Are your backup systems secure?

March 28, 2013 Leave a comment

This post first appeared at InfoSec Institute 6/2011.

All seemed well with backup operations at my company, until I got a visit from an operations center engineer.  The lock already hanging open, he was holding one of the “secure” transports that our off-site tape storage vendor uses to move backup tapes.  But this time, the tapes inside were not ours—someone else’s data was in our hands.  I couldn’t help but think: how many times have our tapes been sent into our competitors’ hands? Did they send them back immediately as I did—or did they land in less scrupulous places? In this article, I’m going to show you how systemic thinking helps identify security vulnerabilities like this one in your company’s data backup systems, particularly related to issues around backup tapes.

You will learn:

  • Factors to consider before you move to a tapeless data backup system
  • Encryption challenges and opportunities-related to keeping your off-site data secure
  • Approaches for backup tape reduction and legacy storage technology elimination

Backup and documentation are together the most-often neglected facets of IT operational management. Why? Backups usually don’t contribute directly to revenue generation. But this is a fatal mistake: ignoring backup and documentation can cost a corporation millions of dollars, even in typical litigation or disaster recovery scenarios.

By addressing backup challenges systemically in the context of the entire organization, you will see that running effective, efficient and secure backup operations is an opportunity to effectively contribute to the success of a company, even beyond protecting from financial risk.  This perspective will help you to:

  • coherently manage data security
  • control data and data storage growth
  • reduce data storage costs
  • ensure business continuity
  • recover from disasters
  • provide effective reporting and data visualization of systems
  • automate processes to reduce data exposure, fine-tuning backup coverage and identifying security vulnerabilities

Simply by reading this article, you’re already ahead of the game.  Most people aren’t aware of the organizational implications of an unsecured backup system – typically, it is thought of as an “IT problem.”  But it’s never that simple and needs to be a shared responsibility.  Recognizing the impact to the organization as a whole is Step One – now let’s dig into the nitty gritty of putting your back-up systems on solid, secure ground.  By viewing IT as an intricate part of a system rather than a separate discipline and universe, you have begun to view things from a whole-systems perspective, in which all components are part and parcel of one interconnected whole.

Back-Ups and Documentation: An Overview

Organizations – whether public, private, academic, healthcare or otherwise – run on data.  Without that data, the wheels stop turning: cash registers can’t ring up customers, trading floors can’t trade, and hospitals can’t keep patients alive.  Serious stuff.  Back-up systems ensure that when something goes wrong, there’s another way to bring the data where it’s needed to keep things moving, in a timely manner.

How do they do it?  Simply put, backup systems make copies of your data and place that data on completely different storage media.  Unauthorized access to those systems and media can potentially destroy a company in days or even hours.  Backup systems come in many different shapes and forms from the different backup software options available to the storage media the data is stored on to the methods of copying and transferring the data itself.  Let’s take a look at the most common forms of data storage found in most large scale enterprise computing environments, to see which might be the best fit for your organization.

Tape v. Disk for Backup — Factors to consider before you move to a tapeless data backup system 

There are those who say tape is going the way of the dinosaurs.  You might instinctively think that by removing tape backup from the equation you eliminate a security risk of lost tapes.  In fact, it never fails that when I’m presenting at a conference, someone asks ‘why don’t you just get rid of tapes altogether and move everything to disk or to the cloud?’  The short answer is, it’s rarely a good idea to keep everything on-line with nothing backed up to removable storage.  In fact, you dramatically increase your risk (of going out of business, of loss of life, of operational delays, or of core service delivery) by exclusively keeping your data on-line.  From a whole systems perspective, multi-tiered redundancy of data storage systems is an important principal of best-practice architecture for disaster recovery and business continuity plans.  The bottom line: don’t put all your eggs in the on-line basket.  Keep copies on tape, so that when one fails, you can turn to the other.  Some of the most forward-thinking and advanced companies out there rely on tape as a component of their back up strategy.  Need an example?  Read on.

