Book demo
28 August 2023

Prioritising Threat Detection with IBM Defender & Predatar: The Role of AI

In today’s increasingly interconnected world, cybersecurity remains a paramount concern. Ransomware, a form of malicious software that encrypts a victim’s data until a ransom is paid, continues to plague businesses and individuals alike. It’s crucial for organisations to rapidly detect and respond to these threats. Yet, with the barrage of alerts coming from security, backup and primary storage platform, how can you separate the real signals of cybercrime from the noise? Enter Artificial Intelligence (AI).

Why Combine Alerts Using AI?

  1. Efficiency: Manually sifting through countless alerts from various platforms is tedious and error-prone. AI can process vast amounts of data in a fraction of the time, pinpointing potential threats swiftly.

  1. Precision: AI can correlate disparate alerts and contextualize them. For instance, an anomaly in primary storage that aligns with a SIEM alert might be a significant threat. AI can recognise these patterns, thus reducing false positives and honing in on real threats.

  1. Proactive Defense: By analysing patterns, AI can predict potential ransomware threats before they manifest, ensuring that defences are in place in advance.

Automated Recovery Assurance Tests and Malware Scans

After identifying the potential ransomware threat, the immediate next step is verification and containment. Here, AI can automate the process by:

  1. Running Recovery Tests: Before a disaster strikes, it’s crucial to know if our backups and primary snapshots are sound. AI can take potential threat signals and use them to run recovery tests, ensuring that our backup and snapshot recovery mechanisms are robust and ready. This gives you the assurance that should the worst happen you will be able to recover.

  1. Malware Scans in Isolation: Using the identified threats, AI can automate malware scans on both primary snapshots and backups. To ensure no further contamination, these scans are run in isolated sandbox environments which IBM and Predatar call a CleanRoomTM.

Benefits of No Human Intervention

  1. Speed: Every second counts in ransomware defense. Automated AI responses ensure immediate action.

  1. 24/7 Coverage: Threats don’t stick to business hours. AI provides constant vigilance, ensuring no downtime in defence.

  1. Consistency: Automated responses ensure that every alert is treated with the same rigor, reducing the scope of human error.

In conclusion, as ransomware threats evolve, our defense mechanisms must keep pace. The Predatar platform incorporates state of the art AI to streamline alert processing, threat identification, and response testing for IBM customers. The synergy of Predatar AI with both your IBM Defender and existing IBM data protection platforms will ensure a safer digital realm and boost recovery assurance for your organization.

To find out more about the exciting topic of AI and Cyber Threats. Our MD, Rick Norgate will be bringing this to life in session number 2592 ‘Ensuring Unparalleled Data Resiliency with Predatar & IBM Storage Defender’ at IBM TechXchange in Vegas between the 11th and 14th of September. You can register for the event here.

Learn more about
Predatar recovery assurance

25 August 2023

CloudNordic Attack: 3 Key Takeaways for Bulletproof Data Defense

A recent ransomware attack on the large Danish cloud provider, CloudNordic, has resulted in catastrophic data loss for its customers. In a grim online notice, CloudNordic admitted that the ransomware attack rendered them entirely paralyzed. The aftermath? The majority of their customers should consider their data permanently lost. Such devastating events remind us of the growing audacity of cybercriminals and the vulnerabilities inherent in even the most trusted of IT setups.

The infiltration occurred in the early hours of August 18th 2023. The criminals, in a calculated move, shut down CloudNordic’s systems, erasing both the company’s and its customers’ websites and email platforms. Efforts to restore the data proved futile, as both production data and backups were compromised. Though it might provide some solace, CloudNordic clarified that they found no evidence of any data exfiltration before the encryption. They speculated that the breach occurred while servers were transitioning between data centres. Some servers, pre-infected, were all linked to CloudNordic’s internal network during the transition, granting the hackers all-access.

Given this sobering incident, how can companies who use the cloud to store business data prevent falling prey to similar attacks?

