Choosing Backup and Recovery Solutions for the Virtual Environment

One of the least popular action words in computing – perhaps not the runaway leader – but it’s up there – backup. 

One of the most expensive undertakings in computing – perhaps not the most expensive – but it’s up there – the painful crisis following a system failure without a – backup.

There’s no need to remind regular readers of the inevitability of a hard drive crash and of the necessity of running with a proactive backup strategy – they get it (I think     )

But, given the accelerating pace of change in the small business market – most particular in the use of  virtual machines, small business owners may well need a quick refresher in how to implement a strategy which ensure both physical and virtual environments are actively protected.

Here’s a timely guest article from Michael Krutikov, a Product Marketing Manager over at Symantec, in which Michael explains how to get it right.

————————————————————————————————–

In a virtual environment, each host server has the potential to become a single point of failure for business-critical applications. Because of this, businesses need to invest in practically invulnerable backup and recovery solutions that have been specifically designed for the virtual environment – as well as the physical environment.

You could, of course, use one backup and recovery solution for your physical environment and purchase a second for your virtual environment, but that can introduce a whole host of problems that you may not have the time or resources to handle, like the need to manage a second interface, the disruption to your team – who has to learn it – and the cost for a second set of backup hardware and licenses. Instead, most experts recommend streamlining your backup and recovery needs by finding a single solution that protects both environments and will:

• Provide granular- and application-level recovery. To ensure that you can restore what you need, when you need it, make sure that your backup and recovery solution offers all levels of recovery, including full virtual machine, individual virtual disks, virtualized application & database servers, as well as files, folders and even individual emails. That way, you can get your most critical business components back up and running quickly.
• Deduplicate (data deduplication is a specialized data compression technique for eliminating duplicate copies of repeating data), across both physical and virtual environments. When you deduplicate data across both the physical and virtual environments, you’re able to not only save large amounts of disk space as compared to compression or single-instance storage, but you can reduce backup storage costs and backup window times, as well.
• Include storage efficient backup. This improved form of data backup will exclude deleted blocks from a backup to increase your storage efficiency.
• Automatically convert physical backups to virtual machines. By choosing a backup and recovery solution with this feature, you’re able restore physical servers to virtual machines, and it eliminates the need to have an already-configured, physical server ready to go in case of a failure.
• Offers physical server and multi-hypervisor support. Because many organizations are running multiple hypervisors, finding a solution that supports them all will simplify your backup complexity, and management – and help reduce your licensing costs.

To ensure that your backup and recovery solution keeps even new virtual machines protected, be sure to look for one that will automatically detect new machines as they come online. That way, your team won’t have to spend time and energy searching for new machines – or editing backup up policies when new applications move to different hosts.

Michael Krutikov is a Product Marketing Manager, supporting Backup Exec since joining Symantec in 2007. With a 14 year career in IT, he now works on marketing partnerships and programs built from thousands of meetings with partners and customers in a constant learning mission to deliver Symantec solutions that can better address their needs.

SMB Social Media Risk Index – Panda Security’s Surprising Findings

The success of the email delivered “Here you have” worm that clogged email systems on Thursday, despite the usual misspelling, grammatical, and punctuation errors, seemed to bewilder many in the security community. Frankly, I’m surprised that the community was surprised.

It seems to me, that any security honcho worth his salt (someone who makes a point of getting out in the field occasionally to observe user behavior), would be more than aware, that despite constant warnings NOT to click on embedded links, the majority of users blithely ignore this critical advice.

The following are a few comments I heard at a meeting over the weekend, during which “here you have”, was a topic of much discussion.

“Social scientists need to sit down with a group of these dumb dicks who clicked on the link in this email, and study their behavior.”

“Most users continually show that they are morons. They can’t follow the most basic instruction – DON’T CLICK ON EMBEDDED LINKS!”

“Users who fell for this, and who caused so much disruption in their organization, should be restricted to a pocket calculator on the job.”

The comments might sound slightly edgy, but when perceived stupidity cost money, “edgy” might be at the lower end of the spectrum. And, there are costs –direct monetary costs that a company will be forced to deal with, following penetration of a company system caused by irresponsible employee behavior.

So, what do you think the costs to an organization might be, where employees fail to follow common sense rules when interacting with the Internet, particularly social networking sites?

Panda Security, which released the results of its 1st Annual Social Media Risk Index today, for small and medium sized businesses, may well have one answer.

In this survey of 315 US small and medium businesses (up to 1,000 employees), which focused on the month of July, 2010, Panda found that more than a third of surveyed  companies which had been infected through employee interaction with social networking sites, reported losses in excess of $5,000.

I was not at all surprised to see that Panda found that Facebook was cited as the top culprit for companies that experienced malware infection (71.6 percent) and privacy violations (73.2 percent).

I was however, surprised to see this – “we were pleased to see that the majority of companies already have formal governance and education programs in place. These types of policies combined with up to date network security solutions are required to minimize risk and ultimately prevent loss.”

A confused observation in my view, given that the facts show – these “education programs”, are NOT working.

Additional survey facts:

Thirty-three percent of SMBs have been infected by malware propagated via social networks; 23 percent cited employee privacy violations on popular social media sites.

Thirty-five percent of SMBs infected by malware from social networks have suffered financial loss.

Facebook takes top spot for social networking-related malware infections, followed by YouTube and Twitter.

You can find the complete survey here. Or, you can view a slideshow on the study’s results here.

About Panda Security;

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions with products available in more than 23 languages and millions of users located in 195 countries around the world.

Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology.

For more information, visit Panda US.

Panda Security’s Latest Survey Shows Small Business Fails At Data Security

I’ve been working on an article for some time, investigation whether small business is up to the task of protecting your personal information; particularly your financial data (credit card, debit card, details), following a consumer transaction.

The background research has revealed a sobering reality – many small and medium sized businesses really suck at protecting their customers’ critical financial information.

So, when I had the opportunity to read Panda Security’s study (released yesterday), of security in SMBs (including 1,500 US SMBs), which showed that a startling percentage of US based SMBs just don’t get the security equation, I was not in the least bit surprised.

Look at these stats from the survey:

The infection ratio at U.S. companies has slightly increased since last year (46 percent in 2010 compared to 44 percent in 2009). It has dropped in Europe (49 percent in 2010 compared to 58 percent in 2009).

Viruses are the most popular threat SMBs are encountering (45 percent), followed by spyware (23 percent).

Thirty-six percent of US SMBs use free consumer security applications.

Unbelievably, 13 percent have no security in place!

Thirty-one percent of businesses are operating without anti-spam

Twenty three percent have no anti-spyware.

Fifteen percent have no firewall.

Participants: The survey consisted of companies with between 2 and 1,000 computers. 1,532 in the United States participated in the survey, and nearly 10,000 in total across the U.S., Europe, Latin America and North America.

The next time you use your credit/debit card at your local Butcher, Baker, or Candlestick Maker, consider carefully the risks involved. It might be prudent to inquire whether the business operates in a twenty first century security environment.

Yes, I know, you might see this as an overreaction – but it’s hardly that. Unless we, as consumers, force the issue, many SMBs will continue to operate with their heads up their in the cloud – unfortunately, not in the security cloud.

I’ll tell you a little secret – I never use my credit, or debit card, when transacting business with a small local merchant. It’s not the small monetary loss that concerns me, since the card issuer sets my liability limit at $50. Instead, it’s the more critical information that can be stolen and used in identity theft.

About Panda Security;

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions with products available in more than 23 languages and millions of users located in 195 countries around the world.

Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology.

For more information, visit Panda US.

A PDF version of the full report is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.