The Importance of Collaboration: Rubrik & Pure Storage

Rubrik and Pure Storage’s partnership brings together two leaders in their respective fields, creating a powerful solution that integrates Rubrik’s Security Cloud with Pure Storage’s FlashArray and FlashBlade. This combination enables businesses to follow best practices like the 3-2-1-1-0 rule—three copies of data, stored on two media types, one off-site, one immutable, with zero errors. Together, they offer a layered defence system that protects both short-term and long-term data, ensuring rapid recovery and long-term retention.

The importance of this collaboration lies in its ability to bring together Rubrik’s immutable backups with Pure’s high-performance flash storage, safeguarding data against ransomware and other malicious attacks. For customers, it means confidence that their data is not only protected but recoverable in the event of an attack, with minimal disruption to business continuity.

IBM and Cohesity: Another Powerful Partnership

Much like Rubrik and Pure Storage, IBM and Cohesity have recognised the need for integrated solutions. IBM’s FlashSystem and Cohesity’s platform combine the performance and reliability of IBM storage with Cohesity’s modern data management, delivering a solution that enhances both security and scalability.

By integrating IBM FlashSystem’s ultra-low latency and high availability with Cohesity’s comprehensive data protection, organisations gain a unified platform that addresses both backup and cyber resilience. Cohesity’s ability to provide rapid recovery through its immutable file system and zero-trust architecture complements IBM FlashSystem’s storage capabilities, enabling businesses to respond quickly to cyber threats while ensuring their data remains secure and accessible.

The Power of Unified Solutions

At Silverstring, we believe in the power of these partnerships. While we began with IBM technology, our business has expanded to include solutions from Rubrik, Veeam, and Cohesity. Each partnership brings unique strengths, but what truly makes the difference is our ability to integrate these technologies via our use of the Predatar platform.

Predatar: The Glue for Cyber Resilience

Predatar acts as the unifying layer that brings storage, backup, and security systems together. In an era where cybercrime is evolving rapidly, it’s vital that businesses have a single, integrated view of their environment. Our use of Predatar gives our clients that single pane of glass, ensuring they can monitor and manage their data protection across multiple vendors with ease.

With Predatar, we don’t just offer backup solutions; we provide our clients with proactive cyber resilience. The platform integrates automation, threat detection, and recovery workflows into one seamless service, empowering organisations to stay ahead of cyber threats. Whether it’s IBM FlashSystem and Cohesity, or Rubrik and Pure Storage, Predatar is the glue that underpins our managed services and ensures these solutions work together to provide end-to-end protection.

Conclusion

The Rubrik and Pure Storage partnership is part of a broader movement in the industry, where leading vendors are collaborating to deliver comprehensive cyber resilience solutions. IBM and Cohesity have taken a similar approach, combining their strengths to ensure that organisations can protect, manage, and recover data in the face of modern cyber threats.

At Silverstring, we see these collaborations as essential to the future of data protection. With Predatar integrating these technologies into one view, we give our clients the tools and expert support they need to secure their data, no matter what the future holds. Cyber resilience is not just about having the best storage or backup, it’s about creating an integrated, unified strategy that ensures data is always protected and always recoverable.

The post Building Cyber Resilience: How Vendor Collaboration is Key to Defeating Cybercrime appeared first on Silverstring.

1. Maintenance and APAR Fixes

The 8.1.24 update includes a range of APAR (Authorized Program Analysis Reports) fixes that improve overall system stability and reliability. These fixes address previously reported issues and ensure that your IBM Storage Protect environment operates smoothly with fewer interruptions. Staying up-to-date with these patches is vital for maintaining the health of your data protection infrastructure.

2. Security Enhancements

One of the standout features of version 8.1.24 is its enhanced security settings. These updates reinforce stricter security protocols, particularly when managing SSL certificates and password encryption. Administrators are required to follow stricter guidelines during installation and upgrades to ensure that security vulnerabilities are minimised. This level of security is crucial for businesses handling sensitive data and aiming to prevent cyberattacks or breaches.

3. RHEL 9 Compatibility

This release introduces support for Red Hat Enterprise Linux 9 (RHEL 9), but with some notable changes. It’s important to note that OpenSSL 1.1, which is mandatory for IBM DB2 to function properly, has been deprecated in RHEL 9. To maintain compatibility, users upgrading from RHEL 8 to RHEL 9 must install the “compat-openssl11” package immediately. Without this, IBM Storage Protect’s internal DB2 database will not function as expected, which could result in system downtime or performance issues.

