Backup Anytime

Your date with data breach.

If you read the papers, watch the TV news, listen to radio reports, browse the Internet or simply go around with your ears open you will be aware that data breach is more than common. The Internet has brought many advantages to business. It has however changed information security from a task to an ongoing process. The continual data breach instances you hear about are just a drop in the ocean. The data loss incidents you hear about in the media are generally those of great significance to small business or any significance to big business. Every breach which makes the headlines is likely representative of thousands which don’t or may in the future.

If you do want to follow data breaches in far greater numbers then a good starting point would be to sign up for breach reports from The Breach Blog. This excellent resource is owned and managed by FRSecure. It’s focus is very much American but this does not limit it’s ability to paint a picture of what is happening worldwide.

The breach blog is regularly updated and is well presented in snippet format so you can browse through the basic stats of a wide number of data protection issues affecting numerous organisations and then focus on any specific entry which interests you. You may then see extended information regarding the breach you want to read about.

So impressed are we with this blog that we are inviting the Breach blog administrator to participate in our Who’s who in data interview series.

We await the reply eagerly and will update you on the response.

Interview with Dr. Mickey Zandi of SunGard Availability Services.

Introductory information

Name: Mickey S. Zandi, Ph.D.

Company: SunGard Availability Services

Position: Practice Area Managing Partner

Relevant Qualification: Dr. Zandi is an international expert in data center design and architecture, helping clients address key issues such as how to reduce total cost of ownership (TCO) in their data centers, how flexible infrastructure impacts data center operations, and why companies should consider new technologies to support their Green initiatives worldwide.

He has more than 14 years experience in data center design and architecture, business continuity, and IT consulting services delivery, managing complex IT Projects worldwide in industries such as communications, distribution & retail, education, banking & financial services, government, health care, IT services, manufacturing, pharmaceutical, and utilities.

Dr. Zandi is experienced in all phases from discovery of client needs to solution architecture and design through on-going delivery operation and methodologies. At SunGard, he is the national practice managing partner responsible for data center consulting, Green IT, transformation, consolidation and migration services.

Family: Married. Two children and live in Atlanta, Georgia.

Hobbies and interests: He enjoys playing Tennis and golf.

Main interview.

Q.1. For many people, green computing may be considered a recent phenomenon. How long have you been involved in this area?

My involvement started in late 2001 when some of my clients became interested in reducing their total cost of ownership while also becoming more environmentally friendly.

Today, data center environments are becoming more and more complex as companies look to new solutions such as virtualization and cloud computing to streamline operations. Enterprises are now leveraging this ever-increasing mix of technology to reduce their total cost of ownership, streamline their overall data center carbon footprint, and support green IT initiatives, while continuing to meet their needs for high availability for mission critical applications and systems.

Q.2. From a data center point of view, one could be forgiven for wondering just how far can this go and still represent a financially and technically sound investment. Specifically, can wind and solar power be used effectively in a data centre environment?

In the past five years, increasing demand for computing resources has lead to significant growth in the number of data center servers. In 2006, the energy use in U.S. servers and data centers was estimated to be more than double the electricity consumed for this purpose in 2000. This staggering statistic reinforces the need for alternative energy solutions.

Wind and solar power present effective alternative energy sources for data center environments, as they consume no fuel for continuing operation and produce no emissions directly related to electricity generation. Organizations should purchase renewable energy (if possible) that has been certified by Green-e – an independent certification and verification program for renewable energy – and strive to reduce their overall gas emission from electrical generation.

Q.3. There is much talk of Google planning wave powered marine based data centers. Do you see this as a realistic option which you would support?

Clearly, there is an increased strain on the existing power grid. The idea behind taking Google’s mobile data center platforms out at sea is focused on bringing the data closer to organizations. Data will arrive at a quicker rate by stacking containers filled with servers, storage systems and networking gear on barges or other platforms.

Google’s approach is a direct and positive answer to the current energy consumption crisis that could nearly double within five years to more than 100 billion KWh. This growth would require construction of additional power plants, significantly increasing emissions and greenhouse gasses from electricity generation. Google’s wave-powered marine based data centers have the potential to provide much needed computing power without tapping the conventional power source from the utility.

Q.4. Do you believe there is a future for small data centers or that the economies of scale gained by large players mean small data centers have a limited future?

In the debate over centralized large data centers versus distributed smaller data centers, the pendulum seems to be swinging back toward consolidation to a large centralized data center. Currently, 70 – 75 percent of organizations are either in the planning or implementation phases of data center consolidation.

Although small data centers can be useful for bringing data closer to users with distributed operations, it is most often more efficient and cost-effective to keep data consolidated and centralized in one large data center.

Q.5. What is the most impressive data center you have been associated with and what makes you chose that one?

