• Santa made a list and he checked it twice. Let’s find out who’s naughty and who’s nice!

     

    Naughty Listcoal naughty list

    Who is on the naughty list this year?

      1. Ransomware Attackers
      2. Bad Password Creators
      3. Uncommitted Remote Workers
    Wondering why Ransomware Attackers take the number one spot on this year’s naughty list?

    Ransomware is malicious software that poses a threat usually by denying you access to your data. The attacker demands a ransom from the victim, with the promise to restore access to their data upon payment (which rarely happens even if the victim pays the ransom).

    In 2021, the estimate is that a ransomware attack will take place every 11 seconds. The total damage could reach $20 billion. To break that out, in 2019 the average cost per ransomware attack was $133,000. Imagine a 90% chance of someone holding a $133,000 ransom over you. This is happening all too often, and it is happening in the world of technology. No, thank you…. “SANTA”! (tattletale voice).

    Though not in the same league as a ransomware attacker, bad password creators and uncommitted remote workers take second and third place on Santa’s list of naughtiness.

     

    Passwords

    Passwords provide the first line of defense against unauthorized access to your computer and personal (and your company’s) information. The stronger your password, the more protected your computer will be from the hackers and malicious attackers mentioned above. One of the most common ways that hackers break into computers is by guessing passwords.

    Simple and commonly used passwords enable intruders to easily gain access and control of a computing device. If you want to be considered the ‘good’ worker that you are and to receive ALL of the toys and treats that you deserve this year, it is imperative you put thought into creating a unique and somewhat complex password. This not only protects you from having your personal information compromised, but your company will thank you too!

     

    Casual Remote Workers

    Casual remote workers, or in other words, remote workers who do not take company policies and procedures seriously, are the last of the naughties. With so many people now working from home, assailants have more opportunity to pull off an attack. There is a myriad of ways in which a remote worker can lessen the chances of a company being compromised; the below is a good place to start:

    1. Brute force attack through the VPN

    In a brute force attack, a hacker uses a rapid trial and error approach to guess the correct password, PIN, or encryption keys. It doesn’t require a lot of intellect or complex algorithms – it’s merely a guessing game. (Refer back to #2 on the list – create unique passwords!)

    2.Command and Control via Phishing

    Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication. (Take the time to really think about what you are being asked. Work with your IT team to learn how to identify a phishing email)

    3.Bypass of Multi-Factor Authentication

    Multi-factor authentication is an electronic authentication method in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. (When you are asked if you would like to set up multifactor authentication, the answer is always yes 😊)

     

    Nice List

    Who is on the nice list this year?nice list

    1. SysAdmins/IT Departments
    2. IT leadership for navigating 2020
    3. Leaders who allocated budget to team members over products

     

    SysAdmins

    In a simple definition, System Administrators fix computer server problems; they organize, install, and support an organization’s computer systems. This includes local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication systems.

    In a more accurate description of SysAdmins and your IT Department; they are super(wo)men! These individuals have always been deserving of appreciation from the surrounding departments and people in their lives, but 2020 has challenged the company’s IT departments to deliver even more, even faster. Expectations are that they continue making your company’s communication working seamlessly. In today’s world, they work tirelessly to ensure remote workers are set up to be efficient. They work hard to implement, teach, and manage policies and best practices for remote workers. Not only is your IT department on the nice list this year, but they also get to eat the cookie dough from the Christmas Cookie bowl too! Score!

     

    IT Leadership

    IT leadership is another group that made the nice list. When no one knows what is going on (and I do mean no one), people look to leadership for guidance and direction. The difficulties of leading a group of people and an organization have their own challenges in a “normal” year but when you’re working from a recipe that encompasses budget cuts, the need for innovation, navigating new working situations, and the increased pressure of diminishing cyberattacks, a “successful” outcome can be hard to measure.

    The following challenges were top on the list for IT leadership this year:

    • Cybersecurity
    • Digital transformation
    • Cloud computing
    • Hiring
    • Budget

    Increased pressure to perform with drastically lower budgets has forced IT leaders to identify their very top priorities in order to allocate budgets appropriately. Nothing new here, leaders have done this since the beginning of time, but when you think your budget is one thing and it QUICKLY becomes another, this balancing act isn’t nearly as easy as it seems. To the leaders who opted to take care of their employees over buying the latest and greatest; thank you!! Your team noticed and MOST IMPORTANTLY, Santa noticed! You know what they say, “he knows if you’ve been bad or good so be good for goodness sake!!”