4. Compatibility and System Updates

Version 8.1.24 also introduces several system compatibility updates. For example, IBM AIX 7.1 is no longer supported in this version, and system administrators should review the latest requirements for Linux and Windows operating systems to ensure a smooth upgrade. This focus on compatibility ensures that your storage environment is up-to-date and optimised for the latest software and hardware configurations.

5. Simplified Installation and Upgrades

IBM has streamlined the installation and upgrade processes in this release. The updated procedures help administrators avoid common pitfalls, particularly when upgrading from earlier versions like 7.x or 6.x. The simplified process reduces the risk of errors during installation, ensuring that your system remains operational and that upgrades don’t cause unnecessary downtime.

In Summary

The IBM Spectrum Protect 8.1.24 update enhances system security, introduces RHEL 9 compatibility, and streamlines installation processes. These updates are crucial for businesses looking to strengthen their data protection infrastructure and maintain cyber resilience.

At Silverstring, we’re experts in managing and upgrading IBM Storage Protect environments. If you’re ready to take advantage of the latest enhancements in version 8.1.24, reach out to us today for assistance with your upgrade.

The post Top 5 Features of IBM Storage Protect 8.1.24 appeared first on Silverstring.

So in this blog, we are going to highlight the top five cyber features IBM has released for Storage Protect in 2024 that can help clients maximise their protection and stay one step ahead of cybercriminals

Enhanced Container Storage Pool Management

With more organisations embracing hybrid cloud and containerisation, IBM has focused on enhancing container storage pool management in Storage Protect. The new 2024 update introduces dynamic storage provisioning, allowing businesses to allocate storage resources based on demand. This helps organisations respond more flexibly to changing workloads, while reducing administrative tasks. This is key in a world where quick adaptation is critical for resilience.

Data Resiliency and Object Lock Support

A must-have in today’s cyber landscape is the ability to ensure data immutability, protecting against malicious changes or deletions. In 2024, IBM Storage Protect added support for object locking in cloud environments, enforcing “write once, read many” (WORM) policies. This feature protects backup data from being altered, an essential defence against ransomware attacks that target and encrypt backup files. For businesses with regulatory obligations, it also ensures compliance with strict data retention requirements.

Advanced VMware Integration

Many clients run a significant portion of their infrastructure on virtual machines (VMs). Early this year IBM enhanced its integration with VMware, simplifying the protection of virtualised environments. This update includes better snapshot management for VMs, reducing recovery times without disrupting operations. The integration also automates backups and recovery scenarios, which is critical for businesses needing fast, reliable disaster recovery.

Multi-cloud Integration and Expanded API Support

With modern infrastructures often spanning multiple clouds, seamless data protection across these environments is essential. IBM has enhanced Storage Protect’s multi-cloud integration in 2024, supporting AWS, Azure, and IBM Cloud. This enables businesses to create resilient backup strategies that stretch across public, private, and hybrid clouds. Expanded API support also provides more automation options, making it easier to integrate with existing tools and streamline workflows, improving efficiency and resilience.

Faster Backup and Recovery Operations

When it comes to resilience, speed matters. IBM’s latest updates have improved backup and recovery times by optimising deduplication and compression algorithms. Shorter backup windows reduce disruption, while faster recovery ensures that operations can be restored swiftly after a cyber attack or disaster.

Many clients aren’t fully leveraging these new features in IBM Storage Protect, but doing so is crucial to maintaining a strong cyber resilience posture. IBM’s 2024 innovations offer powerful ways to defend against ever-evolving threats, and it’s more important than ever to make the most of these tools. If you want to find out how Silverstring can help you deploy these features any many others that IBM Storage Protect contains then reach out to us here.

The post Boost Your Resilience: 5 Key IBM Storage Protect Features for 2024 appeared first on Silverstring.

What is IBM FlashCore Module 4?

IBM FlashCore Module 4 is a hardware-based solution that adds speed and efficiency to storage systems, particularly those using IBM FlashSystem arrays. It’s built on NVMe (Non-Volatile Memory Express) technology, which is essentially a fast lane for data transfer. IBM has also integrated features like compression and encryption at the hardware level. This isn’t just a software layer on top of the storage; it’s embedded directly into the physical components.