The most impressive data center that I have been associated with is the newly designed 16 million dollar Hancock Bank data center in Gulfport, Mississippi. The Tier 3 data center was completed in seven months. The new data center is not only built to withstand hurricane conditions (Cat 5+) but is also self- sufficient, with its own water and sewer systems, dual 900 kW generators and a 25,000-gallon fuel tank. The tank can be filled with diesel or regular gas, and suppliers have been notified they can use it to top off their vehicles when gas shortages occur in a disaster.
For more information on my experiences with Hancock Bank, please visit: http://www.availability.sungard.com/NR/rdonlyres/5BB89A0F-A2CF-4D98-99AD-A0DFA1AA5E15/0/HancockBankCaseStudy.pdf

Q.6. Given the strong ongoing trend towards cloud computing and the increased data center demand associated with this, do you think the demand will be met with the quality expected or that poorly managed or rogue data centers could be a concern?

As companies rush towards cloud computing in the hopes of substantially reducing IT and business costs, the need for strong expertise to help them make informed decisions and understand the nuances in deployment has never been greater. It is crucial for companies to recognize that new technologies create the same challenges and risks as in traditional data centers – but from a different perspective.

My main concerns are with inefficient capacity planning and power and cooling not being managed effectively from the start. These can be extremely disruptive and can create challenges for supporting Internet-scale computing and cloud computing.

Q.7. What impact do you see the current global financial crisis having on the data center industry?

The global financial crisis has significant impact on the financing of any large data center construction project. However, data center providers could see some expanded opportunities due to the federal government’s new regulations in the aftermath of the crisis, and providers specializing in support and compliance with new requirements could get a particular boost in their activity. Also, the increasing number of mergers and acquisitions will increase the market for data center consolidation strategy and execution.

Q.8. What key questions do you believe prospective data center clients should be asking before they make a decision as to the provider they choose?

When selecting a managed hosting provider, companies should ask for a detailed roadmap, outlining a customized plan for their business that demonstrates a commitment to continuous operations, availability and security. Additionally, companies should look for managed hosting provider that has flexible and scalable data center infrastructure, security and architecture.

Partnering with a third party provider is an attractive option for many organizations. Companies can get the scalability, flexibility and lowered risk of operations by out-tasking IT functions. In particular, small- to-medium-sized businesses may find the outsourcing option particularly attractive, as it allows them access to IT infrastructure, computing resources and IT expertise at a much lower cost than developing these capabilities internally.

Q.9. In your opinion, will very large players such as software as a service providers generally continue to service their own data center requirements or do you see the emergence of the super data center being an outsource choice for global players?

I believe we will see large global players – such as SaaS providers – outsourcing their data center space, security, power, cooling and beyond to super data centers, in order to focus on their core business endeavors.
SaaS software providers will elect to host their applications with super data center providers for the added security and expertise they can provide, making their clients feel safe and ensuring secure storage of data by meeting SAS 70 Type II standards, which requires signoff from an independent auditor.

Ed.

Arguably one of the most informative interviews we have conducted. Dr. Zandi answered all questions with a level of authority and straightforwardness which is conducive to being interesting to experts and understandable for the lay person. His qualifications and experience and the company he represents make this look all too easy.  We know it is not but he provides a level of clarity which explains why Sungard is the company of choice for clients who know enough to make the right partner decisions.

Thank you Dr. Zandi and thanks also to Jill Newberry of PorterNovelli.com for making this happen.

Got your own question you would like to ask? Want to avail of a knowledge base of an international expert pool? No problem. Just ask the experts.

Interview with Top Layer’s Security Strategist Ken Pappas.

VP of marketing and security strategist with Top Layer Security. Passionate about his company. Marine Captain (we are not talking about mild excursions on a dingy) in his spare time! Ken Pappas is not just an interesting interviewee. His Passion for what he does comes across in the detail he can provide without confusing the reader and IN his ability to maintain a reassuring level of authority without talking down to us. This is a great read about an authoritative figure in one of the worlds most important tech security companies.

Introductory detail

Name:  Ken Pappas
Company: Top Layer Security
Position: Vice President of Marketing and Security Strategist
Education / Qualifications: BS in Management, Engineering Studies at UMass.

Main interview

JON: What is your favourite past time (outside of Top layer!) which you enjoy when work is over?

KP: In my spare time I am a Marine Captain and enjoy spending time on my 43-foot ship.  I am also a member of the United States Coast Guard/Aux in Newburyport, Massachusetts; Birthplace of the United States Coast Guard.

JON: What type of car do you drive?

KP: BMW540

JON: What area of your work do you most enjoy?

