Category: Uncategorized

That’s right Storage Protect users, it’s time. IBM has announced its End of Support for Storage Protect v7 by the end of 2021. If you’re still a user of version 7, this might sound like a big deal. So, let’s break it down and ensure you know what this means for you and your company.

The IBM Software Lifecycle

Firstly, IBM has a software lifecycle for each of its software products. This means that they commit to continued support for them for a certain amount of time, even after the software is updated. Their stated target is for 5 years from release but you may recall that Version 7 of Storage Protect was originally released in January 2014. This means that they’ve supported it for 7 years already!

I’m not ready to upgrade!

If you decide that you’re not quite ready to modernize your company’s backup and recovery requirements, don’t panic. The End of Support Date doesn’t mean that the older version of the software will stop working. You’re able to carry on using it if you like. And, if you do still require IBM to support you, they can give you a quote for extended support.

What happens to my support after the End of Support date if I don’t upgrade?

After this, if there’s a problem that needs a code upgrade to fix, you’ll have to upgrade to the latest version. Rather than paying extra for bespoke support, we recommend upgrading to the latest version as early as possible. This will allow you to streamline your backup environment and ensure you have airtight control over your data.

What are the benefits of upgrading to version 8?

In terms of the upgrade process, upgrade pains that were present in previous versions have now been ironed out. This has made it significantly more straightforward to upgrade from Version 7 to Version 8. However, you might have to consider whether your operating system is supported. If it isn’t, you’ll have to assess whether you can do an in-place upgrade or whether you need to move to new infrastructure. That’s where we come in. Our experts at Predatar can help you review your options, just give us a call or if you’re stuck for time, fill out our contact page here and we’ll be in touch.

On the whole, the benefits of a move are many.

• Advanced security functions in Version 8 mean that your backup data will be more secure
• Advanced cloud tiering options allow you to push your data or your database backups to more variations of public cloud than ever before.
• The closer integration with Storage Protect Plus means you can use that to back up more cloud workloads and then offload that data into Storage Protect.

If you missed it, you can watch our webinar on this topic here, where our Chief Technology Officer answers all of your burning questions.

What is it and why does it matter so much?

Let’s take a closer look at how NPS boosts business and keeps boosting business over time.

In essence, the key purpose of an NPS survey is to measure customer loyalty by categorising their customers into three groups:

1. Passives
2. Detractors
3. Promoters

The result of an NPS calculation is an overview of which customers…

• Would recommend your company (are staunchly loyal customers who are key to the running of an organization)
• Wouldn’t recommend your company (are likely to actively search for business elsewhere)
• Are neutral (are neither ecstatic nor displeased with a service but may go elsewhere if they are offered something at lower cost)

Leading with Loyalty

Naturally, organizations with high NPS scores and a high percentage of promoters thus have the bragging rights to assert their resounding successes with customer loyalty and customer success management.

In fact, according to research done by Bain & Company, the masterminds behind the NPS system, ‘companies that enjoy this ‘loyalty effect’ grow at better than twice the average for their industry’. You can read more about this in their article here. 

The palpable upside to this, is that it gives potential customers the reassurance and encouragement they need to take the next step in engaging with your business. But alas, a high NPS score is by no means a guarantee that an organization’s customer success levels are future ready and dependable.

An Important Asset for SaaS and B2B Organizations

As a SaaS or B2B organization, eight times out of ten, there won’t be a physical product to market.

Look at this way, a shop might be selling a scented candle. Someone buys it, they really like it and so they show it to their friend and ask them to smell it. The friend likes the look and smell of the candle too, so they go to the store and buy their own. As a SaaS or B2B organization, we often don’t have that physicality. To foster customer loyalty, the customer service within a SaaS or B2B organization must be agile with high visibility. You can read more about agile customer service in our blog, here.

To put it simply, our scented candle is our NPS score. We’re not just selling a product, we’re selling high quality customer service.

By extension, when a customer scores a company high on an NPS survey, they’re effectively indicating that they’d put their own credibility on the line to recommend your organization to somebody in their network who trusts their expertise. Of course, this is very helpful information for organizations to collate as it is. What’s more important, however, is why the customer is willing to put their credibility on the line by recommending your organization – or indeed, not recommending your organization!

