Cyber-Resilient

How to Make Your Business Cyber-Resilient

How to Make Your Business Cyber-Resilient

Any business of any size is a potential target for a cyber-attack and cyber threats are becoming increasingly sophisticated. Even with the most advanced security measures in place, businesses are still at risk of having data attacked, corrupted or inaccessible.

In recent years, advanced ransomware attacks have infiltrated backups, leaving businesses with little chance of recovery without paying the ransom.
Cyber Insurance is available, but the increase in the number and size of ransomware payouts has meant that insurance providers are putting additional requirements into their policies before they will offer coverage. These requirements are particularly focused on the integrity of data backups.

So, what do you need to do to meet these requirements and make your business Cyber-Resilient.

Protection Goes Beyond Preventing Cyber-Attacks

We shall assume that you already have front end security measures in place such as anti-virus software, network firewalls and user security training.  Whilst these are important, we should expect that a sophisticated cyber attack will find a way through these protections. Almost all businesses that suffer a cyber-attack, have these front-end security measures in place.

What is important is being able to recover, should such an attack take place.  This starts with having a good, clean backup copy of your data.

Isolation, Immutability and Intelligence

Current research shows that there are three key areas to focus on when planning how to make your business cyber-resilient. Isolation, Immutability and Intelligence.

 
The following table shows the type of threats that are most common and how these measures protect against them.

Isolation

This involves creating a copy of your data backup that is isolated from your core network. This copy is stored in such a way that it cannot be accessed by anything running on your core network or anyone who has access to that network.

This means that if a cyber attacker manages to gain access to your core systems or infect your local data backup, it cannot infect the isolated backup.

Immutability

To achieve immutability, you need to ensure that the original copy of your data cannot be changed. It cannot be modified, overwritten or deleted. Additionally, by keeping multiple copies of immutable backups, organizations guarantee recovery from ransomware attacks by finding and recovering from a clean backup.

Intelligence

Intelligence is the final and arguably the most important part of the cyber-resilience jigsaw. It involves using analytics and machine-learning software tools to analyze the backup looking for known threat patterns. The software effectively knows what ransomware looks like and can raise the alarm and isolate the infection before it is launched.

What Solutions Are Available to Make Your Business Cyber-Resilient

There are many solutions and services on the market that meet one or more of these requirements, but few meet all three.  One solution that does meet all three is Dell’s Cyber Recovery solution.

Cyber Recovery can be deployed on premise in the main business data center, at a remote location or a cloud service. In each case, data isolation and immutability are achieved by building a Cyber Recovery Vault based on Dell’s Data Domain technology. Local backup is performed by software backing up to a Dell Data Domain appliance.  

Another Data Domain Appliance resides in the Cyber Recovery Vault.  Cyber Recovery software also resides in the Vault and periodically pulls a copy of the backup into the Vault. Once this has occurred, Cyber Recovery shuts the port isolating the Vault copy from the core network

retention lock is applied to the copy in the Cyber Recovery Vault to ensure that it remains immutable.

The final component is the CyberSense software.  This provides the Intelligence, but analyzing the data that is brought into the Vault.  CyberSense has a library of known cyber threat patterns that it uses as a reference to find and isolate infected data.

Infected data is interrogated to allow for further analysis.  This also raises an alarm of a possible ransomware attack so appropriate steps can be taken to remove the infection from the core business network and isolate any infected systems.

“The Dell EMC PowerProtect Cyber Recovery solution offers comprehensive ransomware detection and recovery capabilities both on-premises and in the public cloud. The solution supports an immutable and air-gapped architecture and meets Sheltered Harbor recommendations.”   Gartner Magic Quadrant for Enterprise Backup & Recovery Software Solutions – July 19, 2021

Deployment Options for Cyber Recovery

The Cyber Recovery Vault can be deployed in 3 ways.

  1. On premise in the main corporate datacenter
  2. At a remote business location
  3. As a service delivered by a cloud provider such as Abtech’s StorTrust

This gives the business the flexibility to choose the deployment solution that best meets their resources. Deploying a solution on premise or at a remote business location involves more up-front cost and ongoing management resources but provides the benefit of having total control of the solution.  Deployment by a cloud provider spreads the cost of the solution and can take the ongoing management responsibility away from the business IT team.  Both options follow Dell’s rigorous validation process.

