation and cloud technology.
The energy industry has lagged behind most other sectors on the digital journey for a number of reasons. The nature of the business has created an environment in which data is often siloed in disconnected systems, sometimes at remote oil rigs and construction sites as well as headquarters and branch locations. Additionally, companies rely on specialized solutions and an increasing number of IoT devices designed for their unique needs. Applications tend to be fragmented, and regulations and red tape ensnarl operations.
Legacy Infrastructure Compounds the Problem
Complicating matters, the industry continues to depend heavily on legacy IT infrastructure that can’t help it overcome these problems. Digitization is the answer, yet the industry is investing a scant one or two percent of total resources to IT enhancements and digitization, according to research by Accenture. That’s significantly less than in other industries.
In most energy companies, the amount of data is increasing at an unprecedented rate, and an estimated 80 percent of the data in their systems is unstructured. Such data is extremely vulnerable to cyberattacks, a serious concern at a time when malware and ransomware are proliferating. A successful attack can paralyze an entire operation, as recent headlines document all too grimly.
Ransomware attacks occur with startling frequency. Cybersecurity Ventures estimates there’s a new attack every 11 seconds. The threats are becoming more aggressive, sophisticated and financially draining. Traditional recovery from backup can be slow and accompanied by data loss and downtime. Research from Veeam has found one-third of organizations that pay a ransom still don’t get their data back. Also, a company that acquiesces can end up with a reputation as an easy mark, a target of repeat attacks from the hacker(s) who already know how to get it, as well as new ones by other bad actors.
The energy industry isn’t alone in its exposure. A recent survey revealed that 82 percent of CIOs believe their organizations are vulnerable to attacks targeting software chains. Hackers are stepping up their assaults on software development environments, particularly those using open-source components. That’s especially worrisome given developers’ growing focus on innovation and speed rather than security, a trend cited by 87 percent of the CIOs surveyed. Many developers are being pressured to release new services and products more quickly to speed the process of digitization or to remain competitive with rivals. When security takes a back seat, businesses become more vulnerable.
Given all these factors, there’s a clear and growing need for better business continuity and disaster recovery strategies. Here’s what the energy industry must consider in order to protect data at a time of rising risk.
Yesterday’s Solutions Fall Short Today
Energy companies now handle so much data that it’s no longer feasible to manage files on legacy storage, archive and backup systems, and even more challenging to do so in a secure and scalable way. The scope of operations is expanding: We serve energy customers with tens of petabytes under management. When you consider that they have an average of 11 locations, with some much higher than that, it’s hardly a surprise that there’s so much data involved.
Protecting business data is of the utmost importance. If it’s lost, damaged or in any way corrupted, the organization will suffer, along with its employees, partners and customers. Backups to disks and tapes are no longer a viable recovery solution, as they’re costly, time-consuming and inefficient. If an organization’s files are corrupted or encrypted by hackers, it can be difficult to pinpoint when and where the damage occurred. Rolling back volumes of data takes time and often sacrifices unaffected data needlessly. Even if IT detects and responds to an attack quickly, it can take weeks or even months for an operation to fully recover from backups.
The challenges are greatly reduced with cloud storage. In the cloud, data can be stored in an immutable fashion, so it cannot be encrypted or altered in any way. Thus, it serves as a golden master, which is invaluable in the event of an attack. If hackers do strike, file storage systems offering in-line edge detection, immediate alerts, and detailed logging of activity and IP addresses, enable IT administrators to identify and analyze the sources of attacks much more quickly.
Continuous file versioning gives the IT and networking teams access to an unlimited number of snapshots for recovery points. These snapshots can be taken as often as every few minutes, allowing controlled, local-level file-level recovery in the event of an attack. IT teams can quickly conduct an audit to assess damage and implement recovery of only the specific data that’s been affected, rather than whole volumes. Recovery can take minutes as opposed to months.
While global file systems guarantee complete data integrity, they do so without compromising access. Data can easily be accessed from anywhere in the world, which is crucial given the desirability of the shortest possible path to file storage from all locations.
The benefits are impressive. Cloud storage can reduce costs by up to 60 percent compared to legacy systems. Cloud storage also allows a faster, more robust recovery in the event of an attack or disaster. Users enjoy fast file access, stronger data protection and collaboration, and reduced risk. Even operations with multiple locations and a distributed workforce can quickly resume productive work. All of that contributes to stronger protection and enhanced business continuity.
Obviously, the first step is preventing attacks by implementing strong passwords, dual-factor authentication, and rigorous training to educate users in how to avoid phishing attempts and other common ploys. But no defenses are impenetrable, so organizations must be prepared to respond to and recover from attacks if or when the need arises.
A cloud-first data storage strategy is clearly the smart strategy for energy companies, and the only viable way to support business growth initiatives.
Russ Kennedy drives product innovation at Nasuni, leading the company’s product management, planning and roadmap efforts. He has a maniacal focus on ensuring Nasuni customers derive maximum benefit from its technology.
Kennedy is a well-known and highly regarded storage industry executive, with more than 25 years of experience developing software and hardware solutions to address exponential data growth. Before Nasuni, he directed product strategy at private cloud object storage pioneer Cleversafe through its $1.3 billion acquisition by IBM. While Kennedy was helping transition the product to what is now IBM Cloud Object Storage (COS), he began working with IBM partner Nasuni, and became convinced Nasuni’s cloud-native global file system is the only data management technology that truly exploits the strengths of object storage.
Oil and gas operations are commonly found in remote locations far from company headquarters. Now, it's possible to monitor pump operations, collate and analyze seismic data, and track employees around the world from almost anywhere. Whether employees are in the office or in the field, the internet and related applications enable a greater multidirectional flow of information – and control – than ever before.