Book demo
25 November 2020

Are you making the most of the latest IBM Storage Protect product release?

With two or three updates a year, Storage Protect is regularly improving its service and adding powerful new features. Interestingly, many of its users don’t always take advantage of these upgrades when the product releases land.

As a data backup and recovery platform, Predatar appreciates the value of IBM’s innovations, and we want to show you just some of the benefits that come from the latest Storage Protect releases.

If you want to know more about the releases and how they’ll help you keep your business and its data protected, you can view our free 30-minute webinar here. Led by Steve Miller, Chief Technology Officer at Predatar, you’ll learn how to best protect your DB backups and get even more from your Storage Protect investment.

Benefit #1 – Modernize your database backup process with cloud object storage.

As more organisations move towards a modern, tapeless infrastructure, there’s been a greater demand for a more streamlined database backup process. With IBM’s latest Storage Protect release (V8.1.10), you can now save your backups in a secure, secondary location – without provisioning extra storage or physically shifting tapes. These large DB backups can now be pushed to the S3 pool of your choosing (Google Cloud became available in the November release) and live off-site in encrypted, easily accessible cloud object storage. What’s more, this flexible solution will reduce the amount you spend on your infrastructure as you only pay for what you use.

Benefit #2 – Get second-site protection and recover from cloud backups.

Great news, you can now create an air gap without tape! If you protect your database in S3, and also store your data in Public Cloud, Storage Protect makes it much easier to protect you against single-site failure.

Thanks to this release, if you have a copy of your data in an S3 pool and your primary site becomes contaminated, all is not lost. As the backup is so geographically distant, the likelihood of the malware reaching it is slim. Yes, recovery may take a little longer than with tape but, for businesses that operate from only one location, this is the perfect solution for distancing your data. To make the fix, simply hook the server up to the object storage pools – that are safe in the cloud – and you’ll be good to go.

Benefit #3 – Create retention sets for long-term data.

A couple of versions ago, IBM introduced retention sets. Since this release, you’re now able to create point-in-time retention sets and make the most of efficient monthly backups. By defining a retention rule, you can leverage the data you already have on your backup system and create point-in-time backups to complement your daily ones. Basically, you’re telling Storage Protect not to delete existing data, until the retention set expires.

What’s more, you can also create a ‘retention hold’ to stop important data from ever being deleted. This bypasses previously established expiration dates and keeps hold of the specified data until you say differently.

Benefit #4 – Strengthen your security with default TLS.

Since Storage Protect release V8.1.2, there have been various enhancements which will help to protect your data and bolster your security. Where previously using Transport Layer Security was optional, it’s now compulsory – meaning you must exchange certificates when you authenticate. While this makes it harder for people to impersonate a client and restore backups, a more recent update has also introduced an admin sign-off process for any destructive commands. As soon as someone attempts to delete or remove data, your designated admin/s will be notified and need to approve the action.

Want to learn more? Watch our webinar recording.

Make the most of every Storage Protect release with guidance from Predatar’s Chief Technology Officer, Steve Miller. In our 30-minute webinar Steve takes you through all of Storage Protect’s 2020 releases and shares even more of the business benefits that can come from these simple updates.

Watch it now: Make the most of every Storage Protect release

Learn more about
Predatar recovery assurance

20 November 2020

Battening Down the Data Hatches for Black Friday

Ahh, Black Friday. It’s a plentiful day (now stretching to a full week), brimming with shiny bargains and special offers.

Every year, Black Friday comes and goes almost as suddenly as it appears. Like a thief in the night, it burns holes in our pockets and puts retailers and organisations back in the black. This year more than ever, Black Friday will play a fundamental role in aiding many businesses recovering from the adverse effects of COVID-19.

However, despite its merits, sorry looking bank accounts and bargains are not the only thing that Black Friday opens us up to. It also opens up organisations to data breaches. Take Amazon, for example. The Amazon sale for Black Friday 2018 saw a significant data breach. The details of thousands of customers were leaked just hours before the event took place. The leak was put down to an ‘inadvertent technical error’, suggesting it was Amazon’s IT team that took the hit for the breach.

Prophets or Profits?

So why do events like Black Friday leave our businesses more susceptible to cyber-attacks, hackers and data leaks like this one?