Summary and Next Steps

I hope this article helps provide some direction in how to achieve cyber-resilience for your business. We have covered the types of threat that are most common, the steps to take to protect against these threats and presented a market-leading solution.

Abtech is fully certified to design and deploy Dell Cyber Recovery and CyberSense.  We are also certified in Data Domain and Dell’s suite of backup software tools.

If you would like to know more, please reach out to our Data Protection team and we can set up a presentation.

We look forward to working with you to achieve cyber-resilience for your business.

Useful Links

Cyber Recovery Solutions

Cloud Disaster Recovery Services

cyber-security-threats

Prevent, Protect and Mitigate Cyber Attacks

Prevent, Protect and Mitigate Cyber Attacks

An anatomy of a real attack

  1. User targeted by spam email.
  2. User engaged with hacker and their local laptop was compromised.
  3. The hacker then used the VPN connection on the laptop to access the corporate network.
  4. With access to the network the hacker started a network discovery sweep.
  5. One spreadsheet with admin credentials was found.
  6. Ransomware was deployed and in less than 20min the entire network was encrypted.
  7. The company did not have an effective backup plan an it too 2 weeks for them to get back to 80% of production.
  8. As of 2 months after the attack they are only at 90%

Signs of unauthorized access attempts on your computer systems.
The hackers target individuals who may hold confidential company information. Then, they contact them via text messages or emails containing executable malware or links, by posing as someone of a familiar identity. If these links are clicked on, the hackers could gain substantial access to the victim’s network and data.

What will an attack look like?

Identifying the malware, phishing, spyware, trojans and viruses.

Presuming the cybercriminals are successful, the target company may experience:

  • Malware infections: Bitcoin mining, Keystroke loggers or Identity theft.
  • Data theft/high jacking.
  • Ransomware.

How to prevent the attack?

Preventing a cyber attack and saving your data and network. People need to be educated about this threat, and strong awareness needs to be spread throughout the organization. Companies need a Defense in Depth approach to a security architecture that is multilayered and spans all networks, endpoints, mobile devices, and the cloud. These are the measures recommended to ensure maximum safety:

Basic IT Security Measures

  • Phishing and password training
  • Proofpoint email protection
  • Datto RMM anti-Ransomware
  • CyberHawk
  • KnowBe4
  • End point Security Software
  • Web Application Firewall
  • Botnet protection
  • Latest updates from vendors
  • Identify all attack vector

High End Security Measures

  • Additional Security Measures: Bi-Annual Penetration testing, Internal Vulnerability Scans, Annual Information Security Audit and Compliance audit readness
  • Intrusion Prevention System
  • Cyber Insurance
  • StorTrust: Cloud Backup and Disaster Recovery: Allows data to be stored offsite and be restored should an accidental deletion, a failed software upgrade, database corruption or ransomware occur.
  • Stortrust Immutable Backup: Immutable backups are air-gapped and cannot be affected by ransomware originating from a client site.

We protect your data and your business. With our service, file and systems can be recovered instantly from a local appliance. If disaster strikes, we can spin your critical systems up in our cloud so your business can keep running. We include an annual DR test, sou you can relax, knowing we will be there when you need us.

Phishing

6 common items that help identify a phishing attempt

What is Phishing?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. Generally, emails sent as phishing attempts are masked so they appear to be sent by the business, person, or institution who is known by the recipient.

Here are 6 common items that help identify a phishing attempt:

  1. Is the message sent from a public email domain, such as Gmail?
  2. Check the email address. Does the email address match the email address of the sender? Example: Bob – Bob@exxon.com, but shows Bob – bob@gmail.com.
  3. The email domain name is misspelled. (exxon.com is Exxan.com)
  4. The body of the email is poorly written with misspellings, bad grammar, or poor word choice. (However, be careful, the cybercriminal’s grammar is improving)
  5. The message includes attachments or links that are suspicious. The link says it goes to one place but when you hover over it is shows another URL.
  6. The message creates a sense of urgency, such as please change your password or look at this document ASAP.