How Does It Support Anomaly Detection?

Here’s where things get interesting. One of the challenges many businesses face is detecting anomalies in real time, whether that’s a spike in traffic, unusual patterns in data access, or potential security breaches. From what we’ve observed, the FCM 4 can help with this because it operates directly within the hardware, allowing for real-time monitoring of huge datasets. When something goes off-script in your I/O patterns, for example, FCM 4 can flag this immediately. This brings up a natural comparison with traditional, software-based detection systems, which often rely on backend analytics to identify anomalies.

Hardware vs. Software-Based Detection: What’s the Difference?

The key advantage of FCM 4’s hardware-based detection is its speed. It monitors data in real-time at the storage level, so there’s no waiting for external processes to analyse what’s happening. This gives IT teams an immediate head start in identifying and reacting to issues (such as an encryption event in progress) before it can do serious damage.

However, software-based detection tools have their own strengths. From our own work with these solutions, especially those driven by AI and machine learning, they typically offer more flexibility. They don’t just react to threats as they happen; they can scan data proactively and even identify dormant threats, like ransomware, before an encryption event begins. This gives businesses a chance to prevent a disaster before it strikes, rather than just responding quickly when it does.

Why Both Layers Are Important

It is our opinion that replying solely on one form of detection, whether hardware or software, can leave gaps in your defence. FCM 4 is ideal for rapid, real-time anomaly detection, but combining it with proactive, software-based tools adds an extra layer of protection. While FCM 4 will detect an encryption event in progress, software-based tools can prevent it from happening in the first place by identifying the threat earlier.

Is FCM 4 the Right Fit?

So, based on our findings, FCM 4 is great for businesses that need immediate, fast anomaly detection where performance is critical. But to truly secure your infrastructure, it’s worth layering this with software-based tools that can offer proactive threat detection and long-term insights. In the end, having both forms of detection provides a more complete, resilient approach to handling anomalies and cyber threats.

The post An Inside Look at IBM FlashCore Module 4 and Anomaly Detection appeared first on Silverstring.

How Quantum Computing Works: A Simple Analogy

To make quantum computing easier to understand, let’s use an analogy. Imagine you’re trying to find a single item in a huge library. A classical computer is like searching through the library one book at a time—if there are millions of books, it could take a long time to find the right one. A quantum computer, on the other hand, is like having thousands of copies of yourself searching all the books at once, dramatically speeding up the process.

In a classical computer, bits are like individual pages, either blank or filled with information (0s and 1s). Quantum computers, however, use quantum bits (qubits), which can be in multiple states simultaneously, like a page that can be both blank and filled with text at the same time. This ability to process many possibilities at once means quantum computers can solve incredibly complex problems much faster than classical computers.

What Quantum Computing Means for Cybersecurity

Today’s encryption methods rely on the fact that solving certain mathematical problems like factoring large prime numbers, takes classical computers so long that it’s practically impossible. For example, AES 256-bit encryption is widely considered unbreakable by today’s standards because it would take millions of years for todays computers to crack.

However, a sufficiently powerful quantum computer could crack this encryption in hours or even minutes. Shor’s Algorithm, a quantum algorithm, makes it exponentially faster for quantum computers to solve the same mathematical problems that underpin today’s encryption. Once cybercriminals gain access to quantum computers, encryption standards like AES 256-bit will no longer provide the security we rely on today.

How Far Away is Quantum Computing for the Masses?

The good news is that quantum computing for the masses is still several years away. Most experts believe that large-scale quantum computers aka the kind capable of breaking encryption are at least 10 to 20 years away from being widely available. While quantum research is advancing quickly, there are still major hurdles to overcome, such as scaling up the number of qubits and solving issues with quantum error correction.

This means that the immediate threat isn’t here yet, but the risk is on the horizon. It’s crucial to start preparing now because quantum computing is evolving rapidly. Organisations that don’t future-proof their encryption strategies could find their data exposed when quantum computers become powerful enough to break today’s encryption standards.