In the bustle of Black Friday, organisations big and small are often scrambling to ensure their servers can manage the onslaught of site traffic. They’re trying out new applications, forming new programmes, transferring ecommerce to the cloud; the list is endless. Actions like this, although well intended, can often leave minor – and sometimes major – gaps for data breaches.

For instance, a simple human error could be made in the rush to prepare things. It could cause the malfunctioning of a programme required to process customer data; ultimately leaving the data vulnerable, out-in-the-cold and easy for cyber criminals to gain access to.

On the other end of the spectrum, cyber criminals may directly attack less secure sites in the knowledge that Black Friday brings an abundance of opportunity to credential surf or RAM scrape.

Vigilance or Vigilante?

To combat potential breaches like these, organisations should take into account that Black Friday is simply not ‘business as usual’. Programmes and applications should be tried and tested with vigour. Data protection software should be up-to-date and functioning at full capacity with all-hands-on-deck. Extra layers of data protection may even be required. For optimal management, you may want to consider a SaaS data platform.

It also bodes well to remember, whilst customers do have a responsibility to protect their own data – organisations should be making this easier for them, not harder. Any external emails to customers should be well designed and clearly marketed, making it easier for customers to tell a real email from a fake phishing attempt. It should also be made clear what customer data may be shared and why.

So, don’t rush, be meticulous, test, test and test again. And, most importantly, happy bargain hunting!

 

Learn more about
Predatar recovery assurance

11 November 2020

Recovering from a Ransomware Attack: The road to recovering your data

In recent months, we have seen a rapid rise in ransomware attacks. Covid-19 has forced businesses to make fast changes, occasionally leaving holes in their IT systems for cybercriminals to creep through.

These attacks could be through the means of phishing, attachments, hidden links or in more direct formats like leaked passwords or guest passwords. Whatever the cause, these attacks have the potential to lay dormant for quite some time. Lying dormant allows the initial infection to take hold before spilling over and causing a noticeable event that alerts IT teams to its presence. Dormant and slow attacks allow a wider range of infection; singular computers may not only be at risk but put user ID’s – with access to multiple machines, operating systems and backup software – at risk.

Although dormant attacks are perhaps the more damaging, some attacks will be immediate and brutal, destroying as much data as possible in as little time as possible. The threat here is that IT teams don’t have enough time to scramble and halt the infection.

So, let’s say your organisation has been the victim of a ransomware attack. Now what? Where do you go from here? It might seem like there are endless possibilities and roads to go down, but one thing is clear:

You need a recovery plan

“But we already have one, why do we need another one?” The thing about ransomware attacks is that, like a real infection or virus, they change and adapt. Cybercriminals will often analyse the effectiveness of their attack methods and alter code. Organisations must understand this. They should be making a commitment to incrementally update and manage their backup and recovery processes to ensure the most effective protection of their data. Ransomware avoidance is simply is not enough; it will happen sooner rather than later. It must be followed by flexible backup and recovery plans that aim to prevent as much data loss as possible following a ransomware attack.

Let’s think back to 2017, when the infamous ransomware ‘WannaCry’, infected over 300,000 computers in 150 different countries, simply by spreading through a local network – no harmful links, no dodgy email attachments. It’s all very well the malware was eventually put a stop to but by then, data had already been compromised and cybercriminals were free to adapt the code and worsen the effects of the next planned attack.

Backup but not forgotten

It bodes well to remember that the aim of a sturdy backup and recovery plan is not to protect the perimeter. The aim of backup and recovery is to recover the overall environment, understand the level of infection and research the backup catalogues in order to find the earliest uninfected files. By promoting a culture where infection intelligence is ongoing, backup and recovery can be made into a flexible and compliant process.

The scanning processes of some backup vendors can detect locked files and directories alerting the user to the effects of ransom activities after the fact. Others can search backup images for infection signatures in an effort to avoid reseeding the environment by recovering infected backups. However, these measures really only signal how far the horse has bolted.

Take a step

Predatar uses a mixture of methods and approaches to help automate the backup and recovery process, taking the initial heat off of IT teams. Ultimately, rapidly recovering environments and ensuring that organisations have the best of their data back after disaster strikes.

For more on this topic why not watch this 20 minute presentation taken from our Control 2020 conference. It can be viewed from the Predatar You Tube channel here

 

Learn more about
Predatar recovery assurance