Posts Tagged ‘Mozy’

Backing Up Your Data Should Be Obvious

Brian Heckert

Principal Content Editor, Dell EMC
My first long-term exposure to technology was the typewriter. I still love that invention, which really sparked my interest in writing. For the past 20 years, I have worked in high tech as a content development specialist, marketing writer, and documentation editor. Prior to working in the software industry, I was a journalist, photographer, photo editor, and military fire fighter. After hours, I enjoy spending time with family, reading, and hiking in the mountains.

Keeping a safe distance from large mammals with large canines should be obvious, especially when they can weigh more than a couple of tons. But what’s obvious to one person may not be so obvious to another.

On a recent excursion to the Central California coast I had the opportunity to observe elephant seals, mammals so massive they can grow to more than 16 feet and weigh more than 5,000 pounds. Elephant seals are fascinating animals, but there are some critical facts to keep in mind when you’re watching them in close proximity. According to the clearly visible signs posted nearby where the seals congregate, here’s what observers need to know:

beware-sealsElephant seals…

  • are large
  • have teeth and bite
  • are faster than you think
  • are wild

Seems obvious, right? And in case that information isn’t convincing enough, here’s the last bit of advice on the sign to anyone who might think elephant seals are cuddly critters: For your safety and theirs, KEEP YOUR DISTANCE. It’s the law.

When I returned to work the following week, I was thinking about my adventure at the elephant seal rookery and what I learned. It really was a treat to observe them and see them thriving, especially when you consider that at the end of the 19th century they were nearly extinct. That got me thinking about data protection. You may be asking, “What? Elephant seals and data protection?!” But when you consider the information on the signs that warns rookery visitors, and the importance of protecting your data, it’s not such a stretch, especially when you realize that many businesses don’t do the obvious by adequately protecting one of their most important assets—their data.

Why do you need data protection? The EMC Global Data Protection Index (GDPI) discovered some critical facts. The GDPI found that of the organizations surveyed, 52% of them suffered unplanned system downtime in the last 12 months, and 29% suffered data loss. Whether it’s a cyberthreat (36% of organizations reported internal or external security breaches, according to index) or hardware failure (hardware failure is still the number one cause of data loss and/or system downtime, according to Index), a massive data breach can happen faster than you think. In fact, once they gain access to a system, it takes just six minutes for cybercriminals to compromise an organization, and they can do that successfully 60% of the time. Those numbers have a lot of bite (think very large canines)!

When you consider that many industry and government entities require that businesses conform to standards for safeguarding and retaining data, it’s not much of a stretch to say that protecting your data is the law. And backing it up is an important aspect of your data protection strategy. Don’t ignore the obvious! Data is always at risk of being lost, stolen, damaged, or corrupted. The signs are all around. Your data is critical to your success and everyday operations, and business continuity depends on the availability of your data. Don’t let your data—or your business—become extinct! One way to ensure it doesn’t is by implementing the right solution. Check out how Dell EMC Mozy’s enterprise-grade cloud backup solutions can give you that peace of mind.

beware-hackers

So if I were to revise the elephant seal signs to instead caution business owners who are not yet confident in their data protection readiness, here’s how I would do it:

Your data…

  • is important
  • is valuable
  • must be accessible
  • must be safeguarded

And just to underscore that: For the safety of your business, BACK UP YOUR DATA. It’s essential!

Cloud Adoption: Strategy vs. Reality

Vladimir Mandic

Chief Technology Officer & Distinguished Engineer Data Protection Cloud, Core Technologies Division, Dell EMC
Vladimir has been driving technical innovation and change within EMC for the past 10 years, first in the area of data protection software and, currently, in cloud technologies. Prior to that, he’s had rich industry experience as a solution integrator and in the service provider space. When not working on technology innovation, he may be difficult to locate due to his passion for world travel.

Latest posts by Vladimir Mandic (see all)

Myths About Migrating to the Cloud

Myth 1: Cloud Bursting
One of the original highly publicized use-cases for public cloud was bursting. The story made sense: as your demand for computecloud adoption-vlad increased, you would use the public cloud to increase the capacity of your private infrastructure. Like so many good stories, bursting didn’t really happen. In fact, bursting is one of the least common public cloud use cases.
Why did bursting not become more widespread? Enterprises are either keeping applications on-premises in newly designed IaaS private clouds or they are moving them to the public cloud. It’s an OR function, not an AND one. Furthermore, it almost always happens per-application. You evaluate your future application needs and decide where it makes more sense to run the application for those needs. Bursting across environments is just too complex.

Myth 2: Multi-Cloud
Most enterprises have neither a comprehensive hybrid cloud nor an end-to-end multi-cloud strategy that covers entire IT cloud comic-vladenvironments. Frequently there is a general desire for multi-cloud strategy to minimize the dependency on a single cloud provider. But that strategy turns out again to be a per-application choice rather than a centralized plan.
Organizations choose to run some applications in the private cloud and some in different public clouds. Every cloud has very different functionality, interfaces, and cost optimizations. And each time an application developer chooses an environment, it’s because that cloud was the optimal choice for that application. As a result, application mobility becomes a myth; it’s something desired, but very few are willing to settle for the smallest common denominator between different choices just to enable application mobility.
Even if customers wanted to and could move the application, it’s unlikely to happen. Moving large amounts of data between environments is challenging, inefficient, and costly. So, once the choice of a cloud provider is made, the application stays where it is, at least until the next tech refresh cycle when per-application considerations can be re-evaluated.