  1. Segregated Backup: CloudNordic’s transfer process inadvertently connected their servers to one internal network which then led to the breach. Ensure that different components of your IT environment (like production, backup, and administrative systems) all use isolated networks, separate access controls, and distinct cloud storage accounts. This will ensure backup data remains untouched even if production data is compromised in the cloud.
  1. Multi-layered Backup Strategy: CloudNordic’s backups were compromised along with the production data. This can be avoided if companies follow the 3-2-1 rule: keep three copies of your data, on two different mediums, with one stored offsite. Moreover, offline or air-gapped backups can prevent ransomware from accessing and encrypting backup data.
  1. Regular Security Audits & Recovery Assurance Testing: Using tools such as Predatar to deliver automated security checks across backup can identify vulnerabilities before they’re exploited. In addition continual automated restore testing and malware scanning provides assurance that, in the event of an attack, your organisation can efficiently restore from backups.

In conclusion, while CloudNordic is now offering a method for their clients to re-establish web and email servers (sans data), it’s a stark reminder that proactive measures are infinitely preferable to reactive solutions. In the rapidly evolving cyber landscape, relying solely on standard backups from a cloud provider can be perilous. Such backups, while convenient, often exist within the same ecosystem as primary data, making them vulnerable to the same threats. Cyberattacks, like ransomware, can simultaneously target both primary and backup data if they’re co-located. Additionally, cloud outages or provider-centric issues could jeopardise both datasets. For optimal security, diversified backup strategies, incorporating offsite and offline measures, are crucial. Simply put, a holistic approach to backups transcends mere convenience—it’s a necessity for robust data protection.

Book a demo here and find out how Predatar and IBM can help your business secure its cloud data.

Learn more about
Predatar recovery assurance

09 August 2023

Customer story: Hidden malware, hunted-down in 10 days.

Built for complex storage environments, Predatar uses artificial intelligence, automation, and industry-leading EDR (Endpoint Detection & Response) software to identify and fix potential recovery problems including hidden malware. This short customer story illustrates how one of our newest customers began to achieve significant value from Predatar in just a matter of days.

The customer challenge
A large European industrial machinery manufacturer, with over 250 offices worldwide and annual revenues of more than $250 million (USD) approached their IBM storage business partner early in 2023 with a challenge to solve.

In light of the increasing prevalence of cyber-attacks across many industries – including manufacturing, the customer’s leadership team had initiated a review of operational resiliency in order to minimise downtime in the event of a data breach. The objective was to improve processes across the business to achieve a state of readiness – should the worst happen.

Backup and recovery was a key part of the review, and it quickly became clear that despite having robust backup processes in place, the business was unable to prove its ability to successfully recover data at scale from its extensive 200TB+ IBM backup environment.

Furthermore, there was no mechanism in place to validate that malware had not been ingested into backup repositories – leaving a very real risk that recovery from backups following a cyber-attack would result in re-infection and significant additional downtime.

The challenge… How could the customer be certain of their ability to recover from their backups without the risk of recovery failures or reinfection?

The Solution
Predatar Ultimate was deployed to provide continuous recovery testing and deep malware scanning in an isolated Predatar CleanRoom.

As well as ensuring that the customer’s backups are recoverable, and free from hidden malware – Predatar also monitors the entire IBM Storage Protect environment, providing a real-time recovery confidence rating, threat-level score, and alerts of potential recovery risks as they happen.

The result
Within 10 days of deployment, Predatar had found and cleaned malware in the customer’s backup environment that had not been detected by the customer’s primary XDR software. This malware had been replicated into the backup repositories, where it had remained present for over 200 days.

To-date, Predatar has found and removed malicious files including the hacking tool, HKTL_NIRCMD.GA from the customer’s backup environment ­which is known to be linked to a number of large scale ransomware attacks.

