Author: Ben Hodge

IBM extends its partnership with Predatar to help infrastructure teams do more with less.

–

You may have seen the recent news that the IBM storage portfolio is undergoing a major shake-up. The objective – to better align IBM’s storage solutions with the real-world challenges that businesses are facing.

Today, as part of that shake-up, IBM has announced that Predatar Ultimate and Predatar Backup Analytics & Automation are now part of the IBM Storage Software portfolio. This means that all 3 Predatar subscription ‘flavours’ are now available via the IBM channel. You can read the official IBM announcement here.

The business challenge:
It won’t surprise you to hear that cyber-crime remains one of the biggest challenges for businesses today. Economic pressures and a global technical skills shortage are compounding the problem.

Few departments are feeling the strain like infrastructure teams. Backup and recovery is a cornerstone of resiliency for every business, but infrastructure teams have been fighting shrinking budgets and a widening skills gap for years.

The skilled resources they do have are often overstretched – struggling to stay on top of the day-to-day operational maintenance of the ever-expanding backup environments they manage – let alone taking proactive steps to tackle cyber risks and boost resiliency.

IBM & Predatar:
Many IBM Storage customers will already be familiar with Predatar. Our Cyber Recovery Orchestration (CRO) tools have been available from IBM and its resellers around the world since July 2022. Today’s announcement means that all of Predatar’s capabilities are now available from IBM.

Predatar Backup Analytics & Automation (which is also included in the Predatar Ultimate plan) has been created specifically to empower infrastructure teams to do more with less.

Here’s just a taster of the features Predatar Backup Analytics & Automation brings to the table…

1. Powerful backup monitoring and alerts

With Predatar, backup administrators no longer need to log into different GUIs and spend hours looking for problems. Every day Predatar runs an automated 104-point backup health-check and raises an alert if any problems are found.

Users can see all of the critical backup and recovery metrics in the intuitive Predatar Dashboard and can quickly customise their view with just a few clicks to see the information that matters most to them.

2. Operational runbooks
Predatar allows infrastructure teams to easily configure runbooks to automate and orchestrate their most repetitive, complex, or time-consuming tasks.

Predatar also includes multiple pre-configured runbooks that work right out of the box, to help tackle the most common ‘time-sucking’ tasks. A great example is automated backup reruns…

Did you know, on average, infrastructure teams in enterprise organisations spend 3.5 hours each day investigating and resolving failed backup runs?

Predatar will automatically re-run any failed backups. Where a backup run failure persists, Predatar collates the relevant logs and shares them with whoever needs to see them.

3. Flexible reporting
With Predatar, infrastructure teams can say goodbye to hand-cranked reports. Predatar makes it easy for backup administrators to configure reports to focus on the metrics that matter most to their business.

Reports for non-technical stakeholders can be easily generated, and automatically delivered to their inbox based on triggers or a pre-defined schedule.

4. Capacity insights and usage forecasting

On average, businesses use 20% more storage than is necessary due to ineffective capacity management, and 36% of data is stored on a sub-optimal class of storage technology.

Because Predatar stores unlimited backup history data, the platform can develop a deep understanding of backup activity trends and future needs. By using this data to inform capacity management and infrastructure planning, businesses can save between 10 and 25% on their total backup storage costs.

The conclusion:
Every enterprise organisation can benefit from bringing automation and insights to their backup and recovery processes. From reducing dependency on hard-to-find experts, to reducing costs, and boosting resiliency – the benefits are extensive.

Wherever you are on your journey to cyber resilient backup and recovery, there is a Predatar subscription for you. Learn more at Predatar.com or ask your IBM rep or IBM reseller for more information.

Despite what some software vendors will tell you, cyber resiliency can’t be bought off-the-shelf. No single product can deliver the threat detection, prevention, and response you’ll need to deal with today’s cyber attacks.

As well as the right technology, you need the right people too. Without the skills and expertise to manage your tech and your processes, your resiliency won’t be as robust as it needs be, and the effectiveness of the solutions you put in place will quickly degrade in the face of the rapidly evolving threat landscape. 

