Month: August 2021

Let the cloud come to you.

To open our new CEO blog series, Predatar CEO Alistair Mackenzie (or as we like to so fondly call him, Al), talks about becoming cloud-native.

Working for a SaaS company, I was intrigued by this recent article on Cloud economics, and you should be too.

You can read it for yourselves of course, but here are the highlights:

• Analysis by the Andreessen Horowitz team showed that the top 50 SaaS companies were spending an average of 50% of their revenues on cloud infrastructure
• Repatriation to on-premise could halve infrastructure running costs for companies at scale

Personally, my favourite quote from the piece is:

“You’re crazy if you don’t start in the cloud; you’re crazy if you stay on it”.

The problem though is repatriation can be a non-trivial exercise, depending on how you arrived in the cloud in the first place. Simply “lifting and shifting” workloads to a public cloud provider then shifting back again is somewhat easier. Moving VMware workloads to the cloud is a good example of this, though it’s harder to understand the rationale. It’s not cheaper and it requires almost the same labour resources to operate, wherever the workloads reside.

So, starting in the cloud makes more sense; especially for new projects or new start-ups. In the early stages of turning your creative ideas into software code, paying a “flexibility tax” to access the agility of the cloud is worth the peace of mind. In 2019 when Predatar decided to move from a monolithic application design to microservices, it chose to use public cloud infrastructure as a service. The development team was in experimentation mode and the public cloud allowed for more creativity. But as we move the new SaaS platform into full-scale production, should we stay on public cloud infrastructure or move to on-premise?

Although no decision has yet been made, there have been several trends to at least make it a hard choice.

• Most OEM vendors now offer some form of Opex-based, consumption model for server and storage infrastructure. IBM just last week announced a new storage-as-a-service model for its best-in-class FlashSystem arrays.
• For new software development, the lingua-franca operating system is now Linux, available in all public clouds as well as on-premise
• The emergence of Kubernetes as the dominant container orchestration platform

One important point of note on this final trend. When the Predatar team started its journey towards making Predatar SaaS a cloud-native container-based solution, it could have picked from many cloud offerings. AWS, Azure and Google, all have their own distributions of Kubernetes, and this is the catch. Once you start developing code on one distribution, it’s not always straightforward to migrate to another. You can become stuck using the IaaS (infrastructure as a service) of that public cloud provider.

Fortunately, whether by luck or good judgement, we chose Red Hat’s Openshift distribution of Kubernetes. Openshift is 100% portable which means we decide where to host our SaaS platform; cloud, on-premise, or edge location.

It can take a long time for the decisions we make to play out. Cloud Architects don’t always have the benefit of hindsight when deciding which cloud platform to use. At least from an infrastructure perspective, Red Hat’s Openshift gives them the option to change their mind should they so wish.

Signing off,

Alistair Mackenzie

In this blog, we’re going to discuss the importance of cyber resilience in challenging times. But fair warning, things aren’t about to get any easier. There are vital fundamentals that we can use to protect our IT landscapes, but are these enough? Or is it a case of evolving or dying a death?

 

Bad news first…

It’s an emerging trend. Traditional cyber-security measures aren’t enough anymore. Protecting organisations from the spate of persistent attacks feels like an unmanageable task.

In our last blog, we spoke about the growing number of cyber-attacks in 2021. And, we took a look at some of the major attacks over the last year. In a word, ransomware attacks alone are accelerating, fast. Both in pace and complexity. Let’s take a look at some statistics.

 

• In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach. (IBM)
• Ransomware attacks cost businesses an estimated $20 billion in 2020, having grown by over 50 times since 2015. (Cybersecurity Ventures)
• There will be nearly 3.5 million open cybersecurity jobs waiting to be filled this year, with over 500,000 open positions in the United States alone. (Net Sparker)
• 68% of business leaders felt the risk of a cyberattack increasing. (Accenture)

 

If you’re in the right job, these numbers won’t come as a surprise to you. But we implore you to ask yourself, ‘what am I doing about it?’. You might not have a clear answer. You might have a strategy that you’re yet to find time to execute (FYI, using Predatar can save a whopping 62% of your time. Fancy that? Find out more here).

But we digress. You may have a well-thought-out and constructed plan. Good for you. But this article might make you think again about how you’ve formulated that plan.

 

How many?!

There are endless ways a cyber-attack can present itself. But the top 3 types of cyber-attacks that cause mass disruption and cost are as follows:

 

Social Engineering

A manipulation technique that exploits human error to gain private information, access, or valuables. You could call it ‘human hacking’.

 

Ransomware

Yep, it’s the big one. We probably don’t need to remind you, but ransomware is a type of malware. The malware is used to infect a computer network, gain access to critical data, and then hold that data to ransom for a sky-high sum.

 

DDoS

A Distributed Denial of Service is a malicious network attack where hackers overwhelm a website with false traffic or requests.

 

The Good News

Cyber resiliency powers and accelerates business value. It helps enterprises prepare for, respond to and recover from cyber threats. Meaning, they can thrive in the face of adverse conditions.

The concept of cyber resilience is underpinned by the assumption that cyber-criminals will break down any network defenses intended to stop them. It’s a dismal outlook, we know. But it’s worth the strategy it fosters.

As part of a strategy, the following key components are fundamental in your planning. They will form your baseline plan.

 

1. Encryption
2. Immutability
3. 3rd Copies
4. Airgaps

 

Now, let’s go back to that all-important question: ‘what am I doing about it?’. We’re guessing that one or two of these things might have popped into your head when we asked you. But we’re here to tell you, these fundamentals aren’t enough.

Having these things can’t guarantee that your business, data, and infrastructure are protected. You’ll need to be able to answer the following questions for a robust cyber resiliency strategy.

 

• How do you ensure your backups will recover?
• How do ensure those backups are clean?
• How do you recover fast to a clean environment?

 

The answer therein lies in Recovery Orchestration. This technology allows you to automatically detect an intrusion and recover from it at the drop of a hat.

Having a strategy that includes recovery orchestration will help your business to:

 

Step up automatic tests

You’ll be able to make the most of intelligent automation and continuously test your backups, 24/7. You can also search for high-risk systems and prioritise accordingly.

 

Work out what’s infected

With ransomware recovery in place, you’ll have minimised your data loss and downtime. Ransomware Recovery Orchestration workflows will automatically search through your systems to find the newest backup that shows no signs of infection.

 

Put your systems into quarantine

In the event of an attack, you can protect the latest unaffected version of your data by isolating it in a safe place, either on-premise or in the cloud. Quarantining your data will allow you to assess your systems.

 

Check all your data is clean

Now your data is out of harm’s way, ransomware orchestration will automatically run all the necessary checks for you. It’ll scan through your backups to ensure all your data is completely clean.

 

Bring everything back

Once your systems have got the all-clear, you can instantly recover individual nodes or restore everything in one go. You can automate putting what you need back into your live environment.

 

Then, you’re good to go!

 

Predatar is at the forefront of disaster recovery automation and works intelligently with IBM Storage Protect. With Predatar on your side, you should never need to pay a ransom or lose your critical data. Use intelligent automation to maintain best practices and protect your business against data disasters. Contact us to find out more, or see for yourself how much money we could save you by using our online savings calculator.

 

 

Article By Nile Zahran | Head of Product Innovation