Data Stolen Today, Cracked Tomorrow

What’s especially concerning is that cybercriminals don’t need to wait for quantum computers to be widely available. Data stolen today can be stored and cracked later once quantum technology becomes more advanced. Sensitive data like personal information, financial records, or government secrets that are encrypted now may be broken open in the coming years when quantum computers can tackle encryption far faster. This means that the window for stolen data to remain secure is closing, and organisations need to prepare now for this eventuality.

IBM’s Work on Quantum-Safe Encryption

As an IBM partner we have been lucky to spend time with the teams working in this area. IBM are not only leading the way in quantum computing research but also in developing defences against quantum-powered attacks. What is really interesting when we think about cyber security and backup is that IBM is pioneering quantum-safe cryptography, which aims to create encryption that can withstand attacks from quantum computers. One promising area of research is something called lattice-based cryptography, which relies on problems that even quantum computers struggle to solve.

What This Means for Businesses and Cybercriminals

Once quantum computers become accessible to cybercriminals, the threat landscape will shift dramatically. Encryption standards we trust today could be rendered ineffective, leaving sensitive data exposed.

Preparing for a Quantum Future

While quantum computing’s impact on encryption may still be 10 to 20 years away, the time to act is now. Organisations should begin evaluating their encryption strategies, staying informed about quantum-safe solutions, and following leaders like IBM  and Google who are developing quantum-resistant cryptography. The data you protect today could become vulnerable tomorrow if you don’t plan for a quantum computing future.

The post Quantum Computing and the Future of Cybersecurity: How Safe is Your Encryption? appeared first on Silverstring.

Silverstring’s CTO, Steve Miller, has highlighted in a previous blog how GDPR has emphasised the importance of encrypting personal data, both in primary and in secondary storage environments. Failing to take consideration of this places your data at risk and leaves your organisation open to fines and reputation damage. Its now a cost of doing business in the digital age.

Encryption can be performed by applications for data on disk and in transit over IP networks.  Encrypted data is only legible to the parties, applications and devices holding the encryption key, and meaningless to those that do not.  The concept of a key is well: key to the process of encryption.  If you hold the key to the encrypted data, you can access it – if you don’t, you can’t

Hardware devices such as disk arrays and tape drives are capable of encrypting data.  Encryption of tape is a must for any organisation that routinely stores and transports tapes outside of their own premises via a third party.

If you’ve encrypted your tape as it was written so that nobody but yourself can read them with your encryption key – all is well.  But you must ensure that the keys used to encrypt are always available, giving you access to read your data, yet secure from unwanted snoopers.

What is a Key Lifecycle Manager?

This is where encryption key management comes in.  IBM Security Key Lifecycle Manager (ISKLM) – previously Tivoli key Lifecycle Manager (TKLM) is IBM’s solution for management of hardware encryption keys.

ISKLM is an essential component of a hardware encryption solution and serves keys for writing new media as well as previously encrypted media.

It can be configured to be highly available and redundant (pairs, or clusters of key managers) and further protects encryption keys in encrypted key stores, allowing access only to authorised devices. Custom installations can be made to comply with various standards defined by US Government agencies, such as FIPS 140-2, NSA Suite B and NIST SP 800-131

The product has evolved to be more secure and resilient with support for more operating systems and devices being added continually. For an additional layer of security, ISKLM’s own master key encrypting of the data keys and certificates, can be stored in tamper-proof HSMs (Hardware Security Module) since v2.7

Anything below and including version 2.5 is not supported as of 30^th September 2018. The current version is 3.0.0.1, so users on an earlier version should consider upgrading.

Interested?

Silverstring has experience of successfully implementing and upgrading ISKLM-based hardware encryption solutions and is IBM’s first-choice partner for ISKLM services. Silverstring’s three core capabilities are Data Security, Data Availability and Data Preservation. If your organisation is not encrypting offsite tapes, or if your ISKLM/TKLM key managers are out of support, please contact us for more information.

The post Who holds the keys? appeared first on Silverstring.

It could be you..

Wired Magazine’s latest cover story is about a global shipping corporation that was temporarily crippled by a malware attack, and how they learnt to appreciate the value of their data. Without the access to the systems and the data that underpinned their entire operation, lorries couldn’t board ships, the ships weren’t running anyway, and it was only through a lot of hard work and the odd stroke of luck that their systems were made fully operational again. Estimated cost to the business – $300 million.

An event like this helps an organisation to understand the value of their data.