Together, IBM and Predatar have the technology problem sewn up. With IBM Storage Defender, IBM have brought together their best solutions to provide a multi-layered cyber resiliency stack, that no other technology vendor can match. 

But what about the skills problem? 

With a global skills shortage in the tech sector, businesses of all shapes and sizes are struggling to recruit and retain the technical specialists they need. It’s no wonder then, that IDC predicts Cyber Recovery as a Service (CRaaS) will drive year-on-year growth of almost 20% (2022-2025) in the data protection services market as more and more businesses seek expert support with this business–critical challenge. 

So, just imagine if there was an elite group of specialist service providers, uniquely equipped to deliver the very highest standard of cyber resilient backup and recovery services, built on IBM and Predatar technology. 

You won’t need to imagine for long. 

Next month, we will reveal the first 5 Predatar Apex Partners from around the world. The selection process has been rigorous and only the very best have made the cut for the first wave. 

Each selected partner will complete an in depth training program with the team at Predatar HQ in the UK. The result will be an elite pack of businesses with the right knowledge, capability, and technology to deliver unrivalled cyber resiliency services to their customers. 

If you are concerned about cyber risks and a shortage of technical skills in your business, then out-tasking some, or all of your backup and recovery management to an Apex Partner could be a very smart option..

If you already out-task your backup and recovery, now is the time to make sure your service provider gives you the cyber resiliency you need to deal with today’s threat landscape.

Stay tuned for the big reveal next month and subscribe to our newsletter to stay up to date with all of our news.

It’s that time again, when everyone gets out their crystal ball to predict what’s going to be hot in their industry for the coming year. Well, forget about the ‘trends’… when it comes to cyber resiliency, there are critical actions that most businesses need to take – and fast.  Because you don’t need mystic powers to know that bad actors are coming for your data.

Cyber-attacks are more prevalent, more sophisticated and more dangerous than ever before. Yet, all-too-often, enterprises remain slow, complicated, and disjointed in their efforts to prepare.

By not moving at pace, enterprises are effectively moving backwards. The reality is, that many organisations are less equipped to recover effectively from a cyber-attack today than they were 12 months ago – Because the game has changed, but they haven’t kept up.

If you want to move forwards with cyber resilient backup and recovery this year, then read on. Here’s 5 critical actions for 2023, and you need to start now.

1. Break down silos. Make a joined-up cyber recovery plan.
A 2022 ransomware reports found that 94% of ransomware attacks intended to impact backup repositories – and 68% were successful in doing so.

Too often, responsibility for ‘cyber recovery’ falls down the gap between the security team and the infrastructure team, with neither one truly understanding the detrimental impact modern cyber-attacks can have on their organisation’s ability to recover their backup data until it’s too late.

You need to understand the potential impact of an attack on your ability to recover business critical data and systems, and you need a plan for recovering them quickly, cleanly and completely when the worst happens.

Your plan needs to be realistic, pragmatic, and it needs to be co-owned with both security and infrastructure teams coming together around a shared objective. The first step, is an open and honest conversation with both security and infrastructure stakeholders at the table.

Take the first step:
Schedule a meeting with your security or infrastructure counterpart. Do it today. Do it right now. Start the conversation!

2. Streamline your environment. Get visibility of your recovery risks.
How many backup and recovery software products are you running? …Five? …Ten? How many different technology vendors? How many lines of custom code and hand-cranked reports to provide the insights your stakeholders need?

Backup and recovery infrastructure has become too complicated, too disjointed and too opaque. And that’s a risk in itself.  The ability to see and understand your whole environment at any moment in time is now critical in the face of intense and rapidly evolving cyber risks.

Make 2023 the year you unify your backup estate. If you’re an existing IBM Storage Protect user, there’s never been a better time to consolidate your backup with Storage Protect Suite. Thanks to converged storage pools with Open Snap Storage Manager (OSSM), it’s now simpler and more cost-effective than ever to protect your physical and virtual backups with IBM.