If you ever have a question about an email and if it is legitimate, you have options: contact the sender via telephone and confirm or ask Abtech and we will provide an expert opinion. And please remember that as a client of Abtech, you have access to resources to mitigate Phishing and Ransomware attacks. Here are a few examples. Your company may already be utilizing some or all of these:

  • Endpoint Security Software such as ESET or Capture Client
  • Email Security and Spam Filer – Abtech Recommends Proofpoint Essentials
  • KnowBe4 Security Awareness testing and training
  • Datto Ransomware Protection
  • Cyberhawk Internal Threat Detection
  • Internal Vulnerability scans and mitigation
  • Cloud backup and disaster recovery (Stortrust)

Abtech offers a range of services aimed at protecting you and your users from cyber attacks.

If you would like to know more, please click here or reach out to info@abtechtechnologies.com

064183c29902981ccc3c70a685b1ba30

Disaster Recovery — Back-up site challenges solved with DRaaS

Disaster Recovery — Back-up site challenges solved with DRaaS

Disaster recovery is a topic that every business should include in their strategic plan. It is an ongoing discussion. We should approach this problem from the point of not if, but when. Today’s business world has a lot to consider and as technology improves, business leaders face greater threats that could easily become a disaster. As grim as this statement is, back-up challenges solved with DRaaS are both affordable and comprehensive.

Disaster Threats that Every Business Faces

Natural Disasters — Earthquakes, floods, hurricanes, tornados, fire, and whatever else the world can throw at us. We’ve lived with these as threats since the beginning of time. They are a viable threat. The question to ask is, “can my business survive if hit with a natural disaster?”

Human Error — Intentional or unintentional, humans make mistakes. They say “to err is human” and from time to time we live up to that saying. There are plenty of examples of disgruntled employees who have destroyed data. Understanding how data theft or mal intent affects businesses allows leaders to safeguard data and reduce the risk of data loss due to human activity.

Cybercrime — Cybercrime is huge. There is the ongoing threat of ransomware, virus, malware, spyware, and hackers. Anyone of those events could take down a small business. One of the questions that every business owner or leader should ask is “Can this business survive data loss.”

Ransomware is very active. In 2015, it became a real pest. In 2016, it grew even larger. In fact, it grew so large that California amended its laws to include ransomware as part of its existing statutes that cover extortion. This is the first law of its kind among the states. The expectation is that ransomware will outshine itself in 2017. The techniques that ransomware uses have evolved. You no longer have to click a link in an email. You can just be shopping at a trusted site and click an image or link for ransomware to lock down your computer. It is very hard to undo ransomware and if you do not pay the ransom, then it destroys your data, files, operating system files, etc.

Virus, malware, and Spyware all evolve at the same rate as technology. Dealing with any of these vectors requires an almost constant attention to updating antivirus, anti-malware, and anti-spyware programs. It also requires that software installed on your system be updated frequently too. It helps to understand how all of these things fit together. With software, hackers and those people who design and write virus and malware use a variety of tricks to cause harm. One of the most common tricks is that they rely on aging software to gain entry into systems. That is why updating software is such a critical part of IT management. Without the security patches issued by software companies, all of these denizens would easily find a way into people’s computers.

Cybercrime seems like a hopeless and endless struggle. While it is endless, it is certainly not hopeless. It just requires the skills and talent to deal with it. That is why data recovery as a service (DRaaS) is important. It opens doors for small- and medium-sized businesses to manage the ongoing threats of data loss caused by natural disasters, human error, equipment failure, and cybercrime. Cybersecurity is difficult. Society has moved past the point where an antivirus program alone will reduce the risk of incident. Cybersecurity involves ransomware, virus, malware, spyware, identity theft, phishing, and a host of other issues.

Outsourcing data recovery gives business leaders access to professionals who live and breathe data recovery. These are the folks who deal with the emerging threats and handle the task of creating defenses that safeguard data.

Ten years ago it was sufficient to install antivirus. Today, you have to consider how time changes technology. We are past the point where we can install a program and then go about our business. Cybercrime has become so sophisticated that those people work to overcome security defenses. Without a constant effort to block them, your data is toast.

