The advent of cloud computing and service-oriented data protection is mutating the role of backup administrator. The backup process is becoming a service offering by the IT department as part of the internal cloud's application service level agreement.

The backup administrator's role is transforming from the traditional "tape jockey" into a "data protection policy manager". An example of this is the push by many to make network backup more of a policy engine for backup and disaster recovery ? business continuity.

Three recent advancements in technology are beginning to transform data center operations and the role of the IT Administrator:

·         Virtualization (Server and Storage)

·         Disk-based continuous and snapshot data protection

·         Data Deduplication

Virtualization (Server and Storage): The role of server virtualization is to provide an abstraction layer between the server hardware and applications, so they can be moved between servers at will, and the role of storage virtualization is to provide the same abstraction between the servers and the storage.

The ability to abstract applications and storage from the actual hardware makes the hardware a commodity, enables applications to be moved from one server to another at anytime, without downtime, and allows storage to be purchased based on price and reliability, rather than functionality in the firmware.

Storage virtualization also facilitates the movement of data. Application data can be moved anywhere, anytime, based on performance or other requirements via a policy created by the IT admin.

Disk-based continuous and snapshot data protection: A continuous data protection (CDP) and snapshots to the mix eliminates the need to do bulk transfers of data over the network to make actual backup copies. The definition of a backup is a copy of the data, and it has to be a full copy to actually be a backup.

The backup copy must be separate from the production copy, and must be stored on physically separate hardware or storage media. Once the base copy is available, that copy can be used as the source for snapshots so that the primary copy is unaffected.

In order to accomplish real-time non-disruptive snapshots, the copy must be continually updated via CDP technology to capture any new information between snapshots. Instead of the traditional method of backing the data up with a bulk copy operation, data is simply always protected, continually through CDP, and periodically via the snapshots.

Data Deduplication (DD ): So far, we have virtualized everything and have implemented continuous protection for our critical data, and are making periodic snapshots of everything else. Backup is the killer application for DD, but DD also helps make DRP/BCP much more efficient. The reason backup is the killer application is because a full backup copies the same files over and over again. As an example, let's take a legal company with 500 desktops running Excel that are backed up using weekly full copies with a 30 day retention.

How many copies of excel.exe do you need to store? Without DD  the first week there are 500 copies of it on tape, the next week there are 1000, the week after that there are 1500 copies, and the last week there are 2000 copies of that one file before the tapes are over written.

Now extrapolate that out to every file in the organization. You can see how it a DDs up real fast. If you do the math, using typical backup operations and retention requirements, 20TB worth of data with a 2% change rate and 3% growth rate will require over 101TB of media storage if retained over 5 weeks.

With DD The same 20TB with the same growth and change rate at a 7:1 DD ratio could be stored in about 24TB. (101TB - 24TB = a savings of 77TB worth of space!) You can begin to see how much money you can save over time here. But that's not the main benefit of DD.

The main financial benefit of DD (besides less media and storage) is how it saves WAN bandwidth for data replication. WAN bandwidth is typically a re-occurring monthly cost, and although the cost has been going down, it's still a major part of most IT budgets, which is the reason many companies are still shipping backup tapes offsite for disaster recovery. Imagine being able to get data replicated offsite electronically more efficiently and at a lower cost than shipping and storing tapes!

In summary the steps to create an internal corporate cloud.

1.       Virtualize everything so application and data location are irrelevant

2.       Continually protect, rather than use a bulk copy backup for data protection, which will change the physics of backup by removing the need to move large amounts of data at the same time.

3.       DD everything so it can be stored and moved efficiently

4.       Create policies for storage tiers and data life-cycle, and apply those policies on the objects being stored (files, blocks, and tapes) so that the entire data life-cycle is automated, and everything moves to where it belongs based on that policy.

Pandemic disaster recovery planning should consider the impact the H1N1 flu virus could have on the Internet if workers and students are forced to stay home because of the pandemic. Officials at the U.S. Government Accountability Office weighed in on the potential for clogged networks  in a 71 page preport.

Although the issue has been raised before by various ISPs and network carriers, recent worries have focused on securities firms that depend on third parties to clear trades and process payments over the Internet, according to the GAO.

"Internet congestion during a severe pandemic that hampers teleworkers is anticipated, but responsible government agencies have not developed plans to to address such congestion and may lack clear authority to act," the GAO warned.

Internet backbone congestion from a pandemic is not a major concern. The larger problem may be with the network "edge" or "last mile" in the residential portion of the Internet. Janco says that work-at-home strategies for organization may not work as advertized as residential Internet access may not be sufficient.  This is true both from a capacity and bandwidth at work at home sites.

Often many residential DSL users could share a single DSLAM connection at the carrier's switching office to reach the backbone, contributing to congestion problems. Last-mile DSL and cable modem networks are where remote access falls apart.

While the network edge impact would vary by neighborhood, the Centers for Disease Control planning guideline that assumes 40 percent of the workforce might not be in the workplace for an extended period of time during a pandemic.

It is not possible to estimate the number of cases of the swine flu - (H1N1) England alone has over 100,000 infections and over 100 deaths. A worldwide pandemic is occurring. Young, obese, and pregnant individuals are primarily affected. The virus is easily destroyed; most cleansers will work, and it appears to be viable about 7 hours on a hard surface and one hour on porous fabric. Patients are most infectious when first coming down with flu, but remain infectious throughout the illness.