February 2011: Tens of thousands of Google email users panicked when they discovered that all of their emails and contacts had disappeared.  The tone of panic in social media was over-the-top.  Although Google maintains multiple copies of data in multiple data centers, disasters still happen.  Google had released a software update to their system and an unforeseen software bug resulted in a cascading failure where several copies of the data was effected and ultimately was lost.  But, the news that saved Google’s reputation was that this monolith of the tech world takes a multi-tiered approach to data protection and in addition to replicating their data many times in many different data centers, they also backup their data to tape and lots of it. Google is the largest consumer of tape in the world today, using some 50,000 LTO (Linear Tape-Open) tape cartridges every quarter. Google was ultimately able to recover all the lost data from backup tapes for all the 40,000 GMail users whose data had been inadvertently lost.

Need more? Here are some quick facts about tape-based data back-up:

  1. In many cases, tape is much faster than disk for backup and restoration of data
  2. Tape has a much lower cost per gigabyte
  3. Tape has a much higher density of data per tape v. per disk drive
  4. Tape uses immensely less power and cooling than spinning disk
  5. Tape isn’t subject to cascading failures
  6. Tape has a far greater life span than disk
  7. Tape libraries have infinite storage capacity without taking up any more data center space

One last fun fact: there isn’t any network on earth that provides faster data transfer rates than a U-Haul full of tapes at highway speeds.

Truth of the matter is, data protection is never simple, and you will most likely choose a hybrid architecture of both tape and online back-up solutions.  Every business has different requirements and there are no optimal one-size-fits-all solutions.  You need to employ the right people and do the proper analysis that will align holistically-designed solutions with your business requirements.

Encrypting your data — Encryption challenges and opportunities-related to keeping your off-site data secure

OK, it’s backed up and protected.  Keep it that way!

Now that I’ve suggested that you’ll most likely use tape somewhere in your data protection strategy, let’s move on to ensuring that the data remains protected over time.

It would seem obvious that companies should encrypt their backup tapes, but the fact of the matter is, most don’t.  Whether you use tapes for all your backups or just some of your backups, mismanagement of tape media can be the largest security hole in your organization.  If you do nothing else after reading this article, look up your organization’s encryption strategy—and make sure there is one.  Now let’s identify what approaches to encryption are out there, and what might be a good fit for you.

There are four general approaches to encryption for backup data:

  1. Software encryption is a system in which the backup application does the encryption on the data as it’s backed up.
    • Advantages: Encryption and key management is contained within the backup system itself.
    • Disadvantages: Backups may slow down depending on the resources available, there can be heavy processor load on the systems doing the encryption, and this option will not compress or de-duplicate data.
  2. Appliance based encryption is a system in which in-band encryption takes place over the wire by a dedicated appliance.  This can take place via a network switch, or in the I/O blades of a backup library.
    • Advantages: Faster encryption and data transfer capability is delivered without increased load on the servers, and often the data can be compressed prior to encryption in-line resulting in fewer tapes.
    • Disadvantages: Key management is a separate system and may be difficult to maintain over many years.  Many of the companies that created these products are either out of business or have EOL (end of life) the product that spells out that there is no continued support if you run into problems.
  3. Drive-based encryption is a system in which newer tape drives now come with the capability to encrypt data as it is written
    • Advantages: Drives compress the data before encryption and this system tends to be faster without the drag on production system resources.
    • Disadvantage: Key management may become an issue for long term storage.
  4. Encrypt-Always is a system in which the data on disk (in its native, active form) is always encrypted.
    • Advantage: You don’t need to worry about encryption from a backup point of view, so long as data is not decrypted on its way to tape.
    • Disadvantage: The data will not compress or de-duplicate to any kind of storage. Also, system security can be difficult to manage (key management), data can become difficult to access and utilize.  It is also noteworthy that this system may slow down overall performance, and the industry is still young for this technology.

Why people aren’t encrypting their backups.

