Five Things You Need to Know About Hardware Maintenance and Mission-Critical IT Infrastructure Management

hardware_maintenance

By Randy Henniger/Sr. Services Specialist/Abtech Technologies

Your data center infrastructure is mission critical and needs to be managed using best practices. Here are five critical areas you need to focus on:

What and where are your mission-critical IT infrastructure assets?

Simple as it sounds, keeping an up-to-date asset inventory of critical IT data center and remote location assets is anything but. In larger enterprises, asset management software is typically deployed to track valuable IT assets; however, many smaller organizations rely on manual inventory lists that are hard to maintain and quickly become outdated or forgotten as IT asset management responsibilities are reassigned within IT support departments. If you don’t know what you have deployed, it can be challenging to maintain operational budget compliance, pass internal and external audits, and identify hardware maintenance schedules or end-of-life infrastructure, which increases your risk profile.

Quest’s KACE asset management and end-point deployment software tool offers a good value for small to medium-sized businesses. More info at: https://www.quest.com/kace/

Are your mission-critical IT assets currently under some type of support agreement, either through the OEM’s warranty or extended warranty agreements?

There are three parts to this question. One is licensing compliance. The second is firmware and software revision control, and the third is when the support and licensing agreements are to be renewed. It's important to engage all stakeholders within the enterprise in an annual review to ensure that systems meet current and future growth and performance requirements. Decisions regarding system refresh, performance tuning and planning for future growth should be encouraged at these times.

Dell’s DPACK, a free, memory-resident performance gathering tool is an excellent solution for reporting all physical and virtual systems performance and resource utilization. More info at: http://www.dell.com/en-us/work/learn/dpack

Is there an opportunity to enhance mission-critical IT infrastructure?

Many IT organizations are asked to continue to support workload and user growth with little to no increase in operating and capital budgets (sound familiar?) This can force a “set and forget” practice of installing and configuring IT resources initially, then moving on to other priority projects, having no choice but to leave the old resource configurations in place until retirement. What many IT department leaders may not realize is that with some relatively inexpensive software tools, it is possible to put a “dollars and cents” figure to this practice.

Quest’s vFoglight is a tool that applies value to each resource, and can identify savings that are available, based on recommended reconfigurations. More info at: https://www.quest.com/foglight/

Are internal infrastructure support resources being utilized properly?

In today’s heterogeneous computing, storage and networking environments, it is challenging to maintain the necessary depth of certifications and knowledge within the organization’s support structure. For this reason, third-party maintenance options from trusted partners, such as user groups and online forums — or, if budgets permit, professional services available from independent support and service organizations like Abtech Technologies — are critical to maintaining your infrastructure. More info at: www.abtechtechnologies.com

Should you engage an independent (multi-vendor) IT infrastructure support partner?

The answer here is…why not try? Tap your professional network and ask your associates at other companies who they've used for hardware maintenance in the past, and how they rate the experience. Select one or two recommendations for potential support partners and engage them in discussions regarding your environment, goals and objective (such as performance vs. cost, high availability vs. hardware costs, etc.) Check their client references and speak with not only the account reps, but also the customer engineers, both local and remote.

Randy Henniger is a Senior Support Specialist at Abtech Technologies, based in Carlsbad, CA. Randy has more than 30 years of experience in enterprise solutions and services with IBM, Dell/EMC, HP, Western Digital and Data Switch. Abtech Technologies is an independent IT support and services company with thousands of clients and support centers around the U.S. More info at: www.abtechtechnologies.com.

Are Your Servers Feeling Unloved?

Are Your Servers Feeling Unloved?

It isn’t fashionable to talk about servers anymore, especially old ones. All the talk is around Cloud Applications, DevOps and Hyperconverged Infrastructure.

Unloved Servers.png

But wait!

What is keeping your critical business processes running? What is hosting that ERP software application or that Oracle database that’s allowing you to get your stuff out to customers on time, that’s making sure your invoices go out promptly?

Yes, that would be those reliable old servers that sit purring away in your datacenter, with a host of green flashing lights and the odd red light....
 

Server Red Light.jpg

A red light!

There can’t be any red lights!

Unfortunately, there are. This is because the systems are still being supported by your hardware vendor.

Your IT team really doesn't want to log a support call, because they will be routed to a distant call center on the opposite side of the World, where the phone will be answered by Bob. Well, he uses the name Bob and he is a level 1 call center support engineer. In reality, he has just joined the team and hasn’t had a lot of training. His English is OK, but he doesn’t really understand a lot of the technical terms.

Maybe your team was brave enough to make the support call and explain the problem to Bob. The vendor’s engineer turned up on site but didn't have the right part in stock. Their SLA says "4-hour Response" - where technically they met, so they are fine waiting a week for the part, even if you (or your customers, or your boss) are not!

Unhappy Team Member.jpg

This explains why your servers are feeling unloved.

But there is another way, which could make you, your team and your servers a whole lot happier.

You could put your servers on a support contract with Abtech Technologies.

Abtech has been in the business for 30 years and has some of the most experienced engineers in the industry. They are all US-based and, when your IT team puts in a support call, they will usually be put straight through to their local engineer to diagnose the issue.

What’s more, we carry spares for all the systems we support. Enough spares so that the engineer will have the part on hand. In the rare event that the spare was just used and not replenished yet, it will be shipped overnight for next day delivery.

This is why many of our support clients have been with us for 10, 20 or more years, through several hardware refresh cycles.

They have also sought our guidance when refreshing their hardware, which we are happy to provide. Abtech also has partnerships with many tier one hardware and software vendors, so we can supply as well as support.

Too busy to do it all yourself?  Our on-staff consultants  can size, supply and implement new IT infrastructure, so you are in good hands. 

To top it all, our clients are routinely saving 50-70% off the annual cost of their hardware support contract. So, not only are their servers feeling loved, but their CFO is delighted.

Everyone is Happy with Abtech Support.jpg

Preparing For Hurricane Harvey

How we were able to prepare and protect our clients’ businesses from a major natural disaster.

hurricane.jpg

Watching the news late last August, we saw that Hurricane Harvey was headed for the Texas coast.

Abtech has customers in our StorTrust backup and disaster recovery cloud that would be right in the path of the hurricane, especially one of them, a supply company to the petrochemical industries.

We contacted our customer to talk about preparing for a possible disaster recovery invocation.

As a result of the call, we decided to do some advanced preparation and set up their disaster recovery environment. Using Rapid Recovery’s virtual standby server features, we created images of each server required for the disaster recovery.

As Rapid Recovery takes each recovery point in their production environment, it is replicated to the StorTrust cloud and the virtual standby server feature applies that data to the images of their servers. This allows a very small recovery point objective and minimizes lost data should the worst happen.

Our StorTrust cloud service includes an annual test. During this test, we configure and spin-up the customer’s disaster recovery environment and set up the networking to connect everything.

Once the test is finished, we store the configuration for use during a disaster.

In preparation for the possible invocation, we applied the configuration to the virtual standby servers we created and we were ready to spin-up if necessary. We supplied a unique IP address to the customer should they have to access their servers.

On the day the hurricane hit Houston, we sat near our phones waiting for a call.

18 hours into the event, we finally got it.

Our customer asked us to start spinning up their environment – they had lost communications with their servers in the colocation facility.

Because the StorTrust cloud does not rely on websites or menus to start a disaster invocation, the one call was all our customer had to make to get things started. In his case, that was important because they did not have a network connection to work from and would not have been able to set up their environment and start it.