Can your business survive data loss?

Dell-EMC-Launches-Dell-EMC-PowerStore-with-Modern-Infrastructure

Swimming to the top in a sea of server offerings

Evaluating server suppliers can be tough.

In considering the Big Four, with similar options from the same chip manufacturers, NICs from the same networking vendors, and the same OEM’s disk and memory options, it can be difficult to look at servers as anything but a commodity.

On the other hand, each server supplier has their own unique messaging around how their server is the only server, and you are foolish to even consider any other option.

Sadly, there is no easy button. Speeds and feeds, if we are keeping it real, can be closely duplicated across brands. If you are looking for a differentiator, consider management tools. They are not all created alike. Here is a quick breakdown.

Lenovo XClarity

First, IT folks seem to expect a pricing advantage when choosing Lenovo. This does not seem to be the case: ‘… the price, for example, for the memory option, does not match other vendors such as HP or Dell.’ peerspot.com XClarity Controller does not monitor other suppliers, which means additional complexity and panes of glass XClarity caps at managing 1,000 servers – a paltry number compared to the other three XClarity files are triple the size, which means more time to execute and reboot Automation: This is the point, right? Not so much with XClarity – automation in response to alerts is not supported. Custom reports are also a no-go in XClarity

HPE OneView

Separate instances of OneView are required to manage Rack and Blade chassis (we live for managing management tools, right?) Because OneView does not recognize Converged (Blade) chassis as a system, management is wound back to the component level – something converged is designed to fix in the first place Automation: pack your coding chops, nothing comes pre-packaged While HPE dubs OneView as all-inclusive, storage management is not comprehensive

Cisco UCS Manager

UCS Manager only monitors Cisco. Is it realistic in 2022 to assume a 100% homogenous environment? Security: Surprisingly, Cisco offers no Silicon Root of Trust, no digitally signed firmware updates, no real-time firmware security scanning – all critical in detecting configuration drift and ensuring secure architecture that takes less time to manage Complexity: A UCS Manager instance is required for each domain. Multiple UCS Managers are managed by UCS Central (manager of the managers?). Cisco, not generally known for simplicity, stays the course here. Complexity in configuration and management costs time. Time is money. No OS deployment Data and management networks are one in the same. If one goes down, the whole thing goes down.

Dell OpenManage

Manage up to 8,000 devices from one, easy to use console, with elastic search for easier and faster navigation to what’s important

Deploy and manage infrastructure (including OS) for any Dell form factor as well as monitoring and creating alerts for 3rd party solutions

Template based automation is easy to get into production

Customizable Reports that are easy to get started and modify for your environment

Certainly, this is a high-level view, and management requirements are as unique as the workloads that drive the infrastructure. In any event, the criteria that really makes for the ‘best’ server go well beyond the experience of ‘that one time I called support in 2007.’

For more information, please contact myself, tfrederking@abtechtechnologies.com, or my AE, Barb Adkison at badkison@abtechtechnologies.com

backup-and-disaster-recovery-blog-1024x536-1

BEST PRACTICES FOR DISASTER RECOVERY IN THE CLOUD?

BEST PRACTICES FOR DISASTER RECOVERY IN THE CLOUD?

When you are operating a business or organization it is necessary to create an actionable and sound disaster recovery plan in order to protect yourself in the event of a natural disaster like a fire or flood, as well as from cyber-attack.  Disaster recovery plans help your organization to survive and thrive.

With disaster recovery services it makes restarting critical operations seamless and simple.  Cloud recovery services also help to mitigate major losses in revenue that inevitably happen following a slow-down in operations.  To keep your system running while maintaining profitability, a strong disaster plan is absolutely necessary.  Our plan supports business continuity.

In the unlikely event of a disaster, it is vital that you are engaged in a series of best practices to keep your organization safe and operable.  The importance of cloud-based data backup and disaster recovery is vitally essential.  These practices are helpful in protecting business operations, while providing safety against lost data as well as secure document backup.