With these options available to encrypt your data, why don’t more people do it? The short answer is, encrypting is cumbersome to execute and manage over time.  The only way encryption tends to work is with highly disciplined IT teams.  Key management represents the part of the process where the risk and vulnerability to your backup systems will occur: if keys are lost in personnel or technology transitions and there are not back-up systems in place to recover the keys, significant data loss can result.  While it would be great to have all 12PB (petabytes) of your backup data that is residing on some 130,000 backup tapes encrypted, the downside is that if you lose the encryption key(s), you would then have 130,000 tapes you could never read from and you would most likely be looking for a new job.  Fortunately, regardless of the method you choose, a solution to the problem of key management also solves a few other problems when dealing with long term data storage.

More long-term storage challenges

Yes, there’s more.  With state and federal regulations such as the SEC, NASD, NYSE, HIPAA, Sarbanes-Oxley Act, Gramm-Leach-Bliley, and FRCP, most companies are required to keep data for many years.  If you are one of these companies and need to keep data for three, seven, twelve or twenty or more years you are going to have other challenges when it comes to managing the systems and restoring the data.

During the life of any given company, a lot of things happen when there are changes in management, changes in technology and corporate changes such as mergers and acquisitions.  Odds are your company will experience one or more, if not all, of the following:

  • You will switch/add backup media types within the same family (e.g. LTO-1 ⟶ LTO-2 ⟶  LTO-3, etc.).
  • You will switch/add backup media types across media formats (e.g. DLT7000 ⟶ AIT-3 ⟶ LTO-5).
  • You will upgrade your backup software from version to version, each version coming with its own unique upgrade capacity and capability and sometimes, changing the way it backs up or writes data.
  • You will switch backup software vendors each of which have their own way of backing up data and will usually not be able to read the backups of another vendor (e.g. NetBackup ⟶ NetWorker ⟶ TSM , etc.).

The end result of these scenarios is the inability to restore vital business data andincreased cost to the business either from fines, lawsuits, or operational redundancies of maintaining extra tape drives, tape libraries, backup servers, networks, staff, etc.  Additionally, companies lose the expertise of running legacy backup systems no one has seen in years and the hardware falls out of support.  Replacement parts become scarce or impossible to acquire.

Gain control over your tapes — Approaches for backup tape reduction and legacy storage technology elimination

Historically, tape is something that needs to stick around for a long time–but times change.  The good news is, everyone faces change management challenges, so there are many technologies and methodologies available for arming you for those inevitable transitions.

Here are a few ways you can manage your backup systems, reduce the number of backup tapes and save yourself from data loss:

Data Lifecycle Management — Viewing backup data/systems as a holistic system from “birth-to-death” is essential to planning an effective long-term solution.

A solution to the problem of legacy systems and data storage also solves problems associated with encryption key management.  While it’s fairly simple to do and set up the policies, it does, however, take a disciplined team to employ the practice and should be automated through and through whenever possible.  One way of viewing a data lifecycle management process is illustrated in the following media migration feedback loop.

Employing a process such as the media migration feedback loop ensures the following:

  • All data is on media that is no more than three years old.
  • All data is on a higher density and current media technology.
  • This approach reduces your off-site storage costs by reducing the slot count and number of tapes while using higher density media.
  • This approach increases your ability to backup and restore data faster with newer tape technology.
  • You ensure you have the latest encryption and key management system reducing the likelihood of lost keys or defunct key management systems.
  • This cycle-based system tests and verifies data integrity concurrently.

Control data retention at the application layer.

Many organizations think that they have to keep their backup tapes for compliance reasons.  This isn’t necessarily so.  Barring requirements for a large data archive system, a much more strategic method towards data retention can be approached at the application layer.  Let me paint a picture of a typical private sector scenario:

Let’s say your State requires companies to maintain personnel records for seven years past their last date of employment.  Does this mean that you need to backup your HR database and keep the tapes (storage layer) for seven years each time you run a backup?  Or does it mean that the HR database itself (application layer) needs to retain a record of each employee for seven years past their departure date?  If the retention of employee records is managed inside the HR database itself for the required period of time, then you can continue to backup your HR database and keep the tapes for a shorter period of time, say a year or less.

