Jia-Yu Liu, an expert in backup and data protection solutions, leads Innovation at Synology and highlights significant advancements in integrating NAS and cloud platforms, the future of data storage, the intersection of backup and data protection with emerging technologies, and more in this Interview…
————-
Hi Jia-Yu, you’ve led innovation in backup and data protection at Synology. What do you think are the top challenges in data management today?
IT resources remain the biggest challenge in data management and protection.
We have observed that the larger the enterprise, the more difficult it is to implement a comprehensive data protection strategy. The primary reason lies in the previously fragmented investments in backup infrastructure, where different solutions were procured for various workloads. These legacy solutions struggle to effectively manage the rapidly growing number of workloads and the increasing data size. At the same time, they require significant human resources for training, with steep learning curves, making self-learning difficult. When personnel are reassigned, considerable time is needed to relearn the system.
All ITs recognize that modernized data protection solutions have become a fundamental requirement for businesses; however, investments in IT resources and budgets often fall short compared to investments in core business operations. This creates a dilemma for IT teams.
As data protection demands continue to rise, enterprises face an expanding scope of data that needs to be safeguarded, leading to increased complexity in management and impacting overall performance and security. Additionally, organizations are facing growing compliance requirements, such as the need to establish offsite backups, implement air-gap strategies, and enforce more granular permission delegation to meet audit demands. These factors force enterprises to invest heavily in management resources to ensure comprehensive data protection, further adding to operational burdens. Even when businesses are willing to enhance their protection measures, they are often constrained by limited budgets, forcing them to prioritize the protection of only critical data, while other data remains exposed to significant risks, creating potential security concerns.
Our goal is clear: to help customers reduce costs associated with backup infrastructure investments—both in terms of human resources and financial expenses. We aim to enable IT teams to focus their efforts on domain-specific disaster recovery planning and validation, while minimizing the costs associated with developing, integrating, and managing infrastructure, including operating systems, backup software, storage solutions, and offsite archiving equipment.
Enterprises must seek more efficient and integrated solutions within limited resources to achieve comprehensive data protection objectives. This is why Synology introduces ActiveProtect Appliance, positioned as a Simplified Cyber Resilience Data Protection Solution. From procurement, deployment, backup, daily maintenance, to recovery, it simplifies the entire data protection lifecycle, offering enterprises comprehensive and streamlined protection.
Also Read: Proactive Detection of Security Threats through Integrated Performance Monitoring
Synology has made significant advancements in integrating NAS and cloud platforms for backup solutions. How does this seamless integration benefit businesses?
The benefits of integrating cloud platforms for enterprises can be categorized into [Cloud Workload Protection] and [Cloud Storage Integration]:
Cloud Workload Protection: ActiveProtect provides automated mechanisms to safeguard cloud workloads, including auto-protection and auto-archiving. When new services or user accounts are added, they are automatically detected and protected based on predefined rules. Similarly, when an employee leaves and their account is removed, a pre-configured retention policy is automatically applied, archiving the data for the specified duration. This automation helps reduce IT maintenance costs. Additionally, ActiveProtect enables enterprises to comprehensively protect Microsoft 365 services, including Teams 1:1 Chat and Group Chat, ensuring compliance with data protection and audit requirements.
Cloud Storage Integration: Some of enterprises or MSPs may lack compliant offsite backup locations and often rely on third-party cloud providers. To address this, Synology integrates multiple cloud storage solutions, enabling businesses to achieve offsite backups within their existing infrastructure while ensuring data security and availability. With features such as encrypted transmission, version locking, and access control management, along with cloud solutions’ built-in immutability mechanisms, enterprises can implement an air-gap strategy to meet regulatory requirements such as GDPR and HIPAA, ensuring compliance and security for both cloud and on-premises data.
Furthermore, Synology ActiveProtect provides comprehensive visibility and disaster recovery capabilities. Enterprises can monitor backup data stored in the cloud storage through and quickly restore offsite backups via a single interface in the event of a ransomware attack or data loss, ensuring business continuity.
