According to StorPool specialists, around 90% of the security measures used by companies today should relate to the education of employees on using their work-related devices.
The world is getting more and more aware of non-physical threats that are targeting both small and large companies. With cases of organizations experiencing data breaches and ransomware attacks hitting the news almost daily, more businesses start to look into modern primary storage solutions as a way to protect their cloud infrastructure.
However, cloud migration and management isn’t a task that everyone was taught to solve. To learn more about these processes, we had a talk with Alex Ivanov, the Product Lead at StorPool, a high-performance linearly scalable primary storage platform.
Tell us about your journey. How did the idea of StorPool originate?
Originally, the founders of StorPool Storage worked together on developing and bringing to market high-performance network technology similar to what is now referred to as SDN (Software-Defined Networking) as far back as 2006.
However, when they went to market, it turned out that customers’ biggest challenge was storage, not networking. Companies needed faster, cheaper, more scalable storage solutions, at a much better price point. Customers were scrambling to get away from the expensive appliance-based storage architecture (SANs) that required dedicated Fibre Channel storage networks and expensive staff on hand to manage those deployments. So StorPool Storage was founded at the very end of 2011 with the vision to re-invent data storage and alleviate the problems that existed back then and still exist today for many companies.
StorPool built a new solution from the ground up - one which was faster, better, and cheaper than traditional storage solutions like primary storage arrays. It is a sophisticated data storage software platform, which runs on commodity servers and behaves like a million-dollar storage box, without the need for specialized storage hardware.
Can you introduce us to what you do? What is block storage?
To simplify things, there are 3 types of storage. Starting with the newest:
Object storage is used in major web apps to store images that are written once and not changed - like a photo of your cat or kid on social media.
Then there is file storage, which stores and manages files (as the name says), and a person is usually working on this level. Files in a file storage system, unlike objects, can be edited and provide more “data management features” for this level of addressing data.
Block storage is the lowest level of storage - it is how infrastructure applications such as operating systems, file systems, and hypervisors store data on the physical devices they use - SATA/SAS/NVMe SSDs and HDDs.
StorPool develops storage software for block-level workloads - virtualized or containerized environments, or large bare-metal applications running directly on physical hardware in a data center. Our typical users are cloud & hosting companies, SaaS vendors, MSP (Managed Service Providers), and Large Enterprises.
In more practical terms, the StorPool software is installed on many standard servers and makes them behave like a primary storage system from the usual traditional two- or three-letter storage vendors. StorPool-powered storage systems are more potent, easily scalable, and are an upgrade to legacy architectures. They are used for storing and managing the data of primary workloads that demand extreme reliability and fast data access times - databases, web servers, virtual desktops, real-time analytics solutions, and other mission-critical software.
Since many companies are turning to cloud solutions, what are the benefits of cloud storage? Are there any disadvantages compared to storing information locally?
We power the cloud storage offerings of many Cloud Service Providers. The most crucial benefit of cloud storage is that it delivers the infrastructure a business needs when it needs it.
That aside, for small data volumes cloud storage has cost advantages. If you can’t use up 80-90% of the capacity of an on-premises cloud, you’d still be paying for its unused capacity. Also, if you’re in a high-growth phase, cloud storage is the way to go for the aforementioned benefit of infrastructure being available exactly when you need it since that makes scaling much easier. In both of these scenarios, cloud storage can deliver a lower overall total cost of ownership compared to running your on-premises cloud.
However, if you’re in a scenario where your data volumes are stable or large enough, you run into the outcomes highlighted in this Andreessen Horowitz article on the cost of cloud – cloud storage puts pressure on your margins and its costs start to outweigh the benefits. As highlighted in the article, at scale, repatriating data from hyperscale public clouds can save from 50% to 60% of the cost for running equivalent workloads, even when you include everything needed to run your on-premises cloud (racks, real estate/colocation, cooling, network, and engineering costs). This translates directly into improved gross margins and therefore improved profits and valuation of the business.
How did the recent global events affect your field of work?
As with many IT companies supporting the various cloud infrastructure models (private cloud, public cloud, hybrid cloud), during the last two years, we sustained our growth despite the global pandemic – increasing our revenue by 80% in 2020 and an additional 30% in 2021. We grew our customer base mainly with large Cloud and Managed Services Providers. We invested in evolving our infrastructure and delivering a customer-centric storage offering ideal for companies that aim to optimize and grow their cloud services, eliminate data storage issues, or secure accelerated and reliable access to data.
