Archive for data protection

A Good Backup Strategy: Your Best Defense Against Ransomware

By Tom Fedro
As seen in Security Magazine 2.2.17 –

http://www.securitymagazine.com/articles/87775-a-good-backup-strategy-your-best-defense-against-ransomware

Last year, cybercriminals attacked the California-based Hollywood Presbyterian Medical Center, encrypting files crucial in running the hospital’s operating systems and demanding a ransom to restore them to working order. The scam worked – after 10 days of futility, the hospital surrendered and paid $17,000 to regain system control.
Other hospitals, government agencies and businesses in the U.S. and abroad were targeted similarly last year, leading CNET to dub such ransomware scenarios as “the hot hacking trend of 2016.” And the numbers are truly staggering. Osterman Research estimates that nearly half of surveyed organizations have been hit with ransomware within the last year, and concludes that ransomware will amount to a $1 billion source of income for cyber criminals in 2016. In a recent report, Kaspersky Security states that in Q3 2016, a business was attacked by ransomware every 40 seconds, and that even after paying the ransom, one in five of them never got their data back.

Apple Users Now a Target

But while many ransomware instances go unreported due to embarrassment or the desire to not be targeted again, the attacks were thought to be largely focused on the Microsoft Windows software realm, leaving Apple users relatively unscathed. But that changed in 2016 when the first public ransomware targeting Apple systems was discovered by Palo Alto Networks, which found a popular BitTorrent client for Apple’s OS X software for Macs infected with ransomware. Known as “KeRanger,” the ransomware is delivered with a ransom note demanding 1 Bitcoin, which has a current market value over $700. Fixing the problem can also be complicated and time consuming.
Antivirus software also isn’t having an impact; by the time a computer is infected with ransomware, it’s likely that the antivirus software won’t detect it until it’s too late and the damage has been done. The encryption used by modern ransomware is often too good to crack, leading most security experts to conclude that the best approach to fighting ransomware is to avoid it in the first place.

Different Backup Approaches

It seems the most effective way for Apple users to safeguard their computer files from these nefarious attacks is through regular backups. And, in the event you are hit with ransomware, the solution would lie in simply restoring your system to the state it was before the malware hit your computer. There are several backup and restore approaches to consider for the Apple environment:
Time Machine is the backup software application distributed with the Apple operating system, introduced in Mac OS X Leopard. It was designed to work with various storage drives such as Time Capsule. But for Time Machine to be effective, files must be unlocked or closed, which may not be practical for those currently in use. In addition, there is the possibility of a two-step process within OS X that requires users to reinstall the operating system before retrieving the application and files from the backup image.
File System Snapshots simplify backup and recovery by taking a point-in-time virtual file system photo. But while this backup method can be employed to protect active operating systems, depending on files sizes, it can take significantly more time.
Disk Management Solutions can create image-based copies of a disk or partition (or multiple disks and partitions) whether active or inactive, at a specific point in time far more quickly. Such robust offerings have the advantage of being able to make consistent sector-level backups (also often referred to as Snapshots) even if data is being currently modified.

Thus, while there are different backup approaches to consider, the bottom line is that a regular, proactive backup strategy – potentially even a multi-pronged approach – is your best defense against crippling ransomware attacks. And while Apple users were once immune from such attacks, they too now need to join the rest of the computer world in being vigilant in protecting themselves. After all, like many things in life, when it comes to avoiding being held hostage by cybercriminals, an ounce of prevention is worth a pound of cure.

The Value of Data Storage vs. the Cost – Software Defined Storage

Balancing the cost vs the value of storageSenior Strategist Randy Kerns argued on Storage Soup that businesses cannot really just focus on the cost to store information; that the focus should be about the value. Other factors, for example, should be evaluated such as the speed at which data needs to be retrieved, how important the protection and integrity of the data is, how long must the data be stored to meet compliance and regulations in the industry. He is really spot-on.

