Data Center Knowledge | News and analysis for the data center industry - Industr's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, February 14th, 2017

    Time Event
    4:00p
    Mother Nature Attacks! Is Your Disaster Recovery Plan Ready?

    Darin Pendergraft is Vice President of Product Marketing, Quorum

    Between data breaches that steal customer and employee data, or the latest ransomware attack that demands a massive payout, where do natural disasters fit in to your list of worries for losing valuable corporate data?  Mother Nature has an arsenal of weapons at her disposal including massive storms that cause days worth of power outages, floods, tornadoes, or earthquakes that do physical damage to your data center, and lightning strikes that could cause building fires. Those are just some reasons to put them high on your list for a crisis response plan.

    Hurricane Sandy did considerable damage in 2012 by causing the flooding of several New York data centers, including servers hosting BuzzFeed, Gawker, Huffington Post, and other sites. A general loss of power in companies all over the area caused outages and loss of connectivity. Earthquakes, hurricanes and other whims of Mother Nature can take down many physical structures.

    Even one small electrical fire can be pretty bad. Just ask the state government of Iowa, which suffered a data center fire and ensuing outage in 2014 right when the state had to issue $162 million in payments to employees, vendors and citizens. To add insult to injury, a blizzard was approaching and multiple services were down, including the Department of Transportation cameras that were desperately needed to monitor highways and bridges in the storm.

    The main issue at hand is that you can’t control any of these occurrences. This isn’t like a chess game where you anticipate your attacker’s next move and install a new security control to block him. When Mother Nature comes raging through your data center, there’s nothing you can do to stop it. You can, however, make plans for continuity and recovery; and there’s several key factors to anticipating and fortifying yourself against  the inevitable.

    Make a plan – Forewarned is forearmed. Your organization probably has a plan for employee evacuation in case of a fire, so a plan for protecting your data and other assets is just as important. Put together a crisis management team and draft a plan that covers everything from maintaining daily business operations to prioritizing critical processes to possible emergency scenarios and each team member’s response role.

    Map out where your data is – Is your data scattered across systems? Where is the most important data? Where do you need to maintain uptime no matter what? These answers can change from year to year, so make sure your team stays current and connected to an accurate overview of your digital assets. When disaster hits, you won’t have time to sort this out.

    Inspect your facilities and conduct a risk assessment – Just as your facility must meet fire codes and safety regulations, it needs to meet your own codes of data safety. Is the essential equipment protected? Is the large equipment anchored or stored on lower shelves? Is your electrical equipment elevated to reduce hazards? How secure is the building in general: Could the roof cave in from too much snow? How well would it hold up to a tornado? Each region has its own challenges. Identify your system vulnerabilities, and patch them up as best you can. Once inspected, if anything is not up to par you should seek outside expertise for recommendations to secure your data.

    Assess your backup strategy – If your backups are local only, it’s time to consider off-site storage and cloud solutions. One fire, flood or storm could wipe out all of your data otherwise – so invest in a solution that can keep clones of your environment safe in another location. Be sure your multiple locations are disparate enough that they are not sitting in the same hurricane path or on the same power grid. If you’re still using tape backups, determine whether your team would be able to access those tapes in the case of floods, earthquakes and blocked transit routes.

    Look for a Backup and Disaster Recovery (BDR) solution that offers fast recovery and fast performance, as a severe storm or disaster could keep your production environment down for a long time. Be sure you can not only recover quickly, but offer reasonable speed and performance in the alternate environment. There’s no point in investing in a backup and disaster recovery solution that only offers slow and partial recovery – in today’s competitive world, users and customers will hold delays and lost functionality against you.

    There’s no doubt that nature is capricious. Many teams don’t take planning for business continuity seriously, or invest in modern BDR solutions, until they’ve lived through the destruction of a natural disaster. By then, of course, it’s often too late. Only when disaster has hit, and they’re deep in chaos and panic, do they realize the preparation that could have made their IT event into a non-event.

    Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Penton.

    Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.
    5:54p
    Microsoft Launches Security Score for Office 365

    Brought to you by MSPmentor

    Microsoft today began scoring the security settings of commercial customers that use Office 365, and at least one insurer said the ratings would be considered in the pricing of cybersecurity policies.