As well as removing existing threats, Predatar is continually improving the customer’s cyber resiliency posture. Since deployment the customer’s cyber grade has improved from an E- to D+, and thanks to the built-in AI and automation this will continue to improve over time.

Master your data resilience
Predatar brings Recovery Assurance capabilities to Veeam, Cohesity, IBM Defender Data Protect, IBM Storage Protect/Plus, and IBM FlashSystems.

To see how you can achieve recovery confidence contact the team, or book a demo.

Sign up today!

Learn more about
Predatar recovery assurance

06 April 2023

The Apex partners are unleashed.

Last month we revealed our vision to create an elite pack of partners with the capabilities to deliver the very highest standard of CRaaS (Cyber Resilience as a Service), built on Predatar technology.

Today, it’s with huge excitement that we reveal the inaugural Apex partner line-up…

 

Predatar founder and CEO, Alistair Mackenzie explains:

“Although the Apex program was publicly announced just a few weeks ago, it’s been in the works for many months. The selection process has been rigorous. We have been absolutely clear about what will make a great Apex partner, and I couldn’t be happier with the fantastic partners we’ve chosen.

The team at Predatar has been relentless in finding and recruiting the right partners from around the world. Luckily, we had a blueprint for the perfect one. Empalis Consulting has been collaborating with Predatar for more than 5 years, and today Empalis provides a range of backup and recovery services to their customers with Predatar tech under the hood.

Alina Mot, CEO of Empalis says,

“Together Predatar and Empalis make a great team. We collaborate on a strategic level, and on a technical level. Most importantly we share the same values”.

Finding partners that could demonstrate the right skills and capabilities to provide exceptional technical solutions and services to their customers was critical, but finding partners that also share our vision and our values has been equally important.

We can’t wait to start the collaboration, and we won’t have to wait long. Engineers from each of the Apex partners will be joining us for a face-to-face technical training workshop with Predatar in London later this month.

And this is just the beginning! Predatar is planning to select and onboard another 5 Apex partners in the coming months, so stay tuned for more Apex news coming soon.

If cyber resiliency challenges are keeping you awake, contact Predatar or one of our Apex partners today.

Learn more about
Predatar recovery assurance

28 March 2023

Finite resources. Growing cyber threats.

IBM extends its partnership with Predatar to help infrastructure teams do more with less.

You may have seen the recent news that the IBM storage portfolio is undergoing a major shake-up. The objective – to better align IBM’s storage solutions with the real-world challenges that businesses are facing.

Today, as part of that shake-up, IBM has announced that Predatar Ultimate and Predatar Backup Analytics & Automation are now part of the IBM Storage Software portfolio. This means that all 3 Predatar subscription ‘flavours’ are now available via the IBM channel. You can read the official IBM announcement here.

The business challenge:
It won’t surprise you to hear that cyber-crime remains one of the biggest challenges for businesses today. Economic pressures and a global technical skills shortage are compounding the problem.

Few departments are feeling the strain like infrastructure teams. Backup and recovery is a cornerstone of resiliency for every business, but infrastructure teams have been fighting shrinking budgets and a widening skills gap for years.

The skilled resources they do have are often overstretched – struggling to stay on top of the day-to-day operational maintenance of the ever-expanding backup environments they manage – let alone taking proactive steps to tackle cyber risks and boost resiliency.


IBM & Predatar:
Many IBM Storage customers will already be familiar with Predatar. Our Cyber Recovery Orchestration (CRO) tools have been available from IBM and its resellers around the world since July 2022. Today’s announcement means that all of Predatar’s capabilities are now available from IBM.

Predatar Backup Analytics & Automation (which is also included in the Predatar Ultimate plan) has been created specifically to empower infrastructure teams to do more with less.

Here’s just a taster of the features Predatar Backup Analytics & Automation brings to the table…

1. Powerful backup monitoring and alerts

With Predatar, backup administrators no longer need to log into different GUIs and spend hours looking for problems. Every day Predatar runs an automated 104-point backup health-check and raises an alert if any problems are found.