We started to spin-up the servers and make them active.

We were almost ready to put everything on air when received another call saying that network contact with their servers had been restored and asked us to stand down.

It turned out that one of their colo’s network feeds had flooded and they were able to fail over to another feed entering the building from a different direction, which is proper for a good colo facility.

Our customer finished riding out the storm without further incident and we put their environment back in normal backup mode. Having everything ready ahead of time in this instance allowed our customer’s personnel to worry about their families instead of how to keep the company running

 

 

What to do when an ex-employee starts deleting your company data.

We had an interesting customer situation to deal with recently here at Abtech.

One of our StorTrust clients had to let one of their employees go.  Nothing too unusual.

However, they didn’t escort the person off the premises, delete their login and move on.  Instead, they let her go back to her desk while they sorted out the necessary paperwork.

So, what did the now ex-employee do with that time? Did she quietly pack up her stuff and say goodbye to her colleagues?

Unfortunately not.  Instead, she logged onto her system and started to delete files and emails.  The company was in the medical space and not having these files could have compliance implications.

Luckily, someone noticed and notified their manager, who removed the ex-employee from her desk and arranged for her network access to be revoked.  

I guess that person will not be getting a reference anytime soon.

So, what could they do to recover the data?

After a bit of head scratching, someone pointed out that they had recently signed up for a StorTrust backup and DR contract with Abtech.

They called us up and asked if we could help.

StorTrust uses Quest Rapid Recovery software at its core, which has powerful recovery capabilities.  It can be used to recover complete servers but also individual files and emails.  

Our engineer logged on and reviewed the logs.  They found where the files had been deleted and recover them from a recent backup.  

The whole process took less than 10 minutes.  All the data and emails were recovered to their original location.  

The first thing to learn from this is that, when you let go an employee, they can sometimes do irrational things.  So, have everything prepared, including instructions to cancel their network login, before you have that “we are having to let you go” conversation.

What this also shows is the value of having the right backup and recovery solution in place.  StorTrust and Rapid Recovery provide the protection against this and many other scenarios.  These include ransomware attacks and hardware failures as well as the more obvious natural disasters.

If you want to know more, please give us a call or download our ebooks on Disaster Planning and How to Deal with a Ransomware Attack

 

An employee opens an email virus. Read what happens & see a timeline of events [Infographic]

Curious how a backup and disaster recovery (BDR) service can be really helpful? Here's a real-life example: 

One of our managed services customers recently experienced a ransomware attack. A member of staff was sent an email with a virus attached to it. This is a widely used piece of ransomware, which encrypts the files on the computer it infects and any directories on other systems it has access to.

The email looked genuine and was addressed personally to that staff member by name, so he opened it. Immediately his system was encrypted. The virus also encrypted the company file server so none of the users could access their data. Everything ground to a halt.

Shortly after a ransom request arrived in the user’s inbox asking for a sizeable amount to be paid in bitcoins. The CEO and CFO were alerted and, after a short period of mild panic and discussion, they called Abtech for advice.

Fortunately, they were signed up to our StorTrust Backup and Disaster Recovery (BDR) services. The service uses Quest Rapid Recovery software that is configured to take snapshots of their systems every 30 minutes (it can take Snapshots every 5 minutes, but this customer preferred every 30). The data is then replicated to our StorTrust cloud data center in Nevada, for disaster recovery purposes.

The StorTrust engineer checked the logs and found that the last good backup happened 5 minutes before the ransomware attack. This meant that we would be able to recover the data to a clean file server and the client would only lose 5 minutes’ worth of data.

The client agreed and we restored their infected server from a clean backup. The user’s system was also reimaged and data restored from the backup. The whole process took less than an hour and no ransom was paid.

If the infection had been more widespread, we would have elected to spin up their critical systems in our cloud, using the replicated good backup, so their users could continue working, while we cleaned and restored all their infected systems.

If you want to know more, please give us a call or download our ebooks on Disaster Planning and How to Deal with a Ransomware Attack

 

recoveringcompanydatafromransonware.png

What Options are Available When Your Dell EMC Support Contract Is Due For Renewal

Hardware Upgrade or Replacement Option

Upgrading is worth considering especially if your performance needs have grown.  The arrival of low cost SSD drives and ever larger capacity bulk drives, means you can experience a considerable improvement in both performance and capacity by upgrading. 

Check out our article on Dell EMCs storage roadmap for guidance on the options available.  As a DellEMC Platinum Reseller, Abtech can advise you on the best options for upgrading.  We can also make use of current partner promotions to get you the best possible deal.

 

Dell EMC Mid Range Storage Strategy

In many ways, OEM support ending after two or more years is a symbiotic process, if by force. They're essentially weaning you off OEM support reliance so you can benefit from third-party maintenance.

Going with a third-party maintenance plan isn't a bad transition for various reasons, though you'll want to know when it's appropriate. It's better to transition before your OEM support ends so you won't have to scramble to find something suitable.

Renewing OEM Support

For some IT equipment, it's sometimes possible to enter a longer OEM support agreement than others. Often, they'll allow you to enjoy several years of support and then extend to a limited point through contract renewals. 

If your equipment is still fairly new, this may be a good option and Abtech can provide pricing to renew your OEM Support with Dell EMC. 

You will maintain access to firmware upgrades and services like Co-pliot on SC/Compellent Arrays.  OEM Support is generally of a high standard, although your initial call may be routed to a call center outside the US, initially.

 

Third-Party Maintenance

Dissatisfaction with OEM support is one of the main reasons companies switch to third-party maintenance recently. According to statistics, 75% of companies make this switch because OEM support didn't help with changing business requirements.

Data like this shows why maintenance from outside sources has rapid growth in IT departments worldwide.

When you find a new maintenance team, you're going to discover they give you many benefits over OEM Support, if you choose a reputable support provider like Abtech.

The main advantage is cost savings.  Typically our 3rd party support is 50-70% cheaper than OEM support. Parts and EMC-trained engineers are local to site and the first call will always be routed to a US based engineer.

An additional benefit is that support will be available long after the OEM has ended their support on the hardware.  

If you are not seeing any good reason to upgrade your hardware, but want to avoid the high costs of OEM support, EMC support from Abtech could be the way to go.

Summary and Recommendations

Upgrade or Replace - Recommended when performance and capacity needs have increased and you have capital budget available.

EMC OEM Support - A good idea if the equipment is still relatively new and regular firmware upgrades are being released.

Abtech 3rd Party Support - A good option when high support cost is an issue or if you are not happy with the OEM support.  This is the only option if EMC has ended support on the equipment.

Preparing for Hurricane Harvey - Disaster Recovery in Action

Watching the news late last August, we saw that Hurricane Harvey was headed for the Texas coast. Abtech has customers in our StorTrust backup and disaster recovery cloud that would be right in the path of the hurricane, especially one of them, a supply company to the petrochemical industries.

hurricane harvey

We contacted our customer to talk about preparing for a possible disaster recovery invocation. As a result of the call, we decided to do some advanced preparation and set up their disaster recovery environment. Using Rapid Recovery’s virtual standby server features, we created images of each server required for the disaster recovery. As Rapid Recovery takes each recovery point in their production environment, it is replicated to the StorTrust cloud and the virtual standby server feature applies that data to the images of their servers. This allows a very small recovery point objective and minimizes lost data should the worst happen.