But most importantly, with more of your estate protected by Storage Protect Suite, the more you can benefit from Predatar’s ground-breaking cyber analytics and benchmarking tools that are now available from IBM. By continually monitoring your backup environment, Predatar provides users with a cyber resiliency score for their backup environment in real time, providing alerts of new issues and recommending fixes to mitigate cyber risks, so you can address issues before they become big problems.

Take the first step:
Ask your IBM storage rep about consolidating your backup estate with Storage Protect Suite and sign-up for a demo of Predatar’s cyber analytics and benchmarking now.

3. Get recovery confident. Automate repetitive and time-consuming testing.

The only way to know for sure that your backups are virus-free and recoverable is to test them. But frankly, it’s not possible to test your entire backup estate manually. Even if you did have the human resources available to continually run anti-virus and recovery tests, you could never stay on top of the volume of new data being ingested every day.

Automation can help. By continually running antivirus scanning and recovery testing in the background, you can have confidence that your backup data is always clean and recoverable.

This short video explains how automation, machine learning, and leading Endpoint Detection & Response (EDR) tools can easily be applied to your IBM backup environment to take the heavy lifting out of finding and removing recovery risks including hidden ransomware and unrecoverable workloads.

Take the first step:
Sign up for a personalised demo of Predatar Cyber Recovery Orchestration now.

4. Apply backup best-practice. Make a third backup copy.
The 3-2-1 methodology is not new, yet many businesses fail to adhere to it. As a reminder 3-2-1- recommends storing 3 copies of your data, on 2 different media types, with at least 1 stored offsite.

This video which explains the principle of a third copy.

There are many ways to implement a third-copy solution. But thanks to Storage Protect multi-site replication and IBM Cloud Object Storage a third copy in the cloud is a relatively simple and cost-effective option.

Immutability and logical airgaps can also be added to your third copy for additional security. By following this approach businesses can minimise the impact of a data breach and significantly increase their chances of successful recovery.

Take the first step:
Speak to your IBM cloud rep or drop us a message at info@predatar.com to talk about the best way to achieve your third copy.

5. Stay on top of backup admin. Stay on top of recovery risks.
In many cases, underinvestment in infrastructure over several years and an ongoing shortage of skilled technical resources have meant that day-to-day best practices haven’t been maintained. For example, regular patching hasn’t been applied, software hasn’t been updated, regular Disaster Recovery (DR) testing hasn’t been completed, and new security features haven’t been enabled. As a result for many businesses their backup estate has become a weak point, full of vulnerabilities.

Staying on top of every day admin is critical, but it’s also a huge challenge. Infrastructure teams are expected to do more than ever before, but with less resources and less budget. Infrastructure team leaders need to review their resources and make an honest assessment. Do they have the bandwidth to stay on top of the growing risk?

Even with automation in place for some of the most time-consuming and repetitive tasks, many businesses will continue to struggle to stay on top of the housekeeping required to maximise resiliency and minimise risk, so it’s no surprise that IDC has identified a new breed of Managed Service Providers (MSPs) emerging, offering to Cyber Recovery as a Service (CRaaS). IDC defines CRaaS as incorporating backup services, archive services, disaster recovery services and cyber recovery services into a holistic offering.

If you are worried about skills and resources for the year ahead, outsourcing could be a good option.

Take the first step:
An expert cyber recovery service provider can help you to assess your options.  Drop us a line and we can put you in touch with our network of trusted cyber recovery partners.

Predatar is an IBM technology partner. If you have any questions about boosting the cyber resilience of your IBM Storage Protect or Storage Protect Plus backup estate, please get in touch.

Wow, what a busy year it’s been at Predatar… arguably our busiest ever.

Now don’t get us wrong – we’re not complaining – but there’s some important things we hoped to do that we simply didn’t manage to achieve.

For a lot of us at Predatar, supporting good courses is important. Whether it’s volunteering to support youth sports clubs, fundraising for charities, or helping in the community – on an individual basis we’ve done some great things in 2022. But as a business we would have liked to have done more.

Ever the optimists, we’re confident we can close out the year on a really positive note. That’s why we’ve come up with Predatar’s 12 Deeds of Christmas.