Cost-Savings Case Scenario

Here’s a scenario in which costs can be reduced from approximately $30,000 to $1,500 – and that is for only one small system, in one department:

  • Controlling retention at the storage layer: The weekly backup for the HR database is 200GB and you keep it off-site for seven years.  This will result in more than 364 tapes at a cost of $30,000
    in tapes after seven years not including the tape storage costs.
  • Controlling retention at the application layer:  Give the data retention control to the HR database itself and keep the backup tapes for only six months, then you’d have roughly twenty tapes off-site at a time at a cost closer to
    $1,500    .

Let’s take it one step further, reducing costs across the corporation:

Take these numbers and apply it across a typical mid-sized company for all databases, file servers and systems and the cost savings easily turn into millions of dollars.

For example:

Cost-Reduction Area/Activity      Savings
Savings in the HR database $28,500
Number of similar major databases  x      20
Subtotal of savings $570,000
Deeper dive into a typical mid-sized company: > $75,000
Number of data-intensive systems:  x      50
Savings $3,750,000

You see that by moving the mechanism at which you control data retention reduces the number of tapes, or disk space in the occurrence of a VTL (virtual tape library).  Additionally, moving data retention controls from the storage layer to the application layer provides reductions not only in the amount of storage media you will require, but also in the cost of supporting resources (i.e. people, drives, data center space) for media migration and management. And, as always when dealing with data management and retention of regulated data, consult with your corporate attorneys when putting together your data lifecycle management plan to ensure you remain compliant.

Conclusion

Whether you are the CSO, CIO or storage administrator for your company, systemic understanding of your information systems is essential for ensuring the security and integrity of your corporate data.  When approaching the vectors of security exposure to your backup data systems, don’t be too quick to follow the blind rantings of madmen that represent competing vendor solutions that are only interested in selling you hardware and software by throwing technology at the problem.  Seek the expertise of information and technology strategists that understand the systemic nature of your systems, and more importantly, your business.

As we’ve seen, tape backup systems continue to be used by some of the most forward-thinking and advanced technology companies [like Google!] and have been recognized as the last line of defense against data loss by the best in this business.  A wholistic approach to a coherent tape strategy also allows you to introduce a well-designed encryption system into your data protection strategy while ensuring the ability to manage the whole system (i.e. encryption keys, key management, media formats, backup software versions and applications, etc.)   This type of whole-system strategy will provide you with the ability to reduce the number of tapes you have in order to lower your cost of operations and ensure that you retain the ability to manage and recover mission critical data by employing a media migration strategy.  It’s the same sort of thing we’ve been doing for years with our NAS and SAN storage, why shouldn’t you do it with your backup tape storage too?

Action Steps – Do This Now:

  • Find and read your companies policies and procedures regarding:
    • data protection (backup requirements)
    • data retention (where is retention controlled, storage or application layer?)
    • encryption of removable media (backup tapes)
    • Do all of the above policies and procedures exist?  When were they last updated?
  • Check your data back-up systems.  Is the data on the backup tapes currently encrypted?  If so, has it been verified?  If not, why?
  • How many backup tapes do you have and how many different formats are there?
  • Make data protection a shared responsibility between IT, legal, information security and the records management and compliance departments with regular meetings, quarterly or semi-annually, regarding the requirements around data protection.
  • Begin to apply a whole-system lens to all systems: how will changes to one part of the system impact other departments, other stakeholders to the data and the ability to deliver your companies products and services to your customers?
  • Have an initial, high level external audit conducted by a professional with a whole systems perspective.

© 2011 Brian J. Greenberg

Filed under storage, systems theory, I.T., data protection, disaster recovery, cloud, backup, data storage, eDiscovery, data center, security, Big Data Tagged with , , , , , , , , , , ,

Big Data Under Attack

March 20, 2013 Leave a comment

Co-authored by Brian Greenberg and Tom Silva appearing in the Huffington PostPlease read it, like it, comment on it, and share it! Would love to hear your thoughts.

big-data

Big Data Under Attack

Once again, everybody is talking about China. On Feb. 19, Mandiant, an American security company issued a startling report – the result of a six-year investigation — that makes the claim that the United Sates is in a cyber war with a 12-story building in Shanghai. The private security analyst concluded that the building is home of China’s stealth cyber war division, the People’s Liberation Army Unit 61398.