We’d love to hear about the future of data storage and protection evolving over the next few years.
In the coming years, the development trends in data storage and protection will center around simplicity and resilience:
Centralized Management and Protection: As IT infrastructures become increasingly diverse, enterprise data protection should shift towards a single-vendor solution that provides a comprehensive IT backup infrastructure and enables cross-platform data protection, simplifying complex IT environments. This approach helps avoid system silos, eliminates the need for separate maintenance of operating systems and hardware, and ensures that security updates do not require independent handling. A unified solution allows enterprises to manage all backup environments from a single platform, reducing administrative complexity. Additionally, with multiple devices and systems in place, businesses should be available to monitor backup infrastructure SLAs through a single interface, ensuring regulatory compliance and effectively mitigating errors, disasters, and ransomware threats.
Automation: With the exponential growth of data, manual management and maintenance are becoming increasingly challenging, making automation a critical component of future solutions. The solution should automatically manage backups based on user requirements and workloads, preventing data silos caused by increasing data or workloads. In the event of a disaster, automated recovery should follow pre-defined strategies to quickly restore data to designated destinations, ensuring minimal downtime and data integrity.
Data Mobility: With the widespread adoption of hybrid and multi-cloud architectures, enterprises will require solutions that enable seamless data backup and recovery across cloud platforms—for example, backing up cloud-based data to on-premises appliance and restoring it to another cloud environment through a data protection solution. This approach supports the concept of “from edge to core to cloud to multi-cloud” strategy, allowing enterprises to implement more comprehensive and flexible data protection strategies, effectively addressing the diverse needs of modern business operations.
How important is automation in backup solutions today, and what role does Synology see for automation in future data protection strategies?
Synology understands that automation plays a crucial role in data protection. In 2024, we conducted a survey of over 2,000 IT professionals worldwide, and 50% of enterprise IT teams cited a shortage of manpower as the primary challenge preventing them from implementing a comprehensive backup strategy.
Traditional data protection architectures are often too complex, requiring IT intervention at every stage—from setup and management to recovery. However, we found that not all IT teams possess the full expertise in data protection, creating significant obstacles in adopting and operating a backup solution.
To address these challenges, Synology ActiveProtect offers automated protection and archiving at the workload protection. By predefining backup frequency, retention, and archiving policies and applying them to corresponding workloads, the system can automatically detect and protect newly added workloads, performing integrity checks through built-in hypervisor once backups are completed. Additionally, when a workload is no longer needed (e.g., a former employee’s SaaS account), the system will automatically archive it based on pre-configured policies.
The ultimate goal of data protection is recovery. In the near future, Synology ActiveProtect will further automate recovery-related operations. We’ll offer a Recovery Plan feature that allows businesses to predefine recovery destinations and configurations. With this feature, organizations can use Recovery Plans to automate regular recovery drills and generate reports to meet audit requirements. In the event of an unexpected incident, the recovery process can be automated with a one-click, ensuring a swift and seamless restoration.
Overall, automation will be the core of future data protection strategies, enabling enterprises to achieve more efficient and reliable data protection and recovery with limited IT resources.
Also Read: CIO Influence Interview with Carl Perry, Head of Core Services, Snowflake
From your perspective, how can businesses ensure data security while maintaining accessibility across multiple platforms and environments?
ActiveProtect provides a comprehensive security framework to ensure backup durability and availability:
For backup data, ActiveProtect integrate immutability, preventing any modifications within the specified retention period. Additionally, offsite backups are integrated with encryption, allowing data to be encrypted locally before being backed up to a remote destination, ensuring secure transmission.
Furthermore, ActiveProtect supports self-healing capabilities, leveraging Btrfs checksum to continuously detect and identify silent data corruption. Any detected issues are automatically repaired using RAID technology, ensuring zero data errors. To further guarantee backup recoverability, enterprises can create a sandbox environment within ActiveProtect to conduct regular disaster recovery drills without impacting primary operations. They can also opt for backup verification, which automatically generates video proof to validate backup availability.
On the architectural level, our security mechanisms is based on the principle of least-privilege authentication and network protection architecture. This mechanism only allows
authorized personnel to access data, restricts access to specific devices, and limits access to the backup infrastructure during designated times to ensure data security.
- For authorized personnel: Active Directory, LDAP, and SAML 2.0 integration enables enterprises to use existing SSO with MFA and granular permissions to enhance access control.
- For devices: Firewall settings can be configured to only allow access from devices within specified IP ranges and subnets. The built-in management port is an isolated interface dedicated for management purposes. It is separate from data flow to reduce security risks.
- Enhanced isolation: Secure your remote backup infrastructure via air-gapped solutions to achieve network or physical isolation. Limit network access to specified times or turn your devices on or off.
What innovations at Synology excite you the most in terms of simplifying data management for users?
I believe it is “Visibility”. ActiveProtect enhances IT response times by providing visualized management information, addressing the growing demand from diverse data sources and multi-site protection deployments. As businesses expand, IT teams require a more user-friendly interface to monitor server and task operations effortlessly.
ActiveProtect supports a cluster management architecture, introducing the concept of “Shared Resources”, making the entire infrastructure easier to manage and maintain. However, while these configurations are typically set up once, the real challenge for IT lies in daily operations.
Through visibility of ActiveProtect, it allows IT teams to gain a comprehensive overview of the cluster environment via a single interface. This includes the status of backed-up, replicated, and archived data, as well as the capacity and health status of each backup server. Regardless of where the backup data is stored, IT teams can easily monitor and react promptly to potential failures or cyber incidents.
When it comes to executing restoration, our “Visibility” go beyond centralized management, offering a clear overview of backup data even across remote sites and cloud environments. In the event of an unexpected incident, users can swiftly initiate recovery operations directly through a single interface.
With our “Visibility”, enterprises can achieve more efficient, reliable, and proactive data management, ensuring operational continuity and resilience.
Also Read: CIO Influence Interview with Rahul Powar, CEO and Co-Founder of Red Sift
Finally, how do you see the intersection of backup and data protection with emerging technologies like edge computing or IoT shaping the future of your solutions?
These emerging technologies are pushing data protection solutions towards becoming more distributed, real-time, and intelligent. As a result, data protection is no longer confined to traditional data centers but is now expanding to edge devices, ensuring a comprehensive protection strategy from edge to core to cloud.
In edge computing environments, data is often distributed across multiple locations and generated at the device level, posing greater demands on real-time backup, low-bandwidth data protection, and centralized management. To address these challenges, ActiveProtect introduces a global source-side deduplication technology, which compares data at the source and transmits only deduplicated data. This not only reduces bandwidth usage but also accelerates backup processes. Additionally, to meet enterprises’ remote backup needs—where edge devices and core data centers often face bandwidth limitations—the same source side deduplication technology is applied during backup replication to minimize traffic during data copy.
For centralized management, enterprises deploying edge computing typically adopt a distributed deployment approach, such as across multiple factories or data centers. To cater to these scenarios, our hardware portfolio includes a diverse range of models, ensuring backup servers can be deployed regardless of whether distributed sites have an on-site data center. Furthermore, ActiveProtect provides cluster management through a single interface, capable of overseeing up to 2,500 backup servers and 150,000 backup workloads, enabling enterprises to manage their distributed deployments with ease efficiently.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
Jia-Yu Liu is a dedicated expert in backup and data protection solutions, with extensive experience leading innovation at Synology. His work has been instrumental in shaping Synology’s advanced backup technologies, including seamless integration across NAS and cloud platforms. With a passion for addressing complex data management challenges, Jia-Yu has played a pivotal role in developing solutions that ensure reliability, efficiency, and security for users worldwide. His leadership continues to drive Synology’s mission to set new standards in the backup and data protection industry.
Synology Inc. is a Taiwanese corporation that specializes in network-attached storage (NAS) appliances. Synology’s line of NAS is known as the DiskStation for desktop models, FlashStation for all-flash models, and RackStation for rack-mount models. Synology’s products are distributed worldwide and localized in several languages.