The idea is simple. Throughout December the Predatar team will do (at least) 12 good deeds to help others.

The deeds could be team activities or individuals acts of kindness.

It’s not about big commitments or elaborate gestures. And it’s not about donating money. This is about giving our time and energy to do something helpful and meaningful.

And do you know something? Kindness is contagious. Some of our customers and partners have told us they would like to take part too. The more the merrier!

Why not challenge yourself to do a deed for Christmas? And don’t forget to tell us about it.

Ever turned up to party underdressed? That can be a bit awkward. Ever turned up to a meeting underprepared? That can end-up being pretty embarrassing. But if you turn up to a battlefield ill-equipped and underprepared, the consequences are likely to be catastrophic.

Yet, when it comes to backup and recovery, that is exactly what most enterprises are doing every day. Your business is under attack, and cyber security experts agree that sooner or later your defences will be breached.  You will need to be ready to mount a fast and effective recovery. But there’s a problem.

Your backup infrastructure and recovery processes weren’t designed to deal with today’s sophisticated cyber-attacks. There’s been a huge increase in cyber-criminals actively targeting backups – encrypting or deleting your backup data to eliminate your last line of defence.

There is a very real possibility that when the worst happens, you will be unable to recover your business-critical data when you need to. Put simply, the vast majority of enterprise backup and recovery will be seriously inadequate in the face of a large scale cyber-attack, but many won’t know until it’s too late.

Here’s just a few reasons why:

Typical Disaster Recovery methods are no longer fit for purpose.
Many businesses don’t do regular DR testing, and those that do only test a small percentage of their backups. Why? Because DR testing is disruptive and time-consuming, and infrastructure teams are under-resourced.

Traditional DR testing is also highly ineffective in the context of modern cyber-attacks. In most cases a DR test simply checks whether a workload will successfully recover. If that workload contains dormant ransomware, it will recover, and no issue will be flagged. But later, when that ransomware is activated as part of sophisticated, wide-spread cyber attack, it will encrypt or delete the backup data, and render it useless – exactly when you need it the most.

Most backup anti-virus scanning processes are inadequate
Typically, businesses scan their backups for viruses at the point the data is first backed-up and/or at the point of restore. That’s not enough.

If you are only performing AV scans at the point of backup, there is a very real danger of ingesting infections into your backup estate as a result of zero day attacks – that’s an attack with a virus that is so new, anti-virus software is not yet able to identify or protect against it.

If you are scanning at the point of recovery there is a risk of significantly increasing down-time for your business in the event of a cyber-attack while you validate the cleanliness of your data, and then hunt-down the latest clean copy.

Backup anomaly detection is not enough
Most backup and recovery software vendors offer backup anomaly detection capabilities to help to identify cyber threats. That sounds great, but there’s some important limitations.

Firstly, most backup anomaly detection lacks a feedback loop. That means that when an anomaly in backup behaviour is identified, there is no mechanism for the software to understand if that anomaly was actually the result of a genuine cyber-attack, or in-fact a false-positive. With no feedback loop, your backup software will continue to flag the same false positives time and time again. When alerts are going off all the time, it’s easy to miss the real threats amongst the noise. In fact, we often hear from infrastructure teams that they have disabled backup anomaly detection because they are overwhelmed by false alerts.

And of-course, it’s worth recognising that anomaly detection won’t pre-warn you of an imminent attack. The anomaly detection alerts you once and attack has been triggered.

So, what can you do to be better prepared?

1. Understand your recovery risk factors. There’s a lot of factors that can negatively impact  a business’s ability to recovery following a cyber-attack. The first step to removing the risks is to understand them. Predatar Insights is a free, self-service tool for IBM Storage Protect users that will highlight your recovery risks. Sign-up for Predatar Insights here.

Storage Protect users can also apply for deep dive cyber benchmark report, where our cyber resiliency experts will assess your infrastructure and processes against industry best-practices.
Apply for a cyber benchmark report here.

