Formerly known as ”Restore it All,” The Backup Wrap-up podcast turns unappreciated backup admins into cyber recovery heroes. After a brief analysis of backup-related news, each episode dives deep into one topic that you can use to better protect your organization from data loss, be it from accidents, disasters, or ransomware.
The Backup Wrap-up is hosted by W. Curtis Preston (Mr. Backup) and his co-host Prasanna Malaiyandi. Curtis’ passion for backups began over 30 years ago when his employer, a $35B bank, lost its purchasing database – and the backups he was in charge of were worthless. After miraculously not being fired, he resolved to learn everything he could about a topic most people try to get away from. His co-host, Prasanna, saw similar tragedies from the vendor side of the house and also wanted to do whatever he could to stop that from happening to others.
A particular focus lately has been the scourge of ransomware that is plaguing IT organizations across the globe. That’s why in addition to backup and disaster recovery, we also touch on information security techniques you can use to protect your backup systems from ransomware. If you’d like to go from being unappreciated to being a cyber recovery hero, this is the podcast for you.
The podcast The Backup Wrap-Up is created by W. Curtis Preston (Mr. Backup). The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
In this episode of The Backup Wrap-Up, we look at the cloud vs tape debate for active archives. The conversation was sparked by a LinkedIn post claiming tape libraries are the only robots not making things easier in 2025, suggesting cloud is superior to tape for active archives.
We challenge this premise by pointing out that cloud vs tape is a false dichotomy since many cloud storage vendors use tape for their lowest-cost tiers. We examine key considerations including cost (where tape wins by orders of magnitude), data integrity (where tape actually outperforms disk), and access times (where expectations should align with use cases). For organizations running on-premises infrastructure, we also highlight the often-overlooked egress costs and transfer times associated with cloud storage. Whether you're managing secondary storage or planning an archive strategy, this candid discussion cuts through the marketing hype.
Here's the LinkedIn post that sparked the discussion:
https://www.linkedin.com/feed/update/urn:li:activity:7300167312144322561/
Here's a recent episode about how tape is not dead:
https://www.backupwrapup.com/is-tape-backup-dead-why-it-still-matters/
In this eye-opening episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi unpack crucial disaster recovery lessons from major events like 9/11. They discuss how companies lost both primary and backup data centers when both World Trade Center towers fell, highlighting why geographic separation is non-negotiable. The hosts break down the technical aspects of disaster recovery, comparing hot sites versus cold sites, and the realities of synchronous versus asynchronous replication across distances.
Beyond the technical, Curtis and Prasanna share often-overlooked disaster recovery lessons about human factors—where recovery teams will sleep, eat, and work during extended outages when infrastructure is destroyed. They examine a real case from a hurricane-stricken island where teams converted conference rooms to sleeping quarters and relied on satellite communications. Whether you're planning for natural disasters, power outages, or ransomware attacks, these disaster recovery lessons will help ensure your organization can recover when—not if—disaster strikes.
In this episode of The Backup Wrap-up, Curtis and Prasanna discuss how to choose the best password manager in light of recent security breaches. They examine the LastPass hack that resulted in $150 million of stolen cryptocurrency and what that teaches us about password manager security.
The hosts break down the critical security features to look for in the best password manager, including encryption strength, iteration counts, multi-factor authentication options, and passkey support. They emphasize that even with the LastPass breach, using a password manager is still far safer than not using one at all.
This episode provides practical guidance on evaluating password manager security beyond the standard feature comparisons, with specific recommendations for cryptocurrency users and insights into the technical aspects of password vault protection.
Here are some references for today's episode:
https://www.rubrik.com/blog/company/25/rubrik-information-security-team-update
https://www.bleepingcomputer.com/news/security/ransomware-gang-encrypted-network-from-a-webcam-to-bypass-edr/
https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/
Tape backup isn't dead – but it's glory days are gone. In this episode, W. Curtis Preston and Prasanna Malaiyandi discuss why tape backup remains relevant despite its diminished role in operational backups. They reveal how cloud giants have become the biggest consumers of tape technology while explaining common misconceptions about tape's performance.
The hosts break down four core advantages tape backup still maintains: unbeatable cost (one to two orders of magnitude cheaper than alternatives), superior speed for bulk transfers, better data integrity with lower bit error rates, and built-in protection against ransomware through true immutability. Whether you're considering your disaster recovery strategy or looking for cost-effective long-term storage, this episode offers valuable insights into why tape backup continues to play a crucial role in modern data protection architectures.
Here are some related episodes we talk about in the show:
https://www.backupwrapup.com/ovhs-backup-service-didnt-work/
https://www.backupwrapup.com/back-in-my-day-backups-were-really-hard/
https://www.backupwrapup.com/tape-drive-designer-schools-mr-backup-on-tape/
In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi discuss critical strategies for securing your backup disk against cyber threats. They explain why the default configuration of storing backups in easily accessible directories makes your backup disk vulnerable to threat actors who specifically target backup systems before launching attacks.
The conversation covers several effective methods to protect your backup disk, including using proprietary protocols like OST and Boost, implementing Virtual Tape Libraries (VTLs), leveraging dedicated backup appliances, and utilizing object storage both on-premises and in the cloud. Curtis emphasizes that keeping your backup disk out of user space is essential for maintaining security against increasingly sophisticated attackers.
This episode provides practical advice for anyone using disk-based backup systems who wants to ensure their backup disk remains secure and recoverable when needed most.
Ever wonder why your recovery time objective seems impossible to meet? In this episode, we challenge the common assumption that a four-hour RTO is achievable for most organizations. Host W. Curtis Preston and guest Prasanna Malaiyandi discuss why these aggressive recovery time objectives often exist only on paper.
From ransomware attacks to natural disasters, we examine the real-world factors that make rapid recovery more complex than most realize. We break down the differences between recovery time objectives (RTOs) and actual recovery times (RTAs), exploring why organizations need to be more realistic about their recovery capabilities. Whether you're managing backups, planning disaster recovery, or responsible for business continuity, this episode will help you understand what's actually possible when disaster strikes.