Our StorTrust cloud service includes an annual test. During this test, we configure and spin-up the customer’s disaster recovery environment and set up the networking to connect everything. Once the test is finished, we store the configuration for use during a disaster. In preparation for the possible invocation, we applied the configuration to the virtual standby servers we created and we were ready to spin-up if necessary. We supplied a unique IP address to the customer should they have to access their servers.

On the day Hurricane Harvey hit Houston, we sat near our phones waiting for a call. 18 hours into the event, we finally got it. Our customer asked us to start spinning up their environment – they had lost communications with their servers in the colocation facility. Because the StorTrust cloud does not rely on websites or menus to start a disaster invocation, the one call was all our customer had to make to get things started. In his case, that was important because they did not have a network connection to work from and would not have been able to set up their environment and start it.

We started to spin-up the servers and make them active. We were almost ready to put everything on air when received another call saying that network contact with their servers had been restored and asked us to stand down. It turned out that one of their colo’s network feeds had flooded and they were able to fail over to another feed entering the building from a different direction, which is proper for a good colo facility.

Our customer finished riding out the storm without further incident and we put their environment back in normal backup mode. Having everything ready ahead of time in this instance allowed our customer’s personnel to worry about their families instead of how to keep the company running.

SonicWall Turbocharges Innovation with Unprecedented Delivery of New Wireless, Mobile and Wired Network Security Products

SonicWall Press Release

KEY ANNOUNCEMENTS FROM SONICWALL

Sonicwall.png

 

  • New SonicOS 6.5, which includes more than 50 new features, powers SonicWall’s Automated Real-Time Breach Detection and Prevention Platform and is the biggest customer-driven SonicOS release in company history
  • New NSA 2650 firewall enables threat prevention over 2.5 Gigabit Ethernet wired and 802.11ac Wave 2 wireless networks, supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X
  • New SonicWave 802.11ac Wave 2 wireless access points bring together high performance, security, and management into wireless networks with innovative pricing
  • New SonicWall Cloud Analytics application expands on management and reporting capabilities to empower better, faster and smarter security decisions
  • New Secure Mobile Access OS 12.1 ensures remote workers are protected with the same level of security from any location

PRESS RELEASE – SEPTEMBER 26, 2017

SANTA CLARA, Calif. — SonicWall, the trusted security partner protecting more than 1 million networks worldwide, announces an unprecedented range of advanced network security products and services that accelerate speed thresholds for its Automated Real-Time Breach Detection and Prevention Platform across wired, wireless and mobile networks.

“In a modern, hyper-connected world, there are no compromises,” said SonicWall President and CEO Bill Conner. “Our customers, and their end users, expect the best in real-time security, performance and analytics — regardless of network, device or physical location. This automated, real-time breach detection and prevention platform ensures organizations can build smart, consistent and sound security postures while meeting the speed, performance and cost-of-ownership demands of today’s businesses and their users.”

The platform enhancements include more than 50 new SonicOS features, a new high-performance firewall, a series of new 802.11ac Wave 2 wireless access points, an intuitive cloud analytics application and advanced secure federated single sign-on (SSO) capabilities.

“It’s imperative that any well-meaning, responsible organization take appropriate action to safeguard their networks, customer data and business as a whole,” said Jeff Wilson, senior research director for IHS Markit, a global information provider. “The threat landscape moves far too fast to rely on static solutions. More emphasis should be placed on real-time threat mitigation across wired and wireless networks. Companies of all sizes need to consider TLS/SSL decryption and inspection solutions as well, now that the majority of common internet traffic is encrypted by default.”

SonicOS 6.5 Boasts Modern Interface, Threat Intelligence API Capabilities for Security Automation

With more than 50 new features, SonicOS 6.5 is the biggest customer-driven release in SonicWall history. Highlighted by a modern, intuitive interface, SonicOS offers advanced networking and connectivity capabilities to optimize system availability, while scaling firewall performance to deliver uncompromised, uninterrupted threat protection for all connected networks.

“SonicWall products have always been very good, but the new SonicOS 6.5 is a giant step forward,” said Greg Thomas, owner of ComLogic, a SonicWall partner. “SonicWall is clearly visionary, not just in protection, but in analytics and usability as well. The new UI is fresh, relevant and easy to use.”

The operating system includes improved threat API capabilities to help businesses build automated security platforms that can leverage third-party threat intelligence feeds.

SonicOS 6.5 also features a suite of wireless features that enables security and connectivity for mobile users. Multi-domain authentication support also provides a simple and fast way to manage and enforce security policies across an entire organization.

New Multi-Gigabit Firewall Boosts Speeds, Adds Real-Time Security on Wired and 802.11ac Wave 2 Networks

Core to the platform expansion, SonicWall is unveiling the new SonicWall Network Security Appliance (NSA) 2650 firewall, which delivers automated, real-time breach detection and prevention, as well as TLS/SSL decryption and inspection, over multi-gigabit wired and Wave 2 wireless networks.

The NSA 2650 appliance is the first branch and campus firewall to support both multi-engine sandboxing via the Capture Advanced Threat Protection (ATP) service and full deep packet inspection of TLS/SSL-encrypted traffic for 2.5G wired and 802.11ac Wave 2 wireless networks.

With eight 2.5G Ethernet interfaces and 20 total ports, the NSA 2650 matches network throughput between multi-gigabit wired and 802.11ac Wave 2 wireless networks. Compared with the previous-generation NSA 2600 appliance, the NSA 2650 supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X.

“One of our customers’ biggest challenges is ransomware, which is often sent around the internet using encryption,” said Spencomp Solutions security specialist Dominic Valois. “The NSA 2650, with high-speed TLS/SSL inspection, and the SonicWall Capture service, give them a whole lot more security from their firewall.”

To complement the NSA 2650 appliance, the new SonicWave series of access points meets the 802.11ac Wave 2 wireless standard, which features 4x4 MU-MIMO technology for best-in-class Wi-Fi performance, range and reliability.

“The new SonicWave access points give us throughput that matches our wired network,” said Dr. Michael Breen, Dean of Arts, Mary Immaculate College. “Whether someone is on a handheld device or directly wired to the network, the service is indistinguishable. Signal reception is consistently strong over a one-and-a-half-acre site.”

Centralized Firewall Security Analytics via the Cloud

Leveraging a powerful intelligence-driven engine, SonicWall Cloud Analytics is a new cloud application that is delivered as a service to customers and partners. It provides deep real-time visibility, insight and alerting for network traffic, user behavior and device activity from a centralized dashboard.

SonicWall Cloud Analytics empowers organizations to monitor, record, analyze and report security data for deep forensic analysis across multiple SonicWall firewalls and SonicWave wireless access points.

An extension of the recently introduced SonicWall Cloud Global Management System (GMS), SonicWall Cloud Analytics provides extensive drill-down investigative and forensic capabilities for deep security data analysis, including traffic, applications, threats, and user behavior and activities.

SonicWall Cloud Analytics — featuring real-time data presented in a structured, meaningful, actionable and easily consumable manner — enables security teams, analysts, auditors, boards, C-suites, and stakeholders to discover, interpret, prioritize and take appropriate defensive actions against both known and unknown cyber attacks or threats.

Extend Speed, Security to Remote Workforce

When employees are on the road, they require secure access to the same systems and applications they trust when on Wi-Fi or wired networks in the office. Not only must access be available anywhere, anytime and on any device, speed and security cannot be compromised.