    Happy Holidays to you and yours!

     

     

    Blogs typically are not hard to write. The trick is to find something relevant for the readers and something that is passionate to you. Just take a look at some of the blogs my teammates here at Zunesis have written.

    The year 2020 and how the Covid-19 pandemic are affecting our world, a topic which is dominating every news cycle, no matter the industry:

    2021 – It’s Only a Date Change – Peter Knoblock

    Going Back to Basics – Tom Savage

    2021 Strikes Back – Caleb Clark

    CARES Act Funding to Assist with Distance Learning – Sara Wessells

    Another Zunesis blogger, a fitness enthusiast, compared IT Health Checks and Assessments to doing Yoga.

    Yoga + IT Health = Nirvana – Stacy Lara

    These blogs were easy for the authors to write because they are passionate about their topics, our world, the industry we serve, and the customers we serve.

     

    AD Health Checks

    Over four years ago in May 2016, I wrote a blog titled: Why You Need to Check the Health of Your Active Directory.

    First, I cannot believe that was four years ago, and second, it is still very relevant today. In fact, I would say more relevant, enough to expand the AD Health Checks to the entire server infrastructure.

    In that blog, I compared Active Directory to the central nervous system of the human body.  How, just as you see a doctor for regular checkups, AD also needs these types of checkups. If AD is the central nervous system, then the servers which support the infrastructure are the major organs. Just like the AD Health Check, the servers must be checked periodically.

     

    Screen for Diseases

    1. Verify backup solution: Be sure your backups are working. Daily reports need to be reviewed for completion and to identify issues. Perform test recoveries to be sure the backup solution is working at 100%. Don’t have a backup or unsure about your current solution? Zunesis has a blog for that:

    Are You Sure You Can Recover Your Backups? – James Hughes

    Protecting your Data with Veeam Backup – Adam Gosselin

    2. Monitor Disk Usage: Servers generate a lot of data which can add up over time. Make sure you are getting rid of old log files.  If they are needed, then archive them to permanent storage. Remove old applications that can leave significant security holes. Review the removal as some uninstallers can leave old files. A smaller data footprint means faster recovery.

    3. Monitor system alarms for hardware: Check for any type of hardware warnings, errors, or failures. Warnings tend to lead to errors, which can lead to failures.

    4. Monitor server resource utilization: Monitor disk, CPU, RAM, network utilization, and log files. Check for OS or Application issues.

    5. Updates, updates, updates: Check for Operating System updates. Check for Application updates. Check for Hardware (Firmware) updates. Hackers are very quick and can develop variants within hours of an issue being disclosed. Rapid response is key.

    6. Review privileged user accounts: Validate for accuracy and check account permissions to make sure they are appropriate for each user.

    7. Review Password Security: User passwords should be changed every 45-60 days. Service Account passwords should be changed annually.

     

    Future Health Precautions

    Assess Risk of Future Medical Problems

    • Review Microsoft Server Roadmap for planning migrations.

    Encourage a Healthy Lifestyle

    • Review and discuss current administrative practices surrounding the Servers.
    • Review and discuss and recommend monitoring strategies around the Servers.
    • Review and discuss and recommend auditing strategies of the Servers.

    Maintain a Relationship with Doctors in Case of an Illness

    • Good to have a relationship with an infrastructure provider, like Zunesis, when issues arise and advanced assistance is needed.
    • Good to have an independent third-party, like Zunesis, doing the health checks. You aren’t allowed to prescribe your own medication, are you?

    These should be included in a larger Infrastructure Monitoring Program with documented Policies and Procedures. The checks and the levels may vary depending on the organization.

    Just like the human body, proper monitoring and care can assist in keeping your Servers healthy. Your Servers can only benefit from these periodic “doctor” visits. The Zunesis Infrastructure Health Check will assess your current Server Infrastructure and deliver a report providing a third-party review, validation, and recommendations for improvement. Contact Zunesis today to schedule a health check for your organization.