Optimizing NPS Survey Results

NPS survey questions are formulated to be easy and quick to answer. In fact, an NPS survey shouldn’t take more than a minute to complete (really, we’re not just saying that). Now, onto the most important part – feedback. After completing the survey, participants are invited to give the company feedback. Of course, not everyone will want to. This can be for a variety of reasons; it might be too testing of their company compliance policy, it might be because they don’t have a clear-cut reason for their answers. However, more often than not, they simply don’t want to. You can lead a customer to water, but you can’t force them to tell you how to run your business. Customers are more inclined to answer surveys for you when you have given them:

A) Excellent customer service that has exceeded their expectations or,

B) terrible customer service that has lowered their expectations.

Creating a Feedback Loop

To ensure that it’s option A, using NPS feedback is key to creating an effective feedback loop with your customers. By analysing the feedback you have, creating a plan that aims to address that feedback – be it positive or negative – and then delivering on that feedback, you create a healthy feedback loop wherein there are visible signs of customer feedback being implemented into your ways of working. Some simple tips for doing so are:

• Improve on negative feedback in a timely, well thought out fashion
• Improve on positive feedback (in this case, you can’t have too much of a good thing!)
• When hiring, keep NPS in mind. Do you have a specific role that focuses on the happiness of your customers? If not, are you hiring customer facing roles that will improve their happiness over time?

Consistency, authentic care and visible results are the key drivers of a high NPS score.

We’ve already looked at recovering your data post-ransomware attack; plan, plan, plan and plan again. In this blog, we’ll explore five ways we can plan for and better protect against ransomware attacks. By planning and protecting, we can ensure that we lose the least amount of valuable data possible, without breaking the bank.

1. Understand the nature of ransomware

The chief problem with ransomware is that it is ever-evolving. This means that processes and systems need to be continuously reviewed and updated. However, as with most things like this, it can lead to perplexing problems that can make IT Teams feel they never get to place ransomware in the ‘Job Done Pile’. The temptation to stall can creep in, meaning there are holes in the system that can be exploited.

You can find out more about what ransomware is in this article from Expert Insights.

The nature of ransomware simply isn’t consistent, and so when businesses realise this, they can better understand the need for software and systems that can resist attacks and if attacked, better recover from them.

2. Invest in trustworthy and knowledgeable solutions early on

Because many businesses find these processes so difficult to navigate and their IT teams struggle to maintain effective management of these complex processes, it can be tempting for them to put the investment of software on the backburner. More so, the complex nature of ransomware means that when businesses do choose to invest in protection and reach out for help, they’re unsure if they are getting genuine, authentic advice or if they’re just being spun a clever sales play.

The best way around this is to seek out trusted advisors that are willing to not only help you with their service but will gladly share free knowledge with their customers in the form of excellent customer service. By sharing their first-hand experience, they can demystify the volume of information out there and tailor a solution to your unique business needs. Above all else, failing to invest in quality backup and recovery solutions early on, can – and probably will – end in botched disaster recoveries and a lot of wasted cash.

3. Utilise your resources

Irrespective of investing, there are also things you can do that cost nothing or very little that will help you in terms of shielding your backup systems. Without doing these things, your only option is to hope that your underfunded and under-loved backup setup will, by some miracle, come to life before you’re forced to pay the ransom. If, however, you hope that ransomware won’t target your backup setup; we’re here to break the bad news to you. It definitely will. So, here are a few things you can do to shield your backup set up as it stands*:

• Use two different operating systems. Put the primary backup system on Windows and then copy the system on Linux (we’ll use Linux as an example here, but you can include AIX or any other). In simple terms: can the Ransomware attack navigate a Windows structure, it most certainly can. Can it navigate Linux as easily? Not necessarily.
• If you have more than one domain, place the production backup system on a different domain to the Copy system. The strategy here is to put as many obstacles in the path of the attack.
• Spread your data across different storage types. For example, Block is great for a primary source and S3 is good for a copy.

4. Making the most of IBM Storage Protect

By being an IBM Spectrum user, you’ve already invested in the right software, so make sure that you’re on the latest version. The latest versions of IBM Storage Protect work to make predictions on potential incoming attacks, making the update an invaluable asset to businesses. By pre-empting attacks, data loss is significantly reduced in the instance of an attack and can sometimes prevent a full-blown attack altogether. It’s always important to get the most out of the data protection software that you’re paying for. You can read more about making data backup and recovery technology sustainable for your business here.