Check out these older episodes about how a real disaster unfolds:
https://www.backupwrapup.com/real-life-hurricane-disaster-recover-story/
https://www.backupwrapup.com/disaster-recovery-after-a-hurricane-a-first-hand-account/
In this eye-opening episode about passwords vs passkeys, W. Curtis Preston and Prasanna Malaiyandi expose why traditional password protection isn't enough for your backup systems anymore. They break down the evolution from basic passwords to MFA, and explain why passkeys and FIDO compliance represent the next level in security.
Learn why hackers target backup systems first, how they exploit password vulnerabilities, and why even multi-factor authentication has its weak points. Discover why there hasn't been a single successful attack against FIDO-compliant systems, and why you should be pushing your backup vendors to support passkeys. Whether you're using a traditional backup system or a SaaS solution, this episode gives you the knowledge you need to better protect your last line of defense.
We talked about this previous episode: https://www.backupwrapup.com/how-do-you-authenticate-with-all-new-hardware/
Understanding your backup window is crucial for effective data protection, but there's a twist - it's not just about backup speed. In this episode, we explore why focusing solely on backup speed misses the point entirely. The real measure of success? Your recovery capabilities.
Join W. Curtis Preston and Prasanna Malaiyandi as they share war stories about backup windows gone wrong, including a memorable tale involving tape drives that could write but couldn't read. Learn why traditional backup windows have evolved, how modern technologies have changed the game, and most importantly, why your recovery testing matters more than your backup speed. We also dive into deduplication taxes, recovery groups, and why instant recovery capabilities might be your best friend in a crisis.
This is the recovery failure we alluded to w/our friend Stuart Liddle: https://www.backupwrapup.com/laptop-restore-nightmare-900gb/
Artificial intelligence in backup isn't just marketing hype - it's changing how we protect our data. In this episode, W. Curtis Preston and Prasanna Malaiyandi break down the practical applications of AI in backup systems, from intelligent scheduling to ransomware detection.
Learn how artificial intelligence helps with capacity planning, especially with deduplication systems where predicting storage needs gets tricky. We discuss AI's role in asset discovery, anomaly detection, and even creating better disaster recovery plans. Plus, find out why backing up AI models themselves might become your next big challenge. This no-nonsense look at AI in backup cuts through the confusion and focuses on what really matters - making your backups better.
In part two of our disaster recovery testing series, we explore the critical steps of executing a DR test. From coordinating teams and documenting issues to maintaining communication channels during the test, this episode covers everything you need to know about running an effective DR test.
Host W. Curtis Preston and co-host Prasanna Malaiyandi share practical advice from their extensive experience with disaster recovery testing. They discuss the importance of having backup communication methods, maintaining detailed documentation, and conducting thorough post-test analysis. Learn why testing your DR plan regularly is crucial and how to build a recovery mindset across your organization.
Whether you're planning your first DR test or looking to improve your existing testing procedures, this episode provides valuable insights to help ensure your disaster recovery testing success.
Looking for the best cloud backup for small business? This episode cuts straight to what matters. Host W. Curtis Preston and Prasanna Malaiyandi share their expert insights on choosing the right cloud backup solution for your small business needs.
They break down the critical features every small business should look for in a cloud backup service, including true immutability, proper implementation of the 3-2-1 rule, and transparent pricing. The discussion covers why cloud backup makes sense for small businesses, how to avoid common pitfalls, and what questions to ask potential providers. Whether you're currently shopping for a backup solution or want to verify your existing setup, this episode provides practical, actionable advice from industry veterans who understand what small businesses really need.
A personal laptop restore that should have taken days stretched into weeks, highlighting critical lessons about backup and recovery. When our guest's laptop hard drive failed, he thought replacing it with an SSD and restoring from Carbonite would be straightforward. Instead, he faced constant system crashes, hardware challenges, and a restore speed that would make a snail look fast. (Carbonite did not cause the crashes.) Listen as we break down this laptop restore saga, including why the system kept crashing five times per day, how Carbonite handled the interruptions, and whether paying $100 for a physical drive shipment might have been worth it. Perfect for anyone who wants to learn from someone else's restore challenges before facing their own.
Other episodes we talk about in this episode:
https://www.backupwrapup.com/how-to-properly-back-up-your-iphone-icloud-is-not-a-backup/
https://www.backupwrapup.com/videos/carbonite-lost-7500-customers-backup-data/
https://www.backupwrapup.com/carbonite-lawsuit-cloud-backup-cautionary-tale/
Getting the right backup IT budget can feel like pulling teeth, but it doesn't have to be that way. In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi share real-world strategies for securing the backup IT budget you need to protect your organization.
Learn how to partner with the security and GRC teams to make your case stronger. Find out why ransomware has changed the game when it comes to backup IT budget discussions, and hear practical tips for documenting your needs. Whether you're struggling with outdated systems or fighting for resources, this episode gives you the ammunition you need to get proper funding for your backup infrastructure.
Here's a link to the Stoli story if you're interested: https://therecord.media/stoli-group-usa-bankruptcy-filing-ransomware
(For frequent listeners, I made a mistake with last week's episode. THIS is the episode I meant to publish last week. I know it has the same description. Sorry about that.)
This disaster recovery case study takes you inside a real DR scenario when a hurricane devastated an island's data center. Our guest shares his firsthand experience managing recovery efforts with limited resources, no mainland connection, and countless unexpected challenges. (This is the on-the-ground account of the story we told last week with "Harry Potter.")
Listen as we explore how basic DR assumptions fell apart, from authentication dependencies to satellite communication limits. Learn why sleeping on air mattresses and eating chicken and rice became part of this disaster recovery case study, and discover critical lessons about DR planning, testing, and documentation that could save your organization. This episode reveals the reality of disaster recovery when everything - including trees - gets stripped away.