KP: The areas of my work that I enjoy most are strategic partnerships, acquisitions, public speaking and marketing, among the functions I am responsible.

JON: In what way or areas do you feel Top Layer Security most excels over the competition?

KP: Top Layer Security excels beyond the competition with its Three Dimension Protection and by offering customers a 3rd generation IPS that protects against malicious content, undesired access and botnet-based attacks.  In addition, Top Layer is more customer-centric than the competition.  We truly care about our customers and defending their networks.  Our philosophy of treating customers like partners fuels our approach of being extremely hands on even after deployment of the Top Layer IPS solution, whereas the competition is often out of the door as soon as the PO is signed.

JON: Do you see competitive advantages in network security being discovery and information based or more a case of implementing known protection methods through more efficient methodologies?

KP: Both. Most IPS systems provide a signature base of protection, which in today’s environment is susceptible to blatant vulnerability as the sophistication, speed, creativity and social-engineering of today’s threats demand an advanced approach to security.  Top Layer’s IPS is more than an IPS and goes way beyond signatures. By combining content-based IPS, stateful firewall and attack mitigation algorithms alongside innovative acceptable application usage and protocol validation modules, the Top Layer IPS is able to protect against a myriad of threats, regardless of signature and associated variants that spawn from them, by examining the behavior and characteristics of the traffic – in many instances protecting against zero-day threats before they are able to wreak havoc within the network, unlike signature-dependent IPS solutions.

JON: Do you believe that data security has become overly complicated for small business or that protection options and automation have grown at a similar rate to threat levels?

KP: Every company now requires security and is very conscious of it with new breaches making headlines each day. However, there are not nearly enough security experts to go around, and thus small businesses must turn to managed service providers that will provide security protection they often are not able to provide themselves internally. In short, yes, data security has become a lot more complicated!

JON: Is there a specific percentage or percentage range of revenue which you believe companies should spend on I.T. security?

KP: A more fundamental question needs to be asked: How much is your data worth?  That’s always the question I ask companies when they speak with me about limiting security spending.  Some would even say “because we have never had a breach, we should postpone security spending.”  That’s like never buying car insurance because you never had an accident!  There should be no budget for security.  Companies should invest in the right security solutions that provide the best level of “insurance” for their assets.

JON: Would you consider data security for business to be the domain of in house I.T. admin with some outsourcing or best mainly outsourced with some in house admin?

KP: I believe both in-house IT admins and outsourced capabilities play an important role in security, rather than an either/or question.

JON: Which of the following in your experience is the biggest threat to data security? 1.The enemy within. 2. Targeted attacks from outside. 3. Random attacks from outside. 4.Human error

KP: This is a tough question. The enemy within is often really not from within but from innocent users that are unaware of the threats they bring.  Targeted attacks from the outside are my biggest concern and the issue we hear most from customers. With that said, I believe the next great war will be from a group of individuals, from multiple countries, from various religions that will all have a common goal, to attack a country and bring down its financial system, utilities and cause havoc in our society until panic strikes. Once a country’s quality of life is threatened, people will panic and governments will want to attack other countries and still not know who and where the enemy is.  Far fetched?  I don’t think so.

JON: What steps would you recommend to companies with concerns about data security?

KP: The first step to take regarding data security is to hire experts to perform a comprehensive security audit to identify vulnerabilities, holes and strengthen your data security ecosystem.  The next step would be to establish a security policy that meets your IT and corporate goals while maintaining compliance, which is of increasing important to businesses of all sizes.

JON: Where do you see the industry going from a technical viewpoint over the next three years?

KP: My vision is that we will see more security intelligence in our networks. We will see security solutions become more self-healing and self-aware, with self-remediation.  Threats of the future will be faster and more complex than humans can react to, and as such security will become the overlay of our networks.

Ed. Many thanks to Ken for participating and to Matt Flanagan of FAMA PR for facilitating this interview.

Interview with Adam Famularo, SVP and GM Recovery Management and Data Modeling Business, CA.

If you have anything beyond a modicum of awareness about the I.T. industry (you would hardly be here if you didn’t in fairness) you will be aware that CA  is a world player in the software industry and one of the largest management software companies in existence.

Adam Famularo as SVP represents the largest organisation we have featured in this series. With this information in hand I will move briskly to the general information section so you may sooner hear from Adam Famularo himself.

General information about Adam Famularo of C.A.

Name - Adam Famularo

Company - CA, Inc.

Position - SVP & General Manager, Recovery Management and Data Modeling Business unit

Marital status, family members – Married with two daughters

Education - Harvard Business School – General Management Program, Dowling College MBA in General Management, SUNY Oneonta Business Economics

Pastimes/Hobbies - Golf, Reading, Playing with kids

Main interview with Adam Famularo of C.A. being interviewed by backupanytime.