Often, IT managers, directors and engineers find themselves arguing the need for highly effective storage and backup solutions only to be shot down by Finance. Unfortunately, it sometimes takes a disaster, such as a hurricane, fire, earthquake. tornado or some other event, to get their point across. Communication is paramount; tech managers must speak in the language of profits and losses to help drive the point home.

While the argument for the value of securing data is important, especially as our need to save data increases exponentially we can’t dismiss the associated investment involved. Fortunately, the cost of saving and protecting the data has decreased with advances in technology. In fact, software-defined storage seems to be logical direction for the market to head. By implementing a software solution for storage, the hardware manufacturer is irrelevant, enabling the engineer to use commodity off-the-shelf (read inexpensive) components.

Good news is there are storage options on the market today that make securing your company’s data much more affordable than it was even 12 months ago.  Software defined storage is a trend that needs to be followed closely by any serious IT Executive.

Benefits of Licensing the Technician Rather Than the Hardware

Hard Disk Manager Field Technician License

By Tom Fedro

Guardian I.T. Services, a provider of IT services and consulting in southwest Florida, was faced with multiple similar projects where clients – including Charlotte County Airport Authority’s Punta Gorda Airport – had to migrate critical systems to new hardware and/or larger drives, to meet the growing demand for more storage and performance.

David Ward, president of Guardian I.T. Services, searched for nine months for software that enabled him to migrate his customers’ servers to new drives or all new hardware without hassle and without any risk of data loss. After vetting a short list, Ward selected software that ultimately offered a suite of disk management tools (including image-based backup and recovery), as well as a licensing model that saved his clients thousands of dollars because the software was uniquely licensed to the user rather than the hardware. Paragon’s Hard Disk Manager (HDM) Technician License offered twice the features at half the cost as the next best product he tested; the Technician License decreased the per-server cost even more.

After only four months of using HDM to create snapshots of all of the airport’s security systems, the hard drive of one of the servers failed and brought the entire system to a halt. The server that failed stored and managed all of the airport’s security data such as badges, personnel information, and security clearance – required for FAA, TSA, Homeland Security and FBI background checks along with all other regulations airports fall under.

The system was ultimately restored from an HDM image-based incremental backup to new hardware (MS Server 2003 with a new RAID configuration and two 500GB SATA hard drives).  Paragon’s “Adaptive Restore” technology allowed for a seamless restore to the dissimilar hardware.

It took only 54 minutes to get the server back up and running like nothing had ever happened. “After that one incident I will never consider using anything else; I absolutely swear by it,” said Ward about the Paragon product. “Before buying anything else, you must try Paragon. For a server restore or migration, no other software comes close in restore time, reliability and ease-of-use. I recommend Hard Disk Manager Tech License for any company with field technical support.”

Today’s Storage Mosaic

Popular Backup Methods by IndustryBy Tom Fedro

Paragon recently surveyed more than 370 IT professionals regarding the backup and restore methods employed in their networking environment. The results show that today’s storage environment is primarily serviced by local servers and Network Attached Storage. Cloud storage only made up 30 percent of the mix. And, long ago considered obsolete, tape’s foothold is nearly 40 percent.*

However, the interesting numbers lay among the makeup of storage implemented in vertical markets. Among those surveyed, the

  • Healthcare, aerospace and aeronautics industries did not use cloud services for backup at all, instead relying primarily upon local server and tape storage–this may be due to the sensitivity and complexity of the data produced by these two industries, along with associated regulations;
  • Finance industry’s unique mix of very short system-recovery and long data-retention requirements makes it the market segment with the highest integration of cloud services (36.8 percent) in the storage environment. Finance is also the highest integrator of tape into the storage mix, 68.4 percent of those surveyed; and lastly
  • Logistics and Government industries were the second and third highest users of tape backup.