    Growth in Hybrid Cloud

    It is probably no surprise to anyone reading this that the move to Hybrid Cloud is picking up pace. IT organizations are moving data and workloads offsite for protection or to expand resource capacity more dynamically without increasing their capital spend. Of course, protection and capital management are just a couple of examples.  The reasons and use cases for the growth of Hybrid Cloud are evolving nearly as fast as the technology that makes the hybrid infrastructure more viable than ever before.

    As a storage focused Solution Architect, my perspective is data-centric. I look for ways to get data to the cloud most efficiently. My interests are motivated by how we use, migrate, and protect that data once it’s there. I need to answer questions about presenting the data to applications and compute resources, how to migrate it from one Cloud provider to another, and how to restore it back to on-premise resources.

     

    Options for Managing Data in a Hybrid Environment

    Management of data in a hybrid environment is facilitated by an increasing number of solutions today. This week, I’d like to highlight three cloud-based data solutions from Hewlett Packard Enterprise (HPE).  Two of the HPE solutions I’ll be summarizing here are part of an HPE Cloud Suite. Those solutions include HPE Cloud Volumes Block and HPE Cloud Volumes Backup. The third solution has been around for some time and is not officially considered part of the Suite. However, I think it is important as a consideration in an overall Data in the Cloud strategy. That third solution is HPE Cloud Bank Storage.

     

    The HPE Cloud Suite

    As I mentioned before, the HPE Cloud Volumes Suite consists of a pair of enterprise-class, on-demand data services from HPE that provide Block and Backup storage on an HPE Cloud platform. Each of these services leverage technologies from HPE that can also be found in their on-premise solutions. Cloud Block utilizes Nimble Storage and Cloud Backup utilizes the StoreOnce Catalyst Store.

    Together, these services can provide an on-premise experience. But, to be clear, you don’t need to have Nimble or StoreOnce on-premise in order to use these HPE data services. The idea behind Cloud Volumes is to provide access to your data from anywhere and allow you to move data between workloads across the major cloud providers that include Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

    The HPE Cloud Volumes Suite is a pay-as-you-go service. You only pay for what you use. Because your data is on an HPE platform, you don’t need to worry about egress fees as you would with the other cloud providers. However, because the HPE platform has data locality beside the other service providers, you can present your data to compute resources located on the other platforms. This means you can move data between the other cloud services providers quickly and without additional charges. The result is the elimination of cloud provider lock-in.

    So, let’s take a quick look at each of the Suite data services.

     

    Cloud Volumes Block:

    This service provides enterprise cloud-based Block storage to use for volumes that will connect to workloads running in Azure, AWS, and GCP. The storage is located on HPE’s cloud platform but with data locality near the cloud provider(s) of your choice. Because HPE Cloud Volume Block is separate from the workload platform, you can migrate data from one provider to the other without egress charges; the data doesn’t change its location, only the workloads change locations.

    As mentioned earlier, HPE Cloud Volumes Block uses HPE Nimble technology and all the features you’d expect on that array platform. And, as with HPE Nimble on-premises solutions, you can expect six 9’s (99.9999%) availability with HPE Cloud Volumes Block. While the management interface is different than the on-premise Nimble Array, the ease of provisioning volumes still exists.

    Using the HPE Cloud Volumes Portal, you can choose your Workload Cloud Provider, Cloud Application, Volume Type, Performance Characteristics, Size and Application Hosts to which you will present volumes. And, of course, you can specify snapshot schedules, whether to encrypt the volume, cloning, etc.

    Features of HPE Cloud Volume Block include:

    • Multi-cloud (AWS, Azure, GCP)
    • Instant Snapshots and Clones
    • 256-bit volume encryption
    • Nimble replication from on-premise to Cloud
    • REST API
    • CLI
    • Container support (Docker, Kubernetes, Mesophere)
    • SoC2 Type 1-certified
    • HIPAA-compliant

    So, what are your workload requirements? Test/Dev? Production? HPE Cloud Volumes Block is suited for either of these use cases.

     

    Cloud Volumes Backup:

    As the name implies, this part of the HPE Cloud Volumes Suite provides a cloud-based backup target. We are all familiar with the 3-2-1 backup/recovery strategy where you maintain 3 copies of your data on 2 types of media with 1 copy off-site. HPE Cloud Volumes Backup fulfills the off-site part of that strategy.