    Microsoft’s Secure Score API had been in preview availability since early August. At the time, users were measured on just 27 security configurations and behaviors that impact the security of data in an organization’s Office 365 environment.

    Today’s general release grades users on up to 77 factors, and instructs them on how changes in behaviors and security settings – like activating multi-factor authentication – can impact their scores.

    “The core idea is that it is useful to rationalize and contextualize all of your cloud security configuration and behavioral options into one simple, analytical framework, and to make it very easy for you to take incremental action to improve your score over time,” said a blog post by Microsoft program manager Brandon Koeller. “Rather than constructing a model with findings slotted into critical, moderate, or low severity, we wanted to give you a non-reactive way to evaluate your risk and make incremental changes over time that add up to a very effective risk mitigation plan.”

    Microsoft launched the general availability to coincide with the RSA digital-security conference, which started Monday at the Moscone Center in San Francisco.

    In a blog post today announcing the broader release, Microsoft suggested four use cases for the score data:

    1. Monitor and report on your secure score in downstream reporting tools.
    2. Track your security configuration baseline.
    3. Integrate the data into compliance or cybersecurity insurance applications.
    4. Integrate Secure Score data into your SIEM or CASB to drive a hybrid or multi-cloud framework for security analytics.

    Secure Score will allow administrators to compare their security scores with those of 85 million other commercial customers of Office 365, according to a report in the Wall Street Journal.

    Also according to that article, Hartford Financial Services Group Inc., is the first company to publicly announce it will consider Microsoft’s security score as a factor in determining premiums for cyberinsurance.

    “It gives us insight and comfort that you are doing some risk management,” Tom Kang, Hartford’s head of cyberinsurance, told the Wall Street Journal.

    Kang would not say how much weight the score would be given.

    Corporate cyberinsurance is the fastest-growing insurance product in America, with PriceWaterhouseCoopers projecting premiums to grow from the current $3 billion a year, to $7.5 billion by 2020, the journal reported.

    This article originally appeared on MSPmentor.

    7:20p
    Microsoft’s Brad Smith: We Need a “Digital Geneva Convention”

    Brought to you by Supersite for Windows

    The present and future of warfare takes place on computer terminals, innocent civilians worldwide are not being protected by their government, and it’s time for the tech industry to pull together and call on the world’s governments to come together in a Digital Geneva Convention. So said Brad Smith, president and chief legal officer at Microsoft, in an RSA 2017 keynote on Tuesday morning.

    Smith opened by defining the cyberwarfare battlefield: “It’s a different kind of space: Not only can we not find [cyberspace] in the physical world, it is us. Cyberspace is owned and operated by the private sector.” From the submarine cables that carry data across the ocean floor to the clpud services that contain data, the physical and virtual infrastructure is not government operated.

    And so, Smith said, “When it comes to attacks, [the tech industry] is not only the plain of battle, we are the world’s first responders.”

    As such, the tech industry should come together and call on the world’s governments to conduct a digital Geneva Convention to devise and agree to rules protecting civilian use of the Internet.

    “What the world needs is a new international agency … that brings together the best and the brightest in the private sectors, academic, public sector … to observe what happens, then call the question and identify the attackers when nation-state attacks happen,” Smith said.

    He drew strong parallels between the state of current events now and the state of the world leading up to the 1949 Geneva Convention. In a related blog post, Smith wrote:

    Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace.  And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies.  The tech sector plays a unique role as the internet’s first responders, and we therefore should commit ourselves to collective action that will make the internet a safer place, affirming a role as a neutral Digital Switzerland that assists customers everywhere and retains the world’s trust.

    In his keynote, Smith called on tech companies to act as responsible global entities, outlining codes of conduct for them too: Never to assist attacks, always to coordinate and collaborate in defense efforts, always to share solutions and patches.

    Repeatedly, he called for the tech industry to be “a neutral digital Switzerland upon which everyone can rely.”

    This article originally appeared on Supersite for Windows.