If this sounds like the movie, War Games, make no mistake – this is real. According to Mandiant, for the last seven years, Chinese hackers have stolen data from at least 141 companies across 20 major industries, including critical infrastructure sectors like energy and telecommunications. At least 115 of the companies were in the United States. Sen. Dianne Feinstein (D-CA) chairwoman of the Senate Intelligence Committee said classified intelligence documents support Mandiant’s claim.

Last year, we proclaimed this the Era of Big Data, and, in light of the dramatic events of the last few weeks, we thought it was an appropriate time to consider what’s happened since. In order to understand this from the inside, we invited a leading big data expert, Brian Greenberg, VP of Technology Operations at Total Attorneys and Founder of General System Dynamics, to help us parse fact from fiction or fantasy.

Hacking Today

First off, it doesn’t take China to do this. Hacking isn’t only done by governments and individuals; there are zombie hacker armies at work everywhere (Brian spent part of last week fighting off Russian hackers). What’s more, hackers will sometimes automate their efforts by writing programs that will try a laundry list of known security assaults (or exploits) on random computers throughout the globe — thousands of exploits on millions of computers. Once they hack their way into a computer, they automatically plant a seed of code on that computer that will spread the hacking maneuvers to more computers. Soon, thousands of computers are hacked and hacking thousands more computers. Most of the time, the owner of the hacked computer doesn’t even know she’s been hacked and is now part of a large zombie hacker army.

The Data Drain

As we face threats and theft, consider this: less than one percent of the world’s data is analyzed and less than 20 percent is protected. Part of this is a traffic problem. It’s estimated that the amount of global data will reach 40 zettabytes (ZB) by 2020 (that’s over 40 billion terabytes), an amount that exceeds previous forecasts by 5 ZBs. That represents a 50-fold growth from the beginning of 2010 and that number is probably a lowball.

Data collection and acquisition is harder today because of the explosive growth of mobile devices and multimedia. For example, your 1GB memory card will hold 715 pictures taken on a 4 MegaPixel (MP) camera. However, the same 1GB memory card will only hold 130 pictures taken with a newer 22MP camera. Consider how many pictures you take a month with your current camera or camera phone. Now think about how often you get a new camera or camera phone — for most people its every two years as cheaper ones come to market. Now you’ll need to get that much more storage for your home computer to store and back things up, not to mention in the cloud where things are expected to reside in perpetuity (consider that over 250M pictures are uploaded to Facebook every day with increasingly higher and higher resolution).

Now extend that to video cameras. The city of London has over two million CCTV cameras alone. These cameras are mostly security cameras put in place at stores, office complexes, ATM’s, in subways, and at traffic lights. As newer, cheaper technology becomes available, these cameras are replaced with higher resolution cameras with better quality pictures. Data storage requirements are already exploding into the petabyte (PB) range — a thousand terabytes — and increasing every year.

Data Hoarding

So, why are corporations so vulnerable to hackers? Because they have more data than ever. Like hanging on to clothes that don’t fit, most of America’s premier companies are starting to do essentially the same thing with data. The reason? They recognize the opportunity cost of not collecting data. Often times, the chance to get data only happens once — when it occurs. This is true whether it’s from video surveillance, pictures from a cell phone, people browsing their on-line store, GPS tracking information coming from a car, recording tweets or information collected through scientific research. But what if you don’t have the algorithms and the requisite supernerds to analyze that data? This is a real problem. The fields of data science exploring how to mine data for patterns, discover emergent properties, and generate useful information is still quite young and consists mostly of what the industry called Quants — quantitative analysts usually with a Ph.D. in math or physics with extensive skills in computer programming. But, the level of data mining grows more sophisticated everyday and the quants are forced to keep shifting goal posts. So, if you don’t yet know what to do with all that data, put it in storage. Archive it with some meta-data (data about the data collected), and then use it sometime in the future. This is where the sci-fi and cyberpunk elements enter the picture: projecting ahead to a time when a team of data scientists, a quantum computer, an exabyte of collected data and the right algorithms will discover new business strategies, reveal hidden genetic clues that vanquish devastating diseases, or combat terrorism before terrorists have a chance to strike by analyzing patterns in global events. It’s all possible.