On top of this feature, Storage Protect has within it a DRM File. In a nutshell, the system creates a backup file daily. You can then store this outside of your domain by email or any other method of your choice. Outside your domain is somewhere safe and secure! It’s a small task to undertake, but it holds the keys to unlock and recover your business quickly in the face of a disaster. Plus, there are no costs involved in emailing a copy of this to a safe location.

5. Stay alert and act quickly 

Our fifth and final piece of advice is to stay alert and act quickly. Don’t allow Ransomware to lie dormant so it can gain a stronghold on your data. By keeping a keen eye on things like the slowing of systems, inaccessible or corrupt files and CPU spikes, you may not be able to halt an infection entirely, but you will be able to align your damage control better by ensuring your backup is taken offline and stored safely before being infected. Always have a ‘Code Red’ plan in place. Who monitors these things? Who raises the alarm? Who acts on them quickly?

These five things will help you minimize and lessen the severity of ransomware attacks, but it pays to mind that they are limiting the cause, not preventing the effect. Always test your data recovery processes and ensure that you have invested in secure and, preferably, automated processes. The aim is to have maximum confidence that your data backup and recovery process will be quick, efficient and controllable.

*This is based on having a setup which has both a primary version and a copy version of the backup.  

With two or three updates a year, Storage Protect is regularly improving its service and adding powerful new features. Interestingly, many of its users don’t always take advantage of these upgrades when the product releases land.

As a data backup and recovery platform, Predatar appreciates the value of IBM’s innovations, and we want to show you just some of the benefits that come from the latest Storage Protect releases.

If you want to know more about the releases and how they’ll help you keep your business and its data protected, you can view our free 30-minute webinar here. Led by Steve Miller, Chief Technology Officer at Predatar, you’ll learn how to best protect your DB backups and get even more from your Storage Protect investment.

Benefit #1 – Modernize your database backup process with cloud object storage.

As more organisations move towards a modern, tapeless infrastructure, there’s been a greater demand for a more streamlined database backup process. With IBM’s latest Storage Protect release (V8.1.10), you can now save your backups in a secure, secondary location – without provisioning extra storage or physically shifting tapes. These large DB backups can now be pushed to the S3 pool of your choosing (Google Cloud became available in the November release) and live off-site in encrypted, easily accessible cloud object storage. What’s more, this flexible solution will reduce the amount you spend on your infrastructure as you only pay for what you use.

Benefit #2 – Get second-site protection and recover from cloud backups.

Great news, you can now create an air gap without tape! If you protect your database in S3, and also store your data in Public Cloud, Storage Protect makes it much easier to protect you against single-site failure.

Thanks to this release, if you have a copy of your data in an S3 pool and your primary site becomes contaminated, all is not lost. As the backup is so geographically distant, the likelihood of the malware reaching it is slim. Yes, recovery may take a little longer than with tape but, for businesses that operate from only one location, this is the perfect solution for distancing your data. To make the fix, simply hook the server up to the object storage pools – that are safe in the cloud – and you’ll be good to go.

Benefit #3 – Create retention sets for long-term data.

A couple of versions ago, IBM introduced retention sets. Since this release, you’re now able to create point-in-time retention sets and make the most of efficient monthly backups. By defining a retention rule, you can leverage the data you already have on your backup system and create point-in-time backups to complement your daily ones. Basically, you’re telling Storage Protect not to delete existing data, until the retention set expires.

What’s more, you can also create a ‘retention hold’ to stop important data from ever being deleted. This bypasses previously established expiration dates and keeps hold of the specified data until you say differently.

Benefit #4 – Strengthen your security with default TLS.

Since Storage Protect release V8.1.2, there have been various enhancements which will help to protect your data and bolster your security. Where previously using Transport Layer Security was optional, it’s now compulsory – meaning you must exchange certificates when you authenticate. While this makes it harder for people to impersonate a client and restore backups, a more recent update has also introduced an admin sign-off process for any destructive commands. As soon as someone attempts to delete or remove data, your designated admin/s will be notified and need to approve the action.

Want to learn more? Watch our webinar recording.

