Whitepaper: Virtual Backup Strategies: Using Storage Snapshots for Backups

Virtualized Layers

Introduction Effective data protection is a mandatory element in the modern IT environment. Historically, backup strategies were confined to the last few chapters in an administrator’s manual and treated like an afterthought. Now they sit firmly at the forefront of every CIO’s mind. The ability to continue business operations after a system failure and the need to fulfil stringent compliance requirements have made backup a necessity—not only for business continuity, but also for business survival. The question organizations need to ask about data protection is not whether to backup their data, but how to backup their data.

IT systems are prone to rapid evolution and present a constantly shifting landscape and the techniques used to protect those systems need to evolve as well. Perhaps one of the most significant changes in recent years has been the advent of virtualization. In the virtual world, legacy backup systems have become unfit for their [...]

Webinar: Storage Assisted Backups: Best practices for VMs

Veeam Webinar 4th July 2013: Storage Assisted Backups: Best practices for VMs

Associated Whitepaper to be published in near future.

Webinar: Disaster Recovery for Virtual Environments, One Simple Solution for Five Common SAN Replication Challenges

This is a replay of webinar, I ran last year.. the associated Whitepaper is linked below:

Whitepaper Available here: http://wp.me/p2ZZG3-fG

A new sister webinar/whitepaper focusing on using SAN snapshots in a holistic data protection strategy to be posted shortly.

Whitepaper: Disaster Recovery for Virtual Environments, One Simple Solution for Five Common SAN Replication Challenges

Introduction It would be no overstatement of fact to say that in the last five years virtualization has radically changed the landscape of IT infrastructure for the better. Workloads encapsulated into standardized virtual machines have significantly increased our ability to optimize and use physical resources in a way that saves much time and money. In addition to these economic benefits, new avenues have opened up to tackle data protection and disaster recovery, allowing us to increase service uptime while also reducing business risk. This white paper focuses on some of the common challenges experienced while implementing and using SAN-based replication for disaster recovery and it examines an alternative approach to disaster recovery to help resolve these issues.

Background Pre-virtualization disaster recovery plans were underpinned by application-level features hooking directly into specific hardware to achieve the required business recovery goals. To ensure that disaster recovery could be achieved, network infrastructure, hardware, software [...]

BBC Report Highlights Bad Spelling As Key Factor In Email Data Loss

A BBC Report has highlighted mis-spelled email addresses as a key factor in loss of sensitive data via email. Putting a dot in the wrong place or utilizing slight mis-spellings in domain names has presented a security loop hole for malicious attackers to use to steal data.

Click For BBC Report

Many large organisations use multiple sub domains to divide their various divisions either by function or geographically. When using email addresses in this type of environment they can get pretty complex. For example bank.com might use the sub-domain us.bank.com as the email sub-domain for it’s US employees. So, John Smith might have an address like “john.smith@us.bank.com“. Data loss can occur when a user types the wrong email suffix, such as usbank.com. An email to this address would normally be bounced back to the sender with an error as the domain wouldn’t be recognized. It is however very easy for [...]

ePrivacy Directive: EU to tighten up on Data Breach Notifications

You may be aware that the EU recently put into force the updated ePrivacy Directive (2002/58/EC). As of May 2011, the use of cookies to track website visitor information is now strictly prohibited. Cookies which were previously used to track visitor behaviour and personal details may now only be used with the express permission of the visitor. Interesting website based outside of the EU, do not have to operate with the same constraints. The enforcement and technical implementation of the directive may take some time to filter through to every cookie using site on the web, and penalties for not doing so are yet to be seen.

Work continues on the ePrivacy Directive in the coming months. One InfoSec concept which the EU are looking to tighten up control of through the directive is “disclosure”. Whereas in the past, companies or organisations may have been a little shy about publicising their [...]

Phone Hacking How To: Hacking Voicemail

I’ve been asked in recent weeks how the News of the World private investigators were able to hack into the voicemail of the alleged 4,000 victims of the phone hacking scandal. While the details of all that activity are something for the police to worry about, we can explain the basic methodology of a simple attack to do this. The one probably used in the majority of cases.

In the world of Infosec there is such a thing called a spoofing attack. A spoofing attack is where you have your device (whether that be a phone, pc or laptop) send out network packets with the identity of someone else. In the IP world, communications are broken down into thousands of small packets of data. Each packet has a destination address and a source address. When we’re trying to use a spoofing attack, we can use specialised software to send out packets, [...]

Microsoft AD RMS: User Adoption Made Simple

What is Rights Management?

Rights management pertains directly to managing permissions for individuals to access specific information. Our two jargon busting acronyms for this area are DRM (Digital Rights Management) and IRM (Information Rights Management). For the purposes of this article we will consider both DRM and IRM one in the same.

Development of this area of technology primarily driven by Copyright. Publishers of books, music and films have in recent years been more and more motivated to try to protect their material, in the face of the proliferation of internet use. The Internet has been it exponentially more possible to share copyrighted materials with the click of a button, and not to just one person, but hundreds of people, even one’s that the sharer has never even met. The need to control who has the right to access, read, modify or even delete information and also become [...]

Eco-Labelling – The Green Argument For Information Classification

It seems that if you are promoting a product or service these days, it’s mandatory to have an associated “Green Story” to back up your proposition. Earning cold hard cash for the benefit of both you and your customer is in some circumstances frowned upon, if there isn’t an ethical eco-friendly angle to your pitch. While I support green initiatives and do what I can to help with moves to improve the sustainability of the planet, hasn’t it all gone a bit eco-mad.

Those fabled 3 letters, E C O , are being used and abused by all and sundry to get that green tickbox filled. Whether a product in environmentally friendly or not, the ECO label gets thrown around like confetti at a wedding. We have Eco-Homes, Eco-Heaters, Eco-Computers, Eco-Laptops, Eco-Cars, Eco-Trucks… you name it we have it. In a shameless attempt to look more trendy, I’d [...]

UK: What is the GCSx Code of Connection (CoCo)?

A code of connection (CoCo) is a mutually agreed set of rules used by two parties to allow the Exchange of information between their systems. The UK government has pursued several initiatives in recent years to connect all government organisations into the secure networks of the central government intranet.

GCSx stands for Government Connect Secure Extranet. This is the network which will specifically connect Local Authorities (LAs) to the central government intranet (GSI – Government Secure Intranet). GCSx relates only to LAs in England and Wales. Scottish LAs will connect through GSX (Government Secure Extranet). Local Authorities must achieve CoCo compliance in order to be access access to the Government Secure networks. Confused yet? Being driven CoCo.Nuts?

Here’s a diagram to help see how it all fits together:

There are jut under 100 controls and measures that a Local Authority needs to put in [...]