When a hurricane struck an island data center, one backup admin faced a NetBackup disaster that tested years of experience and planning. This episode reveals the real-world challenges of recovering from a catastrophic event that flooded one data center and disrupted access to Iron Mountain's offsite storage facility.
Listen as our guest, a 20-year veteran backup administrator, shares his firsthand account of managing this NetBackup disaster. Learn about the critical decisions made during the three-week recovery process, the unexpected challenges they faced, and the valuable lessons learned about backup infrastructure, replication strategies, and disaster recovery planning.
(This is part one of two parts. Next week you will hear from the person on the ground during this disaster.)
S2|DATA has released a free NetBackup reader that gives users complete control over their backup data without requiring a full NetBackup environment. This standalone application allows anyone to quickly catalog and restore data from NetBackup disk images, even if they no longer maintain their NetBackup infrastructure.
CEO Brendan Sullivan joins the show to explain why they created this free tool and how it helps organizations maintain access to their legacy backup data. We discuss the challenges of vendor lock-in, the importance of data ownership, and why companies shouldn't have to keep paying for access to their own information. We also cover how S2|DATA offers a range of services for accessing all legacy backup data, not just NetBackup.
Whether you're considering moving away from a backup product or simply want easier access to your backup data, this episode explains how this free NetBackup reader can help you take control of your data destiny.
You can read about it here: https://s2data.com/libertas-free-backup-reader/
In this eye-opening episode, we examine a real-world disaster recovery test gone wrong from Kodiak Island, Alaska. Our guest Paul Van Dyke shares his story of intentionally taking down an entire server environment over a weekend, armed with only backup tapes and determination. This disaster recovery test example showcases both what not to do and valuable lessons learned.
Paul walks us through his bold 2001 decision to reorganize storage across five servers by completely wiping them all at once. What was supposed to be a weekend project turned into a five-day marathon, including sleeping on his office floor to swap backup tapes. While he eventually succeeded in restoring everything, this disaster recovery test example demonstrates why proper testing and planning are crucial for any major infrastructure changes.
Join us for this candid conversation about backup testing, restoration planning, and the unique challenges of managing IT infrastructure on a remote Alaskan island. Learn from Paul's experience so you don't have to learn these lessons the hard way!
Ready to level up your disaster recovery testing game? This episode covers everything from basic restore testing to full-scale DR scenarios. Curtis and Prasanna share real-world experiences and practical advice for implementing effective disaster recovery testing strategies.
Learn why starting small is crucial, how to define clear success criteria, and ways to test without risking your production environment. We discuss different infrastructure types, from physical servers to cloud platforms, and explain how each requires its own testing approach. Plus, get insights on creating effective runbooks and ensuring your team can execute recovery procedures without depending on specific individuals.
Whether you're planning your first DR test or looking to improve existing procedures, this episode provides actionable guidance for building confidence in your recovery capabilities.
BTW if you want to watch/listen to the Alaska DR story, I'm actually going to repost it next week.
WC
continue
=====================DESCRIPTION===============
Detecting ransomware requires more than just good antivirus software - it demands a comprehensive approach using multiple tools and techniques. In this episode of The Backup Wrap-up, security expert Mike Saylor breaks down the essential components of ransomware detection, from endpoint protection to network monitoring.
Learn about the latest detection tools like XDR, EDR, and SOAR, and discover why many organizations might benefit from working with a managed security service provider. We discuss real-world examples of ransomware detection, including unusual signs that might indicate an attack in progress. Whether you're managing IT for a small business or an enterprise organization, this episode provides practical insights into detecting ransomware before it's too late.
In this essential episode of The Backup Wrap-up, we dive deep into RTO vs RPO – the foundational concepts that drive backup and recovery system design. Curtis and Prasanna break down why these aren't just technical metrics, but crucial business decisions that should come from your stakeholders.
Learn why different applications need different RTOs and RPOs, how these metrics influence your backup frequency and system design, and why getting them wrong can cost your company millions. We'll show you how to have productive conversations with stakeholders about recovery objectives, and why the common answer of "zero downtime" isn't always the right one. Whether you're new to backup or a seasoned pro, this episode will reshape how you think about recovery objectives.
Experience the backup from hell in this eye-opening episode of The Backup Wrap-up. What started as a straightforward 40TB backup spiraled into a months-long battle with 400TB of data, failing tape drives, and directories containing hundreds millions of files.
Host W. Curtis Preston shares his first-hand account of tackling this backup from hell, including the challenges of dealing with SMB protocol limitations, tape drive failures, and the infamous "million file problem." Learn why backing up 99 million files in a single directory isn't just challenging - it's nearly impossible over standard protocols.
Discover the solutions that finally worked, from switching to disk-based backup to implementing local tar backups. Whether you're a backup admin or IT professional, this episode offers valuable insights into handling extreme backup scenarios.
In this important episode, we tackle the crucial topic of election integrity. As a seasoned poll worker and site manager, I take you behind the scenes of our voting process, revealing the numerous safeguards and checks in place to ensure fair and accurate elections. We debunk common myths, explain the importance of paper ballots, and discuss how mail-in voting actually works. You'll learn about the rigorous signature verification process, the role of election observers, and why it's nearly impossible to commit large-scale voter fraud. Whether you're skeptical about our electoral system or simply curious, this episode provides valuable insights into how we maintain election integrity. Don't miss this chance to understand the nuts and bolts of our democratic process and why you can trust in the security of your vote.
In this eye-opening episode of The Backup Wrap-up, we look at the dangers of the consolidating backup market, a trend that's reshaping the industry. We talk about recent major acquisitions like Cohesity's purchase of Veritas and Salesforce's takeover of OwnBackup, examining the implications for customers and the market at large.
After covering each acquisition, we talk about the often-overlooked risks of keeping legacy backup systems operational post-consolidation, including security vulnerabilities and ongoing costs. We also address the challenges of data accessibility and the potential legal ramifications of retaining old backups. Whether you're a seasoned IT professional or new to the world of data protection, this episode offers valuable insights into navigating the complex landscape of backup market consolidation.