Here’s a look at how the numbers aligned:

Industry

Server

Tape

Cloud

Aerospace/Aeronautics

66.7%

50.0%

0.0%

Education

50.0%

53.6%

17.9%

Finance

47.4%

68.4%

36.8%

Healthcare

50.0%

50.0%

0.0%

Government

60.0%

56.0%

16.0%

Insurance

50.0%

50.0%

25.0%

Logistics

66.7%

66.7%

33.3%

Manufacturing

41.7%

55.6%

25.0%

Non-Profit

42.9%

42.9%

21.4%

Real Estate

75.0%

50.0%

25.0%

Retail

47.1%

23.5%

35.3%

Telecommunications

33.3%

50.0%

33.3%

Transportation

60.0%

40.0%

10.0%

For all the hoopla surrounding cloud, it appears that in all industries IT professionals still prefer to maintain some control over their organization’s critical data, unwilling to completely trust the cloud in the event of a disaster.

* Note: In some cases, multiple storage methods are employed within the same IT environment thus resulting in a totaling of storage methods greater than 100 percent.

Paragon Software Survey Results Show That Performance Is the Most Important Consideration in Backup and Recovery Software

Additionally, Over 70 Percent of Respondents Are Still Utilizing Windows 2003 and Nearly 80 Percent Have Windows XP in Their Operating Environments

Disk drive partition misalignmentBy Tom Fedro

Paragon Software conducted a survey last quarter that consisted of both Paragon and non-Paragon customers. Respondents revealed a couple of interesting results: 1) a reluctance to upgrade older operating systems (OSs) with newer software platforms and 2) when considering a backup and recovery software solution, performance is more important than price or support.

Out of 580 respondents,

  • 70.8 percent of respondents are running Windows 2003 in their environment and 79.0 percent of the respondents are running Windows XP in their environment
  • In order of importance when selecting a backup and recovery solution, 77 percent of respondents rated performance as their highest priority (over price and support)

At first, the two do not seem related, but in fact they are. No matter the reason for keeping an older OS in operation (i.e., cost or functionality), system performance may become an issue due to the transition from the 512-byte sector to 4K-byte sector storage standard. As explained in Partition Alignment: Problems, Causes and Solutions written by storage guru Thomas Coughlin, “…older operating systems and utilities can misalign the logical sectors in the host device and the physical data on the HDD sectors resulting in a significant performance degradation…if there is misalignment of the 512 byte logical sectors to the 4K byte physical sectors, it forces the hard disk drive to perform an addition read operation…” Hence, if you use an older OS with a newer 4K disk drive, you will run into performance issues.

Luckily, Paragon Software has an easy solution to correctly align your partitions and eliminate redundant read/writes: the Paragon Alignment Tool (PAT). PAT is a powerful utility that automatically detects if the drive is misaligned and then properly realigns all existing partitions, including boot partitions (and any data they contain) to the 4K-sector boundaries. Additionally, if you are using virtual server technology or have recently upgraded to solid state drives, your partitions may be misaligned.

Without realignment, performance loss can range between 20 and 50 percent, which can cause catastrophic issues during peak times.

 

Membership in the SD Association Ensures Accessibility to Engage in Standards Development for Embedded Technology Critical in Today’s Smart Phones, Set Top Boxes and TVs

By Tom Fedro

Over the last few years, demand for cross-platform drivers has exploded with the proliferation of Smart Devices like Smart Phones, Smart Set Top Boxes and Smart TVs.  And, more importantly, the trend shows no evidence of slowing down. As such, software developers involved in the technology that is critical to these devices should be an active member of the SD Association.

Another important aspect of membership is to providing validity of the developer’s commitment to meeting industry standards across the SD card industry to its OEM partners. SD standards apply to a wide range of peripheral consumer electronics beyond Smart Devices; they also apply to storage media for mobile phones, digital audio players, car navigation systems and electronic books. Technology like Paragon’s embedded exFAT, NTFS and HFS+ for Android and Linux driver technology enables compatibility for mobile devices across a variety of operating systems i.e., Windows™, Mac, Linux, Android™, etc.

