Keeping a database operating smoothly requires routine maintenance:

Image courtesy of renjith krishnan/ FreeDigitalPhotos.net

• Looking for signs of corruption from a hardware fault, 3^rd party driver or firmware, or platform issues
• Reorganizing the database to remove old and deleted data and logs
• Managing and reviewing log files to trace odd program behavior or system access events
• Cleaning up leftover maintenance data by removing unneeded files allows your database to respond faster
• Rebuilding indexes regularly. Over time, index fragmentation can lead to gaps in data pages and logical fragmentation, which in turn leads to increased disk I/O and latency.
• Deleting historical data related to backup and restore activities to help your database to run more efficiently
• Backup your database regularly in order to recover from upgrades that don’t play nice, corrupted tables and other system problems that can lead to full-on disasters

Microsoft backup/restore procedures to maintain the integrity of the database can assist with many of the above activities.  While the Microsoft procedures are not an effective backup strategy by itself, it does take care of the integral database maintenance processes such as re-indexing, shrinking and error repairing.

Database maintenance activities are critical for your cloud backup. If you regularly backup a bad or bloated database, it’s likely these systems have run with unnoticed errors until they are restarted.  When an administrator discovers the unresponsive database, they may decide to overlay the system with a backup. Havoc ensues when they find that the error was undetected for weeks or months and there is not healthy backup in which to restore – and that means a loss of data.

The optimum database maintenance strategy is to do both onsite and offsite database backup and restore activities: a frequent cloud backup and quarterly Microsoft backup/restore practices keep a database running smoothly.

Additional resources on Microsoft Exchange database maintenance:

• Overgrowth/size issues
• General Maintenance – This article is especially important as it discusses why the database can go bad.  It also goes into automatic maintenance which is included with server 2010 and 2012, but many customers are still running 2003 which has no automation.
• Actual good practice tasks:  (look at the referenced Technet article)

Additional resources on SQL/SharePoint database maintenance:

• Best Practices for Setup
• Setup/Location Design (Note the “Data Integrity” section)
• Database design/maintenance (Note the “Database Maintenance” section)

The post The importance of maintaining databases appeared first on GDV Data Protection Blog.

These “exploits” are packets of computer code that allow hackers to sneak in and sometimes control computers running software with a known design flaw or a “vulnerability.” Criminals, terrorist groups and even governments are all likely customers for the purchase of exploits.

It’s an emerging market for companies who discover new vulnerabilities called “zero day exploits” in software and sell their findings for anywhere from tens to hundreds of thousands of dollars. And generally it’s legal to sell them. In fact, more than half of exploits sold are now bought from upstanding firms and not hackers, according to the magazine The Economist.

“Zero day exploits” are especially dangerous when in the wrong hands because there is no advance knowledge of them prior to their use. The exploits tend to remain unpatched as hackers will keep them a secret so they remain unfixed and make the exploit useless. If it’s an easily detected or celebrated exploit, then it will be discovered and patched quickly, and hence devaluing it.

Prices for exploits have gone up exponentially in recent years and are based on three factors: how hard the exploit is to develop, the number of computers it provides access to and the value of those computers.

“An exploit that can stealthily provide administrator privileges to a distant computer running Windows XP, a no-longer-fashionable operating system, costs only about $40,000. An exploit for Internet Explorer, a popular browser, can cost as much as $500,000” – the Economist

If you think that you simply don’t have the same level of exposure as you read about in the news, think again. Software giant Adobe Systems Inc has had their own experience with exploits. The JBIG2 flaw allowed hackers access to major corporations such as Coca-Cola.

According to Bloomberg news, “In America and the U.K., about 1-in-3 computer users had contact with malicious software, just between July and September this year, according to data Moscow-based anti-virus software maker Kaspersky Lab collected from its customers.”

The Bloomberg article continues, “The implications of lagging security go beyond PCs to critical infrastructure and industry, such as power grids and railroads, and to increasingly networked lives, including phone systems and videoconferencing that run over the Internet.

“Sooner or later, the people who are exploiting these security flaws will go from stealing information to breaking systems — because they can — and then it’s going to be obvious to everybody how bad things are,” says Stewart Baker, former general counsel for the National Security Agency, the U.S. spy agency, which monitors foreign communications.”

A researcher at the Netherlands Defense Academy suggests that Western intelligence agencies often pay higher prices and believes that that America’s spies spend the most on exploits. As you might guess, sales are up in thanks to demand from defense contractors and hacker groups who both see cyberspace as the new battleground. And they aren’t alone. The Economist article goes further to say that, governments that buy exploits are “building the black market”, thereby bankrolling dangerous research and development. That in and of itself has governments appear increasingly keen to develop exploits in-house.