     

     

    The HPE Cloud Volumes Backup service integrates with some of today’s leading backup ISV’s, including Commvault, Veeam, and Veritas. There is also support for MicroFocus Data Protector. What this means is that you can start using Cloud Volumes Backup immediately if you already use one of these ISV backup/recovery solutions. In addition to the ISV’s mentioned, Cloud Volumes Backup integrates with HPE RMC (Recovery Manager Central) for protection directly from on-premise HPE Primera, HPE 3PAR, and HPE Nimble. But, to be clear, if you are using a supported backup/recovery software solution, you can protect data on any storage array supported by the ISV.

    One of the goals for any backup/recovery strategy these days is to provide an extra layer of protection from a Ransomware attack. After all, it is reported that there is a ransomware attack happening every 40 seconds. To provide protection from ransomware, HPE Cloud Volumes Backup incorporates the HPE Catalyst protocol. This protocol creates data Stores that are not directly accessible by the OS, making the backup images invisible and inaccessible to ransomware.

    With high-profile reports of data loss and increasing levels of government legislation for data security, companies are seeking to encrypt their data. With Cloud Volumes Backup, data is encrypted in-flight and at rest. Data on the wire travels under an AES-protected SSH tunnel to HPE Cloud Volumes Backup. Data at rest can be encrypted with 256-bit AES-encryption.

    And, in case you were wondering, HPE Cloud Volumes Backup offers built-in multitenant security. Backup volumes created by one user are not visible to others, even if they are stored on the same device. Management or provisioning access, as well as data access, is also multitenant.

    In addition to security, you are also likely concerned about being able to assure the integrity of the data you are trying to protect. The reliability of your backed-up data sets is critical. It would be a disaster to restore your data from a backup location only to find it is corrupt. HPE Cloud Volumes Backup provides data integrity throughout its lifecycle by providing built-in protection that checks data at multiple stages. Data is checked during backup, while at rest, and during recovery.

    Finally, in addition to being ready in the event of a data recovery event, where you would be restoring data back to your on-premise array, HPE Cloud Volumes Backup can be used to restore data to HPE Cloud Volumes Block. It leverages public cloud compute resources for disaster recovery, test/dev, reporting, analytics, etc.

     

    Cloud Bank:

    So far, we’ve talked about cloud-based storage for production and test/dev workloads as well as storage for your off-site, standard retention backup target. An important consideration for any backup/recovery strategy is how you will manage your long-term, archive storage. To that end, HPE Cloud Bank is designed to be used as long-term archive object storage.

    Cloud Bank is an extension to the HPE StoreOnce Backup Appliance. The design assumes you will store short-term retention data on an on-premise HPE StoreOnce appliance. Then, it tiers that data to HPE Cloud Bank for longer-term retention and archival data. Cloud Bank leverages a customers’ provisioned object storage in either Azure or AWS. It funnels data to and from those objects stores through StoreOnce.

    In contrast, HPE Cloud Volumes backup is an as-a-service offering. A customer can have backups near to the cloud without managing a cloud infrastructure, or any on-premises appliances or licenses. You can also restore from Cloud Volumes Backup directly to any array, or, to Cloud Volumes Block, so that data can be used with GCP, AWS, or Azure compute.

    Depending on your use case, all three of the cloud-based storage solutions presented here may work for you. Whatever you are looking to achieve with your cloud-based data footprint, one of these options is likely to get you there.

    Contact Zunesis for more information on how to manage data in a hybrid cloud environment.

     

    For those of you who think that on January 1, 202 at 12:00 AM the world is going to go back to the way it was before COVID reared its ugly head, I have bad news for you; we’re still going to be in this fight. I wish it wasn’t true. I really do! However, contrary to the Peter Pan story, there is no Neverland; only the reality of what we face today.

    Right now, in late November, we’ve regressed to nearly the same lifestyle we had when the country closed down in March. The worst part is that we already know what the casualties will be if it continues. I apologize for sounding like ‘Dave, The Downer,’ but not being realistic about what the immediate future holds for us would be incredibly naïve and unintelligent.

     

    How To Handle the Future

    How do we handle what the near future will provide us? The first and most obvious goal is to rely upon your friends and family for support. We can’t go at it alone. There’s strength in numbers. One finds strength in functioning organizations as well.

    There’s also strength in ‘think tanks.’ Heck, there’s been plenty of time to think about everything to the point of exhaustion. However, if one uses his/her time wisely and merges his/her ideas with their respective teams, more options will be available. These can be used to take on the next initiative or to overcome the next hurdle. Now, that’s the benefit of having time alone to think and then spend more time collaborating with your teammates.