Cross-Platform Drivers Ensure Read/Write Operability

OEMs use of SD card technology continues to expand as the consumer electronics device markets cross boundaries and merge. For example, Smart TVs have SD card readers so that consumers can view videos and photos over their televisions without the need of a cable to connect the device to the TV.

Consumers expect their Smart devices to recognize external media regardless of its operating system and to perform at full speed, allowing recording and playback for full HD and 3D video content. Exhibiting industry leadership by actively participating in the SD Association not only ensures that you are at the top of your game, but also lends assurance to OEMs that your products provides compatibility and integrity of the consumer’s stored data –a critical OEM requirement.

State Governor’s Office Ensures Reliable Backup in Case of Disaster

Paragon Backup Software for Disaster RecoveryBy Tom Fedro

After Hurricane Katrina hit the Gulf State region of the U.S. in 2005, IT departments in states based in the southern part of the U.S. became particularly sensitive to the potential loss of their critical data.

When the director of technical services started his new position in the govenor’s, one of the first tasks was to replace the old tape backup system with a more reliable, and cost-effective, image-based backup solution. After a lengthy and comprehensive evaluation process Paragon Software’s Hard Disk Manager (HDM) Server was selected to ensure that their files were safe in case disaster strikes.

Not long after the selection was made the office had its first test of the new backup system. Their RAID controller and the backplane on one of their servers failed, thankfully Paragon’s HDM solution rose to the challenge and not only ensured there was no data lost, but also had the office back up and running in record time. To read the case study in its entirety along with others, search by product or by market.

To view a video demonstration of our Drive Backup Server software (bundled with HDM for Servers), check us out on YouTube:

 

 

The Costs of Data Loss Extend beyond Financial

By Tom FedroCosts of data loss by Tom Fedro

Companies today have become more and more dependent on the efficiency and security of their data.   It’s amazing how often, though, I come across people with absolutely no data protection strategy in place.  Any data loss hurts business. A large data loss interrupts the flow of work, and cause a loss of both profit and productivity.  I tell people all the time that protection of data should be a top priority.

Of course, they counter by pointing out that I’m a data storage expert and focus my work on data.  Maybe that does make me a more adamant advocate, but look at ways data loss can hurt you:

  1. Productivity.  You use your data in the course of your day.  How much work would you or your employees get done if you didn’t have access to it?
  2. Customer Loyalty.  How many times will losing your customers’ information occur before they stop being your customer?  Have you ever had that sinking feeling when a company you’ve used for a long time can’t locate your information?
  3. Intellectual Property.  What if your data is your product?  Do you want to lose code, lose ad copy, images, or publications?  How much loss it there when an intellectual asset isn’t protected intelligently?

These are just three quick examples of data loss costs.  There are a great many more that are possible and even probable.  Your data is a tool and an asset, and you’re not serving your organization well if you’re failing to plan correctly for protection.

Of course, in the end, it might be impossible to figure the complete amount of financial loss that is possible when data protection fails.  Consequences can vary from mere annoyance, to devastating, and there is no way to cope with the risk without figuring out a contingency plan. What has your company done in this area?  How safe is your data?  How are you managing your data storage?  Action on these questions now can save a lot more than a few dollars in the future.

The Importance of the Recovery Time

By Tom Fedro

Tom Fedro discusses data backupThe goals of data backup and recovery can be summarized with two metrics. The Recovery Point is the term that describes the point in time at which a system and its data is protected. The metric might be expressed as a time value in days or hours. If a system is backed up nightly, all data is recoverable to the previous night. Data altered between the backup and the crash represents data at risk. Some organizations will attempt to create a recovery point that approaches continuous backup. Therefore, data at risk is minimized.

The Recovery Time is concerned with restoration rather than backup. This metric represents the length of time it takes for data and systems to be made available after an interruption. Unfortunately, this particular element of storage management is often relegated to the back burner. The level of distress in a catastrophic failure is usually great enough that the relief associated with the final return of the data overshadows the interruption in availability. The fact that critical data was recovered becomes more important than the loss of productivity and business operational efficiency prior to its recovery. This kind of thinking, though, is short-sighted and based on reactionary management rather than proactive business management.