Lastly, as the China controversy has shown us, privacy remains a huge concern. Even if the data collected is ‘Greeked’ or ‘anonymized,’ often times peoples’ identities can be extrapolated from the large sums of data collected and correlated with publicly available data from social media and other sources. Companies don’t always effectively protect and secure the private information they collect, making them prime targets for hackers, who sell or freely publish it on websites. Considering all of the advances in the way companies can collect and sell your data, we need more advocacy groups and organizations such as the Electronic Frontier Foundation (EFF) to do the critical work of defending free speech, privacy, and consumer rights.

This article was co-written by:

  • Brian Greenberg, Vice President of Technology Operations at Total Attorneys and Founder & CEO of General System Dynamics. A thought leader in data storage, litigation readiness, IT Strategy, data protection, and disaster recovery, he has worked with major corporations, including Motorola, Microsoft, Fujitsu, and Bloomberg. Contact Brian via email: bjg@acm.org or twitter: @bjgreenberg. http://briangreenberg.net.
  • Tom Silva, Senior Vice President of Marketing and Strategy for The Alter Group, one of the nation’s leading commercial real estate development firms. Tom previously served as communications director for PM Realty Group, an international full-service commercial real estate firm. He is a graduate of Long Island University and is currently part of the Masters of Arts program in the Humanities at the University of Chicago. Tom was the recipient of the CoreNet Global Chicago Chapter’s inaugural Michael Kaczmareck Leadership Award. His work has been recognized by the Publicity Club of Chicago, the International Academy of the Visual Arts and the Web Marketing Association. For more information about Tom or The Alter Group, please check out www.altergroup.com and follow them at @thealtergroup

Origionally Posted on @HuffPostTech at http://www.huffingtonpost.com/tom-silva/big-data-under-attack_b_2910783.html

Thanks for reading!

– Brian & Tom

2013.05.16  UPDATE: A great article about the current state of information security in The New Yorker.

Filed under Big Data, cloud, data protection, data storage, I.T., privacy, security, storage Tagged with , , ,

Uneducated Employees and their 7 Deadly Sins

February 12, 2013 Leave a comment

Uneducated Employees & Data Protection

Filed under backup, cloud, data protection, I.T., privacy, security

Why you should stop write protecting your backup tapes.

June 6, 2012 Leave a comment

Want to know how to save yourself a lot of money and grief? Stop write protecting your backup tapes.

I recently had a conversation with a friend who’s the data center manager of a large company with a $25 Billion dollar market cap. He shared a story with me to vent his frustration. There was, at his company, a policy to write protect any backup tapes used to restore data. Don’t know why this is a problem… read on.

It’s important to note that over the past several years, the idea of using backup tapes, and tape technology in general, has been getting a bad rap. It seems like everywhere I look, people claim that tapes aren’t reliable.  Fact of the matter is, these people are fundamentally wrong. It’s because of faulty data protection strategies and practices that backups fail – wether you’re backing up your data using disk, tape, or the cloud.

He isn’t the first person to share his frustration about this with me and I’ve seen it myself at other companies. In fact, I consulted with a company that, before I arrived, spent the better part of a year and a significant amount of money trying to diagnose why their tape drives kept going off-line and why they weren’t able to get their backups working. Funny thing was, it wasn’t a technology issue at all… it was a mistaken belief system.

It seems that there are a lot of people with relatively old knowledge about backup technology.  There is an outmoded belief at many IT organizations that if you restore data from tape, you have to write protect the tape before you put the tape in the drive (or tape library), for fear that you might overwrite the data by accident. This belief has caused a great deal of trouble in lost time, increased grief, and lost budgetary dollars.

Tape Library

Tape Library (Silo) with robotic arm.

Historically, prior to the past 15+ years, this belief may have been true. Back then, most people weren’t using large storage systems and modern backup management software like NetBackup, NetWorker, or TSM. Years ago, when data was relatively small and your entire backup fit on a single tape, backup was a lot simpler. You usually only had one tape drive or a small auto-loader. There weren’t many backup applications available and most of them were expensive. Fortunately for most system administrators with small budgets, they knew about ‘tar‘. tar, short for tape archive, was, and is, a great tool. Created in the early days of UNIX, it’s still used nearly everywhere for creating convenient packages of archived data.