In this episode of The Backup Wrap-up that proves Curtis right :) we look into the shocking case of a rogue administrator who held an entire company's IT infrastructure hostage. We explore how Daniel Rhyne, a core infrastructure engineer, managed to lock out his colleagues and demand a $750,000 ransom. This real-world example highlights the critical importance of safeguarding against insider threats.
We look into practical strategies to prevent such incidents, including implementing least privilege access, enforcing "four eyes" principles for critical changes, and maintaining robust logging and auditing systems. The discussion also covers recovery options and the vital role of off-site immutable backups in mitigating damage from rogue administrators. Whether you're an IT professional or business leader, this episode provides essential insights into protecting your organization from the potentially devastating actions of trusted insiders gone rogue.
In this episode of The Backup Wrap-up, we explore the critical process of a business impact analysis (BIA) and its importance for organizations of all sizes. Our expert guest, Dr. Mike Saylor, shares valuable insights on conducting effective BIAs, including why it's best to have a third party perform them. We discuss how business impact analysis informs disaster recovery plans, aligns IT with business needs, and helps justify crucial investments in resilient systems. You'll learn about the steps involved in a BIA, from stakeholder identification to financial impact assessment, and understand how this process can save your organization time, money, and headaches in the long run. Whether you're an IT professional or a business leader, this episode provides essential knowledge for protecting your organization's critical functions and ensuring business continuity.
In this essential episode of The Backup Wrap-up, we delve into the critical components of a robust ransomware backup strategy. We explore the concept of dwell time and its implications on backup retention periods, emphasizing the need for longer-term storage solutions. Our discussion covers the importance of frequent backups and designing systems with multiple recovery options. We examine the benefits of cutting-edge technologies like snapshots, replication, and cloud-based recovery solutions in crafting an effective ransomware backup strategy. The episode also tackles the nuances of database versus file system recovery and provides insights on evaluating the importance of encrypted data. Whether you're an IT professional or a business owner, this episode offers valuable guidance on fortifying your ransomware backup strategy to protect your critical data assets.
In this eye-opening episode of The Backup Wrap-up, we delve into the critical topic of detecting ransomware. Joined by cybersecurity expert Dr. Mike Sailor, we explore the subtle signs that could indicate a ransomware attack in progress. From slight performance degradation to unusual network behavior, we cover the early warning signs that every IT professional and digital asset owner should be aware of.
Our discussion goes beyond just identifying threats. We examine the role of advanced security tools like SIEM and XDR in early ransomware detection, and why integrating these with endpoint protection is crucial for an effective defense strategy. We also stress the importance of having a solid incident response plan and the benefits of virtualization in recovery efforts. Whether you're looking to bolster your organization's cybersecurity or simply protect your personal data, this episode provides invaluable insights into detecting ransomware before it's too late.
In this eye-opening episode of The Backup Wrap-up, we delve into the world of tabletop exercises and their crucial role in cybersecurity preparedness. Our guest expert, Mike Saylor from Black Swan Security, guides us through the ins and outs of planning and executing effective tabletop exercises. We explore why these simulations are essential for organizations of all sizes, and how they can dramatically improve incident response capabilities.
Listeners will gain valuable insights into selecting the right scenarios, involving key stakeholders, and creating a safe environment for learning. We also discuss common pitfalls to avoid and the importance of regular practice. Whether you're new to tabletop exercises or looking to enhance your existing program, this episode provides practical advice for strengthening your organization's cyber resilience. Don't miss this opportunity to level up your incident response game!
In this important episode of The Backup Wrap-Up, we delve into the world of cybersecurity training. We explore why effective training is crucial in today's digital landscape and how to implement a comprehensive program that goes beyond just ticking boxes. From creating robust cybersecurity policies to conducting engaging, frequent training sessions, we cover it all.
Learn why rewarding vigilance is more effective than punishing mistakes, and how to foster a security-aware culture in your organization. We discuss the importance of relevant, interactive training methods, including simulated phishing tests, and how to train users to spot suspicious activity beyond just phishing attempts. Whether you're an IT professional or a business owner, this episode provides valuable insights to enhance your cybersecurity training efforts and strengthen your organization's digital defenses.
In this very dense episode of The Backup Wrap-up, we delve into the critical world of incident response plans, from the business impact analysis (BIA) to finalizing its creation. Our expert guest, Dr. Mike Saylor, CEO of Blackswan Security, shares invaluable insights on crafting and implementing effective incident response strategies. We explore the key components of a robust plan, from conducting a business impact analysis to creating scenario-specific playbooks.
Learn why having an incident response plan is crucial in today's cyber threat landscape and how to design one that works for your organization. We discuss the importance of regular updates, secure storage, and testing through tabletop exercises. Whether you're an IT professional or a business leader, this episode provides practical advice on preparing for and managing potential security incidents. Don't miss this essential guide to strengthening your organization's cyber resilience through comprehensive incident response planning.
In this eye-opening episode of The Backup Wrap-up, we delve into the critical concept of minimizing the cyberattack blast radius. Joined by cybersecurity expert Dr. Mike Saylor, we explore practical strategies to significantly reduce the impact of a breach on your organization.
We start by discussing the principle of least privilege access and its role in containing a cyberattack's blast radius. Next, we examine the importance of network segmentation in limiting the spread of an attack. The conversation then shifts to the often-overlooked aspect of controlling outbound traffic to prevent data exfiltration.
Throughout the episode, we provide actionable insights and best practices that IT professionals and business owners can implement to enhance their cybersecurity posture. By focusing on minimizing the cyberattack blast radius, organizations can better protect their digital assets and mitigate potential damages in the event of a breach.
In this episode of The Backup Wrap-Up, we delve into the crucial world of ransomware forensics with cybersecurity expert Mike Saylor. We explore the essential steps and tools used in forensic analysis during a cyber attack, highlighting the importance of preserving evidence and navigating the complexities of both traditional and mobile device forensics.