Cloud Adoption for Legacy Applications
While so much of the focus has been on creating new applications, enterprises are also migrating traditional workloads. So what are the stages of cloud adoption?

  • Step 1: Infrastructure as a Service. Treat the cloud like a typical infrastructure; in other words, think of servers and storage as you currently think of them. Applications are installed on top of the infrastructure. Because everything is relatively generic, the choice of a cloud provider is not too critical.
    But as applications start to move, a new way of thinking evolves; you start looking at the infrastructure as services instead of servers.
  • Step 2: Software as a Service. Some legacy applications are swapped for new ones that run as a service. In this case, you don’t care where your SaaS service runs as long as it’s reliable. The choice of a cloud provider is even less relevant; it’s about choice of the SaaS solution itself.
  • Step 3: Rewrite the Application. Some applications are redesigned to be cloud-native. In some cases, the cloud is an excuse to rewrite decades of old COBOL code that nobody understands. In other cases, features of the cloud enable an application to scale more, run faster, and deliver better services. Not all applications should be rewritten.

The Core Issue: Data. When thinking about moving the applications, what’s left is the actual data, and that is where company value truly resides. Some data moves with applications where it resides, but not all data is application structured. And that is the last challenge of cloud adoption—looking how data services can enable global, timely, and secure access to all data, whether it resides inside an application or outside of it.

The Role of IT
Just what is the role of the central IT organization, and is there a single strategy for IT? Not really.
The word “strategy” comes not from having a single plan that covers all applications, but from a comprehensive evaluation that should be done before choices are made and from having a unified set of services that ensure security, availability, and reliability of all those different environments.

Consider how IT organizations are evolving to become service brokers. For example, sometimes:

  • It makes sense to build a private cloud based on new converged (or hyper-converged) infrastructure.
  • It may go with the software-defined data center (SDDC), but that is more the case of when they have to deal with unknown external consumers instead of explicit requirements
  • IT organizations will broker services from public cloud providers such as AWS, Azure, GCE, or VirtuStreamThe alternative is so-called “shadow IT” where each application team attempts to manage their own applications without understanding the global impacts of their choices. In such scenarios, security is typically first to go and data protection follows closely.

I’ve written before how with move to public cloud, the responsibility of infrastructure availability shifts to the cloud provider. But that does not negate the need for a comprehensive data protection strategy.

You still need to protect your data on-premises or in the cloud from external threats such as ransomware or internally caused data corruption events (as the application is frequently the cause of corruption, not just infrastructure failures), or from the common (and sometimes embarrassing) “threat” of “I deleted the wrong data and I need it back.”

Companies weigh the costs and benefits of any investment. There are places where different types of infrastructure deliver the right answer. For IT to remain relevant, it needs to support different types of environments. IT’s future is in delivering better on-premises services, becoming a service broker, and ensuring that data is securely stored and protected.

Conclusion
The cloud is real and it is part of every IT team’s life. IT can be instrumental in the successful adoption of the cloud, as long as they approach it with calmness and reason—and an open mind. The goal isn’t to design the world’s greatest hybrid cloud architecture. It’s about choice and designing for application services instead of looking at servers and storage separately from the applications. There will be well-designed private clouds and public clouds that are better fits for specific applications. But the applications will dictate what works best for them; they will not accept a least-common denominator hybrid cloud.
In the end, hybrid cloud is not a goal in itself; it is a result of a well-executed strategy for applications and data.

Why Do I Need Endpoint Protection?

David Tye

Product Marketing Manager
As a recent graduate from Sacramento State University I am able to take what I have learned in school and apply it to the high tech industry and the problems companies are facing today. I am a California native, die hard Green Bay Packers fan, and an outdoor enthusiast.

Latest posts by David Tye (see all)

When I was a kid my parents would always ask, “David, why do you need an Xbox?” or “Why do you need this new game?” As a kid, it was sometimes hard to come up with a valid reason why I needed a new game or gaming device. Now that I have made my transition from a college student to full-time IT professional, I am faced with new questions. Specifically, “Why do I need endpoint protection?” The answer to this question isn’t as complicated as you might think.
video gamer

Backing up your endpoints is something that every business, small or large, should be doing. There is a plethora of reasons why we need to protect our endpoints. Like all humans, we make mistakes. User error, although a mistake, can still be detrimental to a business. Accidental deletion of data is something that happens far too often. As users of desktops and laptops we are also susceptible to hardware failure. Most of a user’s data resides on a single hard drive, thus a hard drive failure can result in a catastrophic loss of data.