To extend SonicWall security from wired and wireless networks to remote users, SonicWall Secure Mobile Access (SMA) 12.1 provides secure, policy-enforced access to email, file servers and corporate applications using federated SSO to both cloud and on-premise resources from authorized devices.

To defend corporations and security-conscious organizations against advanced cyber attacks, SMA now scans all file uploads with the SonicWall Capture ATP service, a cloud-based, multi-engine sandbox designed to discover and stop unknown, zero-day attacks, such as ransomware. This real-time sandbox approach ensures users have the same level of protection from zero-day threats when they are on the road as they have in the office.

Product Availability

For North American and European customers, SonicOS 6.5, NSA 2650 firewall and the SonicWave series of wireless access points are available immediately. SMA 12.1 and Cloud Analytics will be available in early Q4 in North America and Europe. For availability in other regions, please contact your local authorized SonicWall distributor for details.

About SonicWall

SonicWall has been fighting the cyber-criminal industry for over 25 years, defending small, medium-size businesses and enterprises worldwide. Backed by research from SonicWall Capture Labs, our award-winning real-time breach detection and prevention solutions, coupled with the formidable resources of over 18,000 loyal channel partners around the globe, are the backbone, securing more than a million business and mobile networks and their emails, applications and data. This combination of products and partners has enabled an automated real-time breach detection and prevention solution tuned to the specific needs of the more than 500,000 organizations in over 150 countries. These businesses can run more effectively and fear less about security.

 

Abtech Technologies is a leading SonicWall partner. Our engineers are fully certified in SonicWall technology.  We can design, implement and support any SonicWall solution to meet your security needs.

Ransomware - What To Tell Your CEO

Ransomware - What To Tell Your CEO

When your CEO says, 

“I need to discuss how the company is protected against ransomware”. 

Here is what you need to do.

 

 

CEO.jpg

I am sure many of you are have received countless emails recently from IT vendors telling you to buy their hardware or software because it is the “best way to protect against ransomware”.  This is all well any good, but right now, you are probably more concerned with what you are going to tell your CEO when he or she asks “What measures do we have in place to protect us against ransomware attacks” or “Are we open to attack?”

Ransomware is one of the fastest growing industries on the planet.  There isn’t a week goes by without talk or somebody being attacked or a new threat emerging.  The reason.  Because it is incredibly profitable for its creators, who are also difficult to trace.  

Ransomware has, and still is, evolving. Like any malicious code, it is often designed to attack the unprepared. 

 

Cryptolocker

Most ransomware attacks use software, such as Cryptolocker, which enters a corporate network attached to an official looking email, addressed to a member of staff.  Often this looks like an invoice or other official document.  Opening the attachment will immediately encrypt the data on the owner’s PC and any attached file servers.   This is swiftly followed by a message saying “pay a ransom in the next few days or your data is gone for good.”  Not a lot of fun and quite scary for the individual and the owners or the company.

 

WannaCry – Ransomware Steps Up a Gear

More recently ransomware has taken a new twist. “WannaCry”, also known as Wcry, WanaDecrypt0r or WannaCryptor works by exploiting a security hole in the Windows operating system. Microsoft issued a patch in March2017, but any systems that haven’t been kept up to date with security patches are vulnerable.  

This doesn’t need human interaction for the infection to occur so, the attack can be much more widespread.  The number of computers that can be infected by this type of ransomware virus can quickly run into hundreds of thousands.  The effect to the user and the target organization is the same.  The user’s system is encrypted and a ransom notice flashes up on their screen. However, the infection can spread to multiple systems in a single organization if systems aren’t patched up to date.

 
 

 

What Can You Tell Your CEO?

This conversation can follow two routes:

  • This is what we have in place.
  • This is what we need to buy.

The second option is likely to be less well received, but it is also a great opportunity to get funding for something you really do need, to protect the organization.

So, let’s look at the measures you can take:

  1. Patch your systems:  This is an easy one, unless you have a lot of systems.  It just involves time.  If you don’t have time, you should suggest that you outsource the patching to an external managed service company, who can manage it for you. 
  2. Invest in some good quality anti-virus software:  Anti-virus software vendors make it their job to protect you against the latest virus strains and will happily tell you if their software protects you against ransomware viruses like WannaCry. This makes it easy to see if your software is up to the job. Again, if you don’t have suitable software, you can sign up for a managed antivirus service so someone else can make sure you are protected.
  3. Check your firewall:  Firewalls are designed to protect against outside attacks.  A recent blog article from SonicWALL, illustrates that they and other vendors are on top of things. Look for similar statements from your firewall vendor. If they can’t provide this, look to your CEO for budget for a replacement.
  4. Update your Backup Software: This may not be as obvious, but this can be your last and best line of defense.  If you assume that you will at some point, get infected, having the ability to recover systems without paying a ransom is quite important.  Modern back up software, that takes regular snapshots throughout the day and has the capability to spin up virtual machines, it the best way to avoid paying a ransom.  The infected system or systems can be isolated, formatted and reimaged from a recent clean backup in a matter of minutes.  Clean virtual machines can also be spin up from the last clean backup, to replace the infected ones. 

This eBook goes into more detail and gives an example of where Abtech was able to recover our client’s main file server in less than an hour with less than 5 minutes of data changes lost. 

 

The Meeting with the CEO – A Happy Ending

Armed with this information you can go into that meeting with the CEO fully prepared.  Making a statement like this:

All our systems are up to date and we have protection through our firewall and antivirus software, but I recommend we invest in a new backup system to ensure we can recover quickly if we are attacked

will reassure your CEO and senior management even if it may cost them some money. 

 

Further Resources and Actions Microsoft Recommend You Take:  

Download English language security updates: Windows Server 2003 SP2 x64,Windows Server 2003 SP2 x86,Windows XP SP2 x64,Windows XP SP3 x86,Windows XP Embedded SP3 x86,Windows 8 x86,Windows 8 x64


Download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
Read general information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
Download MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx 

FAQs: 

Where can I find the official guidance from Microsoft? 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

  

Is the update available for Windows 2003 & Windows XP as well? 

Yes. The link for download of the update is available at the end of this article 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

  

Will the update run on unlicensed Windows? 

It is recommended that the update is run on a licensed version. 

 

What about Windows 2003 R2? 

The Windows 2003 update should get applied on Windows 2003 R2 as well.   

 

Will the installation of the patch, prevent the occurrence of ransomware? 

No. Applying MS17-010 is just preventing the malware from spreading, not giving protection against the infection itself. Based on reports, this malware is using Social Engineering to target companies.Please warn your users to not open, click or enable macros on email reception. 

  • The priority is that your anti-virus can detect the malware. 
  • Verify that you have up-to-date signatures, along with patching the Windows systems 
  • Make sure that users have the level of knowledge required to never click on suspicious attachments even if they are displayed with a familiar icon (office or PDF document). Where an attachment opening offers the execution of an application, users must under no circumstances should accept the execution and in doubt, users should you consult and/or consult the administrator. 
  • Implementation of strong filtering in O365: 

http://blogs.msdn.com/b/tzink/archive/2014/04/08/blocking-executable-content-in-Office-365-for-more-aggressive-anti-malware-protection.aspx 

  • Exchange Online Protection 

            http://TechNet.Microsoft.com/en-us/library/jj723164(v=Exchg.150).aspx 

            http://TechNet.Microsoft.com/en-us/library/jj200684(v=Exchg.150).aspx 

            http://TechNet.Microsoft.com/en-us/library/jj723119%28V=Exchg.150%29.aspx 

  

Security tips to Protect against Ransomware 

https://social.technet.microsoft.com/wiki/contents/articles/29787.microsoft-protection-center-security-tips-to-protect-against-ransomware.aspx 

  

Is the ransomware effective only if the user has administrative rights on the client machine? 