Make the most of every Storage Protect release with guidance from Predatar’s Chief Technology Officer, Steve Miller. In our 30-minute webinar Steve takes you through all of Storage Protect’s 2020 releases and shares even more of the business benefits that can come from these simple updates.

Watch it now: Make the most of every Storage Protect release

Ahh, Black Friday. It’s a plentiful day (now stretching to a full week), brimming with shiny bargains and special offers.

Every year, Black Friday comes and goes almost as suddenly as it appears. Like a thief in the night, it burns holes in our pockets and puts retailers and organisations back in the black. This year more than ever, Black Friday will play a fundamental role in aiding many businesses recovering from the adverse effects of COVID-19.

However, despite its merits, sorry looking bank accounts and bargains are not the only thing that Black Friday opens us up to. It also opens up organisations to data breaches. Take Amazon, for example. The Amazon sale for Black Friday 2018 saw a significant data breach. The details of thousands of customers were leaked just hours before the event took place. The leak was put down to an ‘inadvertent technical error’, suggesting it was Amazon’s IT team that took the hit for the breach.

Prophets or Profits?

So why do events like Black Friday leave our businesses more susceptible to cyber-attacks, hackers and data leaks like this one?

In the bustle of Black Friday, organisations big and small are often scrambling to ensure their servers can manage the onslaught of site traffic. They’re trying out new applications, forming new programmes, transferring ecommerce to the cloud; the list is endless. Actions like this, although well intended, can often leave minor – and sometimes major – gaps for data breaches.

For instance, a simple human error could be made in the rush to prepare things. It could cause the malfunctioning of a programme required to process customer data; ultimately leaving the data vulnerable, out-in-the-cold and easy for cyber criminals to gain access to.

On the other end of the spectrum, cyber criminals may directly attack less secure sites in the knowledge that Black Friday brings an abundance of opportunity to credential surf or RAM scrape.

Vigilance or Vigilante?

To combat potential breaches like these, organisations should take into account that Black Friday is simply not ‘business as usual’. Programmes and applications should be tried and tested with vigour. Data protection software should be up-to-date and functioning at full capacity with all-hands-on-deck. Extra layers of data protection may even be required. For optimal management, you may want to consider a SaaS data platform.

It also bodes well to remember, whilst customers do have a responsibility to protect their own data – organisations should be making this easier for them, not harder. Any external emails to customers should be well designed and clearly marketed, making it easier for customers to tell a real email from a fake phishing attempt. It should also be made clear what customer data may be shared and why.

So, don’t rush, be meticulous, test, test and test again. And, most importantly, happy bargain hunting!

In recent months, we have seen a rapid rise in ransomware attacks. Covid-19 has forced businesses to make fast changes, occasionally leaving holes in their IT systems for cybercriminals to creep through.

These attacks could be through the means of phishing, attachments, hidden links or in more direct formats like leaked passwords or guest passwords. Whatever the cause, these attacks have the potential to lay dormant for quite some time. Lying dormant allows the initial infection to take hold before spilling over and causing a noticeable event that alerts IT teams to its presence. Dormant and slow attacks allow a wider range of infection; singular computers may not only be at risk but put user ID’s – with access to multiple machines, operating systems and backup software – at risk.

Although dormant attacks are perhaps the more damaging, some attacks will be immediate and brutal, destroying as much data as possible in as little time as possible. The threat here is that IT teams don’t have enough time to scramble and halt the infection.

So, let’s say your organisation has been the victim of a ransomware attack. Now what? Where do you go from here? It might seem like there are endless possibilities and roads to go down, but one thing is clear:

You need a recovery plan

“But we already have one, why do we need another one?” The thing about ransomware attacks is that, like a real infection or virus, they change and adapt. Cybercriminals will often analyse the effectiveness of their attack methods and alter code. Organisations must understand this. They should be making a commitment to incrementally update and manage their backup and recovery processes to ensure the most effective protection of their data. Ransomware avoidance is simply is not enough; it will happen sooner rather than later. It must be followed by flexible backup and recovery plans that aim to prevent as much data loss as possible following a ransomware attack.

Let’s think back to 2017, when the infamous ransomware ‘WannaCry’, infected over 300,000 computers in 150 different countries, simply by spreading through a local network – no harmful links, no dodgy email attachments. It’s all very well the malware was eventually put a stop to but by then, data had already been compromised and cybercriminals were free to adapt the code and worsen the effects of the next planned attack.