The take-away here is that no one can possibly be completely insulated against a hacker with a powerful exploit, it’s just a matter of when and how bad your system is affected. Preparing for that day is the trick to being able to rise from the ashes of a burned network. Utilizing a comprehensive cloud backup can be the difference between your next hack being a nightmare or a mere annoyance.

The post Cyber attacks with exploits can affect everyone’s data appeared first on GDV Data Protection Blog.

Image respectfully borrowed from http://bit.ly/KAuhLE

The first installment in our continuing series examining cyber attacks and how to protect your data. 

The rate and intensity of the cyber attacks is escalating and probably affecting your internet activity and you don’t even know it. (Read more.)

In late March, spam-fighting organization Spamhaus was the target of a massive DDoS (distributed denial of service) attack and it was considered the most severe attack since the invention of the Internet – or at least that anyone is admitting to.

It was called, “the worst cyber attack ever.”  And there’s more to come.

DDoS attacks utilize an army of commandeered computers to point huge volumes of web traffic at a company’s server to the point of overload until it crashes. This latest cyber attack was so large, experts don’t even think they have a measurement system capable of determining the full scope, but some experts are confident that Internet users worldwide were impacted by sluggish Internet connectivity during that time.

It is speculated — with unconfirmed reports — that this cyber attack was an act of revenge by groups ticked off at their blacklist status awarded by SpamHaus, who generates widely used and continually updated blacklists of sites who are guilty of sending spam. These grumpy spammers took advantage of what’s called a “DNS reflection,” a technique that tricks thousands of servers to send a landslide of junk to an unsuspecting victim, in this case SpamHaus.

The attack came as a surprise for Spamhaus, as it would your own company. What can a company do to combat a DNS reflection other than putting a crisis communication plan in place?

Experts say that locking down the infrastructure that hackers use is the number one imperative. In the Spamhaus cyber attack, the DNS reflection attack was likely due to the hackers taking advantage of “misconfigured DNS servers to amplify the power of a much smaller botnet,” said Chester Wisniewski, a senior security adviser at Sophos Canada, in a blog post. He goes on to say that 25 million open DNS resolvers hosted by service providers across the Internet currently are insecure or misconfigured, posing “a significant threat.” His advice is that it’s critical that you configure your recursive name servers to only reply to your own network,” Wisniewski said. “If you must provide public DNS, be sure to apply filtering for abusive queries and ensure the frequency of queries is commensurate with your expected volumes.”

Spamhaus is not the lone victim. If you’ve ever experienced an inaccessibility to your bank website or a sluggish response, it could very well be the work of a DDoS attack. On March 27^th, Wells Fargo admitted to suffering from disruptions to their website connectivity. The al-Qassam Cyber Fighters hacktivist group has vowed to continue its long-running campaign of U.S. banking website takedowns, and while Wells Fargo is reported by Sitedown.co to have the majority of the downtime reports, Bank of America, Chase, Capital One, Citibanks and PNC Bank were all the subject of reported difficulties.

Wells Fargo spokeswoman Bridget Braxton confirmed Tuesday that the bank’s website was being disrupted, but told Reuters that “the vast majority of customers are not impacted and customer information remains safe.”

As Ms. Braxton rightly commented, during a DDoS attack, your data is likely safe, but if you’re the target for a DDoS attack, it’s going to be a tough few days before you can get back online.

In the next installment of our continuing series on cyber attacks and how to protect your data, we’ll look at “exploits” and the damage they can do.

The post Common types of cyber attacks and how they can affect your data appeared first on GDV Data Protection Blog.

Payroll service companies carry an important responsibility for their clients. Companies depend on them to be reliable as paychecks are pretty important to employees who expect their checks on time; their lives hang in the balance if they don’t get paid. Employees will quit if their money doesn’t show up when promised. Ensuring those payroll systems run without interruption is mission critical for the payroll company, their clients and the employees they serve. One glitch in the system can literally affect thousands of people’s lives.

Payroll is particularly time sensitive because funds have to move and are subject to bank cutoff times, there is very little wiggle room to keep a payroll delivery on track.

Because of the mission critical nature of payroll, system continuity is paramount and therefore Global Data Vault’s data protection solutions are a favorite of payroll service companies.

We got a distress call from one of our payroll processing clients in Southern California just after 4:30p.m. on Wednesday March 20^th. The company had a RAID storage system fail at their site. The result was their ability to process payrolls was completely lost. And to make matters worse, the company’s CEO was on a plane and unreachable. Payrolls had to be processed that night for quite a few of their clients – failing meant employees would not get paid on Friday.