No. This piece of ransomware, like most of others, once executed, encrypts all files it can reach in the context of a user, if the user is an admin on the box the outcome is more devastating. In addition, this ransomware also tries to disable shadow copies and make some registry changes in HKLM hive which require administrative privileges. 

When it tries to spread, it uses a vulnerability, which once exploited gives the malware SYSTEM level access on the target system. All this means that this attack maybe very successful and destructive even if the users don’t have admin privileges on their unpatched workstations/servers. 

  

Is only disabling SMB v1 Server (LanmanServer) on all our machines helps us to protect from this vulnerability? 

Patch installation would be the first option. To answer the question, Yes. SMBV1 should be removed, but in a planned way. Please refer the below link 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

Do we need to disable SMB v1 client (Lanmanworkstation) as well on all our machines? 

No. It is only the SMBv1 server component (which means Lanmanserver), on the client machine and not Lanmanworkstation on the client machine. 

  

What is the impact of removing SMBv1? 

  • You’re still running XP or WS2003 under a custom support agreement 
  • Windows XP will not be able to access shares on a Windows 2003 Server or any other Operating System 
  • Windows Vista and above Operating System will not be able to access shares on a Windows 2003 Member Server or Domain Controller (if you still have them in the environment) 
  • You have some decrepit management software that demands admins browse via the ‘network neighborhood’ master browser list 
  • You run old multi-function printers with antique firmware in order to “scan to share” 

  

Please refer the below article for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

If we must disable smb v1 Server service, what are the registry values to disable it? 

When using operating systems older than Windows 8.1 and Windows Server 2012 R2, you can’t remove SMB1 – but you can disable it: KB 2696547- How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 

Please refer to the below link for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

How do we know SMB v1 is active in our environment?  Can we proactively check it? 

Yes. Please test this, before using in the production environment. 

https://blogs.technet.microsoft.com/ralphkyttle/2017/04/07/discover-smb1-in-your-environment-with-dscea/ 

  

Windows 2016 and Windows 10 provides a way to audit usage of SMBv1, which can be found here 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

Is Windows 10 affected as of now? 

https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack as of now.
 

  

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Customers running Windows 10 were not targeted by the attack today.
 

  

Windows 10 systems also need to be patched, because the variants can be developed. In addition to this, it would be recommended to remove SMBv1 from the clients and Windows servers, after doing a complete review of the below mentioned article. 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

How long can your business afford to be offline?

How Long Can oOur Organization Afford to Be offline

Businesses have many different mission critical apps that could potentially be affected by a network outage. Losing connectivity for even a short amount of time could cause businesses to hemorrhage revenue. Let's look at how businesses are vulnerable to being offline, what causes downtime and how companies can protect themselves.

What business assets are vulnerable to downtime?

Businesses are increasingly reliant on their network for more than just the cloud-based applications that they depend upon. A typical retail business might have an array of services that could be affected by an offline network.

  • Point of sale terminals in the front of the store.
  • WIFI networks that a business's customers might need to access.
  • The WIFI and wired network that's dedicated to your employees.
  • Surveillance cameras and VoIP phones that connect to the network.
  • The back office equipment room that has racks full of servers.
  • Visual signage and digital kiosk space.

How downtime can affect credit card processing

Network security is critical for any businesses running credit card processing. You need to maintain your PCI compliance, which means locking down the security both locally and remotely. Companies should be monitoring all the traffic that is accessing its network. Companies might not have on-site IT to manage these various network resources. If not, you'll need a capable cloud management solution for managing, monitoring and deploying your various network devices.

But PCI compliance is the least of your worries when access to the credit card networks go down. If a business can't process transactions electronically, then they'll have to resort to storing and forwarding transactions. Credit card fees can be extremely high for store and forward transactions. Having to store and forward many small transactions can kill a business's profitability.

  1. If you have a network connection, the credit card fees average 2-3%.
  2. If the network connection goes down, the fees that a business incurs can be as high as 30% for small transactions.

Downtime caused by human error ... and squirrels

There's a high cost to your business being offline. It's estimated that nearly a trillion dollars of revenue are lost each year to network downtime. And although network administrators do their best to keep networks online, 60% of all network failures are due to human error. It could also simply be the matter of a construction crew digging up a trench in the wrong spot. Poof! There go all your DSL, cable and T1 wired connections. It turns out that squirrels account for another approximately 17% of network downtime. In 2010, Yahoo was taken down by squirrels chewing on wires in its Santa Clara, California data center.

 
 

No business is immune to these outages. It doesn't matter whether it's through natural disasters or human error, these episodes are going to happen. In the retail industry, margins are razor thin. Your downtime might have only lasted a few hours, but it can be the difference between having a positive or a negative quarter. Downtime also affects the quality of the customer experience. If the customer comes in and you aren't able to access their records, that's not an outcome you want to see repeated.

Downtime caused by natural disasters

Businesses also need to prepare themselves for natural disasters and other unforeseen network disruptions. Hurricanes and tornadoes can take out miles of infrastructure in a flash. Natural disasters will almost always take out the wired infrastructure first. During a hurricane, water gets into the wires in the ground and knocks out networks. Many businesses deploy routers in remote locations so that they can have secure backup Internet connectivity.

Preparing for Disaster in the Workplace

When you're in the workplace, one of the keys to having a successful business, is planning ahead at all times.  With that said, while many companies do prepare for these unexpected events, they often don't take disasters into consideration. Planning for unexpected disasters, such as a power failure or a ransomware attack, is crucial for keeping your business safe.

Ransomware

So how should businesses prepare for these incidents?  Here are a few things to keep in mind.

#1. Educate Your Employees

It's one thing if you're prepared for disaster, but what about your employees? It's essential to remember that teamwork plays a key role in all this. What someone else does in the workplace, could have a major impact on the entire company, for better or worse. As an example, let's say you were familiar with the dangers of ransomware, and how to avoid it. Your employees, on the other hand, weren't knowledgeable. You had better teach them the basics, or they might end up making a careless mistake. Preparing for disaster isn't just about you, everyone in the business needs to know their part as well.

#2. Plan For Each Disaster

Initially, this might seem like a lot of work, but that's not necessarily the case. You don't need to create a plan for every disaster, but you should know how to handle each incident. As I had mentioned earlier, each disaster in the workplace can't be handled in the same way. As an example, let's make a comparison between a power failure and a natural disaster. For the former, all you'd have to do is make sure your info is backed up on a regular basis, particularly via cloud computing. A method that allows you to store your information virtually, even the most severe incidents would have no impact on your data. For the latter, however, it's a different case. Considering natural disasters could have an impact on your building, you need to have a plan that goes beyond storing your data. If there's a hurricane, are you moving your equipment to higher ground? Do you have another building to transfer your data to? These are some things to keep in mind.

#3. Cloud Computing

Of all the ways to prepare for disaster, cloud computing is easily the most effective. As I had mentioned before, this method allows you to store all data virtually, and it becomes accessible on any device with Internet connection. Whether you fall victim to ransomware, or end up spilling coffee on your keyboard, these disasters will have no effect on your virtually accessed info. Even more so, use cloud computing is also an exercise in keeping your data backed up on a regular basis. Many businesses are too laid back about their files, keeping everything on their desktop, and sometimes even backing everything up at the last-minute. Cloud computing is a smart decision, because it allows you to focus on other aspects of your business, without always having to worry about worst case scenarios.