Users can see all of the critical backup and recovery metrics in the intuitive Predatar Dashboard and can quickly customise their view with just a few clicks to see the information that matters most to them.

2. Operational runbooks
Predatar allows infrastructure teams to easily configure runbooks to automate and orchestrate their most repetitive, complex, or time-consuming tasks.

Predatar also includes multiple pre-configured runbooks that work right out of the box, to help tackle the most common ‘time-sucking’ tasks. A great example is automated backup reruns…

Did you know, on average, infrastructure teams in enterprise organisations spend 3.5 hours each day investigating and resolving failed backup runs?

Predatar will automatically re-run any failed backups. Where a backup run failure persists, Predatar collates the relevant logs and shares them with whoever needs to see them.

3. Flexible reporting
With Predatar, infrastructure teams can say goodbye to hand-cranked reports. Predatar makes it easy for backup administrators to configure reports to focus on the metrics that matter most to their business.

Reports for non-technical stakeholders can be easily generated, and automatically delivered to their inbox based on triggers or a pre-defined schedule.

4. Capacity insights and usage forecasting

On average, businesses use 20% more storage than is necessary due to ineffective capacity management, and 36% of data is stored on a sub-optimal class of storage technology.

Because Predatar stores unlimited backup history data, the platform can develop a deep understanding of backup activity trends and future needs. By using this data to inform capacity management and infrastructure planning, businesses can save between 10 and 25% on their total backup storage costs.

The conclusion:
Every enterprise organisation can benefit from bringing automation and insights to their backup and recovery processes. From reducing dependency on hard-to-find experts, to reducing costs, and boosting resiliency – the benefits are extensive.

Wherever you are on your journey to cyber resilient backup and recovery, there is a Predatar subscription for you. Learn more at Predatar.com or ask your IBM rep or IBM reseller for more information.

Learn more about
Predatar recovery assurance

13 March 2023

An elite pack of Predatar partners is coming.

Despite what some software vendors will tell you, cyber resiliency can’t be bought off-the-shelf. No single product can deliver the threat detection, prevention, and response you’ll need to deal with today’s cyber attacks.

As well as the right technology, you need the right people too. Without the skills and expertise to manage your tech and your processes, your resiliency won’t be as robust as it needs be, and the effectiveness of the solutions you put in place will quickly degrade in the face of the rapidly evolving threat landscape. 

Together, IBM and Predatar have the technology problem sewn up. With IBM Storage Defender, IBM have brought together their best solutions to provide a multi-layered cyber resiliency stack, that no other technology vendor can match. 

But what about the skills problem? 

With a global skills shortage in the tech sector, businesses of all shapes and sizes are struggling to recruit and retain the technical specialists they need. It’s no wonder then, that IDC predicts Cyber Recovery as a Service (CRaaS) will drive year-on-year growth of almost 20% (2022-2025) in the data protection services market as more and more businesses seek expert support with this businesscritical challenge. 

So, just imagine if there was an elite group of specialist service providers, uniquely equipped to deliver the very highest standard of cyber resilient backup and recovery services, built on IBM and Predatar technology. 

You won’t need to imagine for long. 

Next month, we will reveal the first 5 Predatar Apex Partners from around the world. The selection process has been rigorous and only the very best have made the cut for the first wave. 

Each selected partner will complete an in depth training program with the team at Predatar HQ in the UK. The result will be an elite pack of businesses with the right knowledge, capability, and technology to deliver unrivalled cyber resiliency services to their customers. 

If you are concerned about cyber risks and a shortage of technical skills in your business, then out-tasking some, or all of your backup and recovery management to an Apex Partner could be a very smart option..

If you already out-task your backup and recovery, now is the time to make sure your service provider gives you the cyber resiliency you need to deal with today’s threat landscape.

Stay tuned for the big reveal next month and subscribe to our newsletter to stay up to date with all of our news.

