Take a listen

The questions regarding GDPR are particularly pertinent and it will be interesting to look back in 12 months time to see if the predictions have come to pass. There are also discussions on the continuing importance of cloud, growth of snapshots and data reuse, plus the rise of mega-solutions.

As always, we would be interested to hear what you think of our analysis. Please let us know if you think we’re on the ball or if there is another trend that we should be keeping an eye on.

The post Two guys, a microphone and dangerous predictions for 2019 appeared first on Silverstring.

WannaCrypt is a ‘ransomware’ worm that has shut down IT systems in many countries over the past few weeks.

The Role of Windows XP in 2017

The code was stolen from the US National Security Agency (NSA). It takes advantage of a vulnerability in Windows versions from XP upwards. The later supported versions had updates pushed to them before Wannacrypt was released. However, Windows XP is out of support and patches aren’t routinely released for it. Also Windows XP patches aren’t automatically installed to the operating system, unlike the later releases of Windows. This is why Windows XP was the most vulnerable system. The other systems might still have been vulnerable in corporate estates who don’t release patches to their users very quickly, but there was protection available for them in advance of the ‘malware storm’ happening.

The reasons for people to be still using Windows XP are complex and are to do with cost and also the type of system that is in use. For example, XP was in use much longer in embedded systems than mainstream PCs. If one of Sainsburys self-checkout tills falls over, watch it boot up – they run XP! Silverstring aren’t here to provide the IT strategy for businesses, we’re here to protect the data for businesses, whatever they’re using (although there are limits!).

Anyway, what happened to the NSA code, once it was stolen, was that it had further instructions added to it by criminal hackers, looking to make money from infecting systems with the malware. This part of the code is the bit that causes the huge issue when systems are infected. The headline effect is the encryption of data on computers. This makes it totally inaccessible to the users, unless they pay the ransom cost. Once this is paid the hackers provide the key to unlock the encryption: you decrypt, patch the hole in your system that let them in and away you go.

How safe are your backups?

Surely though, if you’re backing up your systems, you’re safe – so corporates and the NHS must have been restoring from backups, right?

Well that depends on the type of backup and what your disaster recovery (DR) plans are. One of the biggest trends in backup, or standby systems over the past few years has been the move away from tape. This is understandable because tape purchase, movement and storage can be big costs to a business. What have people done instead though?

One of the most common changes to estates which need disaster recovery capability is to switch to having two data centres, with replication between them: if one is taken out, you can switch to the other. WannaCrypt appears to have been designed to address that method of protection.

If you back up to tape for disaster recovery (or to the cloud, if you’re progressive) then once the backup, or replication of the backup data is taken, the location of the secondary backup is not connected to the primary site. There is what is referred to as an ‘airgap’. In replicated systems the two locations remain connected continuously. It’s one of the big features of such a system – if one location goes down, the other is there virtually instantly, but there is no airgap.

This fast recovery has led people to cancel their tape backups and stop using expensive cold storage for tape media etc. There were savings to be made there and the risk wasn’t too big!

The problem is that the WannaCrypt hackers knew replicated systems with recovery snapshots being taken might be in use. Once infected, along with encrypting files, WannCrypt also deleted volume snapshots – the data used by replicating systems to provide the recovery. For good measure it also removed the remote access keys and disabled system repair tools, too.

Silverstring have customers who use replication, as part of their data protection landscape – it’s a fantastic tool for ensuring your critical systems can be up and running at all times. We also recognise that if those systems are genuinely critical, you need an airgap between a current set of your data, to ensure it is properly protected.

What should you be thinking about in the wake of Wannacrypt?

Aside from waking up, exposing vulnerabilities and kicking the owners of obsolete systems down the road towards systems that are in support, what effect will the WannaCrypt incident have?

One of the biggest things coming out of the WannaCrypt ransomware incident is that businesses need to consider what constitutes a disaster to them.

Is it the loss of a physical datacentre?

Is it the loss of an operating location?

Is it the loss of just data?

And finally, how quickly can you recover from any of these disasters?

Unless you can answer the above questions, with confidence, now might be a good time to properly consider some of the above. A free initial Disaster Recovery as a Service clinic with one of Silverstring’s consultants will enable you to do that, with data protection experts, who know how to mind the air gap.

The post Wannacrypt appeared first on Silverstring.

So, just what are flape and floud? Although both rejoice in their own Urban Dictionary entries, these are not the flape and floud we’re looking to discuss here. Both are a cunning combination of flash and something else. Although the cost of flash storage has tumbled over the past couple of years, it’s still not super cheap, especially if you’re looking towards larger volumes, hence the search to combine flash with other, cheaper bulk storage options.

With the fall in flash costs, as well as its key USP of no moving parts, means that disk, as a storage medium is now moving towards an awkward position. The total cost of ownership of disk looks to be increasingly challenging to justify, especially in situations where assets are potentially going to be sweated out much longer than the conventional three year initial warranty period, maybe to five, or seven years. There is no trumpeting the benefits of ‘flisc’ in the future roadmap of storage!

The very slow rate of improvement in performance of disk-based systems has been coupled with a steady climb in the capacity and speed of access of tape, with LTO-7 being announced at the end of 2015. The rise in capacity per cartridge now means, with LTO-7 each unit delivers 16TB of capacity – ten times more than an LTO-4. In addition to this step up in capacity, the new standard has added more heads to read and write to tape simultaneously. Despite the repeated announcements of the death of tape, it seems to continue to go from strength to strength, to the point that we are looking at a brave new world of tape as data storage, becoming extremely effective when combined with flash storage, which is used as the indexing database to create…. Flape!!!! (pause for breath)

Flape might be particularly appropriate in situations where large media files, such as video etc. are stored. It’s an ideal solution for a media library, where files might not need to be accessed for a long period, but it’s important systems can navigate to them swiftly, when they’re needed. It also has a great use-case where large volumes of academic research data need to be retained, but might not be referred to very often. With the increase in the number of heads available to read from tape, combined with the high speed identification of the metadata, once files are located, they can be streamed off pretty much as quickly as a file could be read from disk, it’s just the start of the read that might take slightly longer.

It is very unusual for any discussion about storage technologies to get this far through a post without mentioning the C-word, so let’s remedy that immediately: Floud is a glorious combination of flash for indexing and metadata, combined with cloud as the extensive data storage medium. This is an interesting proposition for people reviewing their backup solutions, especially if there is an Iron Mountain tape off-siting solution in place. Whilst tape off-siting is a useful way of securing data, it does rely on the physical movement of media to provide that life-saving data recovery solution that’s likely to be needed if a disaster recovery situation is ever invoked. Moving to a – ahem – floud solution means your recovery data is held, ready to be retrieved from the cloud, without the logistics and timescale associated with a recovery from cold, off-sited data, especially if this hybrid solution was combined with a DR as a Service (DRaaS) solution, such as the Silverstring Predatar DRaaS.

The cloud storage container pools introduced in 7.1.3, along with the inline compression introduced in 7.1.5 means that floud solutions to provide your off-site backup images is now very much an option worthy of consideration. If you would like to discuss this further with me, then please fill in the form below.

The post Flape and Floud…..Huh? appeared first on Silverstring.