GDV went to work immediately, enabling failover capabilities, and by 7:30p.m, the payroll company was running payrolls.

What makes this case special is GDV’s unique “build” capability which eliminates the steps required by other providers to reconfigure the remote network and related security. The result is the customer’s failover network was up and running quickly, and the great news is that all deadlines were met – everyone got paid on time!

The post Southern California Payroll Company Averts Disaster with Advanced Data Protection from Global Data Vault appeared first on GDV Data Protection Blog.

IBM and Cisco Systems, Sunguard and others, have implemented mobile disaster recovery services that bundle electrical generators, phones, satellite and wireless connections, Windows servers, and software into portable offices that can be transported by foot or truck into a disaster area.

These disaster recovery services are business versions of first responders. While the idea of these mobile rescue services for enterprise operations is a novel idea, disaster recovery in a truck has its shortcomings.

For starters, this on-site disaster recovery strategy requires staff to be at the location of the truck as opposed to where they might need to go with their families or with a working spouse assigned to another specific location. In the event of a predicted disaster such as a hurricane, it’s likely that employees have evacuated rather than staying in harms way. Even if the disaster were a surprise occurrence, most would prefer to move to a location where earthquake aftershocks are not a danger or additional flooding can occur.

Additionally, the number of disaster recovery trucks is limited. To maintain the technology and the staff available for fleets of Disaster Recovery trucks is not operationally feasible. The limited number of vehicles cannot possibly accommodate the needs of a major disaster event.

Testing is also a challenge. An imperative component of every disaster recovery plan is the ability to test, and these mobile units do not have the capabilities to test the disaster recovery system on a planned real-time basis.

While most disaster recovery truck vendors equip their mobile units with servers, the real challenge begins when you need to rebuild your network, install and configure your applications, setup all your users and their permissions, and restore your data. These activities can literally take days to accomplish and you may not even have access to everything you might need depending on the state of emergency in your location.

For the above reasons, we believe cloud based disaster recovery is a much more efficient and effective solution. Cloud based DR allows for remote login to a replicated system nearly instantaneously and out of the threat of Mother Nature or any other unfortunate event.

Bottom line, disaster recovery trucks look cool, but we’d rather see them outfitted with a chef offering a great Ban Mi or a cupcakery at lunchtime.

The post Mobile disaster recovery trucks – are they a good idea? appeared first on GDV Data Protection Blog.

Our team shows up for work and brings creativity, determination and great talent every day. Our customers across the globe have held great faith in our vision. And our partners and suppliers add their effort and wisdom to improve the value we are able to deliver, every day.

It is well worn in the business press that entrepreneurs must be creative, persistent, flexible, and visionary. But actually, in any successful enterprise, you will find these qualities in not only the leadership but in every stakeholder. Global Data Vault is blessed with such a team. And as we look forward to the challenges ahead, we will remain grateful for this generous recognition.

Geaux Tigers!

The post Global Data Vault named to LSU 100 appeared first on GDV Data Protection Blog.

While the most publicized hacking events highlight stolen data, that’s not always the motivating factor. Some hackers have mastered the art of DDoS attacks, or Distributed Denial of

Image courtesy of chanpipat/ FreeDigitalPhotos.net

Service attacks. These DDoS attacks have a singular goal of bringing down a website, ecommerce site, or just royally messing up your otherwise good day.

In a typical DDoS attack, the hackers find vulnerability in a targeted computer system, making it the DDoS “master.” The hackers create malware, distributing it from the master to thousands or tens of thousands of other compromised and malicious websites. It’s likely that the website visitors are unaware that they have even downloaded the malware. The malware is programmed with a timed attack function, or it has the ability to be launched by remote control. When the hackers deem it time, all of these miniature terrorist cells get woken up simultaneously by either a timer or a signal, and all are commanded to communicate, sending “packets” of information to or from a website,  thereby creating a massive increase of nuisance traffic, and most importantly, blocking legitimate traffic at the same time. The flood of incoming messages to the target system forces it to shut down, a.k.a. “denying service” to legitimate users.

DDoS attacks are fairly easy to recognize: unusually slow network performance, unavailability of a website or lack of access to it, a dramatic increase in the number of spam emails, or the disconnection of a wireless or wired Internet connection. The attack can also create problems in the network branches around the actual computer (called a “zombie” or a “bot”) being hacked. The bandwidth of a router between the Internet and a LAN may be engulfed in the attack, affecting both the intended computer and the entire network (the “botnet” or a “zombie army”). These attacks can also be large scale, compromising the Internet connectivity of an entire geographic area.