For more information about preparing for disaster in the workplace, as well as the importance of disaster recovery as a service, feel free to contact us today at Abtech Technologies. We offer a range of security products that not only protect your sensitive information, but also assess compliance and overall security of your network. We look forward to hearing from you, and assisting you in the best way possible.

Dell EMC Storage Strategy

Dell EMC Storage Strategy

"Expanding The Horizon for Dell EMC Midrange Storage Customers  (taken from DellEMC blog article published September 2016)"

Here we are as Dell EMC, and we’re champing at the bit to show our customers, partners and the world what we’re made of as a combined business. We were already recognized as the leader in data storage pre-merger and together we’re going from strong to stronger, now number one across all combined mid-range markets in which we play. If you’re a customer or partner of either company this bodes well for you, as Dell EMC can now offer an even greater choice of world-class products from a single vendor, which has become the largest privately controlled IT company in the world.

Since we started this journey nearly a year ago, we’ve had a number of questions from customers about our plans to support the midrange storage portfolios that are coming together. Let me confirm that we are 100% committed to supporting both EMC Unity and the Dell SC Series (Compellent) going forward. Why? Let’s start with a look at what both product lines have brought to the combined business and then fast forward to see what the future holds.

The Dell EMC midrange businesses represent:

  • Market share of 29.4%, nearly double that of our nearest competitor.
  • Leadership across all price bands. [i]
  • $5 billion in combined revenues [ii] within a total addressable market of more than $17 billion.
  • More than 100,000 existing, passionate storage customers [iii], with the heritage of both EMC technologies well positioned in large enterprises and of Dell’s incredible strength in the entry-level and mid-markets.
Dell EMC Entry and Midrange Storage
Leadership dell emc midrange storage

The Combined Dell EMC Midrange Portfolio – Go Forward from Today

Dell EMC’s midrange portfolio now has a scale and breadth that is without comparison in our industry. Our combined midrange offerings are the strongest they’ve ever been as, this year, we have launched new products such as Unity Flash storage systems and made powerful enhancements to the SC Series OS. This all adds up to a combined portfolio for our customers and partners that is unmatched elsewhere in the industry.

 

Portfolio Approach = A Win-Win for Customers and Partners

While single “point solutions” may be temporarily viable for one-trick, cash-burning startups and niche players, neither Dell, nor EMC has ever believed ‘one-size fits all’ is the best approach because it limits choice and flexibility. It’s not about us; it’s about our customers, so we focus on offering a continuum of solutions. This means we’re able to tailor our offerings for specific customer needs, by combining unique capabilities from across our broad portfolio. As Dell EMC, we can bring customers an even deeper portfolio approach to midrange storage. Together, we can ensure choice of the right product for an even wider spread of our customer’s needs at the optimal price and performance, now covering almost any use case.

As a combined business, Dell EMC is the midrange segment leader in market share and offers two strong and distinct product families that meet customer needs from entry-level into upper midrange storage. For the sake of simplicity, let’s refer to them as Dell SC Series and EMC Unity. There are clear distinctions in both the use cases and scale that each product family addresses.

SC Series: Value-Optimized Mid-Market Proven Storage Systems

The Dell SC Series is a value-oriented family with a proven track record in many small and medium businesses. In analyzing the SC customer base, we’ve seen distinct areas of strength where Dell is the server vendor. Focused on value and ease-of-use, the automated data placement and data efficiency features provide performance at a low price. The range of configurations includes all-flash, hybrid and disk-only configurations. Ideally suited to smaller deployments across a variety of workloads, the SC Series products are easy to use and value optimized. We will continue to optimize the SC Series for value and server-attach.

Unity Family: The Ultimate in Simple, Flexible, Unified Storage

The EMC Unity family is able to address most general-purpose midrange customer requirements for block, file, and unified workloads with configurations for all flash, converged, hybrid and virtual deployments. The Unity architecture will continue to be optimized for simplicity, flexibility and affordability. In just a few more weeks, we will announce a powerful Unity code update to expand its all-flash data services, increase its category-leading density and provide advanced cloud services.

With such incredible assets and customers, the Dell EMC strategy is to retain both product families and continue investing in them according to their strengths. That benefits us, because it benefits our customers. It’s a strategy we believe supports customer choice and leaves no gaps for the competition.

While we are leading with Unity and SC Series for our midrange customers going forward, we will continue to support our N-1 platforms from both Dell and EMC. Customers can continue with their current products and then choose to evolve over time as Dell EMC invests more in seamless management and mobility across our product set.

For migration, management and mobility, we’ve got our customers covered. We already have EMC ViPR Controller – which is a common storage management platform across multi-vendor storage arrays. In addition, we have world-class data protection across Dell and EMC storage with EMC Data Domain, EMC Avamar, and EMC NetWorker. EMC RecoverPoint and EMC VPLEX can also be used today for replication between Unity and SC Series to facilitate easy coexistence and data mobility.

 

Bottom line

Dell EMC is better together, and we’re making sure that this is true most of all for our customers, who will be able to stick with what is most familiar and comfortable for them. Both Unity and SC Series product families will continue well into the future with support and R&D that will further develop their capabilities to handle the most diverse set of midrange use cases and workloads. The level of quality, product functionality and support that our customers have come to trust and appreciate will be a minimum baseline for Dell EMC today, and it will be the foundation from which we will exceed customer expectations in the future.

Don’t let End of Service Notices Drive Your Infrastructure

IT equipment needs to be replaced and updated after a while. It makes sense to replace it when it's no longer reliable, when requirements change, or when upgrading will give a big performance improvement at a reasonable cost

The Cost Benefits of Investing in a Third Party IT Maintenance Services

Working with a third-party ensures your company gets unmatched support in your system upgrades and updates and lets you relax knowing that anything or any issue related to IT that will arise will get the significant attention needed at no extra cost. With 24-hour monitoring services and flexible alternatives offered by third-party firms, the cost benefits enjoyed by the organization are huge. Contact us now for more information.

When is it Appropriate to Move From OEM Support to Third-Party Maintenance?

No doubt you've had considerable experience with OEM support ending on your IT equipment over the years. If you're experiencing this for the first time, it might incite a bit of minor panic since you've perhaps relied on this support for a while. Original equipment manufacturers frequently want to move on from legacy support because they want to build their own future.

In many ways, OEM support ending after two or more years is a symbiotic process, if by force. They're essentially weaning you off OEM support reliance so you can benefit from third-party maintenance.

Going with a third-party maintenance plan isn't a bad transition for various reasons, though you'll want to know when it's appropriate. It's better to transition before your OEM support ends so you won't have to scramble to find something suitable.

Declining Value in OEM Support Agreements

For some IT equipment, it's sometimes possible to enter a longer OEM support agreement than others. Often, they'll allow you to enjoy several years of support and then extend to a limited point through contract renewals.

Maybe you're doing this now. Regardless, it's worth noting as each year ensues, you're receiving less support value. Since many IT manufacturers want to move forward to provide new technologies you'll want to buy, they don't waste time with an entire decade or more of support privileges.

When you start losing OEM support value, it could place you in jeopardy if you have a serious IT issue arise. An emergency might come up and you'll realize the 24/7 support you once enjoyed is now extremely limited or non-existent.