2. Security and Infrastructure teams need to come together. Cyber resilient backup and recovery often falls into a gap between these two historically disjointed teams. It’s time to recognise this critical shared responsibility and start a dialogue.

3. Make a plan. Building cyber resilient backup and recovery won’t happen overnight. In fact, with the constantly evolving cyber-crime landscape it’ll always be an ongoing task and it can be hard to know where to begin. Make a plan starting with your most business critical workloads and some quick wins.

Want to learn more about building cyber resilient backup and recovery?
Brought to you by Predatar and IBM, Control22 is the only event focused on helping IBM customers to build more cyber resilient backup and recovery. It’s free, it’s invaluable and it takes place next week. See the agenda and book your place today at www.predatar.com/control22

Few people today question the rationale for the deployment of backup and recovery tools for VMware workloads. It’s this which propelled backup specialist Veeam to the top division of data protection. VMware has dominated the on-premises hypervisor platform market for the last fifteen years, but change is coming quickly.

Businesses have gained little by migrating VMware workloads to public cloud – leading to faster adoption of ready-made SaaS applications and the rise of refactoring existing applications using microservices. What is not clear is whether a new backup vendor will emerge to dominate this new cloud-native computing era. This post looks at the likelihood of history repeating itself.

The container explosion

Business leaders and developers have embraced containerization. Extreme modularization shortens development time and speeds up innovation. Container-built applications are easier to scale up or scale down, making it much easier for businesses to match customer demand and respond quickly to market opportunities. The inherent portability of tools like IBM’s Red Hat OpenShift is driving the phenomenal growth of hybrid-cloud.

The same but different

For backup professionals, the microservices revolution brings similar challenges to the virtualization boom of the 2010s. Questions about who is responsible for backup, to whether a backup is even necessary are reminiscent of the early days of VMware.

Container projects start small, and at the early stages, infrastructure specialists are often unaware of developer-led projects. Kubernetes YAML files, from which the configuration of a container environment can be rebuilt, can be exported to a PC or server. Source code can be stored in cloud repositories such as GitHub. With a small number of microservices, most developers can feel confident of restoring projects manually.

Veeam appealed directly to the VMware administrator who wanted to take  control of backup. The vendors vying for a share of the container backup market will likewise need to appeal to developers by giving them a seamless experience.

Containers are ephemeral. They get created or destroyed depending on the load. Persistent information such as container image registries, logs, and files uploaded by users should be stored on external storage. This can be storage hosted on public cloud providers like AWS and Azure, or on more traditional storage in the datacentre. As with VMware, if you lose data on external storage, you would not be able to get your projects back. It is also still the case that microservices architecture recommends having separate databases for each microservice hosted on one or more database servers. If these are not managed SQL instances offered as a cloud-hosted PaaS solution, you will need to back them up separately.

The rise of security

In the last era, backup was for computer malfunction, user error, or for disaster recovery. Not anymore. Backup systems now play a vital role in cyber threat detection and response. The unprecedented growth of microservices and hybrid cloud opens up a new front for cyber security professionals. Backup specialists, developers, cloud architects and security professionals will need to come together to choose the best backup and recovery strategy for the future.

As well as Veeam, the traditional backup vendors such as Commvault, Dell, Veritas and IBM will be throwing their hat into the ring – as will the big cloud providers. Google purchased Actifio in December 2020 and Microsoft purchased a chunk of equity in Rubrik in November 2021.

So, who will emerge as the dominant force?

Predicting the future

The fact is, in such a fragmented market, it’s impossible to predict. And actually, our money says, there won’t be a single vendor that wins the day in the same way that Veeam did in the first wave of virtualization.

Even in this uncertain landscape there’s a few things you can be sure of….
1. Containerization is coming fast,
2. Businesses need to be ready,
3. Legacy workloads will not disappear anytime soon.

Just as Veeam co-exists with other backup solutions in many enterprises today, tomorrow’s backup solution for containers will become another part of an ever-growing infrastructure ecosystem.

You could sit tight and see if a leader does emerge before adding another backup solution to the stack . Or you could act now to prepare for the container revolution that’s coming by future-proofing and consolidating your infrastructure with a backup provider that can protect all of your workloads.