The fastest remedy for a DDoS attack is to somehow block the attack, or even move the web domain to a different range of IP addresses. However, if the attack is creating a firehose of traffic to the actual domain, switching IP addresses will not be effective.   In either instance, both solutions require significant resources that many web owners are unequipped for.

Large enterprises are fairly accustomed to DDoS attacks, and are becoming more adept at dealing with them as DDoS attacks are increasingly more common. In recent Q3 2012 data from Prolexic, a company specializing in DDoS protection and mitigation, shows that frequency of DDoS attacks has increased 88% over the same time period last year. The duration of the attacks has decreased slightly from 33 hours to 19 hours, but the hypothesis that the attacks are more intense. Convincing data supports this theory as attack bandwidth has increased 230% over the same time period.

A key strategy in protecting your systems is updating your gateway servers, switches, and firewalls to the most recent releases and patch levels of their respective operating systems. This is a common best practice in any good IT shop anyway, and it will afford some protection.

A second strategy is to have a large amount of extra bandwidth standing by. This can often be accomplished without significant extra cost because many providers will bill only on the 95^th percentile of your actual used “transit” or traffic. You probably will need to but your bandwidth directly from a carrier in this case. But being able to “burst” up to higher levels of traffic just might enable you to withstand the attack.

But the best strategy to protect your business from a DDoS attack is to have a disaster site with separate hosting and massive bandwidth on stand-by for your website or ecommerce to go to when an intrusion occurs. The backup provider can go live if a hacker sets their sights on your website or web business. It won’t actually stop the DDoS attack but it gives you the best chance of getting through it because you’ll have that massive bandwidth to absorb the attack.

For now we simply have to make the best of a bad situation. Windows security and network security in general is simply too limited today to deal with DDoS attacks and the botnets that serve them up.

The post Strategies to prevent DDoS attacks appeared first on GDV Data Protection Blog.

As your data expands, moving it from your location to the cloud becomes a parallel problem. Having a faster connection is of paramount concern as your data can literally choke on an inadequate connection. Even having a 100 megabit fiber connection can improve your data protection capabilities significantly, not to mention speed up other business processes.

Because of these tandem issues, innovative power companies and household web names like Google are developing Smart Grids in an effort to get ahead of the data consumption curve.

A decade ago in Chattanooga, Tennessee, plans started coming together to create America’s first true Smart Grid network that runs on a 100% fiber optic network. A $111 million stimulus grant from the Department of Energy was a catalyst for the community-owned electric utility EPB, to develop this remarkable infrastructure that aims to add two-way communications at every home and business along the grid, and promises improved power quality and reliability. The 600 square mile service area touches 170,000 businesses and homes that have access to Internet speeds of up to 1 gigabit per second. The fiber optic smart grid eliminates the bandwidth issue, enabling subscribers to utilize upload and download speeds 200 times faster than the FCC’s national Broadband Plan.

“This holds tremendous opportunities for local industry and manufacturing,” says David Wade, chief operating officer of EPB.

“Everyone talks about the potential savings of smart grid and its impact on the environment, but perhaps its most important factor is power quality and reliability,” says Wade. “As manufacturing processes become more automated, a fraction of a second in power or the slightest change in voltage or frequency can have a pretty significant effect.”

Updating the nation’s power grid, not just central Tennessee’s, is a hot topic in Washington. The U.S. Department of Energy has awarded $3.4 billion in stimulus grants toward upgrading the nation’s energy grid, while an additional $4.7 billion in private funds has been invested.

This next-generation energy distribution network is just beginning to gain momentum in other areas of the country. Kansas City, Kansas and Missouri, were chosen by Internet behemoth Google to get in on the fiber game. Hoping to spur some healthy competition from other broadband providers, Google Fiber rolled out officially last year with baseline connection speeds 100 times faster than broadband. Google sees it’s future largely tied to web usage – with higher speeds comes the next wave of online innovation — so it’s no surprise that Google would enter this vertical market. Or that the start-up community has gravitated to these fiber rich communities to gain a competitive edge.

Gigabit networks are still the envy of most businesses unfortunately, as their installation is highly limited in scope. A majority of the nation does not have the advantage of these new fiber networks and as much as they may request them, state legislators and utility companies face an uphill battle to overhauling the domestic energy grid in order to bring fiber connectivity to all Americans.

The post Growing amounts of data and what to do about it appeared first on GDV Data Protection Blog.