Develop an effective disaster recovery plan   

The first thing any business needs in developing a disaster recovery plan is a good business impact analysis.  This will enable you to identify your system and dependencies.  Obviously, giving vital importance to your database is a critical component in protecting it.  Disaster recovery services help to support data backup securely.  A competent cloud disaster service will assist you in recognizing the associated risk that your company may face.  Also, disaster recovery helps find the impact of the risks on your IT systems and business procedures.  You should choose those disaster recovery plans that minimize your cost while maximizing benefits.  We also offer select services of continuous data protection as well as full data backup services.  You will have more frequent recovery points if you have more copies of your data.

DATA BACK-UP AND STORAGE – LOCAL OR CLOUD?

In a time of disaster, keeping your data safe and available should be a priority.  In the data-conscious world, cloud computing is becoming ubiquitous.  It offers various advantages for disaster recovery which are described below:

  • Programs and data can be recopied and restored rapidly due to automatic backup of your company’s programs and data…off-site.
  • For availability and maximum data security, redundancy of data banks is applied.
  • Automatic fail-back and fail-over events.

Although, during disaster recovery, local storage is still useful.  For instance, local storage is the most consistent option in case of any disturbance in internet connectivity or any external networks.  The best fit and highest protection for many businesses are a combination of local and cloud storage.

TEST YOUR PLAN REGULARLY

After the full testing of the disaster recovery plan, you will be aware of the efficacy of the plan in the face of disaster.  Regular testing is suggested as the business environment is continuously evolving and changing.  For the most ideal outcome, the following steps should be followed.

  • For your test, set specific goals and define key performance indicators clearly.
  • Along with the testing environment, look closely at the production environment as well.
  • Select a test that transforms your unique business requirements into deliberation.
  • After a full review of test results, update your plan as required.

To ensure system adherence, constant testing at frequent intervals is required.  This is essential especially, after adding new services such as cloud recovery services, network infrastructure changes as well as well as changes in human resources.  You should also include a brief review of the disaster recovery plan with every vital technology placement as well as process improvement.  For example, you will engage both internal and external partners by conduction cross-functional tests on critical processes.  You can use multiple scenarios for the testing.  You should also completely review your plan from top to bottom at least once per year.  After the wide-range review, you can adapt the reflected changes in your organization accordingly.

CONSIDER DISASTER RECOVERY AS A SERVICE (DRAAS).  

Outsourcing to disaster recovery as a service is an alternative option if you don’t have disaster recovery professionals in you in-house office.  Generally, a DRAAS partner can suggest best practices for your ideal business needs.  This is essential to maintain a balance between your unique business needs and essential IT investments.   

For the backup of critical processes, DRAaaS uses cloud resources.  It is also available for creating a secondary infrastructure to secure your complex data in the event of a disaster.  With the help of DRaaS, you can get your data protected and avoid data loss although, the business environment is constantly evolving and changing.  A proficient DRaaS partner can implement instruction according to test results and update your system for maximum security.  

You should also pay attention to your DraaS agreement.  It consists of what will and what will not be offered with your cloud service.  In order to avoid any disturbance, you need to understand it.  You must ensure which operations and what services are essential for this service.  You should know about the accessibility of data and applications and how rapidly they are accessed.  Make sure you are comfortable with the testing and update of service along with the guarantee of the integrity of data.

If you business would like suggestions on the development, testing, or implementation of disaster recovery plans, fee free to contact Abtech Technologies.

