W. Curtis Preston

Author Archives: W. Curtis Preston

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Ransomware recovery: Cloud is the way to go

If you’ve been attacked by ransomware, a fully automated, high-speed disaster recovery is the way to successfully avoid paying the ransom. Recovery is the second step in the two-step process after getting rid of the malware as described here.There are three ways to affect a disaster recovery after a ransomware attack: a traditional recovery, an image-based recovery, or a cloud-based recovery. But the only way for most environments to afford automating a large-scale recovery is to recover in the cloud.How to protect backups from ransomware Traditional disaster recovery A traditional disaster recovery is one where you begin a traditional restore after you have suffered a loss—in this case, after you receive a ransom demand. It is still a traditional restore if you are restoring virtual machine images to a hypervisor platform such as VMware, Hyper-V, or KVM, or a hyperscaler such as AWS, Azure, or GCP. What makes it traditional is that you are waiting until the event happens to begin the restore. (As you will see later in this article, there are ways to restore the data before you need it.)To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Make sure your laptop backups can handle ransomware

With increasingly mobile workforces, it’s important to effectively backup corporate data that resides on laptops, which requires a unique set of features not found in traditional backup systems used for desktops attached to corporate LANs.Laptops have all the functionality of desktops, but are readily lost or stolen, have limited bandwidth for connectivity to corporate resources, and can spend unpredictable spans of time disconnected or turned off. So it’s important to find backup options that meet these challenges, which can also include ransomware attacks.Backup lessons from a cloud-storage disaster Backing up laptops properly also makes upgrading them much easier, especially in the world of remote work. A good backup system can restore a user’s profile and data, and makes replacing a laptop much simpler for both the IT department and the person whose laptop is being replaced. With the right system in place, all you have to do is ship them a new laptop.  They can restore their own profile and data without IT intervention, saving time, effort, and a lot of money.To read this article in full, please click here

Make sure your laptop backups can handle ransomware

With increasingly mobile workforces, it’s important to effectively backup corporate data that resides on laptops, which requires a unique set of features not found in traditional backup systems used for desktops attached to corporate LANs.Laptops have all the functionality of desktops, but are readily lost or stolen, have limited bandwidth for connectivity to corporate resources, and can spend unpredictable spans of time disconnected or turned off. So it’s important to find backup options that meet these challenges, which can also include ransomware attacks.Backup lessons from a cloud-storage disaster Backing up laptops properly also makes upgrading them much easier, especially in the world of remote work. A good backup system can restore a user’s profile and data, and makes replacing a laptop much simpler for both the IT department and the person whose laptop is being replaced. With the right system in place, all you have to do is ship them a new laptop.  They can restore their own profile and data without IT intervention, saving time, effort, and a lot of money.To read this article in full, please click here

Backup lessons from a cloud-storage disaster

The largest cloud provider based in Europe, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre PompidouTo read this article in full, please click here

Backup lessons from a cloud-storage disaster

The largest cloud provider based in Europe, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre PompidouTo read this article in full, please click here

Ransomware: How to make sure backups are ready for a real attack

The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity’s sake, they’ll all be referred to as backup here. More about backup and recovery:To read this article in full, please click here

Ransomware: How to make sure backups are ready for a real attack

The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity’s sake, they’ll all be referred to as backup here. More about backup and recovery:To read this article in full, please click here

Ransomware: How to make sure backups are ready for a real attack

The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity’s sake, they’ll all be referred to as backup here. More about backup and recovery:To read this article in full, please click here

How to protect backups from ransomware

Ransomware is becoming the number one threat to data, which makes it essential to ensure that bad actors don’t encrypt your backup data along with your primary data when they execute ransomware attacks. If they succeed at that, you will have no choice but to pay the ransom, and that will encourage them to try it again.The key to not having to pay ransom is having the backups to restore systems that ransomware has encrypted. And the key to protecting those backups from ransomware is to put as many barriers as you can between production systems and backup systems. Whatever you do, make sure that the only copy of your backups is not simply sitting in a directory on a Windows server in the same data center you are trying to protect. Let’s take a closer look at a few key elements of that sentence: “Windows”, “same data center”, and “sitting in a directory”.To read this article in full, please click here

Disaster recovery lessons from an island struck by a hurricane

(A hurricane devastated an island that held two data centers controlling mission-critical systems for an American biotech company. They flew a backup expert with four decades of experience to the island on a corporate jet to save the day. This is the story of the challenges he faced and how he overcame them. He spoke on the condition of anonymity, so we call him Ron, the island Atlantis, his employer Initech, and we don’t name the vendors and service providers involved.)Initech had two data centers on Atlantis with a combined 400TB of data running on approximately 200 virtual and physical machines. The backup system was based on a leading traditional backup software vendor, and it backed up to a target deduplication disk system. Each data center backed up to its own local deduplication system and then replicated its backups to the disk system in the other data center. This meant that each datacenter had an entire copy of all Initech’s backups on Atlantis, so even if one data center were destroyed the company would still have all its data.To read this article in full, please click here

Disaster recovery lessons from an island struck by a hurricane

(A hurricane devastated an island that held two data centers controlling mission-critical systems for an American biotech company. They flew a backup expert with four decades of experience to the island on a corporate jet to save the day. This is the story of the challenges he faced and how he overcame them. He spoke on the condition of anonymity, so we call him Ron, the island Atlantis, his employer Initech, and we don’t name the vendors and service providers involved.)Initech had two data centers on Atlantis with a combined 400TB of data running on approximately 200 virtual and physical machines. The backup system was based on a leading traditional backup software vendor, and it backed up to a target deduplication disk system. Each data center backed up to its own local deduplication system and then replicated its backups to the disk system in the other data center. This meant that each datacenter had an entire copy of all Initech’s backups on Atlantis, so even if one data center were destroyed the company would still have all its data.To read this article in full, please click here

Facts about backup security that should scare you to death

Least privilege—the idea that each person in your organization should have the least number of privileges they need in order to accomplish a given task—is an important security concept that needs to be implemented in your backup system.The challenge here is that network, system, and backup admins all wield an incredible amount of power. If one of them makes a mistake, or worse, intentionally tries to do the company harm, limiting the amount of power they have reduces the amount of damage they can inflict.For example, you might give one network administrator the ability to monitor networks, and another one the ability to create and/or reconfigure networks. Security admins might be responsible for creating and maintaining network-administration users without getting any of those privileges themselves.To read this article in full, please click here

Facts about backup security that should scare you to death

Least privilege—the idea that each person in your organization should have the least number of privileges they need in order to accomplish a given task—is an important security concept that needs to be implemented in your backup system.The challenge here is that network, system, and backup admins all wield an incredible amount of power. If one of them makes a mistake, or worse, intentionally tries to do the company harm, limiting the amount of power they have reduces the amount of damage they can inflict.For example, you might give one network administrator the ability to monitor networks, and another one the ability to create and/or reconfigure networks. Security admins might be responsible for creating and maintaining network-administration users without getting any of those privileges themselves.To read this article in full, please click here

Backing up databases is critical and complex

Databases, also referred to as structured data, are an essential part of any data center. While databases do not typically hold a high percentage of the terabytes housed in a given data center, they do hold a high percentage of mission-critical data. Understanding their unique structure and operation is key to backing them up.Structured data cannot be backed up like unstructured data due to three very big challenges. First, databases are typically stored in datafiles that are constantly changing as long as something is making updates to the database. This means you cannot just back them up like any other file.To read this article in full, please click here

1 2 3