Learn more about
Predatar recovery assurance

22 December 2022

Forget the trends… here’s five things enterprises must do to boost cyber resiliency in 2023.

It’s that time again, when everyone gets out their crystal ball to predict what’s going to be hot in their industry for the coming year. Well, forget about the ‘trends’… when it comes to cyber resiliency, there are critical actions that most businesses need to take – and fast.  Because you don’t need mystic powers to know that bad actors are coming for your data.

Cyber-attacks are more prevalent, more sophisticated and more dangerous than ever before. Yet, all-too-often, enterprises remain slow, complicated, and disjointed in their efforts to prepare.

By not moving at pace, enterprises are effectively moving backwards. The reality is, that many organisations are less equipped to recover effectively from a cyber-attack today than they were 12 months ago – Because the game has changed, but they haven’t kept up.

If you want to move forwards with cyber resilient backup and recovery this year, then read on. Here’s 5 critical actions for 2023, and you need to start now.

1. Break down silos. Make a joined-up cyber recovery plan.
A 2022 ransomware reports found that 94% of ransomware attacks intended to impact backup repositories – and 68% were successful in doing so.

Too often, responsibility for ‘cyber recovery’ falls down the gap between the security team and the infrastructure team, with neither one truly understanding the detrimental impact modern cyber-attacks can have on their organisation’s ability to recover their backup data until it’s too late.

You need to understand the potential impact of an attack on your ability to recover business critical data and systems, and you need a plan for recovering them quickly, cleanly and completely when the worst happens.

Your plan needs to be realistic, pragmatic, and it needs to be co-owned with both security and infrastructure teams coming together around a shared objective. The first step, is an open and honest conversation with both security and infrastructure stakeholders at the table.

Take the first step:
Schedule a meeting with your security or infrastructure counterpart. Do it today. Do it right now. Start the conversation!

2. Streamline your environment. Get visibility of your recovery risks.
How many backup and recovery software products are you running? …Five? …Ten? How many different technology vendors? How many lines of custom code and hand-cranked reports to provide the insights your stakeholders need?

Backup and recovery infrastructure has become too complicated, too disjointed and too opaque. And that’s a risk in itself.  The ability to see and understand your whole environment at any moment in time is now critical in the face of intense and rapidly evolving cyber risks.

Make 2023 the year you unify your backup estate. If you’re an existing IBM Storage Protect user, there’s never been a better time to consolidate your backup with Storage Protect Suite. Thanks to converged storage pools with Open Snap Storage Manager (OSSM), it’s now simpler and more cost-effective than ever to protect your physical and virtual backups with IBM.

But most importantly, with more of your estate protected by Storage Protect Suite, the more you can benefit from Predatar’s ground-breaking cyber analytics and benchmarking tools that are now available from IBM. By continually monitoring your backup environment, Predatar provides users with a cyber resiliency score for their backup environment in real time, providing alerts of new issues and recommending fixes to mitigate cyber risks, so you can address issues before they become big problems.

Take the first step:
Ask your IBM storage rep about consolidating your backup estate with Storage Protect Suite and sign-up for a demo of Predatar’s cyber analytics and benchmarking now.


3. Get recovery confident. Automate repetitive and time-consuming testing.

The only way to know for sure that your backups are virus-free and recoverable is to test them. But frankly, it’s not possible to test your entire backup estate manually. Even if you did have the human resources available to continually run anti-virus and recovery tests, you could never stay on top of the volume of new data being ingested every day.

Automation can help. By continually running antivirus scanning and recovery testing in the background, you can have confidence that your backup data is always clean and recoverable.

This short video explains how automation, machine learning, and leading Endpoint Detection & Response (EDR) tools can easily be applied to your IBM backup environment to take the heavy lifting out of finding and removing recovery risks including hidden ransomware and unrecoverable workloads.

Take the first step:
Sign up for a personalised demo of Predatar Cyber Recovery Orchestration now.