From log preservation to forensic imaging, we discuss how organizations can prepare for and respond to ransomware incidents. Mike shares insights on the different forensic tools available, their applications, and the challenges faced in modern cybersecurity investigations. We also touch on the importance of having a forensic response plan in place before an attack occurs.
Whether you're an IT professional or simply interested in cybersecurity, this episode offers valuable knowledge about the forensic processes that help unravel cyber attacks and protect valuable data. Tune in to enhance your understanding of ransomware forensics and strengthen your organization's cyber defenses.
Dive into the world of cyber insurance with our latest episode featuring expert Mike Saylor. We explore the evolving landscape of cyber insurance policies and their crucial role in today's digital security strategies. Learn why cyber insurance is more than just a financial safeguard and how it can be a proactive tool in your cybersecurity arsenal.
Mike shares invaluable insights on maximizing your cyber insurance benefits, from understanding policy nuances to leveraging your insurer's expertise. We discuss common misconceptions, the importance of pre-incident preparation, and strategies for effective incident response. Whether you're a small business owner or a corporate executive, this episode provides essential knowledge to navigate the complex terrain of cyber insurance and protect your digital assets.
In this important episode of "The Backup Wrap-Up," we continue our discussion on ransomware, and dive deeper into the world of ransomware prevention. We assume you've done the basics (password & patch management, and MFA), and want to do more. As cyber threats continue to evolve, it's more important than ever to stay ahead of potential attacks. We discuss a range of strategies to protect your organization, from application whitelisting to securing service accounts.
Among other things, our conversation covers the importance of restricting risky network protocols, implementing multi-factor authentication, and employing reputable anti-malware software. We also explore the benefits of penetration testing and red team exercises. Additionally, we emphasize the significance of establishing relationships with blue teams and law enforcement resources before an attack occurs.
Join us as we provide actionable insights on ransomware prevention, helping you build a robust defense against this pervasive cyber threat. Whether you're an IT professional or a business owner, this episode is packed with valuable information to enhance your cybersecurity posture.
In this episode of The Backup Wrap-Up, we delve into the critical world of IT security audits. We explore why these audits are essential for maintaining a robust cybersecurity posture and how they can help organizations identify and address potential vulnerabilities. Our discussion covers key elements of surviving an IT security audit, including user education, application whitelisting, and securing remote access protocols. We also touch on the importance of regular security assessments and proactive measures to stay ahead of cyber threats. Whether you're an IT professional or a business owner, this episode provides valuable insights into conducting thorough IT security audits and implementing best practices to protect your digital assets. Tune in to learn how you can strengthen your organization's defenses and become a cybersecurity hero.
Discover how to stop ransomware in its tracks with this informative episode of The Backup Wrap-up. Hosts W. Curtis Preston and Prasanna Malaiyandi look into three crucial strategies that can prevent 90% or more of ransomware attacks. Learn why patch management is your first line of defense and how to implement it effectively. Explore the world of password security and discover why a robust password management system is essential. Finally, uncover the power of multi-factor authentication in thwarting unauthorized access. Don't miss this opportunity to strengthen your cybersecurity defenses and stay one step ahead of cybercriminals.
In this episode, we delve into the world of immutable backups, a crucial component of modern data protection strategies. We explore why immutable backups have become increasingly important in the face of sophisticated cyber threats, especially ransomware attacks that target backup systems. The episode covers the evolution from tape backups to disk-based systems and cloud solutions, highlighting how this shift has introduced new security challenges.
We discuss the spectrum of immutability in backup systems, from basic file system protections to fully immutable cloud storage options. The conversation touches on various implementations of immutable backups, their strengths, and potential vulnerabilities. We also address the importance of multi-factor authentication and awareness of emerging threats like AI-based voice impersonation.
In this crucial episode, we delve into how to protect backups from ransomware, a critical concern for IT professionals and business owners alike. We explore why backup systems are prime targets for cybercriminals and the devastating consequences of a successful attack. Our discussion covers essential strategies to fortify your backups, including implementing immutable storage, using local accounts instead of Active Directory, and employing network segmentation. We also emphasize the importance of robust monitoring systems and regular patching. By understanding the risks and implementing these protective measures, you can significantly enhance your organization's resilience against ransomware attacks. Don't miss this vital information on how to protect backups from ransomware and secure your data's last line of defense.
This episode about what is ransomware is the first in a new series on the topic. The episode explores what it is, how it works, and why it has become such a significant threat to businesses and individuals alike. We discuss the evolution of ransomware attacks, from simple data encryption to sophisticated extortion schemes involving data exfiltration and direct attacks on backup systems. Our conversation highlights the importance of prevention and detection measures, such as robust access controls, limiting internet-facing systems, and monitoring for data exfiltration. We also emphasize the critical role of backup and recovery strategies, including offline and immutable backups, in mitigating the impact of ransomware attacks. Throughout the episode, we provide insights into the complex ransomware threat landscape and offer practical advice for organizations looking to protect their data and systems from this ever-evolving threat.
In this episode, we explore the differences between XDR and SIEM, two crucial tools in the world of security monitoring. Our guest, Dez Rock, CEO of SIEMonster, shares her fascinating journey from professional hacker to building an affordable, scalable SIEM solution that encompasses SOAR and XDR capabilities. We discuss the importance of evaluating security tools based on their true capabilities rather than just market perception, and Dez provides real-world examples of how SIEMonster's SIEM/XDR tool automatically detected and shut down a ransomware attack at a large hospital client. Tune in to learn about the evolving security landscape, the pros and cons of XDR vs SIEM, and how you may not have to choose! Whether you're an IT professional or simply interested in the latest cybersecurity trends, this episode offers valuable insights into the future of security monitoring.
In this episode, we explore the essential strategies and best practices for building and optimizing a blue team cybersecurity approach. Our guest, Mike Saylor, shares his expertise on how organizations can effectively prepare for and respond to cyber incidents. From establishing relationships with law enforcement to conducting tabletop exercises and understanding cyber insurance policies, Mike provides valuable insights to help companies strengthen their cybersecurity posture.