Disaster Planning documentation needs to be updated. In addition, businesses should take common-sense precautions before the pandemic, such as frequently having disinfecting wipes available, having  employees and visitors wash hands with soap, use disposable  towels in toilet areas,  and having employees stay at home if they are feeling ill.

Organizations should start preparing now to operate in a quarantine scenario. A key word is cluster, when there are a number of related infections in a department or facility, you can expect to see it close for ten to twenty days and people either voluntarily not going there, or being directed not to go to that location.

Two of the most important issues are how to keep Information Technology and Computer Operations up. CIO and IT managers need to start asking hard questions right now, about how operations will continue if a significant number of people get sick. Technical people do not tend to look at all of the parts of the system and you do not want to wait till you are in a flu situation before you start asking questions and finding out that everything except backups and fund transfers can be done remotely.

Janco has just issued a pandemic press release on how to upate your disaster recovery plan. 

(Internet Research Group) - Regulation is a part of business, regardless of company size, industry, or geography. In addition, for the most part, the larger the enterprise, the larger the potential for non-compliance risk. Non-compliance can mean a number of things ? sanctions, fines, legal action, market value impact, and the cost of remediation may exceed the perceived cost of prevention.

The results are supportive of the term audit fatigue, that unmanaged IT Audit efforts within regulated organizations have a negative business impact on IT resources and reduce IT efficiency. However, respondents are largely aware of and interested in tools to automate audit processes and controls as a means of overcoming audit fatigue and freeing up IT budget and resources for innovation rather than compliance. This results in the following:

• Compliance impact is increasing, resulting in high audit frequency and number: As can be expected, larger organizations must satisfy a number of IT audits. Small to mid-sized enterprises (SMB?s) are also subject to an increased level of compliance requirements ? resulting in higher than expected IT audit engagements. Given the lack of consistent IT standards across industries and geographies for audit criteria and reporting, compliance efforts ? i.e., IT audit and remediation ? are largely manual.
  
  
  

  

• Audit costs are unmanaged, resulting in increased cost: Many respondents conduct audits on an ad-hoc basis rather than as a scheduled effort of an enterprise risk-management program. Given the inability to forecast audit and remediation, spending, budgetary control is lost ? exacerbating the perceived impact of compliance efforts.
• Lack of controls automation, limited process maturity: Audit fatigue can be attributed to lack of controls automation and unmanaged IT Audit processes. Limited controls maturity ? i.e., repeatable and sustainable controls enforcement and audit processes ? constrains IT innovation due to uncontrolled costs associated with IT Audit and issue remediation.

Poor access controls cause most security and data breaches. A solution is to have access controls implemented which enforces specific tasks different administrators can perform, without disclosing the root password. This would help prevent the majority of data breaches that have occurred. Insider attacks are dependent upon access, and the following are effects, which are common and are inherently insecure and expose the enterprise to significant risk:

• Full access to the network and user accounts. Even junior-level administrators have access to the network and to user accounts, so they can reset passwords, restart servers, and perform other administrative tasks. Of course, this may mean they can use the passwords of other users, if so inclined. This practice is even riskier in the Unix/Linux environment where it is a common occurrence for an entire IT department to share the root password for convenience at the expense of security.
• Full access to the operating system of servers through a senior administrative account. Senior network and system administrators must have superuser (root) access to do their jobs. These privileged accounts are usually required for system functionality and are created when the system is installed. They can bypass system controls to access or destroy sensitive information. Superuser accounts make a variety of attack techniques possible, including the planting of logic bombs during system upgrades.
• Unauthorized access to a privileged account. An example of this is seen when an unauthorized user may retrieve privileged account information for a database from an application server's configuration file, and subsequently use the credentials in a Structured Query Language (SQL) session over the network to retrieve or modify sensitive data.
• Compromised encryption keys. This is commonly seen from any employees that have access to the operating system. System administrators know where to find these encryption keys, and they are frequently stored without security or encryption of any kind. Once encryption keys are stolen, all the vulnerable encrypted data is compromised.
• Unauthorized uses of administrative access. Administrative accounts have been called the "keys to the kingdom" because they have unrestrained access. In native environments, someone with administrative access can destroy audit data to cover his tracks as he/she commits fraud by changing databases whose data is used to create financial records and statements. Worse yet, entire applications or databases are at risk to be destroyed.

The Air Force has activated a new communications organization that will support the Air Force's Space Command, a new command that combines space and cyber-space operations under one organization. The new 689th Combat Communications Wing, headquartered at Robins Air Force Base in Georgia, specializes in deployed communications.

The wing will play a support role in combat theaters where resources are sparse, such as Afghanistan, and in humanitarian aid operations, according to the Air Force. The dedicated cyber command, the 24th Air Force, reports to the Air Force Space Command. The Air Force created the cyber command this year, and it became operational Aug. 18.

As the Air Force activates the Combat Communications Wing it fills in a critical security niche.  The 24th Air Force's integration under Space Command represents a landmark in Air Force operations, combining space and cyberspace under a single organization. Like traditional Air Force units, the 24th is set to provide forces for combat -- but unlike traditional units, these forces can also conduct cyber warfare.

The CCW is the newest of three sub-organizations supporting the 24th Air Force; the other two are the 688th Information Operations Wing and the 67th Network Warfare Wing.

The CCW nationwide will comprise roughly 6,000 active duty, reserve and National Guard airmen, as well as civilian and contractor support from the 3rd and 5th Combat Communications Groups, ten Air National Guard Combat Communications units and four Air Force Reserve Combat Communications squadrons.



Home