The down side of using tar for backing up data is that it’s not a backup management system. Backing up data with tar is a manual process and you have to keep track of what you wrote and where you wrote it. Meaning, that if you didn’t keep track of where you wrote your backups carefully, you might inadvertently overwrite a tape and lose valuable data.

Today we have a lot more data than we did years ago and most of the time a single backup job will span across several backup tapes. In order to manage all this new data we don’t use single tape drives sitting on a desk anymore, now we have large tape libraries (or silos) that have several tape drives and can hold hundreds or thousands of backup tapes.

Along with large tape libraries that can hold, at the time of this writing, 640 tape drives, and 100,000 tapes containing 1,000 petabytes of data, we also have modern backup management systems that make using these tape libraries very easy. Though we still use tar in many cases to backup data, but tar, or tar-like tools, are managed by the comprehensive scheduling and tape management that is a part of a modern backup management system. Tapes are no longer labeled by hand with the days of the week. Tapes have bar codes that are read by robotic arms armed with lasers attached to a computer system. The backup system knows all about what tapes have data on them, how long the data needs to be kept around, when to backup different systems, and what tapes are safe to write to and which aren’t. It’s all automatic and when you need to recover a file, you just put the tape back in the tape library and that’s it. The backup software takes over and does the recovery. And it’s all done without the need to ever write protect any tapes. It’s like magic.

Even after 60 years, magnetic tape continues to be the fastest, cheapest, and most reliable form of data protection and storage available. It’s uses are many including; reliable storage for backing up data, long term archive, use in hierarchical storage systems, and as ultra dense removable storage devices using the new linear tape file system (LTFS) that makes using tape as easy as dragging and dropping files and folders.

Even with cloud storage, disk backup, and de-duplication technology available for backup, recovery and business continuance; tape is an essential part of any disaster recovery plan and should always be included in your data protection strategy. Even Google uses tape – a lot of tape.

Filed under backup, cloud, data center, data protection, data storage, disaster recovery, I.T., storage Tagged with , , , , , , , , , , , , , , , , , , , , , , ,

Cloud Computing and the Virtual Law Office

June 1, 2012 Leave a comment

Chicago Bar Association I recently had the privilege to speak at the Chicago Bar Association where they hosted a seminar and panel; Introduction To Cloud Computing and the Virtual Office which included an overview of the technical aspects of cloud technology as well as insights from practitioners operating out of the “virtual” office.  For my session, I presented a technical overview on Cloud Computing and then participated on the panel with fellow panelists: R. Andrew Smith, Stephen Hoffman and moderator, Justin Heather.

While cloud computing seems to be ubiquitous in conversations overheard in enterprise IT as well as conversations about cloud services for the home consumer, cloud computing is still quite young in the retail market place and has a lot of growing to do.  There was a great Q&A period for the panel where we addressed questions about security, platforms, applications and support.  One of the surprising things that came up, and in an ironic way considering it was a room full of attorneys, was the notion of reading the End User License Agreement (EULA) and Service Level Agreement (SLA).

The EULA & SLA spell out not only what the services are that the cloud company is providing to you but also; the service level (availability of the service, disaster recovery and support), the level of security of your data, the level of privacy of your data to either the company, 3rd party companies or other applications, and other critical considerations.

It’s clear that cloud services can be a tremendous boon for different companies of various sizes and in different industries. However, subscribers need to take the time to educate themselves and get informed about the kinds of services they are receiving, the services limitations, and look ahead towards their exit strategy.  You never know when your cloud provider might stop offering their services, change their services, or you want to change providers. How are you going to migrate your data and applications to another cloud service?  It’s not as easy as you think.

Filed under cloud, data center, data protection, data storage, I.T., privacy Tagged with , , , ,

Older posts

Follow

Get every new post delivered to your Inbox.

Join 4,622 other followers