Backup Anytime

Stand up laptop thief.

Laptop theft is a serious problem. The guy in this video may come across as being over the top, sanctimonious, threatening, obsessive and well just plain scary. If every laptop theft victim had his attitude it is likely that the incidence of stolen laptops would drop quite significantly. I wouldn’t like to be the target in the class.

The speakers failures however would appear to be in the areas of encryption and data backup. If these two issues were addressed correctly his data would not get in the wrong hands and would be available to him.

Conclusion?

Having the attitude, diction and power of a lecturer and having your target trapped in the room just doesn’t compare in effectiveness with having your data encrypted and backed up.

If he had an account with Backupanytime, not alone would he have his data, we could assist in retrieving his laptop. How can an online backup service provide a stolen laptop retrieval service? See here, http://www.backupanytime.com/blog/2008/10/21/backupanytime-stolen-laptop-retrieval-service/

Data loss is only one component of data breach.

In years gone by, the main (even sole) concern which business had regarding data was the direct consequences to themselves of losing data. The questions they asked themselves centred around an inward looking theme.

What data do we need to retain to ensure survival?
How will data loss affect us?
How long will it take us to get backup and running should we lose data which is backed up?
Will we be able to get back up and running if we lose data which is not backed up?

These are all valid questions but every one of them miss the main concern which has always existed but has come to the fore in the past few years.

How will if affect other people and organisations?

Just to bring some clarity to inward looking people, the above question also equates to the following.

Will we be sued, prosecuted or shown in the media to have compromised client data?

This changes the perspective and adds a whole new required functionality to the issue. We are now moving up from basic backup to actual data protection.

So, a manual drag and drop of files to an external pen drive or hard drive which is bandied about in a directors car at night may to a small degree offer an element of simple backup. It does on the other hand however very likely significantly increase the risk of data loss. This is not recognised by companies and individuals who are only interested in retaining a copy of data for themselves. If they look beyond this blinkeed and recklessly narrow focus they will see that the net effect is to place copies of client data in dangerous situations.

Ask yourself this.
Would I be satisfied if every company I have ever dealt with had personal and identifiable information pertaining to me being driven about in staff cars overnight?

Absolutely not. All this does is increase the number of potentially available copies of this information for the companies involved and also increase the risk of breach to those about whom the data relates.

So, simple backup is too narrow a focus. Offsite only helps if it does not as a consequence of being offsite increase data protection risk factors.

The next time you consider the importance of a file, don’t just consider how much you need that file. Also consider how much others need that file (and any other versions of it applicable to you) protected from public release.

All visitors are welcome to participate in this poll. Please be aware that any results only relate to those who participate and are not meant to be representative of any macro usage or opinion. Data may be reviewed by all users.

The above poll uses the following variables:

Security, Confidentiality, Data retention period, Price, Support, Interface and usability, Open file management, SQL and Exchange compatability, Frequent (free) software updates & Same region data store.

Findings may be published for this and other Backupanytime polls as Backupanytime review the results.

Constructive comments generally and comments regarding any recommended features for future polls are welcome.

Keep passwords safe wcith password safe.

From an end user viewpoint, the key to any secure system is indeed managing the key. As an online backup provider, a major concern for us is that clients retain their encryption details and do so in a safe manner and on a different system (and also in paper format) to the online backup source computer.

These same clients will have numerous other non online backup passwords and authentication details which they will also need to retain. Singular password usage for multiple applications is not good practice and therefore even occasional computer users will likely have a considerable number of passwords to retain. These will range from critical passwords to the seemingly mundane. If a password is required the associated application is likely to be confidential in nature.  This can be online banking, system logon, email, forum membership, host management and a wide variety of other applications.

if you need guidance on choosing passwords you should read the Bruce Schneier penned guide in the Guardian.

The crux of this post however is keeping passwords safe after you have chosen them.
An excellent application to assist with this is Password Safe. (supervision by Bruce Schneier) Bruce is a world renowned expert in data security. Password Safe is actually a free application. PasswordSafe uses TwoFish (block cipher by Counterpane Labs) technology.

You can download Password safe from Sourceforge. The very short faq list for this app is testament to the simplicity which has been successfully applied to the user experience inherent with this far from simple technology.

Great app. No strings. No cost. No adds. No compromise.

Barracuda Bitleap takeover

I have been a satisfied Barracuda customer for some time now. They provide email management products and services. They have been at the top of their field for some time. Other services have reduced the gap in recent times but I think it would be fair to say that Barracuda are at least one of the best if not the best specialist anti-spam service providers in the world. Many end users will not be familiar with Barracuda as they provide their services to support their own hardware. Their hardware is not cheap and therefore tends to be the domain  of smaller service providers or companies at least large enough to have a small I.T. department.
Today I received an email from Barracuda inviting me to join a Webinar. I (and probably most people in the data business) receive these emails from various providers and third party companies all the time. I hadn’t participated in a Barracuda webinar for some time and had a close look at the email. The gist of the invitation was that the webinar would present and discuss products and opportunities as a consequence of a recent acquisition by Barracuda. I was hooked. Who did they buy? The email didn’t say. I went on to the barracuda website. No big secret. Straight off I could see there were two recent acquisitions.

The most recent was that of 3sp. The 3sp website, 3sp.com redirects to Barracuda. This will allow Barracuda to offer security solutions in the SSL VPN market.
The second one was of more interest to me. Barracuda have acquired Bitleap. So now Barracuda will be in the data backup business. Yes, but in a different guise. Barracuda are in product and services industries. Their antispam solutions require the purchase of a product and the maintenance by subscription of ongoing services. Barracuda will provide online backup for a monthly fee if you buy a box from them.

This actually makes sense from a number of viewpoints but limits potential uptake due to initial costs and the requirement to make physical network changes. For just about any other online backup service provider, this could represent a well intentioned and brave move with the consequence of near zero uptake. For Barracuda, things could be quite different.
Barracuda and their clients are more than familiar with the business model of combined product and service solutions. In a nutshell, Barracuda does things differently.

Many online backup providers (including ourselves) have considered and to a point ventured in to product and service solutions for online backup. A limited number of our clients have hardware solutions provided by us specifically for the purpose of backing up online. Barracudas brave move allows no middle road. If you don’t buy the box you don’t get the service. They applied this to anti spam services bar the facility for end users to get the service from third party I.T. providers who bought the box. This won’t work in online backup due to storage protection costs so it will (outside of ground breaking technology advances) be a no product no servie offering.

If they apply this with online backup and do it successfully, they could literally change the industry. A player like Barracuda could open the door for all of us by making online backup product purchase a normal pre service procedure. Given the choice, most providers would prefer this for the following reasons.

Uniformity of client hardware.
Simple replacement.
Hardware scaled to backup requirement.
Client less likely to move provider (hardware may also be useless should they do so)
Remote support made far less complicated.

I don’t actually know if the webinar is about the 3sp acquisition or the more interesting (for me) Bitleap takeover. Will I report back after the Webinar? Of course I will.