    7:46p
    Preparing for Cloud and Big Data with Converged Infrastructure

    Sponsored by: Dell and Intel

    Dell_LogoIntel-logo.png

     

    Today, data centers are evolving at a staggering pace. Organizations are spending more of their budgets to support growing business initiatives. Gartner recently said that this would be a defining year for cloud as private cloud begins to give way to hybrid cloud, and nearly half of large enterprises will have hybrid cloud deployments by the end of 2017. In fact, Gartner describes cloud computing as a style of computing in which scalable and elastic IT-enabled capabilities are delivered “as a service” using internet technologies. It heralds an evolution of business in positive and negative ways. It has also become a hot industry term that has been used in many contradictory ways.

    Converged infrastructure is helping business look at the modern data center from a different perspective. We’re now creating better systems capable of multi-tenancy and better resource controls. According to Gartner, organizations typically have multiple goals for big data initiatives, including improving the customer experience, streamlining processes, lowering costs and marketing more effectively. The research firm’s survey showed that organizations are overwhelmingly targeting enhanced customer experience as the primary goal of big data projects (64 percent). Forty seven percent have their eyes on process efficiency and more targeted marketing. And a significant number are paying attention to enhancing security capabilities – 23 percent.

    “As big data becomes the new normal, information and analytics leaders are shifting focus from hype to finding value,” said Lisa Kart, research director at Gartner. “While the perennial challenge of understanding value remains, the practical challenges of skills, governance, funding and return on investment (ROI) come to the fore.”

    When we examined the results of a recent Data Center Industry Trends survey sponsored by Dell EMC and Intel, we learned that 50% of respondents leverage SaaS-delivered and cloud-based applications. A further 40% are aiming to support new, cloud-ready, applications and workloads.

    Here’s the interesting part – when asked how prepared they were for these new cloud initiatives, nearly 30% said that they are either not very prepared or not prepared at all for cloud.

    When you look at this kind of converged infrastructure environment, it’s important to see how a data center is also a gateway into the cloud. Converged infrastructure actually helps create a direct tie into a cloud architecture.

    • Converged Infrastructure Enables Architectural Efficiency. We’re supporting greater numbers of users and workloads, all under the same IT architecture. Converged infrastructure (CI) not only supports more users, it also gives them a better experience. From the administrative perspective, you have your critical resources all under one management plane. Most of all – direct integration with the hypervisor allows you to literally create a bridge into the cloud. On premise converged infrastructure solutions can scale into the cloud or even other private data center solutions. The point is that you have the architectural freedom to design your environment around the growing needs of your business.
    • CI – Helping you Innovate at the Pace of Software. Converged infrastructure is all about hardware and software intelligence. Now, you’re creating powerful profiles capable of dynamically provisioning and de-provisioning critical resources. Basically, converged infrastructure help you create cloud consumption models. Alerts, thresholds, specific policies, and even hypervisor-level controls – all enable easier management of a complex ecosystem. Through convergence, you can rapidly deploy new business units, test out new pieces of technology, and push workloads into the cloud directly from the management layer. This allows for the greatest amount of flexibility around the logical layer and the physical layer it supports.
    • Enabling Systems Ready for Big Data. Virtual applications, desktops, big data, databases, virtual workloads, and a number of other types of solutions can be hosted on a CI platform. You can do things like graphics optimization, big data workload control, and even integrate with cloud systems. The beauty of CI revolves around its flexibility. In the past, heavy workloads (like data analytics) needed their own specific resources to function properly. Now, CI creates a platform where workloads like big data processing, and even virtual desktop infrastructure (VDI) can live on the same ecosystem; all managed from one environment.
    • Creating Extensions into Cloud. Modern converged infrastructure solutions now act as the foundation for hybrid cloud systems. Direct integration with virtualization and cloud environments allows administrators to create an intelligent bridge into the cloud. You can integrate with VMware vRealize cloud automation solutions for automation, and even extend into an OpenStack cloud management ecosystem. The important part is that it’s all under one converged platform – with intelligent management built in. 

    There are powerful integrations with virtualization systems as well as cloud infrastructures. This means that CI acts as a direct bridge into a variety of new types of workloads. This includes big data, hybrid cloud, virtualization, and much more. With greater levels of efficiency, density, and workload optimization, converged infrastructure aims to take on modern business challenges with truly smart IT solutions.

     

    << Previous Day 2017/02/14
    [Calendar]     		Next Day >>

Data Center Knowledge | News and analysis for the data center industry - Industry News and Analysis About Data Centers   About LJ.Rossia.org