The Cloud has become a nearly mainstream way for companies to manage their data and utilize effective data backup and recovery systems. But the cloud is only as good as the data center that it’s housed in, and as we’ve discussed previously, there’s plenty of variation among data center design that can impact the security and efficiency of your cloud backup or hosting continuity. 

During Super Storm Sandy and the derecho storms on the east coast, we were witness to plenty of website outages credited to data center failures. Regardless of the data center’s common sales pitch boasting of 30 days of diesel generated backup, truth is that without redundant backups to additional locations, one measly super storm can out your entire business.

Be cautious to believe the hype about 30 days of diesel powered backup as that’s not entirely a valid position. It’s nearly operationally impossible for data centers to store more than a couple of days of diesel. It has a fairly short shelf life if the diesel is not stirred every couple of days, it separates and becomes useless. Most data centers are maintaining only 24 hours of diesel power onsite. Beyond that, they would have to contract with a supplier for replenishment, but in the scenario of a blizzard or hurricane, that obligated diesel truck is not going to get a special pass from the Governor to drive on closed roads and the data center will go dark. Then what does your business located in sunny Phoenix do?

Aside from the operational challenges of a data center weathering Mother Nature’s wrath, there’s another predator that can compromise your data services: hackers. In recent news we’ve learned that the Chinese government is responsible for attacking dozens of American companies and government agencies. Cyber security and our vulnerability to hackers is of preeminent concern. What would happen to your data if an ambitious hacker group wiped out your cloud provider? Do you have a backup plan for that?

Relying on your cloud provider for the continuity of your business is like putting all your eggs in one basket. And what if that basket is of the Bernie Madoff variety, where you aren’t just losing your savings, you’re losing your business and your income. If the cloud provider goes the way of Chinese hackers, Enron or Lehman brothers – you can bet they aren’t going to give you a warning ahead of time. If the cloud provider suddenly can’t pay its bills, all those leased servers will be repossessed – and guess what? You don’t get your data because it’s been repossessed and it doesn’t belong to you anymore.

Obviously that’s an extreme situation, but it happens and we suspect with more frequency in light of the expertise of cyber theives. And that’s why we believe that smart IT is to have a DR solution even when you’re hosted in the cloud.

The post Do You Need Disaster Recovery for Cloud Services? appeared first on GDV Data Protection Blog.

Our latest data center upgrade involves multiple redundant chassis.

We’re not talking about your car chassis that keeps the body, suspension and wheels all attached together. In our world, a chassis is the enclosure that handles all the non-computing tasks required to support multiple servers, including providing power, cooling, connectivity and manageability to each blade server that it’s holding. “Blades” are redundant self-contained servers that fit into a chassis with other blades. Each chassis holds 8 to 16 blades – so that’s 16 to 32 processors and up to 96 cores per blade. Each blade supports up to 48GB of RAM or up to 768GB per chassis.

Here is a typical HP Blade Chassis – this one with 16 blades:

Blades are pretty cool servers. Their major selling point is that they afford nearly 100% of uptime. They can tackle any task you’d like them to:

• Database and application hosting
• Virtual server hosting platforms
• File sharing
• Remote desktops and workstations
• Web page serving and caching
• Streaming audio and video content and more.

If your system needs more power, you just add another blade server to your chassis. They provide reliability through resilience and quality.

Servers can fail, we all know that. But when using VM Ware, you can cluster 8 – 16 servers together in a single chassis. By doing this, when a server fails, it’s almost negligible impact because the workload moves from all 8 for example to 7. None of the servers are running at full capacity so if one fails, it’s no problem.

The chassis itself has a high degree of resiliency to it. It has 4 power supplies (rather than the usual two of a stand-alone server).  These power supplies are basically mini-transformers with their own fans. If one fails, as they sometimes do, it can be replaced within 24 hours without impact. And that’s a good thing.

All disk arrays – (storage systems linking multiple hard drives into one large drive) have at least 2 power supplies but could run off of one. Having two power supplies provides protection from 2 kinds of problems:

1)   If the power supply stops working, another one takes over and handles the power for both

2)   By having separate power paths, one side of device is directed into one path, the other in another separate path. If your data center is designed correctly, you are plugging into distinctly different power feeds. So if your electric company has a power failure, or a transformer blows up, or a major wire gets cut, the data center will stay lit. Even if one side of the power in the data center goes down, the power to your servers stay on and you don’t even go to diesel. However some data centers (not ours) do not have 2 power station feeds. You would have multiple concurrent power paths into your space.

The post Chassis and Blades 101 appeared first on GDV Data Protection Blog.