Dell-EMC-Launches-Dell-EMC-PowerStore-with-Modern-Infrastructure

Top 10 Reasons to Refresh legacy DellEMC storage with PowerStore

Top 10 Reasons to Refresh legacy DellEMC storage with PowerStore

As they say, all good things must come to an end. Storage administrators with expiring DellEMC storage solutions know this better than anyone. Acquired by Dell in 2010, Compellent, later dubbed as SC, featured Auto-Tiering which proved as a nifty way to keep the most frequently accessed data on flash media, and tier less frequently accessed data to less expensive spinning media. As newer technologies like NVMe have become affordable, Dell Technologies has cleared the way for a new front runner by expiring service for VNX, EqualLogic and SC. PowerStore, the first storage solution conceived, engineered and launched since the merge, offers features and functionality that build on all of these solutions. Even for Unity Customers, PowerStore is emerging as a storage platform that will be relevant for years to come. For Customers trying to calculate which direction to go, here are some things to think about.
  1. Native Migration: Dell has built in native, non-disruptive migration tools into PowerStore OS. For all of the headaches associated with any storage migration, this is something to think about. This includes LUNs and Volumes, Consistency Groups and Volume Groups as well as thick and thin clones. This is a BIG time-saver.
  2. Block and File: We have come a LONG way since Fluid FS. The ability to manage both from the same pane of glass and the same OS makes life much more simple.
  3. All NVMe: Performance we can afford has arrived. Throughput and IOPS a-plenty.
  4. 4:1 Deduplication is G-U-A-R-A-N-T-E-E-D: With a few exceptions (web-cam video is not included), capacity is sized for effective vs. usable, as Dell guarantees 4:1 data reduction.
  5. Dedicated hardware for deduplication: One of the rubs with UnityXT was that precious CPU and memory needed for I/O was also used for deduplication. There is a dedicated chip in the de-stage path reserved exclusively reserved for dedupe.
  6. Performance and scalability: Scale UP by hanging up to 3 SAS SSD expansion shelves under the first 2 node Base Enclosure OR Scale OUT by managing up to 4 Base Enclosures from a single pane of glass.
  7. Container Based OS: Gone are the days of clunky, slow, monolithic software updates. PowerStore users get more relevant features and functionality faster.
  8. Hypervisor Deployment: In a PowerStore X deployment, with the OS running as a VM, AppsON capability makes 50% of the system resources available to run guest VMs directly on the appliance.
  9. Single Drive expansion: Dynamic Resiliency Engine provides for mixing and matching drive sizes in single drive increments.
  10. Future Proof Guarantee: Satisfaction, Deduplication, and transparent support price guidance is all in writing.
For a demo, sizing, configuration, and preferred refresh pricing, please reach out to Barb Adkison at badkison@abtechtechnologies.com
4ddee79d-a011-4a79-a11c-84c3b231f8f2_Killware+Malware+That’s+Lethal+-+meta (1)

‘killware’ Raises the Stakes in the Game of Cyber Security.

‘killware’ Raises the Stakes in the Game of Cyber Security.

As Business Leaders and IT Professionals continue efforts to get off their heels and in front of cyber criminals, the threats are changing and making it more important than ever to protect our most valuable commodity – data.

While ransom events like Colonial Pipeline and Solar Winds certainly grabbed national attention, bad actors continue to quietly evolve their efforts. Colonial Pipeline reminded us that long gas lines, a 5-day shut down and $5M in crypto-currency are without question, undesirable circumstances. Solar Winds showed us that questions around data security in government agencies including the Pentagon, Homeland Security and the State Department are never welcome. Malware is center stage and the complexities of dwell time, customer confidence and lost revenue, to name a few, are real issues. Sadly, this seems to be the starting point for bad actors.

 

Enter killware.

Homeland Security Secretary Alejandro Mayorkas sounded the alarm regarding killware last week in an interview with USA Today. Referencing an attack on the Oldmsar, Florida water system earlier this year, he remarked, ‘The attempted hack of this water treatment facility in February 2021 demonstrated the grave risks that malicious cyber activity poses to public health and safety.’ The attack was intended to distribute contaminated water to residents.

In 2017, Julian Gutmanis, an experienced cyber first responder, was called to an undisclosed Saudi Arabian petrochemical plant where Triton malware had been deployed in an effort to disable safety systems.

In September of last year, Universal Health Services went to paper and diverted incoming ambulances in response to a cyberattack.

Malware is no longer just an issue of business continuity and profit. The next evolution, killware, is a matter of safety.

When it comes to protecting mission critical data, whether it’s accounts receivables, configuration files for day-to-day operations, or even safety systems, ‘good’ is no longer good enough.

On June 2, the White House issued guidance on protecting against ransomware. Among the recommendations, network segmentation was one of the highlights. Dell Technologies’ Power Protect Cyber Recovery solution differentiates by vaulting mission critical data behind an air gap.