 

4. Apply backup best-practice. Make a third backup copy.
The 3-2-1 methodology is not new, yet many businesses fail to adhere to it. As a reminder 3-2-1- recommends storing 3 copies of your data, on 2 different media types, with at least 1 stored offsite.

This video which explains the principle of a third copy.

There are many ways to implement a third-copy solution. But thanks to Storage Protect multi-site replication and IBM Cloud Object Storage a third copy in the cloud is a relatively simple and cost-effective option.

Immutability and logical airgaps can also be added to your third copy for additional security. By following this approach businesses can minimise the impact of a data breach and significantly increase their chances of successful recovery.

Take the first step:
Speak to your IBM cloud rep or drop us a message at info@predatar.com to talk about the best way to achieve your third copy.

 

5. Stay on top of backup admin. Stay on top of recovery risks.
In many cases, underinvestment in infrastructure over several years and an ongoing shortage of skilled technical resources have meant that day-to-day best practices haven’t been maintained. For example, regular patching hasn’t been applied, software hasn’t been updated, regular Disaster Recovery (DR) testing hasn’t been completed, and new security features haven’t been enabled. As a result for many businesses their backup estate has become a weak point, full of vulnerabilities.

Staying on top of every day admin is critical, but it’s also a huge challenge. Infrastructure teams are expected to do more than ever before, but with less resources and less budget. Infrastructure team leaders need to review their resources and make an honest assessment. Do they have the bandwidth to stay on top of the growing risk?

Even with automation in place for some of the most time-consuming and repetitive tasks, many businesses will continue to struggle to stay on top of the housekeeping required to maximise resiliency and minimise risk, so it’s no surprise that IDC has identified a new breed of Managed Service Providers (MSPs) emerging, offering to Cyber Recovery as a Service (CRaaS). IDC defines CRaaS as incorporating backup services, archive services, disaster recovery services and cyber recovery services into a holistic offering.

If you are worried about skills and resources for the year ahead, outsourcing could be a good option.

Take the first step:
An expert cyber recovery service provider can help you to assess your options.  Drop us a line and we can put you in touch with our network of trusted cyber recovery partners.

 

Predatar is an IBM technology partner. If you have any questions about boosting the cyber resilience of your IBM Storage Protect or Storage Protect Plus backup estate, please get in touch.

 

 

Learn more about
Predatar recovery assurance

01 December 2022

Good deeds to close out a great year.

Wow, what a busy year it’s been at Predatar… arguably our busiest ever.

Now don’t get us wrong – we’re not complaining – but there’s some important things we hoped to do that we simply didn’t manage to achieve.

For a lot of us at Predatar, supporting good courses is important. Whether it’s volunteering to support youth sports clubs, fundraising for charities, or helping in the community – on an individual basis we’ve done some great things in 2022. But as a business we would have liked to have done more.

Ever the optimists, we’re confident we can close out the year on a really positive note. That’s why we’ve come up with Predatar’s 12 Deeds of Christmas.

The idea is simple. Throughout December the Predatar team will do (at least) 12 good deeds to help others.

The deeds could be team activities or individuals acts of kindness.

It’s not about big commitments or elaborate gestures. And it’s not about donating money. This is about giving our time and energy to do something helpful and meaningful.

And do you know something? Kindness is contagious. Some of our customers and partners have told us they would like to take part too. The more the merrier!

Why not challenge yourself to do a deed for Christmas? And don’t forget to tell us about it.

 

Learn more about
Predatar recovery assurance

19 September 2022

Why most enterprise backup and recovery is inadequate.

Ever turned up to party underdressed? That can be a bit awkward. Ever turned up to a meeting underprepared? That can end-up being pretty embarrassing. But if you turn up to a battlefield ill-equipped and underprepared, the consequences are likely to be catastrophic.