Backup but not forgotten

It bodes well to remember that the aim of a sturdy backup and recovery plan is not to protect the perimeter. The aim of backup and recovery is to recover the overall environment, understand the level of infection and research the backup catalogues in order to find the earliest uninfected files. By promoting a culture where infection intelligence is ongoing, backup and recovery can be made into a flexible and compliant process.

The scanning processes of some backup vendors can detect locked files and directories alerting the user to the effects of ransom activities after the fact. Others can search backup images for infection signatures in an effort to avoid reseeding the environment by recovering infected backups. However, these measures really only signal how far the horse has bolted.

Take a step

Predatar uses a mixture of methods and approaches to help automate the backup and recovery process, taking the initial heat off of IT teams. Ultimately, rapidly recovering environments and ensuring that organisations have the best of their data back after disaster strikes.

For more on this topic why not watch this 20 minute presentation taken from our Control 2020 conference. It can be viewed from the Predatar You Tube channel here

Over the last decade, organisations have really struggled to deal with the multitude of contradictory requirements for data compliance. How do you ensure that data is retained long enough but not too long when dealing with sector, geographic and internal requirements?

Deciding which regulation trumps another is a complex process. In fact, it’s best left to compliance and risk officers.

There are 2 key factors in compliance:

1. The IT department should be the facilitator for compliance not the decision maker
   • Let Risk/Compliance decide what needs to be kept, in what condition and for how long
   • IT provision a solution to meet the requirements
2. ALL compliance policies should be audited
   • Retention Policy should be documented
   • Changes to Policy should be reviewed and approved
   • Audit trail of changes should be taken as evidence of compliance

Backup is not Archive

When you’re dealing with long term retention, many organisations choose backup rather than content archival because of its lower cost. But, too often, we forget about the auditing of changes within the backup solution that could impact compliance.

Typically, backup administrators have the power to make changes to data retention and even delete existing backups. However, this process isn’t as smooth sailing as we’d like to think. A simple typo could delete the wrong data accidently.

Users of IBM Storage Protect have the ability to place a “legal hold” on retention sets so that data doesn’t suddenly expire when it may be needed for subpoena.

IBM Storage Protect not only has an audit trail of changes, it also has the concept of authorisation. When this is configured effectively, it requires any disruptive change to be authorised by a second admin.

Although this is a great place to start towards ensuring compliance, if 2 admins are in cahoots, it could still be difficult to prevent malicious intent.

So, what can you do about it?

Predatar’s platform gathers meta data from Storage Protect and stores it offsite for analysis. It can be configured to not only audit the activities, but also raise alerts based on customised thresholds.

The Predatar platform can be made visible to key stakeholders and risk officers. This means that alerts relating to data destruction can be reviewed by non-IT personnel and appropriate action taken in light of a breach of compliance. Predatar’s audit trail helps compliance and risk officers demonstrate sustained control over data. It shows effectiveness and efficiency.

3 Quick Steps to Success

We recommend that Storage Protect users with compliance requirements take the following steps:

1. Upgrade to version 8.1.9 or higher
2. Create at least 2 admins with “cmdapprover=yes” set
3. Set commandapproval to on

Predatar gives you the tools and control you need to keep your backup compliant.

In this podcast, we speak to our new customer success officer, Andy Brown. We talk about why customer success for SaaS entities is so important and how it impacts their day-to-day deliverables.

We discuss the rapidly flowing river of data that is the IT industry and how IT customer service needs to be swiftly adaptable. Having the tools and skills to leap into action when things go wrong or change direction is crucial for Predatar as a SaaS platform.

We learn about how at Predatar, we take control of customer’s needs so that they can take control of their data.

Welcome to the second instalment of our customer service spotlight feature!

If you’re reading this article, it’s probable that you’re no stranger to the likes of Agile business and Agile methodology. If by chance you are an alien to software agility, you might want to take a look at the official Agile Manifesto.

In simple terms, Agile is an umbrella word for an array of methods that companies – namely software development, IT, project management and delivery focussed – can implement to adapt to changing conditions in any of the following areas:

• Market change
• Customer demands
• Stakeholder requests
• Its own accelerated timelines

Whilst customer demand is a fundamental aspect of development, customer experience can often fly under the radar as a result. At Predatar, we’re all about making the customer’s experience as smooth and supported as possible, this means that we need to be agile in our customer interactions and processes.