Throughout the episode, we discuss the importance of focusing on detection and response capabilities, not just prevention, and how a well-prepared blue team can make all the difference in the face of a cyber threat. Mike also shares real-world stories that illustrate the key lessons and takeaways for organizations looking to enhance their cybersecurity efforts. Tune in to learn how you can better protect your company from cyber threats with a robust blue team approach.
In this popular episode from last year, we explore the fascinating world of red team cyber security with Dwayne Laflotte, a seasoned expert in offensive cybersecurity. Dwayne shares his wealth of knowledge and experience, diving into the tactics and strategies employed by red teams to identify vulnerabilities and strengthen an organization's defenses. From exploiting backup systems to the importance of least privilege and strong passwords, this episode is a must-listen for anyone interested in bolstering their cybersecurity posture.
Dwayne provides captivating examples of how red team cyber security professionals think outside the box to breach networks, emphasizing the need for constant vigilance and adaptability in the face of evolving threats. He also highlights the critical role of collaboration between red and blue teams, stressing the importance of a multi-layered approach to cybersecurity. Packed with practical insights and actionable advice, this episode is an invaluable resource for IT professionals and business leaders alike.
In this episode, we delve into the critical importance of Google Cloud disaster recovery planning through the lens of UniSuper's recent brush with catastrophe. When Google accidentally deleted UniSuper's entire VMware environment, the Australian pension provider faced the terrifying prospect of losing access to $125 billion in assets and the data of over 600,000 members.
Hosts W. Curtis Preston and Prasanna Malaiyandi dissect the incident, highlighting how UniSuper's adherence to the 3-2-1 backup rule and use of third-party backup solutions ultimately saved the day. They explore the key lessons learned from this Google Cloud disaster, including the importance of having isolated data copies, clear communication during outages, and a robust recovery strategy. This real-world case study serves as a stark reminder of the risks associated with relying solely on cloud providers for data protection and the necessity of comprehensive Google Cloud disaster recovery planning.
In this episode, we explore the world of electronic discovery tools and how they're transforming the legal landscape. Our guest, Brendan Sullivan, shares his expertise on the challenges companies face when dealing with legacy data and the importance of using the right tools for eDiscovery. Learn how purpose-built software can greatly enhance efficiency, accuracy, and defensibility in the eDiscovery process. Brendan also discusses the growing need for data remediation and migration services, as well as the role of computer forensics and eDiscovery platforms in building strong legal cases. Whether you're a legal professional looking to streamline your workflow or simply interested in the intersection of technology and law, this episode is a must-listen.
Capping our series on cloud disasters is this one on cloud disaster recovery. In this episode, we review the lessons we learned from discussing 10 cloud disasters. We talk about the critical strategies and techniques to ensure your data is protected and recoverable in the event of a disaster in the cloud. From the basic 3-2-1 rule to the pitfalls of solely trusting your cloud provider for proper disaster recovery, we dive into real-world examples and expert insights to help you build a robust cloud disaster recovery plan for your cloud data.
Discover the importance of regular testing, the role of third-party backup solutions, and the key considerations for choosing a reliable cloud provider. Whether you're a small business or a large enterprise, this episode provides actionable advice to enhance your cloud disaster recovery posture and maintain business continuity in the face of unexpected disruptions. Tune in now and learn how to safeguard your valuable data in the cloud era.
In this episode, we discuss the devastating crash experienced by the popular YouTube channel "Life Uncontained," which resulted in the loss of a month's worth of irreplaceable video footage. The Life Uncontained crash serves as a stark reminder of the importance of proper backup strategies for protecting valuable digital assets. We delve into the lessons learned from this unfortunate incident and explore the best practices for safeguarding your data from hardware failures and other potential disasters. From the 3-2-1 backup rule to the use of multiple storage media, we cover the essential steps you can take to minimize the risk of catastrophic data loss. Whether you're a content creator, business owner, or simply someone who values their digital memories, this episode provides crucial insights into the world of data protection and backup. Don't miss this opportunity to learn from the "Life Uncontained" story and fortify your own backup plan.
https://www.youtube.com/watch?v=fQsTs3C0T-c&ab_channel=LifeUncontained
In 2014, the cloud-based research platform Dedoose suffered a catastrophic crash, losing customer data and backups simultaneously. We examine the causes of the Dedoose crash, its impact on users, and crucial lessons for anyone relying on SaaS. Learn how subpar backup practices, like monthly-only backups and overwriting previous versions, can lead to disaster. Hear how Dedoose responded and key steps to prevent your own cloud data calamity.
Links from this episode:
In this episode, we examine the StorageCraft outage that erased customer backup data during a botched cloud migration. We compare StorageCraft's response to Carbonite's in a similar incident and discuss the critical lessons for backup vendors and customers. Learn the importance of meticulous migration processes, potential backup resiliency strategies, and what to do if your cloud backups disappear. Don't miss these vital insights to avoid cloud backup disasters and ensure your data is always recoverable.
Stories covering this outage:
https://www.crn.com/slide-shows/storage/arcserve-ceo-storagecraft-backup-data-loss-not-acceptable
https://www.reddit.com/r/msp/comments/tgggey/just_got_a_call_from_storagecraft_cloud_data_is/
https://blocksandfiles.com/2022/03/22/arcserve-storagecraft-operation-has-lost-customer-data/
https://www.channele2e.com/news/arcserve-storagecraft-draas-suffers-cloud-data-protection-issues
In this episode, we examine the Rackspace ransomware attack that crippled the company's hosted exchange environment, affecting thousands of customers. We discuss the timeline of events, the importance of timely patching, and the challenges Rackspace faced in restoring customer data. Learn about the value of comprehensive disaster recovery plans and third-party backups in protecting your organization from similar attacks. Don't miss this opportunity to gain valuable insights from one of the most significant ransomware incidents in recent years.