Data is important to a company for its use, not just for its existence. When the data is not available for company operations, there are hard costs as well as opportunity costs involved. Real costs are obvious. Employees sitting at a desk unable to work still generate payroll expenses. A building filled with computers not in use still has a lease cost per square foot. In short, company overhead continues but the revenue that overhead should generate is lacking. No business would survive willingly continuing to expend with no expectation of return. When critical data and systems are unavailable to assist in the conversion of company efforts into profits, this is exactly what occurs.

Opportunity costs are also generated during an interruption in system availability. Orders cannot be processed. Sales cannot be made. Customer interactions (and customer relationship management is one of the most critical aspects of ongoing profitability) are hampered, meaning continued monetization of the customer base is impossible. Sadly, these losses are hidden. They’ll never appear on a company’s financials and will likely never be noticed. Still, the losses are real, and companies fail because they ignore the vague by real impacts of opportunity loss.

Hard costs and opportunity costs mandate that companies examine their recovery time objectives with the same attention given to their recovery point objectives. Data is not an amorphous idea that needs protection. It is the very foundation by which most companies operate and continue as going concerns. Availability of that data is as critical to a company’s success as the existence of the data, and until both aspects of the company’s reliance on its systems are addressed, the company has no effective data protection strategy.

 

 

Don’t Forget IT Resources Are Resources Indeed

Tom Fedro and Drive BackupBy Tom Fedro

There’s a great line in the first Jurassic Park movie.  Jeff Goldblum’s character says (and I’m paraphrasing), “You were so busy trying to figure out if you COULD do it that you never stopped to think about if you SHOULD do it.”  I have always liked that line.  Sometimes, technology is all about whether or not we can accomplish something, and the result is a complete dismissal of the purposes and the impacts of technology.  Anyone who’s spent time in the world of technology has seen a brilliant programmer or engineer literally shaking with excitement over something that—well, sure, it’s neat, but let’s face reality, here—has absolutely no value over and above the accomplishment of making it happen.

For business, an IT department ought to be all about the SHOULD and not the COULD.  We tend to forget that IT resources are just that, resources.  A good company will use its IT resources to ensure business continuity, to make sure that the company’s operations are served efficiently and effectively with minimal (the goal is none at all) interruption.  Sometimes, we let that goal cloud the fact that the resources spent to accomplish that are also coming out of the company coffers.

Case in point—the Salvation Army.  Jim Vizzacaro, who runs the Eastern Michigan Division’s technology worked over and above what anyone has the right to expect of a technology officer in order to ensure the organization could keep up with its goals and demands.  He and his team spent hours manually installing, re-installing, backing up, and deploying images to servers with the right and correct goal, to keep the money flowing to the people the Salvation Army helps.  When they acquired Paragon Software’s Drive Backup 10 Server Edition, the department’s workload was dramatically reduced.  The money the Salvation Army spent on hanging on could instead go to improvements, training, and other priorities.

The situation with the Salvation Army and drive backup isn’t unique.  The IT Administrator at Purdue saw a savings of three hours every single day.  That is three hours of the IT manager’s time.  Three hours.  I could repeat “three hours” eleven or twelve more times, and it wouldn’t lose the remarkable power of that statement.  What would the average IT professional give to get three hours back?  Dare I say…shudder…that three hours of an IT professional’s day is worth more than three hours spent elsewhere?  When you consider that those three hours can go to improvement rather than maintenance, I think you can see a good case for it.

Remember, management of data is all about minimizing loss.  That loss could come from downtime, data loss, system failure, data breach, or a number of other issues relating to data protection.  Let’s not forget the hidden losses, the ones that come from inefficient handling of the processes that protect the data and the business continuity in the first place.