What does this mean?

In the same way that agile methodologies make way for controlled change in business processes, creating an agile customer experience means adapting to customer needs and support requirements. It holds us accountable to our customers and enhances responsive change.

Why does it matter?

Currently, many organisations approach customer experience in a similar fashion. That is, customers are unpredictable. Because of this, making the customer journey as regimented as possible is often a key focus. Typically, a single agent will take a single customer call, or will respond to a single email. If the agent can’t resolve the issue, the query is fed through the organisation until it hits someone that can solve it. When we look at this from an outsider’s perspective, we can see how this might benefit the organisation in terms of time-saving but it’s certainly not as easy to see how it might benefit the customer and passing something through so many hands can cause its own issues.

Think about how many times you’ve been in this position. You’re on the phone to a service provider only to be passed from team to team, supervisor to supervisor. Banging your head against a brick wall comes to mind, right? You’re bound to come off the phone and complain to someone. You might even complain directly to the company, and with today’s digital accessibility to organisations, you can do it publicly over social media. So, with that in mind, an agile customer experience is a remarkable thing that can prevent customer frustration and enhance a company’s reputation ten-fold.

How does it happen?

Simply put, it’s about having the right specialists in all the right areas. Rather than focusing on a regimented and controlled customer experience, organisations should look ahead to future problem-solving with a zoomed in focus on mapping out and categorising customer journeys. No one customer is the same, and so there is no benefit in allocating them all to the same process.

Onwards… Agile steed!

For more about customer service, check out our interview with Predatar’s customer success officer, Andy! (he’s a real superhero!). You can read the interview here.

This spotlight feature will delve into the ins and outs of what customer service means to us and why it’s so important to have it at the core of our platform. So, who better to start with than our shiny, brand-new customer success officer, Andy!

We interviewed Andy to get some top insights on customer service excellence, and you guessed it, to be a little bit nosy.

How long have you worked in customer service, Andy?
Oh… good question! *Long Pause* About 25 years… *Hearty chuckle*.

Wow. What made you choose Predatar this time round, with all of that experience behind you?
I thought it was a really exciting opportunity. The role is not only brand new to the company, but they have this real desire to grow and to add value to what they’re doing. Especially in terms of remaining customer-focused – I wanted to help them accelerate that plan.

It sounds like it’s a role that holds a lot of opportunity. What do you enjoy about being in a customer focused role?
I’ve always had a passion for helping people out, from early on in my career. Whatever role I’ve worked in, I’ve always been focused on supporting other people, be that customers or my colleagues. I’m able to build relationships really effectively and engage with the right people to deliver to expectations. That’s what it’s all about really, building relationships and not only reaching those expectations but exceeding them. Of course, it’s not just with customers. Building relationships internally really serves to indicate whether you’re the right fit for the companies’ culture. But then you need to understand the culture of the customer too, as much as you integrate yourself into the company culture. Like, what are their values? What are their behaviours?

Absolutely. I imagine that customer culture can vary quite a lot. In terms of the tech industry and data backup and recovery, what’s the difference there in the customer’s experience?
Well, it’s not like going into a supermarket! The experience isn’t over quickly, it covers an entire lifecycle. It’s ultimately building a relationship from scratch, building trust over an extended period and consistently, too! A customer should always feel the culture of the organisation from the first touch point. It’s important to be responsive and get those basics right, because those things can be so easily overlooked. It’s all about building partnerships and creating a space for trustworthy engagement.

Predatar is all about simplicity and control when it comes to the customer, how does your role fit into this?
Simplicity basically means that everything we do should be easy for customers to understand. A lot of what Predatar provides is a highly technical service, and although my role isn’t technical, the guys here are so good at simplifying things. As for control, it’s about creating that balance between giving the customer the control they need whilst ultimately being there to support and maintain that control.

Finally, Andy, what does being a data protection superhero mean to you?
Haha, well, the character I’ve been given is ‘Mr Fantastic’. I think this is such a clever approach in articulating how seriously we take what we do but in a really fun, streamlined way. It’s about giving the customer the absolute confidence to know that they’re in safe hands.

So, there we have it. An interview with Predatar’s very own Mr Fantastic, data protection superhero at your (customer) service!