In this episode, we uncover the troubled history of Carbonite, a once prominent cloud backup provider plagued by lawsuits. In one Carbonite lawsuit they were the plaintiff, in another they were the defendant. From using inadequate storage arrays to failing to protect customer data, Carbonite's story serves as a warning for backup customers. Learn the importance of thoroughly vetting backup vendors and the risks of blindly trusting marketing claims. Don't miss this deep dive into Carbonite's multi-million dollar legal battles and valuable lessons for anyone relying on cloud backup services.
In this episode of The Backup Wrap-Up, Curtis and his co-host dive into the chaos caused by Salesforce's accidental "modify all" permission change in 2019. They explore the fallout from this real-world SaaS disaster, including how Salesforce scrambled to restore proper permissions and the frustration felt by impacted customers.
Curtis and his co-host discuss the crucial role third-party backups could have played in mitigating the impact of this incident, and why relying solely on a SaaS vendor's recovery capabilities can leave organizations vulnerable. They also share practical advice on how listeners can avoid similar cloud disasters by implementing a comprehensive backup strategy for their SaaS applications.
Whether you're a Salesforce user, a SaaS enthusiast, or simply interested in the world of data protection, this episode offers valuable insights and entertaining anecdotes that will help you become a Cyber Recovery Hero. Tune in to learn, laugh, and discover how to safeguard your organization's critical data in the cloud.
Links
In this shocking episode of The Backup Wrap-up, we delve into the jaw-dropping data loss disaster that struck global consulting giant KPMG at the height of the 2020 pandemic. With one errant click, a Microsoft 365 admin accidentally wiped out months of critical Teams chat data for a staggering 145,000 employees.
Join host W. Curtis Preston as he unravels this extraordinary tale of digital destruction and explores the crucial lessons it holds for organizations relying on Microsoft 365 and other SaaS platforms. Curtis breaks down the differences between retention policies and actual backups, exposes common misconceptions about cloud provider data protection responsibilities, and highlights the potential legal and compliance nightmares that can arise from such catastrophic data loss.
If you're using Microsoft 365 or any SaaS application, you can't afford to miss this vital wake-up call. Tune in to discover why a robust third-party backup strategy is essential, no matter how big your company or how reliable your cloud provider seems. Learn from KPMG's misfortune and ensure your organization's critical data is always protected, in the cloud and beyond.
Don't become the next cautionary tale – listen now and secure your SaaS data before it's too late!
In this important episode of the Backup Wrap-up, W. Curtis Preston, AKA Mr. Backup, takes you on a deep dive into the shocking story of the OVHCloud data center fire of 2021. This catastrophic event left hundreds of customers scrambling to recover their precious data (often without backups), exposing the startling truth about OVHCloud's data center and backup practices and the devastating consequences of misplaced trust in cloud providers.
As usual, Curtis is joined by co-host Prasanna Malaiyandi as they unravel the complex web of controversial decisions, legal battles, and hard lessons learned from this disastrous incident. They explore the factors contributing to the fire's severity, the staggering extent of the data loss, and the eye-opening revelations about OVHCloud's backup infrastructure.
But this episode is more than just a cautionary tale. Curtis and Prasanna delve into the crucial questions every organization must ask their cloud provider to ensure their data is truly secure. They share invaluable insights and actionable advice to help you avoid falling victim to a similar fate.
Whether you're an IT professional responsible for safeguarding your company's data or an individual looking to protect your digital life, this episode is a must-listen. You'll come away with a deeper understanding of the risks associated with cloud storage, the importance of robust backup strategies, and the steps you can take to become a cyber-recovery hero.
Don't miss this opportunity to learn from one of the most significant cloud disasters in recent history. Tune in now and discover how you can keep your data out of the fire and emerge as an unsung hero in the world of backup and recovery.
Articles covering this story:
https://www.datacenterdynamics.com/en/news/ovh-fire-octave-klaba-says-ups-systems-were-ablaze/
https://www.datacenterdynamics.com/en/news/fire-could-cost-ovhcloud-105-million-ipo-filing-reveals/
https://www.datacenterdynamics.com/en/news/ovhcloud-ordered-to-pay-250k-to-two-customers-who-lost-data-in-strasbourg-data-center-fire/
https://www.datacenterdynamics.com/en/news/ovhcloud-fire-report-sbg2-data-center-had-wooden-ceilings-no-extinguisher-and-no-power-cut-out/
Election worker episode:
https://www.backupwrapup.com/election-poll-site-manager-explains-us-election-systems/
In this episode, we uncover the little-known but cautionary tale of Musey, a startup building an interior design app that catastrophically lost everything when an admin accidentally deleted their entire Google Workspace account.
We dive deep into:
The devastating story of Musey serves as a sobering reminder that human error can still trump even the most resilient cloud platforms. Don’t miss this rare peek behind the curtain at a colossal cloud failure that very few people know about.
Story: https://www.theregister.com/2019/07/05/musey_v_google_lawsuit/
Lawsuit filed: https://regmedia.co.uk/2019/07/05/musey_v_google.pdf
Lawsuit pulled: https://dockets.justia.com/docket/california/candce/4:2019cv03864/344456
Museyapp.com 6/6/19 says “buy this domain”:
https://web.archive.org/web/20190606022957/http://www.museyapp.com/
In 2014, software-as-a-service company Code Spaces disappeared overnight after a devastating cyber attack. Thousands of coders lost access to their work when insufficient cloud backups failed under pressure. The company was forced to go out of business.
Learn the tragic tale of how Code Spaces ignored standard data protection rules, putting their business and clients at risk. We’ll unpack what went wrong with their cloud architecture and backup systems, allowing a single hacker to destroy their SaaS company.
Understand why you still need backup - even native cloud redundancy isn't enough. Our hosts explore the hard lessons from this cloud catastrophe and equip you with actionable advice around security, access controls, preparation, and backup policies. Safeguard your slice of the cloud and avoid the mistakes that ultimately shuttered Code Spaces.