Dell’s solution goes one step further by analyzing each replication to the vault at the content level. Using AI, ML and over 100 metrics, the Dell solution ensures integrity of the data by looking for indications of suspicious activity represented by encryption, corruption, and unusual change rates, to name a few. By focusing on the integrity of the data and by analyzing replications at the content level (competing solutions fall short by only looking at the meta-data), customers have the confidence that data in the vault is free of malware.

Multiple copies of data are important, unless they are all just copies of malware.

For a detailed discussion around Cyber Recovery strategies and Abtech Technologies’ 30-year tradition of services, please feel free to reach out at tfrederking@abtechtechnologies.com.

 

dellemc-ci-vxrail-homepage

Why move to the Dell|EMC VxRail for your next upgrade?

Why move to the Dell|EMC VxRail for your next upgrade?

HYPERCONVERGED. One of the many buzzwords thrown around today amongst the litany in the IT industry. What is Hyperconverged and how can it help revolutionize your daily business operations? Many years ago, the need for more and more applications caused data centers to grow, so did the need for additional servers. Servers were standalone, single points of failure for data availability. Since the hard disks resided in each individual server, any failures that occurred on that server would cause data to become unavailable until the issue was resolved. This resulted in extended periods of application inaccessibility and loss of productivity. To help solve the issue of a single point of failure, administrators turned to external storage arrays for better utilization of computing hardware and data availability across the compute stack. Enabling data availability to multiple compute resources, the external storage array became common place in the data center and remains so to this day. The storage array solved the problem of data availability for the compute but introduced the added complexity of daily management tasks and maintenance of the array. Many datacenters today still rely on multiple arrays for data accessibility and often from many different vendors resulting in multiple points of contact for problem resolution causing frustration and downtime. A Hyperconverged solution does away with the need for an external storage array and brings your compute and storage hardware back under one roof. Hyperconverged allows local disk storage on servers to be accessible amongst all the servers in the stack.

How is this possible?
VMware vSAN

VMware is the industry leader in virtualization and has continued to mature with a multitude of products and features. Out of that evolution, VMware vSAN was introduced to solve the problem of having to utilize a traditional external storage array.

The Dell|EMC VxRail leverages the vSAN technology and has brought storage back under the same roof by utilizing the local disk drives in the latest generation of Dell|EMC PowerEdge servers. The days of separate physical servers and a separate storage array have been replaced. The introduction of VMware vSAN brought the standalone physical server populated with local hard disks back full circle and allows for continuous uptime and availability.

As for day-to-day management, this is all orchestrated by an interface many administrators are familiar with, VMware vCenter.

VxRail architecture is built on a scale up and scale out methodology. As additional compute and storage resources are required, additional nodes are added to the existing stack allowing your virtual infrastructure to grow with your business needs, all without interruption to daily operation.

The Dell|EMC VxRail solves numerous problems commonly found in datacenters today.

Ease of updates

Now that the storage array is no longer necessary, updates are contained in one easy to install package. All firmware and patches are combined by Dell|EMC and VMware for a hassle-free update process. No need for separate software packages for disparate hardware and possible maintenance windows. It really is the easy button for keeping your virtualization stack up to date.

VMware vCenter – Minimal learning curve

Many system administrators are right at home with this tool. VxRail leverages vCenter as the main interface for your day-to-day operations. VxRail is built utilizing the VMware vSphere platform, there is next to no learning curve when bringing VxRail into your data center, just continue operations as usual. If you have yet to embark on the VMware journey, the intuitive tools and user-friendly interface turn the learning curve more of a slight incline.

Single point of contact for support

Sometimes just keeping the lights are the biggest challenge a system administrator can face. Nothing can make this more difficult than having to deal with multiple vendors who might not take responsibility when an issue arises. The VxRail solves this problem by having a single point of contact for issue resolution. No longer do you have to contact separate vendors for software or hardware issues as the VxRail is all inclusive. The hardware and software support process has been streamlined by Dell|EMC technical support.

Contact the VxRail experts at Abtech Technologies to further discover how the Hyperconverged VxRail platform from Dell|EMC can solve some of the most difficult challenges in your datacenter.

