cutimage - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Endpoint data protection vs. file sync and share

The line between endpoint data protection and file sync and share has blurred as endpoint backup products can access protected data from devices beyond laptops.

The line between endpoint data protection and file sync and share is beginning to blur as endpoint backup products are adding the capability to access protected data from multiple devices beyond just laptops. Meanwhile, file sync and share products are adding the ability to protect key files needed to restore laptops to their original state. The reality today is that neither product meets all the requirements of both categories.

Endpoint data protection requirements

Endpoint data protection must provide point-in-time backups of laptops and desktops. Most endpoint backup solutions fulfill this requirement by doing block-level backups of the user desktop and laptop. A block-level backup is ideal for the endpoint user because it typically requires minimal bandwidth during the data protection event.

The endpoint data protection software will typically perform a snapshot on the destination storage prior to each backup. This allows for multiple point-in-time backups and multiple versions of files to be stored.

Another key requirement for endpoint data protection is to make sure all of the data on a laptop is properly protected. This includes system state files. Without these files, it is very difficult to recover a failed, lost or stolen laptop. In most cases, a reinstall from scratch has to occur, which means manually reloading applications and organizational settings, as well as setting personal user preferences.

In theory, the sync part of a file sync and share product should be able to provide data protection. These meet some of the basic requirements listed above. For example, file sync and share products can copy data as it changes to a cloud destination and they can typically present multiple versions of a file, as well. But most of these products only perform that function on a single, special directory that they create, and few, if any, capture system state data.

Also, an endpoint data protection product should be able to easily execute a bare-metal recovery of a user's complete system after it has been replaced. This often involves making a bare-metal boot disk or thumb drive that provides the fresh laptop with the ability to access the protected version. Most file sync and share products lack this recovery capability. As a result, even if they can be modified to back up more than just one directory, they don't provide the ability to perform a bare-metal restore.

The requirement of file sync and share

File sync and share products provide users with the ability to access the same data from any of their devices, including smartphones and tablets. They also provide the ability to access this data from any location without having to go through a corporate VPN or firewall. Finally, they provide the ability to share that information with other users, both inside and outside the organization. Enterprise or business class versions of file sync and share products provide these capabilities in a secure manner that gives IT oversight and control.

File sync and share products must provide the above features in a seamless manner so syncing and sharing happens transparently to the user. Typically, this is where most endpoint data protection products that have added file sync and share-like capabilities fall short. While some endpoint backup products can now give any device or location access to protected data, most of the time, the "file sync" is actually the backup process. Any device access or sharing is done from those files. While this feature may be handy in a pinch, it is not typically as seamless as it should be, and many users are resistant to the extra steps involved in leveraging backups for file sync and share.

The advantage of convergence

Endpoint data protection and file sync and share are on a collision course. Given the above shortcomings, I recommend IT install both technologies.

The problem with this "install both" approach is that this clearly means two processes are protecting a similar data set and are often sending that protected data to two different locations, which increases cost and complexity. While an IT manager could exclude the file sync and share data from the endpoint backup, the amount of space this would save is typically minimal on a per user basis and it would make bare-metal restores a two-step process. The laptop would have to first be recovered and then synced with the file sync and share product.


Data protection and file sync and share today should be treated as two separate processes. While there is an obvious overlap in these technologies, that redundancy is still necessary. Eventually, these processes could and should merge into a single process, but it may be years in the making.

About the author:
George Crump is president of Storage Switzerland, an IT analyst firm focused on storage and virtualization.

Next Steps

Schulz: File sync and share as a data protection tool

McClure: File sync and share is not backup

The two faces of file sync and share

Dig Deeper on Remote data protection

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.