As technology stakeholders in businesses, we should always be asking ourselves a few key questions:

• What data do I need to execute my job efficiently?
• What would I do if that data was not available?
• Do I know if that data is secure?
• How long would it take to recover that data?

First principles

Security principles should be one of the basic building blocks of any infrastructure, rather than bolted on afterwards. Companies that are undergoing any type of business transformation have a responsibility to understand the value of that data and to ensure that the protection of it is not purely a secondary consideration. Working on the assumption that a disaster probably will happen, an organisation is going to consider the risks far more effectively than an organisation that just hopes it won’t.

So what should you do? Ensure your data is protected, but make sure that protection is also secure. Use Role-Based Access to crack down on unauthorised access. Use encryption-at-rest to protect those backups and always try and make sure that data is protected whilst it’s being sent to the backup location. Make sure you monitor that environment – if you don’t have monitoring, then how do you know if somebody is trying to get at that data?

A gentle reminder

In the rush to provision compute and storage in the cloud, we all need to ensure that the security of that data isn’t merely an afterthought. We need to ensure that data protection and security is built in from the ground up, and we need to ensure that processes are resilient enough to withstand the impact of an attack.

Silverstring’s Sleep Easy Study will help you to ensure that your Data Protection Strategy doesn’t leave you exposed. For more details, contact info@silverstring.com.

The post Know when to lock the stable door appeared first on Silverstring.

When hackers accessed the details of up to 2.4m Carphone Warehouse customers in 2015, every single one of those customers will have felt let down. Although inertia kicks in, you can bet that a significant number of those customers moved to an alternative supplier.

Unlike others in the animal kingdom, we are programmed to nurture and protect. Security will be considered and managed; some companies may even have a strategy for “Threat Hunting.” However, we are still capable of errors; every precaution you take can be undermined by the Human Factor. As the ICO reported earlier this year; 4 out of 5 data breaches are caused by either human error, or process error. You need to be awake to that risk.

According to J.T. Hallinan, an American Pulitzer prize-winning journalist, humans are pre-programmed to make blunders. We humans are typically overconfident in our own abilities. This attitude leads us believe we are above average at everything (such as driving a car) – a statistical impossibility that can also result in a lack of duty of care to data protection.

Most companies see their backup server as a back-stop not a security risk, but this reactive approach can lead to embarrassing situations caused by the frailties of human nature.

Consider the following to help protect yourself from human error:

Role Based Access

In the Carphone Warehouse case, the ICO in its investigation, identified 11 key issues, one of which was the lack of “rigorous controls” over who had login details. It is important to ensure that users’ access is appropriate for the requirements of their job. Check that they have secure passwords and that they change them frequently. But don’t just assume that this will protect you. Is your backup system linked to your Active Directory controls?

Good Leaver or Bad Leaver – have a process for all leavers

What happens when your users leave? Are their accounts automatically disabled as part of the exit process? Is the backup system monitored to ensure that this happens?

Intrusion Detection

Does your backup system warn you of suspicious activity? Such as an excessive number of invalid passwords, or password resets being made by users with administrative access.

Password management

What about passwords that are used across the company? Rather than remembering how a backup client authenticates with the backup server, many organisations just set a simple password. That’s a hacker’s dream.

To summarise, your system is only as strong as your weakest link. You have a duty of care to make sure that this is not a member of your own team. Don’t leave your customer’s data to defend for itself.

Contact us about a Security Audit of your backup system and we’ll help you to identify those weaknesses before the criminals do.

Contact Steve at smiller@silverstring.com

The post Your backup data deserves protection from human frailties appeared first on Silverstring.

Ransomware has existed since around 1989, in the form of the “AIDS” trojan. However, the digital currency Bitcoin, has allowed it to become a significant and global threat. We live in a world where the ransomware maker can sell malicious code to others who then use it against you. Email remains the predominant way to spread the virus but ransomware exploit kits are not far behind. They can cost under £4,000 and rival gangs then compete against each other for market share.

Should you be concerned about this?