 

 

Ransomware red button on keyboard, 3D rendering

How Protected Are Your Backups Against Ransomware?

How Protected Are Your Backups Against Ransomware?

Ransomware today is big business for criminals, so profitable that we are seeing more organized crime and nation-state actors getting involved. The threat landscape today is larger than ever with supply chain attacks targeting major vendors and pushing compromised software updates as seen in the 2021 SolarWinds incident or shipping conglomerate Maersk in 2017. Each week we hear news of a well-known organization or public utility falling victim to ransom demands before data gets destroyed or sensitive information leaked. With the proliferation of untraceable crypto currencies reaching record monetary highs and ever more sophisticated encryption methods – the profit potential is higher than ever.

Experts say the best defense against ransomware is a good backup, but what if your backups get encrypted and held for ransom? What is the cost of not having a reliable backup?

Backups are the literal last line of defense against falling victim to ransomware. No longer should we consider backups an afterthought in case of a deleted file or recovering a previous version of a file overwritten by accident. Successful backup restoration is the single point of failure between paying a ransom and successful restoration of encrypted files. Backups, therefore, need to be protected at all costs.

Modern-day ransomware almost always scans for and targets the local backups first during the initial phases of infection. This is being seen in compromised Exchange Servers exploited from the March 2021 Hafnium attack.

If the ransomware can encrypt the backups or delete backups before the protected computers get encrypted, the higher the chances of collecting the ransom to recover the files. This makes protecting the backups ever more important, as it has become the definitive line in the sand between paying a ransom and recovering the files or losing everything.

Can we trust a criminal to hold their end of the bargain when paying a ransom? Paying a ransom also lets the unknown attacker put a value on this data and increases the likelihood of reoccurrence. Who is to say they will not try again? This makes offsite backups that much more important.

One of the best and often proven backup strategies is keeping a copy of the backups offsite or air-gapped. An air-gapped or off-site backup is an offline copy of the data and far less likely to fall victim to ransomware from a compromised network. This increases the chances of recovery and minimizes the chances of having to pay an actual ransom. A cloud-based backup can be a defining point between a business losing all its data and the need to pay a ransom. The question about a business having offsite backups is now getting asked from cyber liability insurance companies and is becoming a requirement for coverage.

However, just storing data offsite is not enough, downtime from ransomware can be significant ranging from days to weeks of lost revenue. This can be incredibly detrimental to a business’s bottom line. The time for recovery entirely depends on the method used for offsite backups.

One of the best methods for dramatically reducing downtime in case of an incident is performing a cloud-based spin-up. A cloud-based spin-up allows for business-critical servers to come online in a protected cloud environment while recovery and remediation take place at the original location. The replicated backups are physically air-gapped and with a proper retention policy in place, we can restore the data to a point in time before the ransomware encryption. This allows employees and businesses to recover from an incident in a much shorter time frame than restoring from backups to a compromised system. A cloud-based spin-up also allows IT staff to investigate and remediate a current infection and recover from the attack and keep business functioning at the same time.

However, a business’s ability to recover is only as good as their last tested backup. Just replicating backed-up data to the cloud is not enough. It is no longer an “if” for a business to be compromised, but more of a when? Therefore, it is imperative to schedule testing of the backed-up data to the cloud regularly.

All we need to do is imagine the scenario of finding out the backed-up data is not good and what implications it will have. As it is often said, an ounce of prevention is worth a pound of cure. Protecting backups from ransomware is now more important than ever. It can mean life or death for a business.

Fortunately, Abtech has a range of services that meet these needs, under our StorTrust brand. The key benefits include:

  • It is a fully managed service. Abtech manages the recovery so you can concentrate on other issues you may have within the business.
  • The service includes an annual test, so you can be sure your recovery will work.
  • We can provide fully air-gapped solutions as part of our service for the ultimate protection.
  • We include the ability to run your systems in our cloud for up to 30 days for no additional cost. This gives you and your staff time to clean your systems or order new ones.
    If you would like to know more, please call us on 1-800-474-7397 or email info@abtechtechnologies.com