If you find yourself in a tech emergency on a weekend or holiday, you're basically left on your own to find technical help.

This is why you're better off switching to third-party maintenance before your OEM support starts to degrade in quality.

The Growth of Third-Party Maintenance

Dissatisfaction with OEM support is one of the main reasons companies switch to third-party maintenance recently. According to statistics, 75% of companies make this switch because OEM support didn't help with changing business requirements.

Data like this shows why maintenance from outside sources has rapid growth in IT departments worldwide.

When you find a new maintenance team, you're going to discover they give you far more benefits than if sticking long-term with the OEM process.

Costs and Customization

It's going to cost less hiring a third-party maintenance company because you're basically outsourcing much of the technical help. They already have a dedicated team that's going to monitor your IT equipment and even provide remote support when needed. In many cases, this means using pre-owned equipment, despite many businesses preferring this to save money.

You're also giving yourself far more freedom. OEM support systems frequently prevent you from using your network for the entirety of its useful life. Now you can, including adding things to it the original manufacturer didn't allow.

Better IT Management

Keep in mind you're going to receive excellent IT management going through a third-party source. Many of these maintenance companies offer IT advisors, something you wouldn't find with the OEM.

Through your advisor, they'll guide you through any upgrades you want to do, the best equipment to use, and how much money you should spend.

With the new trend being decoupling hardware and software to extend the tech life cycle, a new IT paradigm is already here. Keeping costs under control is obviously a major hurdle for all companies. Now you can stop playing risk, especially when relying on security technology.

Visit us at Abtech Technologies to ask about our security products to augment business continuity and compliance.

Advantages of Cloud Computing Features

The Advantages of Cloud Computing.png

In recent years, the cloud computing world has evolved to provide almost everything for your business "as-a-service" and does it for a relatively low monthly fee. Cloud computing features also include converged infrastructure and solid state drives. Read on for tips on these features that may prove advantageous for your business.

As-a-Service. The list of cloud offerings as-a-Service grows each year. We encourage you to carefully review the various as-a-service cloud services available from cloud service providers. Do not commit to any cloud service that cannot handle your data securely and does not operate in the way that you want to operate. You will want to explore the providers' responses to any data security questions before committing to a specific cloud provider to ensure that you make the best choice. If the provider cannot answer your questions to your satisfaction, do not buy the service.

 

Software as a Service
  • Software-as-a-Service (SaaS) is probably the most ubiquitous of the cloud offerings. SaaS permits some choices within the software features offered, however, customers cannot customize the underlying code. If your business requires extensive changes to the SaaS code, you probably won't get them -- which is not such a bad thing. After all, you wouldn't want the shared cloud code to include changes that you expected would give you a leg up over your competition. Any code change accepted by the cloud provider will be available to all who use the SaaS. That's how as-a-service offerings work. The cloud provider makes client requested changes at one time and every customer gets to take advantage of the changes.
  • Database-as-a-Service. DB-as-a-Service is, at its core, a sub-specialty of the software-as-a-service model. It is a managed service that provides access to a cloud database that the DBaaS customer uses with cloud applications and their own data. All the administration and management of the database stays with the cloud provider so all the customer has to do is use its database. Businesses that want to retain more control over the database can do so under optional features. Cloud providers base payment on the features used and the amount of storage capacity the database requires. Some DB systems do not support compression or table partitions so it is imperative that you understand what your existing system can do and what your business requires from its database before you commit to DBaaS.
  • Identity-as-a-Service. ID-as-a-Service is an infrastructure for authentication that resides in the cloud. It is a way of managing identity that includes all of the things we've come to appreciate about services in the cloud, such as smaller on-site infrastructure; easy management; and a range of integration options. IDaaS is popular with smaller organizations or large organizations with satellite locations who do not have the expertise in-house to have strong identity architecture. Such businesses move identity security to the cloud believing that the cloud provider is an expert in the field. ID-as-a-Service raises questions of regulatory compliance, auditing, and how the ID cloud provider will handle disclosures of sensitive customer information. Since this is an evolving area, do not count on the law to demand cloud provider surety against disclosure of sensitive information. Do your due diligence review.

Converged Infrastructure. The term converged infrastructure refers to the process of grouping various information technology (IT) elements together into one computing package. The packaged IT elements act more efficiently than the elements would if acting independently. These elements may include servers, network management, infrastructure management software, and data storage devices. Converged infrastructure approaches data center management in a way that looks to decrease incompatibility issues among all these elements.

Converged Infrastructure provides advantages over the traditional silo approach to computing. Converged Infrastructure allows networks to handle Big Data more efficiently through a single, IT management system which integrates the various components.

Solid State Drives. Traditional computers have spinning hard drives (HDD) for storage. Designers developed Solid State Drives (SSD) originally for ultra mobile devices. Today, you can choose to have SSD for your operating system and HDD for other purposes.

SSDs have no moving parts so they fly in the face of what we traditionally think of as "hard drives". The term refers to storage devices that save data on solid-state flash memory drives. Solid-state means the devices use solid semi-conductor (instead of electron tube) memory stored on a flash drive that uses integrated circuits rather than magnetic or optical media to store data.

SSD advantages are lower random access and read latency (think, wasted time) than traditional hard drives which gives SSDs higher input/output efficiency. It also means they are the best option for workloads that involve heavy read. Servers, laptops, and applications that deliver in real-time benefit from the SSD's ability to read directly from a specific SSD cell. The final takeaway is that SSDs are many times faster than electromechanical disc drives.

Archive, Backup, and Disaster Recovery

Archiving, Backup and Disaster Recovery.png

Backing up, archiving, and preparing for disaster recovery are obviously related. They overlap, but each one names a different purpose. Doing a good job at one of them doesn't mean they're all covered. Let's consider what each one involves.

Backup

The purpose of a backup is to restore files that are lost or damaged. Recovery needs may range from a single file to an entire drive. A backup volume can be local or remote. It can be quick to access for getting back single files, or intended mostly for bulk recovery. Its focus isn't long-term storage, though durability is a good quality.

Versioned backups provide extra safety. A file can be corrupted, without being noticed, for a long time. If only the current version is backedup, and it's corrupted too, that's not useful. A backup that includes older versions gives a better chance of recovery.

Many approaches are possible:

  • An attached drive. Software does frequent incremental backups automatically. It's convenient, and it's always up to date. The disadvantage is that malware or physical damage to the computer might affect the backup drive as well.

  • A shared storage system. Network attached storage (NAS) provides a large amount of backup space and keeps everyone's backups together. It simplifies backup management if there are a large number of users.

  • Tape backup. Tape is good for high-volume storage and allows saving multiple backups. It's good for recovering crashed drives, but not very convenient for restoring single files.

  • Offsite backup. Cloud storage is safer than any local backup from events that affect a whole office. It needs a fast enough Internet connection.

It's best to combine onsite and offsite backup. If one method fails, the other will usually keep working.

Archive

Long-term archival storage involves a different set of goals. It has several important criteria:

  • Selection. Not every file needs to go into an archive. Figuring out which ones are needed can be a complicated task. It's necessary to take business goals and regulatory requirements into account.

  • Durability. Unlike a backup, an archive needs to be kept intact for a long time, usually years. It needs to have its own backup. Storage media will eventually go bad, and old file formats may become difficult to process, so it can require periodic migration to new media and storage formats.