Yet, when it comes to backup and recovery, that is exactly what most enterprises are doing every day. Your business is under attack, and cyber security experts agree that sooner or later your defences will be breached.  You will need to be ready to mount a fast and effective recovery. But there’s a problem.

Your backup infrastructure and recovery processes weren’t designed to deal with today’s sophisticated cyber-attacks. There’s been a huge increase in cyber-criminals actively targeting backups – encrypting or deleting your backup data to eliminate your last line of defence.

There is a very real possibility that when the worst happens, you will be unable to recover your business-critical data when you need to. Put simply, the vast majority of enterprise backup and recovery will be seriously inadequate in the face of a large scale cyber-attack, but many won’t know until it’s too late.

Here’s just a few reasons why:

Typical Disaster Recovery methods are no longer fit for purpose.
Many businesses don’t do regular DR testing, and those that do only test a small percentage of their backups. Why? Because DR testing is disruptive and time-consuming, and infrastructure teams are under-resourced.

Traditional DR testing is also highly ineffective in the context of modern cyber-attacks. In most cases a DR test simply checks whether a workload will successfully recover. If that workload contains dormant ransomware, it will recover, and no issue will be flagged. But later, when that ransomware is activated as part of sophisticated, wide-spread cyber attack, it will encrypt or delete the backup data, and render it useless – exactly when you need it the most.

Most backup anti-virus scanning processes are inadequate
Typically, businesses scan their backups for viruses at the point the data is first backed-up and/or at the point of restore. That’s not enough.

If you are only performing AV scans at the point of backup, there is a very real danger of ingesting infections into your backup estate as a result of zero day attacks – that’s an attack with a virus that is so new, anti-virus software is not yet able to identify or protect against it.

If you are scanning at the point of recovery there is a risk of significantly increasing down-time for your business in the event of a cyber-attack while you validate the cleanliness of your data, and then hunt-down the latest clean copy.

Backup anomaly detection is not enough
Most backup and recovery software vendors offer backup anomaly detection capabilities to help to identify cyber threats. That sounds great, but there’s some important limitations.

Firstly, most backup anomaly detection lacks a feedback loop. That means that when an anomaly in backup behaviour is identified, there is no mechanism for the software to understand if that anomaly was actually the result of a genuine cyber-attack, or in-fact a false-positive. With no feedback loop, your backup software will continue to flag the same false positives time and time again. When alerts are going off all the time, it’s easy to miss the real threats amongst the noise. In fact, we often hear from infrastructure teams that they have disabled backup anomaly detection because they are overwhelmed by false alerts.

And of-course, it’s worth recognising that anomaly detection won’t pre-warn you of an imminent attack. The anomaly detection alerts you once and attack has been triggered.


So, what can you do to be better prepared?

1. Understand your recovery risk factors. There’s a lot of factors that can negatively impact  a business’s ability to recovery following a cyber-attack. The first step to removing the risks is to understand them. Predatar Insights is a free, self-service tool for IBM Storage Protect users that will highlight your recovery risks. Sign-up for Predatar Insights here.

Storage Protect users can also apply for deep dive cyber benchmark report, where our cyber resiliency experts will assess your infrastructure and processes against industry best-practices.
Apply for a cyber benchmark report here.

2. Security and Infrastructure teams need to come together. Cyber resilient backup and recovery often falls into a gap between these two historically disjointed teams. It’s time to recognise this critical shared responsibility and start a dialogue.

3. Make a plan. Building cyber resilient backup and recovery won’t happen overnight. In fact, with the constantly evolving cyber-crime landscape it’ll always be an ongoing task and it can be hard to know where to begin. Make a plan starting with your most business critical workloads and some quick wins.

 

Want to learn more about building cyber resilient backup and recovery?
Brought to you by Predatar and IBM, Control22 is the only event focused on helping IBM customers to build more cyber resilient backup and recovery. It’s free, it’s invaluable and it takes place next week. See the agenda and book your place today at www.predatar.com/control22

Learn more about
Predatar recovery assurance

20 July 2022

In the world of containerization, who will be the new Veeam?