Our 2 cents? For most large enterprises looking to unify modern, future, and legacy workloads; IBM’s Storage Protect Suite – with support for containers built on Redhat OpenShift – will be hard to beat.

Are you using containers yet?

Where are  you are on your container journey? Drop us a line and tell us about your approach to backup and recovery of these shiny new workloads.

Last week saw the release of the latest IBM Storage Protect update. Predatar technology is built to work exclusively with IBM storage software, so naturally we stay very close to the development of what is already an incredibly powerful backup and recovery platform. In fact, Predatar’s Technical Director, Steve Miller is something of an authority on the Storage Protect Suite.
   
Here’s his take-aways on the version 8.1.15 release.

—

A few months back, I talked about Multi-Factor Authentication in Storage Protect, and how it would be a fundamental way to secure Storage Protect environments from now on.

With the release of 8.1.15, IBM have further beefed-up security access for Storage Protect with some relatively simple changes that we tend to take for granted on many other systems that we use.

Complex passwords
Firstly, Storage Protect admins can now establish complex passwords requirements. Up until now, it would have been possible for administrator IDs to have simple words as a password. I can’t help but wonder how many installations remain out there with the default userID and password setup still in place since the day it was implemented.

Although Storage Protect still doesn’t distinguish between upper and lower case, it’s now possible to set a requirement for passwords to have a set number of alphabetic, numeric and special characters.

Invalid logons
There has also been a refresh with the settings allowed for invalid logon attempts. Previously, the lowest value for this was 0. As it was the default, it effectively meant that invalid logon attempts were not being checked.

As of the new release, the default value for this is changed to 1, and the range is changed from 1 to 10. Again – it’s a sensible, if overdue update, making administrator access more secure.

TLS certificate loophole
Finally, the default behaviour for a new Admin ID is to require a TLS connection. Previously, the default was that the first connection was an enabling session, allowing the administrator ID to download the TLS certificate from the Storage Protect server. That’s been recognised as a security loophole and closed off.

In summary
Making data secure has always been the top priority of the Storage Protect development team. Encryption, both at rest and in transit was always fundamental, but administrator access had remained relatively open for a long time.

Looking at the pattern of these updates, it’s clear that IBM has recognised the risks of rogue administrator access, and it’s a critical threat to close-down. According to a 2021 report published by Verizon, 36% of data breaches are caused by internal bad actors. The changes that have arrived in 2022 are designed to remove weaknesses and will help to reduce risk in this area, and as a result any organisation using Storage Protect will benefit from the updates.

—

There are lots of ways you can leverage the power of IBM Storage Protect and Storage Protect Plus to boost cyber resiliency in your organisation. Predatar cyber recovery orchestration works hand-in-hand with IBM storage software to ensure your backups are infection-free and ready for quick, clean and complete recovery when you need it. You can see in this 5 minute demo video, or contact our team with questions.

On 28th June 2022, IBM announced that Predatar Cyber Recovery Orchestration is now part of the IBM Storage Software Portfolio. We invited Matt Fordham, technical storage pre-sales lead for IBM in to Predatar HQ to explain why he’s excited about Predatar joining the IBM pack.

Predatar: Good morning Matt, Thanks for joining us today, So you’ve been working with our team for quite some time. Can you explain the relationship between IBM & Predatar?

Matt: Thanks to our culture of innovation and our commitment to R&D, IBM consistently deliver class-leading enterprise storage technology, but it’s really through our Partner EcoSystem that we elevate the impact of our technology and achieve even greater outcomes for our customers.

We’ve been working with the team at Predatar for more than 10 years. It’s been amazing to see the development of the Predatar platform and it’s a natural evolution to bring it into the IBM Storage software portfolio.

Predatar: Why is the addition of Predatar to the IBM Storage Software portfolio significant for IBM?

Matt: When I speak with customers, it’s a different conversation today. It isn’t about storage and infrastructure, it’s about data security, it’s about resiliency. Businesses are re-evaluating the way they store and manage data, and recoverability is the top priority.