User errors and hard drive failure are not the only threats to the data that reside on your endpoints. Cybercrime, such as ransomware, has been on the rise this year. According to the FBI, $209 million dollars were paid in ransoms in Q1 2016, putting ransomware on course to become a $1+ billion industry by the end of 2016. It’s important to note that just because you pay the ransom does not necessarily mean you are guaranteed to get your data back! A hospital in Wichita, Kansas, learned this the hard way. (more…)

Ransomware 101

David Tye

Product Marketing Manager
As a recent graduate from Sacramento State University I am able to take what I have learned in school and apply it to the high tech industry and the problems companies are facing today. I am a California native, die hard Green Bay Packers fan, and an outdoor enthusiast.

Latest posts by David Tye (see all)

Ransomware is a worldwide phenomenon that is affecting users all around the globe. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for the second quarter of 2015. For all businesses, small or large, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “Will I be prepared when ransomware attacks?” That said, falling victim to a ransomware attack is not the end of the world if you have a proper backup policy in place.
ransomware

Ransomware first arrived on the scene in 2005. The first known ransomware strain was The Trojan.Gpcoder, which affected Windows operating systems.  Ransomware is comparable to humans in that it comes in all shapes, sizes, and colors. Ransomware attacks once used screen pop-ups that would notify users of the attack and the amount of money required to unlock a computer. Today’s ransomware attacks are more sophisticated than ever and use “unbreakable encryption.” That usually means if you do not have your data backed up you will not be seeing that data again (AKA you’re toast)—unless you pay the ransom. And paying the ransom does not guarantee that you will gain access to your data.

Ransomware can infiltrate and spread through your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link, normally social media or an email with an infected link or attachment. Ransomware is an effective form of cybercrime because the attackers can instill both fear and panic in their victims. But there are other reasons as well: ransomware is easy to create and deploy. The good news is that we can all fight this sort of cybercrime with a thorough backup plan.

(more…)

Security or Protection: Which One?

Vladimir Mandic

Chief Technology Officer & Distinguished Engineer Data Protection Cloud, Core Technologies Division, Dell EMC
Vladimir has been driving technical innovation and change within EMC for the past 10 years, first in the area of data protection software and, currently, in cloud technologies. Prior to that, he’s had rich industry experience as a solution integrator and in the service provider space. When not working on technology innovation, he may be difficult to locate due to his passion for world travel.

Latest posts by Vladimir Mandic (see all)

security-protection-vlad-1Ransomware
A long time ago I heard an anecdote that the highest level of security certification was given to a system that sat in a secure room and was isolated from a network. Today we live in a connected world, and that creates much bigger surface areas for security threats. As much as IT organizations would like to limit exposure, users expect unlimited access to both business and personal email, to be able to work with attachments, to surf the web, and to interact on social media.

Pandora’s Box has been opened security-protection-vlad-2.jpg
Although risk cannot be completely eliminated, it can and should be managed. In parallel, ransomware has emerged as a top cyber threat to business. The number of attacks and their complexity is unparalleled. These are not simple drive-by threats (such as a random user visiting a site that contains malware); instead, they are custom-designed to bypass an organization’s perimeter security and target specific high-value data sets.

The combination of open access and more advanced threats is something that requires far more attention!

Many organizations derive a false level of confidence from their investment in perimeter security: firewalls, authentication/authorization, antivirus solutions and encryption over-the-wire. When assessing security and protection, however, assume that the perimeter has been breached! The breach point is already beyond antivirus software and firewalls; it is now within authenticated systems where encryption becomes transparent. Do you know what your level of protection is?

How big is a Ransomware threat?
• Ransomware has headlined on FBI, DHS, DOJ, and NSA lists in 2016 and triggered multiple US Senate and Homeland Security questions that have resulted in FBI, DHS, and DOJ responses.
• It’s growing fast: At the end of Q1 2016, 93% of all phishing emails contained encryption ransomware. That’s a 763% increase year over year!

First, let’s look at the infrastructure
If you do control the infrastructure, be sure to take advantage of Isolated Recovery Solution (IRS) for systems such as EMC VMAX and Data Domain. IRS ensures that (a) you have a replica of your storage for fastest recovery, and (b) replication is enabled over a link which is air-gapped when replication is not occurring. That way, any corruption of primary data can quickly be recovered from an unaffected replica copy.

If you outsource your infrastructure (for example, by using the public cloud), does that mean security is no longer your responsibility? Remember, an IaaS provider takes responsibility for infrastructure availability and resiliency, but not for data validity. That means protecting your data on your core systems is your responsibility.

Regardless of the location or ownership of the infrastructure, you should be asking yourself these questions:
• Does it matter if we (or the provider) have certification XYZ.123 or not?
• In case of compromise, how do we recover data?
• Do we have a clean copy of the data that is isolated?
• How quickly can we recover?

Second-level safety is provided by having a well-designed data center protection strategy, including a backup solution, which provides an additional level of isolation for your data. That data should be secure and immutable, and it should be available for quick recovery to any point in time. Solutions such as EMC NetWorker or Avamar data protection software together with EMC Data Domain protection storage provide this level of protection. (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog