Jason Buffington .com

The more time I spend with investors, consultants, and business stakeholders, the conversation keeps circling back to the same questions: “Who are the likely #DataProtection leaders for the enterprise over the next few years, and why is the market shifting the way it is?“

video transcript

The more time I spend with investors, consultants, and business stakeholders, the conversation keeps circling back to the same questions: “Who are the likely data protection leaders for the enterprise over the next few years, and why is the market shifting the way it is?“

I usually walk through whatever vendors they want to discuss within a six-column framework. The first four columns are workloads:

Column 1: the legacy datacenter — Unix and midrange. That may not sound glamorous, but the larger the enterprise, the more likely they still have those workloads; and they matter to the business.

Column 2: the modern datacenter — Windows, Linux, and your favorite hypervisors. This is the most congested space and yet, still, by far the largest market share driver today.

Column 3: mainstream cloud — Azure & Amazon hosting, cloud-hosted databases, and Microsoft 365. Also fairly congested and well understood. Most customers live within a healthy mix of columns 2 and 3, and that mix varies by org size, vertical, and geography.

Column 4: the rest of your SaaS’es, plus cloud native.

Here’s how I frame the assessment.

• Column 1: either you cover those workloads or you don’t.
• Columns 2 and 3 are where the real noise lives.
• For column 4, I cheat a little by pointing folks to IDC’s SaaS Marketscape, which required protecting five or more SaaS platforms just to make the board. My punchline: there are a handful of modern data protection solutions that are solid in columns 2 and 3 and also make column 4 — which shows that they’re positioned to stay relevant as workloads continue to shift.

You do NOT have to check all four boxes to be a great solution for the parts of the market that you are addressing. BUT I do suggest that if your data protection solution is strong in 2, maybe parts of 3, but doesn’t protect enough SaaS platforms to hit IDC’s minimum threshold, you should probably be supplementing your datacenter backup with something that’s more broadly SaaS-capable.

Column 5: cyber resilience. Everybody has some kind of malware detection. The harder conversation is about integration — with whom and how well do you connect across cybersecurity stacks? And what are your realistic clean-room capabilities; not the marketecture, but what’s actually achievable in the real world?

Column 6: AI. Everybody has a chatbot. But where is AI making your data protection measurably better — through contextual awareness, self-healing, etc. Separately: what are you doing to protect the production AI platforms that your organization is relying on? I’ll have more to say on that after DPM wraps its AI-Enhanced Resilience field research; including some myth-busting and a clearer view of what actually matters to IT leaders.

You could almost map this as a two-dimensional chart — workload breadth and depth across columns 1 through 4 — and then add a Z-axis for either cyber resilience or AI maturity. DPM probably won’t produce yet another vendor comparison graphic; there are more than enough of those already, and frankly the hype makes the juice not worth the squeeze.

Leave your thoughts below.