Recently I have had a few instances where a good backup or snapshot saved me or my clients. It got me thinking, how many people still go with untested or use old technology to backup their data?
The first instance is someone powered off the SAN and the VMware environment. When it was rebooted the critical server that was running their business did not boot. They attempted to go back to an early snapshot and it was also corrupted. They were taking hourly snapshots, so the snapshot at 8 am worked and they were back up and running. They were lucky, I think it had been quite some time since they verified their backup and they could have had some large data loss. Make sure you are verifying your backups are working.
The second instance was a SAN where a RAID card corrupted. This took down about 10 servers, most of the servers where redundant elsewhere, but email was down as the redundant copy had an issue. They were able to restore and have the majority of the environment up and running fairly quickly. They also had 2 different types of backups to go back to.
Both of these cases the clients used very good products that saved them from having data losses among other things. My question, is do you trust your backup? When is the last time you did a restore from your backup system? Do you have more than one method for recovery? Are you still using tape? Do you have a way for fast recovery?
If you cannot answer these questions, you should be worried. They are fundamental items needed for a successful back and recovery in case of a disaster.
We at TBJ provide backup audits and can help with your disaster recovery plans. We can also manage your backups for you.
Applications Based Firewall’s
The traditional firewall filters by ports and IP addresses, but some recent firewall’s can filter by application rather than ports.
Most applications these days are written to run over http or port 80. So even if you have a secure firewall, you might be allowing applications outbound you do not want to allow. You also have the ability to control applications such as Facebook. You can allow Facebook but deny Facebook chatting. You can also stop applications such as Netflix and Vimeo. It gives you better control over the applications being utilized.
You can also tie it to a directory service such as Active Directory to get users and groups into firewall rules. It provides some great reporting and the ability to truly secure your network giving users only access to the applications they need.
If you are interested in demo or would like to discuss next Generation Firewalls, contact me at firstname.lastname@example.org or call me at 262-373-9070.
Gadget of the Month – Meraki Access Points
I have numerous clients looking for wireless and I have found an Interesting Solution, Meraki. They have a unique approach; you configure the access point in the cloud. The controller is clouded based and all changes are made in a custom portal created for you. You can get some nice stats such as application usage and the top bandwidth used by a client. If you are looking at WIFI, this might be a solution for you.
Security researchers nuke botnet that spewed out 18 billion spam emails per day
If you have notice a reduction in spam, this could be the reason.
This particular botnet was called Grum and researchers believe it was doling out 18% of the world’s spam emails.
Security company FireEye and spam-trackers SpamHaus worked with a number of ISPs to shut down the network. It turns out that the servers for Grum were mainly in Ukraine, Russia and Panama.
Writing on the FireEye blog Atif Mushtaq, a security researcher with FireEye said, “Grum’s takedown resulted from the efforts of many individuals. This collaboration is sending a strong message to all the spammers: Stop sending us spam. We don’t need your cheap Viagra or fake Rolex.”
Cybercriminals and Small Business
I have found that most small business is lax on security and cybercriminals are starting to target them.
In a recent Wall Street Journal article, a company Called Lifestyle Forms & Displays Inc. had 1.2 million dollars stolen in a matter of a few hours from online transactions. An interesting static from the Verizon Communications Forensic analysis report is that 72% of the 855 data security breaches that Verizon analyzed had fewer than 100 employees. Another interesting stat is 500 companies of various sizes, 76% of them reported some sort of cyber security incident.
Small Business cannot ignore network security; they are just as targeted as and more vulnerable than larger companies their size.
I have listed some steps that every small business owner should consider
Purchase a good firewall with URL filtering and also threat production – Your firewall should prevent access to spyware and malware sites. It should also review the web traffic and look for suspicious content
Anti-Virus – All Computers need to make sure that they have an updated Virus scanner that is scanning the computer for threats
Dedicate a Computer to online banking. – If you do online banking, have a computer dedicated to doing only that. Do not use it to browse the internet for research or even open email on it. It will help from getting garbage on that computer.
Purchase an Insurance Policy – Most banks will not cover you for a loss such as this. That is something that insurance is for. You can purchase polices for computer fraud. They are not cheap, but worth it if you need it.
Put in controls to transfer money – If it is a large sum of money being transferred, have some sort of control to transfer it, such as approval from 2 different people or a phone call form an authorized person.
You should do a review and see if your company is following some of these security best practices.
I do offer some managed security services that can help you prevent a loss such as this. My managed firewall service is like an insurance program. I can help keep the bad guys out and also offer advice on how to better secure your network. Just send us an email or give us a call.
Final Thought of the Month – Management of Your Projects
In my business we are always starting and finishing projects. One of the key items to a successfully project is how you manage it. I have seen numerous projects fail not because of some technical error, but because it was poorly management.
The first thing you need to manage a project is a good task list along with who is doing what. This does not have to be a book and can be on a simple piece of paper or even a task in Microsoft Outlook. You can then hold people responsible and also set a timeline.
You also need to set a goal of what you want to accomplish in the project. If you do not have a goal the project might fail as it was not configured to specifications you needed.
You also need to come up with what will be considered a successful project. If you do not have that, how can you determine success or failure of a project? It is like shooting darts at the dart board.
Finally, you need to make sure the project is completed. Everyone likes to work on new things and never really complete what is started. I have seen a lot of technology projects get to 80 percent and then are never completed. The best companies make sure that they get to 100%.
These are just some very simple observations to help you better manage your next project.