• In the first half of 2017 Enterprise businesses only blocked 42% of infections (Source: Symantec)
• An IBM Security survey found that only 29 percent of small businesses had experience with ransomware, making these businesses more likely to be unprepared for the threat. (Source: IBM)
• In 2017 Reckitt and Benckiser issued a statement to say they expected sales to be reduced by £110 million due to the Petya ransomware
• 60 percent of malware payloads in Q1 2017 were ransomware. (Source: Malwarebytes)
• A Cisco 2017 report states ransomware is growing 350 percent annually. (Source: Cisco)
• According to a Kaspersky Lab survey, 34 percent of businesses hit with malware took a week or more to recover full access to their data. (Source: Kaspersky)

Of course, you will be able to redeem your data; these gangs need a good reputation or nobody would pay up.

But what about your reputation? Could you redeem that? Moving on, which solutions should you be looking at?

A primary reason for copying your data to tape was to protect against ransomware. Keeping that additional copy at arm’s length meant there was an air gap between the separate copies. If your backup server was exposed to a ransomware attack you had the peace of mind; your reputation and your data would be safe. But how is this relevant in the era of the disk-only backup solution?

1. There’s one point that should be obvious. You have an offsite copy, but it doesn’t mean that you have an excuse not to tighten the security on your backup server. Read our previous blog on how to do this.
2. Secondly, if you are worried about the spread of ransomware, it is imperative to have multiple copies of your backup data.
3. Software replication may support you in this situation. If you want to increase resiliency within your backup environment, it is possible to replicate from a Windows based system to a Linux one. Rare is the ransomware that will make the jump from CIFS to NFS.
4. Most backup products now offer the option to tier data to object storage in the cloud. This introduces a defacto airgap because of both distance and the difference in protocols. That said, data restores from object storage are generally much slower. As a note of caution, if you are pulling data out of the public cloud you may encounter unforeseen egress charges. Therefore, most data protection uses object storage for archive data; it tiers data on that medium based on age. This might not be ideal for recovery in a ransomware situation.
5. Finally – although prevention is better than cure, there’s no substitute for effective monitoring. Several backup products have the facility for ransomware detection. They effectively check the profile of the data being sent into the backup environment. If there is a radical change that might indicate an infection, they can alert you before it spreads too far.

What does the future hold? 81 percent of cybersecurity experts believe there will be more ransomware attacks than ever in 2018. (Source: CIO Dive) According to McAfee, ransomware grew 56 percent in the past four quarters.

If you feel that the security of your current backup environment could be tightened, please contact your account manager or email me in confidence at smiller@silverstring.com

Steve Miller, CTO of Silverstring, helps organisations deliver improved returns on their investment in data protection.

The post Ransom and Redemption – the road to salvation appeared first on Silverstring.

Now imagine your organisation’s name in the title. And it’s not just organisations; The city of Atlanta was brought to a standstill in March due to a similar attack.

http://thehill.com/opinion/cybersecurity/381594-a-ransomware-attack-brought-atlanta-to-its-knees-and-no-one-seems-to

Did these organisations deliberately put themselves at risk? Would you leave your key in the front door when you go out? Security attacks happen so you invest in secure data backup, your ultimate security system.

But what if you remove the key and the door remains unlocked? Hackers have accessed your backup files and the only recovery point you have is after the attack.

The latest backup software produces greater resilience than ever before; it averts security breaches to your backup files and protects critical data. Is this the security panacea?

If only it was that easy.

Environments change and systems deteriorate if you don’t invest in costly proactive management.

So, what should you do next?

• Act on flashes from your backup vendor or service provider. One backup application we know issued 30 flashes last year, of which 19 were related to security. How many did you apply?
• Ensure your backup server(s) is as hardened as your most critical application server. Implement some form of encryption for your stored data.
• Actively manage administrator passwords or enforce with LDAP or Active Directory.
• Don’t run software which is more than 18 months past general availability.
• Ransomware is propagated via a network and aims to encrypt file systems and block storage. Consider tape or object storage and make snapshot copies of the backup database. If the backup database becomes encrypted your “get out of jail card” is useless.
• Perform regular randomised recovery tests. Don’t rely on the day-to-day recoveries you must make.

The GDPR regulation has forced backup vendors to innovate and integrate new security features into their software. These features are available for anyone on subscription or maintenance plans. Do you know if you’re using them to maximum effect?

When it comes to securing your most critical data it’s never too soon to take backup security seriously.

Steve Miller has 18 years’ experience helping organisations protect their data and is currently the CTO of Silverstring. If you would like to know more please contact him at smiller@silverstring.com

The post Are you taking backup security seriously? appeared first on Silverstring.