How 9/11 Changed the Trajectory of Data Protection and Security


It’s been 13 years since the world changed.

While there have been no shortage of tragedies since 9/11, including other acts of terrorism home and abroad, war, hurricanes, tsunamis, and massive tornados, no single event has matched the impact of that day thirteen years ago. The transformation of the world after that event has touched all our lives in ways big and small, the technology industry included.

No, people really don’t care more about data protection now than they did then. Nor did the event set disk-based backup or VPLEX in motion. But 9/11 did help redefine the role and expectation of data protection. That day began the journey to converge data protection and security.

In 2001, data protection was evolving to cope with relentless data growth, the need to reduce risk to business-critical applications, and a desire to streamline IT infrastructure. Disk was already replacing tape. Disaster avoidance (i.e., always available infrastructure) was supplanting “push the big red button” disaster recovery. Snapshots and replicas had become an integral part of an overall protection strategy. While new technologies (e.g., virtualization, cloud, and big data) have accelerated the transformation, the core data protection industry has advanced as expected—bigger, faster, and simpler.

The attacks on 9/11 changed the trajectory of both data protection and security.

For years, backup and security’s only intersection was, “I don’t want my tapes falling off a truck.” Backups were another security risk to be managed, nothing else. Meanwhile, governments and businesses began to arm themselves for the battle over information access and security. As they built fortresses around their infrastructure (e.g., networks, servers), they left themselves exposed behind those walls. If an attacker penetrated the defenses or staged an internal attack, the business was almost helpless to react. Even worse, they couldn’t mitigate or even evaluate the damage! One of the great challenges in defending an organization’s information was that they didn’t know what data they had, where it lived, what its value was, and whether something disastrous was happening to it.

In a post-9/11 world, IT found itself with the security equivalent of the Maginot line.

Continue reading the post on our sister site Reflections.

About the Author: Stephen Manley