Predatar’s cyber recovery orchestration brings new capabilities to IBM that help us answer some of the biggest challenges our enterprise customers are facing today. Predatar will add value in our existing Storage Protect accounts and enable us to win more new business too with a better proposition, a better package and better outcomes for our customers.
 

Predatar: For those that are new to Predatar, can you explain what Predatar is all about in your own words.

Matt: The Predatar cyber recovery orchestration platform works with IBM Storage Protect Plus to automate many of the manual processes associated with backup and recovery.

By continually recovering, scanning, and cleaning backup workloads, Predatar gives users the knowledge that they will be able to recover quickly, cleanly and completely when they need to, and dramatically reduces a business’s time to recover in the event of a cyber-attack.

Predatar: How does Predatar complement and enhance IBM’s exiting cyber recovery offering?

Matt: There’s a lot of commonality between Predatar’s capabilities and IBM’s Cyber Vault. In fact, the two solutions complement each other and are particularly powerful when they are used together. With Cyber Vault our customers can achieve near instant recovery of their most time-critical workloads from primary storage, but longer-term retention data is no-less important.

Predatar dramatically decreases time-to-recover data from secondary storage. Together with cyber vault, Predatar gives customers the knowledge they can recover all of their business-critical data quickly, no matter where it is stored. Predatar and IBM are changing the game for businesses looking for simple, effective, and dependable recovery.

Predatar: What do you think is the most exciting/important feature(s) or capability of Predatar?

Matt: To appreciate the power and impact of Predatar you need to see it in action. It’s modern, intuitive interface removes the dependency on highly technical backup admins for data security tasks and empowers almost any user to have a significant positive impact the cyber resiliency of their organisation.

–
If you would like to take Matt’s advise and see Predatar in action, please contact your IBM Storage rep or get in touch with the Predatar team. We’ll be happy to give you a tour of the platform and answer any questions.

Here at Predatar, we keep a very close eye on everything Storage Protect. After all, it’s IBM’s powerful storage software that underpins the Predatar recovery platform and our cyber orchestration capabilities. So naturally, when IBM released version 8.1.14 last week, we were keen to pop the hood. Predatar’s Technical Director, Steve Miller shares his thoughts:

– – –

I’m pleased to see there is a handful of useful updates for Storage Protect in the new release, with one in particular that customers have been looking out for. Multi Factor Authentication for Admin Users has made its way into version 8.1.14.

In 2021 IBM released Command Approval for the product. Put simply, this meant that organisations could use roles to determine what functionality was allowed for individual users, and would require administrator approval for potentially destructive commands. This was an important first step, but it left loopholes for organisations that might have shared user IDs or common passwords – even if not intended maliciously, it would have been possible for a user to enter a delete command and then use an admin ID to authorise it without proper oversight.

This will now be much harder to do using the new MFA. Essentially, when an administrator is created, they are given a key that is used by an authenticator app to generate a code – then, when the user logs in they are required to enter both their password and the code which regenerates every 30 seconds.

If this is configured properly, then, in conjunction with Command Approval, it’s going to massively reduce the possibility of an accidental deletion of critical data within the Storage Protect environment.

Further – it can be used to lock down access to the environment more generally. There will still be automated IDs that can’t use MFA, but it should be possible to use this to secure access to the Storage Protect environment, and, even if users are using common passwords, the requirement for them to also enter the code would mean that a malicious actor is going to find it very difficult to get access.

IBM had to make lots of choices when they implemented MFA. They could have over-complicated things or mandated that customers use a particular piece of software for the token. By adhering to open standards and providing a list of approved applications, they are encouraging wide and early adoption of this enhancement, something to be applauded.

As always, a couple of caveats apply – this still won’t prevent access to the logical infra behind the Storage Protect environment – if a rogue administrator or malware gets access to the box and is able to delete or encrypt database or storage volumes, then it really doesn’t matter if they can login to the application or not – they can still wreak havoc, so it’s important to ensure there are additional copies of the data behind an airgap, either physical or logical.