Q: What type of car do you drive?

A: BMW 525i

Q: How long are you in the online backup business? 

A: I have been in storage industry for the past 8 years and worked with channel partners for more than 10 years.

Q: What are the distinguishing features of your business over the competition?

A:  We are 100% focused on selling our products through our channel partners. Our sales, marketing, development and support organizations are all aligned under one business unit to drive the success of these products. Our engineering organization focuses on delivering annual product releases and proactive training and support. This allows our partners to consistently add value and do more business with customers. We also closely align development and support activities with our marketing campaigns and sales incentive programs to deliver unmatched partner enablement.  

Q: What are the achievements of which you are most proud?

A: Personally, my two kids – Professionally, building a successful global business within a great software company.

Q: Where do you see the industry going?

A: IT staff are looking to match the appropriate level of protection and recovery time objectives to best meet business needs. To meet these needs, the industry is moving from traditional data backup to integrated Recovery Management, through the alignment of key storage technologies such as backup, archiving, replication, CDP, failover, data encryption and de-duplication. Further, the storage industry is headed towards a new inflection point in terms of ease of administration and deployment.   Recovery Management solutions are moving toward “single pain of glass” management to help IT contain costs while meeting data protection, business continuity and disaster recovery objectives. Vendors are also delivering service-based offerings to help resellers provide business continuity and disaster recovery of mission critical business applications for their customers.

Q: What advice would you give to business people who have data backup concerns? 

A: Make sure you are evaluating a complete Recovery Management solution that goes beyond backup to include disaster recovery and business continuity. Backup is important, but is no longer enough to meet some of the most pressing requirements that IT is accountable for.

Q: What advice would you give to I.T. companies considering offering online backup to their clients?

A: Consider solutions which go beyond simple backup and recovery for your clients. Understand your clients RPO/RTO objectives for their mission critical business applications and put in place a plan to keep these applications up 100% of the time.

Q: From where do you get your inspiration?

A: As a child, I was inspired by my father, who was a serial entrepreneur.  As an adult, my wife and kids provide me with a great prospective on life.

Q: Where do you see yourself in five years time? 

A: I see us doubling the growth of this business unit and continuing to deliver the best software and partner support in the industry.

Q: From an I.S.P. perspective, why is partnering with CA such an attractive option and how do you intend to maintain this key advantage?

A: Since protecting mission critical business applications is such an important ingredient to disaster recovery plans, it is paramount that partners work with vendors who are in the forefront of delivering the best, most complete and cost-effective solution. CA’s Recovery Management and Data Modeling business unit has the laser focus and resources to deliver on that need. For instance, by working with CA, partners can sell the first high availability and business continuity solution to be offered as a service for their clients. We’ll maintain our competitive edge by continuing our product focus and by constantly looking for new ways to make it attractive and profitable for partners to do business with CA.

Thanks Adam. We appreciate your valuable and generous input.

Thanks again to Michael Kornspan, Sr. Principal, Communications for C.A. for making this possible.

 Visitors, want to see more who’s who in data? Then watch next weeks who’s who in data.

Irish web awards 11 October. Don’t miss.

The Venue for the Irish web awards is the Radisson Hotel, Golden Lane, Dublin. The awards take place sometime after 7pm on Saturday 11th October. This is year one of the web awards. Any previous web awards you have read about are likely not to be of the standard expected this year. 

As far as I can recall, just about every previous web award hosted (pun not intended) in Ireland came in for significant community and public criticism before and after taking place. It would appear that this years event is not suffering the same fate.

There are a number of reasons for this. One is that this is very much an inside industry event so the nominees are not governed by commercial interests. In addition, Damiem Mulley is the man behind the awards and this lends itself to the awards being based on merit and also attracting a higher calibre of candidate. 

There are still some tickets available bt not many. There are also some remaining sponsorship opportunities. For full details hop over to Damien’s site or the web award site.

Are we in it?

Unfortunately there is no category this year entitled “Best online backup provider on the planet ever” but maybe next year. We watch with interest however a nominee in a vector of our industry whose CEO  we have had the pleasure of interviewing as part of “Who’s who in data” in the recent past. Best of luck to Pix.ie who are in the category “Best Practice sponsored by Lightbox Multimedia”. We believe Marcus and Pix.ie are most deserving of the nomination. Our first look at pix.ie was as a consequence of the Tuesday push which we participate in when we know who is to be pushed but don’t actually know if we are listed in it despite registering.

Anyway. Lets hope this Irish web award will be the first of many of a different type to what we have had run by outside industry sources in the past. I think webmaster participation is the key and I can’t find any negative posts regarding this year so it should be a good one.

Best of luck to all involved.

The backupanytime team.