  • Identification. The information in an archive needs to make sense years after it's created. It needs to be well-organized, and it has to include enough metadata to reconstruct its context and purpose.

Maintaining an archive is a more complex task than keeping data backed up.

Disaster Recovery

Backup is a part of disaster recovery preparation, but it's not the whole story. If a catastrophic event takes out your business systems, you need a way of getting up and running again as quickly as possible. Being confident of that requires a recovery plan.

When disaster strikes, it's necessary to bring up an alternate system. Speed is essential; every minute that a company's systems are down means lost productivity and income. If systems are down too long, it affects the confidence of customers and partners. Bringing new machines onto the premises might not be feasible if the damage is severe, and getting them running is time-consuming.

The systems not only need to come back quickly, but with little or no data loss. If the recovery system has to roll back to the previous day's records, it will take a lot of work to bring them up to date. The backup needs to be ongoing to avoid losing business data.

Cloud-based disaster recovery as a service (DRaaS) lets your business operate with confidence that if serious damage happens, downtime will be short and data won't be lost. StorTrust gives you the highest confidence that your data is always backed up and that you're prepared for any disaster that may come.

Whatever your backup, archiving, and DR needs are, Abtech is ready to meet them.

Why You Need a Holistic Approach to Business Continuity

If you conduct a 360-degree evaluation of your organization, it's possible to find different points of vulnerability. Many of these points occur where your company uses computing systems and software applications to automate business processes. Within these systems, you may use various business applications licensed from third-party vendors. Each application may include your servers accessing their software through a virtual connection. History has taught us that each relationship with a vendor introduces a new set of risks to your business. If your objective is business continuity, or continuous operations, your company must assess the risks associated with each vendor relationship. You must also take preventive measures to keep those risks from disrupting core operations.

The Background

When you consider IT risks from a holistic perspective, it's easy to assume that your company is equal to the sum of its parts. Another viewpoint is pondering how those parts fit together. You want all relationships to stabilize in ways that minimize the points of vulnerability. For example, every software application that your company adds to an existing server network will be affected if it fails during a security breach. Or, servers could be corrupted by a virus or temporarily offline due to a power failure in the data center. While you can't prepare for every potential risk, you can consider the advantages of spreading out known risks. In one company, this could resemble locating backup servers in a separate location from its primary servers.

The Core Business Relationships

To manage your business well, we recommend that you also review how your people interface with the IT infrastructure. These interactions are affected, sometimes permanently damaged, when there's an adverse event of a grave nature. If you aren't prepared for different risks, then your company might begin to lose sales and not serve customers according to the business model. Let's take the example of the third-party vendor providing a web-based application for order management/order fulfillment. If their ordering system fails, then does your company have a secondary way to process orders? Do you have a backup system that keeps track of all inventory levels and stores each customer order? These are features to look for when choosing the software vendor for order management/order fulfillment. They are part of a comprehensive business continuity plan.

The Fear of Interruption

When an organization must temporarily shut down because of an adverse event affecting its IT network, there is the fear that the interruption will cost the business money. There is the reality that the event's related costs (whether expected or unexpected) might not fall under the limits of the organization's disaster insurance policy. On some level, you have the cost of IT personnel working to restore your data infrastructure, especially when they get pulled from other projects to mitigate the problem.

The Need for a Holistic Approach

A holistic approach to business continuity means that your business must address every point of vulnerability within your IT networks, especially through comprehensive vendor management. The goal is ensuring that all computing systems keep functioning after an event while minimizing effects on consumers. But, if your company has already taken a holistic approach to business continuity (i.e. having a backup system for every server), then you could be out of ideas. You might benefit from an outside expert who can objectively evaluate your current operations.

You cannot afford to leave your company exposed to known risks to business operations. Evaluate all vendor relationships and ensure that each of them doesn't introduce new risks into the infrastructure, especially those that didn't exist before. Switch to vendors that offer higher levels of security without escalating your costs to the point that their products are not affordable.

Is Your Data Really Safe?

The key to understanding whether or not your data is safe lies in understanding the threats to it. Most attackers will attempt to come in by several very common avenues.

Every organization will face different threat levels. For example, if you're in finance or are a utility company, you're going to be facing more persistent and creative angles of attack than a small locally-focused shop will. That doesn't mean that there is any one type of business or set of circumstances where you can just forget about security, however. The internet is crawling with hackers and automated malware, and there's always some willing to grab up low-hanging fruit if the right door is left open.

Be sure to consider all of the following possibilities when reviewing your network security policies and procedures.

  • "Phishing" and Social Engineering Attacks

So-called "soft" attacks in which hackers attempt to exploit company employees have become much more common than attacks against the software or hardware of the network. That's because they're much easier to pull off and actually have a higher rate of success.

The main angle of attack is by email. Attackers can mass-mail to everyone in the company, but they may also do some homework and try to target specific entities by profiling them using publicly available information. Whatever the case, the endgame is the same; get the employee to either open a tainted email attachment, or to follow a link to an attack site that automatically installs malware.

The most common varieties of malware that will be installed are keyloggers or ransomware. A keylogger sits in the background and records keystrokes, possibly also taking periodic screenshots, and quietly forwards these to the hacker so that they can steal login information and private data. Ransomware encrypts vital files on the network, and the hackers then demand a payment (or two, or three) in return for the password to unencrypt them.

The biggest first step in defeating phishing attacks is to ensure that all email clients used on the network do not automatically download or run attachments! While mass-mail phishing attacks are usually easy to spot, a targeted attack may come from a "spoofed" email address that seems to be legitimate. Employees should be instructed to verify with the other party by phone or instant message if an unexpected attachment is sent or if they are asked to visit an external site out of the blue. As a safeguard against ransomware, you can also run automated "snapshot" systems that periodically send backups of network data to both the cloud and a local storage system.

 

  • Documented Software Exploits

While nearly every business has some data a hacker wouldn't mind having, some are much more interesting than others. For example, a company like Google or Goldman Sachs will regularly employ teams of hackers called "penetration testers" who try to find completely new and novel ways to break into their systems, ensuring they are on the cutting edge of security at all times.

A more "average" business doesn't face this kind of advanced threat. If the data they are guarding isn't particularly juicy, hackers will generally try known exploits against the software they are running and move along if none of them work. So how do you protect against these exploits? Primarily, it's by making sure you have the latest updated versions of each piece of software and app, as they receive continual security patches against newly discovered vulnerabilities. Old, discontinued software should also be replaced with something more modern, as new vulnerabilities will no longer be patched.

 

  • Discarded, Recycled and Lost Devices

Simply moving data to the recycling bin on the desktop doesn't make it disappear. If old electronics are to be sold or recycled and are still functional, they need to be cleaned with a good "hard disk wiping" program like DBAN that scours them to eliminate residual data. If you're simply disposing of an old drive, have it shredded. Don't forget that devices like copiers, printers, and old phones also have internal drives that store data!

Employees losing company phones or devices will happen from time to time, but you can secure against this mishap by mandating strong unique passwords for each device and two-step authentication for logins. It would also not hurt to encrypt data on devices that go out into the wild with a unique key that can be revoked later if they go missing.

 

  • Internal "Turncoat" Attacks

The toughest data security issue to deal with is the possibility of a trusted employee going rogue. Mitigation in this area primarily comes down to identifying privileged accounts and monitoring them appropriately, as well as removing credentials ASAP when such an employee leaves the company.

video Block
Double-click here to add a video by URL or embed code. Learn more.