That said, we are seeing a negative impact from the global chip shortage – it has delayed several key projects because our partners are waiting for the delivery of the hardware they need. We expect that the slow delivery times for servers, network switches, storage drives, and other equipment will continue well into the future – at least until the end of 2023. That’s why we always recommend to our partners to not postpone hardware purchase decisions.
The final trend that has had a positive impact on our business is that many mid-sized companies are turning to service providers for their cloud infrastructure needs. More and more, companies prefer to focus on their primary business while someone else takes care of their IT stack.
As more companies move their workload to the cloud, are there any details that might be overlooked when making the switch?
One major challenge is getting the performance needed to run mission-critical workloads with heavily loaded databases. Databases are at the core of every app out there, so this affects all workloads. As shown in StorPool’s 2022 public cloud performance measurement report, some of the hyperscale public cloud providers have computing and storage offerings that deliver sub-par results when running databases.
The other important point is that end-users need to look at the total cost of running a workload in a given environment (computing and storage), as some providers offer lower costs for one piece while charging more for the other. Finally, something no one talks about is the complexity of cloud pricing – it can lead to costs that spiral out of control, several times above the budgeted amounts. This might happen for a number of reasons, but here are two common ones.
The first is mismanagement of the resources a company has, which is almost always a procedural weak point. Think a couple of years down the road – there are so many powered-up resources, just because it’s so simple, that there are running environments, paid every month, long after the people who powered them on have left the organization, and well after the need for them has passed.
The second reason is the explosion of usage, due to the trickiness of designing and scaling systems in the public cloud. Say you design a system, which you expect will deliver the necessary performance for your workload by using a specific cloud instance and service type, only to realize that, as you scale, you need another instance and several other ancillary services, which cost 3 times more, but your app would not run unless you get these.
Why do you think certain companies are reluctant to update their cybersecurity or try out new, innovative measures?
The daily grind gets to all of us – there are so many projects and tasks that need to be done to keep the business running and grow our companies that cybersecurity is often not in the top 3 priorities for a given year. And as we all know, if it’s not in the top 3, it doesn’t get done.
In addition, many companies don’t assign accountability for their cybersecurity measures to any specific person, and when that happens no one is on the lookout for the innovative measures that can protect the company.
Besides quality data storage solutions, what other security measures do you think should be adopted by every modern company?
About 90% of the security measures of modern companies should relate to the education of employees on best using their work-related devices – whether those provided by the company or employee-owned devices used for work. Employees need to be mindful about not opening unsolicited emails from unfamiliar email accounts, avoid using public machines to log into company accounts, ensure that the storage disks of their work devices (computers, smartphones) are encrypted, and should never give their devices to other people – even close family members.
In addition to those behavioral measures, companies should ensure all communication with their internal network is firewalled, and allow listing only the services relevant to the company’s activities. All internal company services should be accessible only via a VPN connection, and every employee should have an SSH key for connecting to the company’s environment. Finally, work-related devices should be protected with unique passwords that are changed regularly.
As for individual users, what personal cybersecurity tools do you think everyone should look into?
The most important personal cybersecurity tool anyone should use is password management software. Instead of reusing the same easy-to-remember password across multiple websites, it is far better to have one highly secure master password, than use a tool to generate unique passwords for every service you use.
The other easy-to-use tool anyone should use is a two-factor authentication application for all their critical applications – especially for bank accounts and online financial services like PayPal.
Finally, you should always make regular backups of your data – whether it’s on your personal computer or other devices. This helps ensure that whatever happens, you’ll be able to restore your systems to a stable state and continue to use them – even in the event they’re lost or broken.
Tell us, what’s next for StorPool?
We are building a company that aims to eventually store all of the world’s data in a better way. We make outstanding storage readily available to companies building a cloud at scale. Since the company was founded in 2011, it has become one of the few profitable storage companies in the world with customers in over 30 countries including names like Atos, Dustin Group, CarGurus, Inoreader, NameCheap, Nasdaq Dubai, and many more.
In the future, StorPool aims to accelerate the world by storing and processing data more productively. Through our customers, we will continue to enable all people to move faster, be safer, and have better lives by radically accelerating any human activity through faster storage – faster and better healthcare, safer transportation, accelerating the transition to a carbon-neutral future, and so on.