     

    New Scenarios

    However, there’s also a danger of having time alone to think. Since I work with an IT Solutions provider, I will focus on those scenarios that may be on your mind. Those brilliant (cough, cough) folks who dreamt up the scheme about sending money overseas to that nice person (they have to provide their bank account information first) so they can store it in an official bank account are cooking up all kinds of different scenarios.

    Some of these evil actions will include even more advanced ways of attacking an organizations’ infrastructure. We’ve already had two clients succumb to this and the ‘reconciliation’ costs are astounding. If you know about ransomware, you know what I am talking about. There’s a 50/50 chance of not even getting back company information afterwards too. Last week, an article in Forbes mentioned British Airways, LifeLabs, and Marriot International all experienced data breaches.

    Listed below are a few topics that are predicted to be trending in IT budgets in the year to come.

     

    Travel Budgets Used for IT projects

    The airlines are very close to their ‘rock bottom,’ and many will likely disappear in COVID’s version of the Bermuda triangle. Forbes also mentioned the company’s budgets for 2021….

    “will shift from travel to IT technology spend. This trend will likely continue even after there is a vaccine because everyone is realizing that doing business via the internet and platforms like Zoom is fine. Travel budgets can now be redeployed to “shore up” projects that need a little extra funding — such as cybersecurity and enabling high availability at the edge.”

    For many IT implementations, travel is not needed. Zunesis has been hugely successful with doing deployments remotely.  The only difficult part of these deployments is the ‘racking and stacking’ of these machines. Well, there are certified IT movers and many customers are even willing to ‘rack and stack’ the machines themselves in order to maintain social distancing.

     

    Ethical AI

    Based on consumer privacy issues over the last five to ten years, consumers are finally putting their foot down. Forrester believes the following…

    “Over the next few years, firms will deliberately choose to do business with partners that commit to data ethics and adopt data handling practices that reflect their own values and their customers’ values.”

    As we all know, there’s been a lot of ‘discussion’ surrounding this topic lately. I am looking forward to witnessing how this trend will evolve. Gartner also mentions this but instead of calling it ‘Ethical AI,’ they call it ‘Privacy-enhancing computation.’

     

    Edge Computing

    This is a slam dunk. We’ve even seen this rise in technology well before Covid. If there’s a way to minimize data disruption, Edge Computing is definitely at the frontier of expanding technology. Gartner also feels that ‘Distributed Cloud’ can…

    “help organizations provide their services physically closer, latency is reduced, as are the costs of data, helping to ensure compliance with laws that dictate data must remain in a specific geographical region. Gartner notes that distributed cloud is the future of cloud technology generally.”

     

    Total Experience

    Via Forbes, Peter High of the CIO Network defines Total Experience as…

    “Total experience combines customer experience, user experience, employee experience, and ultimately multi-experience to impact and transform business outcomes. The overlap in these experiences can be improved with technology, and it enables companies to take advantage of disruptive aspects of the current pandemic such as distributed customers, remote work, virtual and mobile.”

    It’s about time this was on the forefront. A seamless transaction? What a concept and I am glad to see this as one of the most important IT trends for 2021. Our way of working changed overnight it seemed. Adjusting to the ‘new normal’ with regards to tangible and intangible products has been challenging; especially in education.

     

    Always Changing

    These are just some of the changes to expect in the Infrastructure Technology world. There are a lot of dynamic strategies taking place. We will be covering these as we close out 2020 and come out swinging in 2021. We’ll come out on the other side of this as more immune and adaptable than ever before. So, while it may not go back to normal at the stroke of midnight on January 1st, 2021, we’re on our way to the Promised Land!

     

     

    GET IN TOUCH

    EMAIL: info@zunesis.com

         

        

    NAVIGATION

    CORPORATE OFFICE

    Zunesis, Inc.
    4B Inverness Ct E Suite 100,
    Englewood, CO 80112
    (720) 221-5200

    Las Vegas
    6671 Las Vegas Blvd S
    Building D Suite 210, Office 260
    Las Vegas, NV 89119
    (702) 837-5300

    Copyright © 2023 Zunesis. All Rights Reserved. | Website Developed & Managed by C. CREATIVE, LLC