Few people today question the rationale for the deployment of backup and recovery tools for VMware workloads. It’s this which propelled backup specialist Veeam to the top division of data protection. VMware has dominated the on-premises hypervisor platform market for the last fifteen years, but change is coming quickly.

Businesses have gained little by migrating VMware workloads to public cloud – leading to faster adoption of ready-made SaaS applications and the rise of refactoring existing applications using microservices. What is not clear is whether a new backup vendor will emerge to dominate this new cloud-native computing era. This post looks at the likelihood of history repeating itself.

The container explosion

Business leaders and developers have embraced containerization. Extreme modularization shortens development time and speeds up innovation. Container-built applications are easier to scale up or scale down, making it much easier for businesses to match customer demand and respond quickly to market opportunities. The inherent portability of tools like IBM’s Red Hat OpenShift is driving the phenomenal growth of hybrid-cloud.

The same but different

For backup professionals, the microservices revolution brings similar challenges to the virtualization boom of the 2010s. Questions about who is responsible for backup, to whether a backup is even necessary are reminiscent of the early days of VMware.

Container projects start small, and at the early stages, infrastructure specialists are often unaware of developer-led projects. Kubernetes YAML files, from which the configuration of a container environment can be rebuilt, can be exported to a PC or server. Source code can be stored in cloud repositories such as GitHub. With a small number of microservices, most developers can feel confident of restoring projects manually.

Veeam appealed directly to the VMware administrator who wanted to take  control of backup. The vendors vying for a share of the container backup market will likewise need to appeal to developers by giving them a seamless experience.

Containers are ephemeral. They get created or destroyed depending on the load. Persistent information such as container image registries, logs, and files uploaded by users should be stored on external storage. This can be storage hosted on public cloud providers like AWS and Azure, or on more traditional storage in the datacentre. As with VMware, if you lose data on external storage, you would not be able to get your projects back. It is also still the case that microservices architecture recommends having separate databases for each microservice hosted on one or more database servers. If these are not managed SQL instances offered as a cloud-hosted PaaS solution, you will need to back them up separately.

The rise of security

In the last era, backup was for computer malfunction, user error, or for disaster recovery. Not anymore. Backup systems now play a vital role in cyber threat detection and response. The unprecedented growth of microservices and hybrid cloud opens up a new front for cyber security professionals. Backup specialists, developers, cloud architects and security professionals will need to come together to choose the best backup and recovery strategy for the future.

As well as Veeam, the traditional backup vendors such as Commvault, Dell, Veritas and IBM will be throwing their hat into the ring – as will the big cloud providers. Google purchased Actifio in December 2020 and Microsoft purchased a chunk of equity in Rubrik in November 2021.

So, who will emerge as the dominant force?

Predicting the future

The fact is, in such a fragmented market, it’s impossible to predict. And actually, our money says, there won’t be a single vendor that wins the day in the same way that Veeam did in the first wave of virtualization.

Even in this uncertain landscape there’s a few things you can be sure of….
1. Containerization is coming fast,
2. Businesses need to be ready,
3. Legacy workloads will not disappear anytime soon.

Just as Veeam co-exists with other backup solutions in many enterprises today, tomorrow’s backup solution for containers will become another part of an ever-growing infrastructure ecosystem.

You could sit tight and see if a leader does emerge before adding another backup solution to the stack . Or you could act now to prepare for the container revolution that’s coming by future-proofing and consolidating your infrastructure with a backup provider that can protect all of your workloads.

Our 2 cents? For most large enterprises looking to unify modern, future, and legacy workloads; IBM’s Storage Protect Suite – with support for containers built on Redhat OpenShift – will be hard to beat.

Are you using containers yet?

Where are  you are on your container journey? Drop us a line and tell us about your approach to backup and recovery of these shiny new workloads.

Learn more about
Predatar recovery assurance