Secondly, large organisations that are going to upgrade and take advantage of MFA should make sure to plan it carefully. Server to server operations need to be considered and its important that, although you are making your environment more secure, you don’t make it impossible for administrators to carry out their day-to-day functions.

If you need more information, help setting this up, or advice on configuration, get in touch with your Predatar account manager or contact info@predatar.com. We’re always happy to help.

Well, it’s January – time to take stock and plan for the year ahead. For many of our customers this means taking an objective look at their IT software assets. If you are too, you’re probably wrangling with conundrums like this…

Should you put more investment into software that’s been in place for several years? Hold and maintain? Or cut your losses and start over?

In this post, we consider your IBM Storage Protect environment and what can be done to maximise your investment.

The truth is, there’s probably a lot of features and functions in Storage Protect that you’re not using and some powerful new features that you may not even know about. If you want to get Storage Protect working harder and smarter for you in 2022, we recommend you focus on these three C’s

Focus 1 – Convergence

For most readers, you will certainly be running Storage Protect for your bare metal and database workloads and maybe SP4VE or a competing product for your virtual machines. Many SP users run Veeam and even copy Veeam workload to tape via the IBM workhorse. This is inefficient, makes disaster recovery processes more complex, and therefore increases risk.

Thanks to IBM’s acquisition of the source code last year for it’s new generation backup project – Storage Protect Plus (SPP), it’s now possible to mount and read virtual workloads directly from SP container pools allowing you to exploit the huge data reduction benefits of Storage Protect.

Last month IBM released a tech preview of Open Snap Storage Manager (OSSM), which utilises the technology.  A full release of OSSM will be released in the next few months. For any SP user running multiple backup products (and there are many), implementation of OSSM should be a high priority project for 2022. It has the potential to reduce your storage costs and simplify your storage environment significantly.

–

Focus 2 – Cyber

It’s always been the case that a good backup is an essential component of your defence against data loss and downtime. And whilst it’s unlikely to prevent a security breach it remains a cornerstone of your recovery and mitigation strategy. If you use IBM Storage Protect, here’s a few things to watch out for in 2022.

1. Multi-factor Authentication (MFA). A mainstay of most enterprise security policies, it should be no different for your web portal administrator access to Storage Protect. An Opt-In approach including a QR code for “teach to app” should be available early in 2022.
2. Command approval. It just make’s sense to require a second administrator to approve data destructive commands and its available now as a feature in Storage Protect.
3. Data Encryption. Many ransom payments are made even when companies can recover without access to decryption keys because of the fear of data exfiltration. With malware dwell times increasing, attackers have already taken your sensitive data and passwords. Client and server encryption is a free feature in IBM Storage Protect.
4. 3-site replication. Storage Protect users no longer need to use protect storage pools and can replicate data from a source backup server to two targets.
5. S3 Object Lock. Already supported by Storage Protect Plus, this immutability feature will be made available for Storage Protect in 2022.

–

Focus 3 – Cloud

We have not seen a significant shift to Cloud backup for enterprise customers yet. But expect this to change in 2022 as cloud begins to take an important role in cyber security. S3 object storage will take centre stage for long-term policy managed data. Storage Protect Retention Sets provide a useful and cost-effective way to manage this type of long-term storage and can now be stored in AWS, Azure, GCP and IBM Cloud object storage.

–

Finally, As we move further into 2022, we expect the mega trend of “everything-as-a-service” (XaaS) to gather pace. All the major OEMs from Dell (Apex), HPE (Greenlake) and now IBM are offering Opex models for consuming server and storage infrastructure. This, combined with the demands on administrators to constantly verify the integrity of backup through constant recovery testing and scanning, is making managed backup services increasingly popular. We’ll cover more on this in an upcoming post.

If you’d like to get more out of Storage Protect and Spectrum Plus this year, talk to Predatar. Our intuitive backup management platform and cyber resiliency tools help enterprise infrastructure teams to take control of their Storage Protect and Storage Protect environments, while our team of expert Data Defenders provide flexible managed backup and recovery services on a subscription basis.

Contact us at info@predatar.com