Articles covering this story:
In this information-packed episode, backup guru W. Curtis Preston and expert guest Prasanna Malaiyandi explore the elements of crafting an effective disaster recovery (DR) runbook. They discuss how a properly structured runbook eliminates confusion during crises by clearly outlining responsibilities and contacts. From making runbooks accessible and absorbed to keeping them actionable with constant updates and tests, they share the 8 critical factors for DR success. Tune in to transform your backup admins into confident cyber recovery heroes with battle-tested runbooks.
Disaster lurks around every corner - ransomware, natural disasters, human errors. Are you thinking about all the data and systems at risk. Is your organization prepared?
In this episode, Curtis and Prasanna pull back the curtain on the disaster recovery decision - to build or to buy? They unpack the tradeoffs around cost, complexity, control, and even cybersecurity. Whether you're an anxious IT leader losing sleep over business continuity or just disaster recovery curious, you won't want to miss this episode.
Will your DR strategy survive? Tune in now to find out!
Creating an effective DR strategy means understanding the critical differences between hot, warm, and cold recovery sites. Join backup guru W. Curtis Preston and his cohost Prasanna Malaiyandi for the latest Backup Wrap-Up as they outline real-world strategies to match your RTO, RPO, and budget. You’ll learn the unique benefits and challenges of using both primary for hot sites, and backup replication to cost-effectively create warm recovery sites.
They also tackle the complexities of cloud DR for VMware environments. Can you do DR of VMware to AWS? What conversion hurdles do you need to plan for? Tune in to find out.
Whether you're a scrappy SMB or an enterprise with serious SLAs, this tactical episode delivers actionable advice to advance your resilience game. Learn how to leverage the cloud's economies of scale and keep business running no matter what gets thrown your way.
The backup wrap up turns unappreciated backup admins into cyber recovery heroes.
When disaster strikes, you better have a solid plan for where you’ll recover your operations. Join me, W. Curtis Preston, and Prasanna Malaiyandi, as we explore the nitty-gritty details of your three main options for a disaster recovery site.
We’ll dig into the pros, cons, risks, and costs associated with rolling your own DR site, hiring a third-party service, or leveraging the public cloud. Each path has its twists and turns. How do you keep a secondary site in sync? What if a regional disaster takes down your DR provider? Can the cloud flex to meet your recovery needs? Tune in for straight-shooting answers.
This episode tackles the tough questions so you can make informed, bulletproof decisions on housing your failover infrastructure. As always, I’m drawing from decades of experience as a recovering backup admin, and I've designed this podcast just for pros like yourself.
Batten down the hatches and prepare to take notes - it’s time to build a life raft for your data!
For those interested in The Gobox Studio, here you go! https://goboxstudio.com/
Staying resilient in the face of disaster is crucial for any organization today. In this episode, we dive deep into crafting robust disaster recovery plans that help you outmaneuver outages.
We discuss critical groundwork like taking inventory across environments and analyzing risk to determine what to prioritize recovering when the worst happens. Whether it's ransomware, natural disasters, or other threats taking systems down, smart preparation makes all the difference.
Key highlights include:
The right disaster recovery means being able to get back to business rapidly. By learning from unfortunate events others have endured, you can architect resilience that lets you bounce back better no matter the scenario.
Are your backups collecting virtual dust rather than readying you for the next unavoidable disaster? Get back to basics on crafting an ironclad disaster recovery plan. We outline the essential infrastructure, applications, staffing, and execution steps often glossed over by the check-the-box enterprise crowd.
Going beyond mere data recovery, we detail considerations around standing up replacement infrastructure, understanding system interdependencies, and restoring functionality faster with increased automation. Cloud's scaling and affordability make DR exercises less daunting these days if configured properly on the front-end.
With major outages increasingly likely, the principles detailed could dictate whether your business emerges unscathed or shutters for good. We share tips for pragmatic preparation reflecting our scar tissue from failures past when lackadaisical DR rigor proved painful. Ever try troubleshooting recovery steps in the midst of a raging hurricane...or gotten that dreaded 2AM offline alert while welcoming your newborn? We have!
Major takeaways:
Stay tuned as we separate the mavens from the mayhem when adverse events strike. Get your data DR ducks in order now before things migrate south!
News articles from this episode:
In this episode, Curtis and Prasanna do a deep dive on the differences between data backup and data archiving. They thoroughly explain that while backup focuses on restoring systems and files to a prior point in time, archiving is all about being able to search and retrieve specific information for legal or regulatory purposes.
Key reasons you'll want to tune in:
If you need to implement archiving or fix broken archive approaches that risk legal noncompliance, this episode delivers an excellent primer on how archive differs from backup and what genuine archive systems can do.
https://support.google.com/drive/thread/245861992?sjid=15540859157109248518-NC
https://support.google.com/drive/answer/14286582?sjid=8199341837463411967-NA
https://blog.23andme.com/articles/addressing-data-security-concerns
https://www.backupwrapup.com/what-is-archive-and-retrieve-backup-to-basics/
https://www.sullivanstrickler.com
We’re going back to basics in 2024! Our hosts revisit their smash hit episode from last year all about protecting those traditional data sources like physical servers, VMs, laptops, desktops, and mobile devices. From on-prem to mobile, should it all get backed up? How and why? Tune in as Curtis and Prasanna rehash their spirited debate over backup best practices across your infrastructure and walk through real-world examples of what can go wrong. It’s chock full of fundamental wisdom for data protection pros getting started and veterans alike. Whether you’re making big cloud migrations or maintaining legacy systems, don’t miss this special re-release dedicated to the building blocks of backup as we start the year on a backup to basics kick.
This timely episode features an in-depth discussion between cybersecurity expert Melissa Palmer (@vmiss) and hosts W. Curtis Preston and Prasanna Malaiyandi on the crucial role preparation and planning play in effectively responding to and recovering from the inevitable ransomware attack.
They stress that flying by the seat of your pants without an incident response plan when ransomware hits leads to chaotic, inefficient efforts and substantially higher costs. Melissa outlines pragmatic steps organizations should take before an attack to develop and test response playbooks, have partnerships in place with response firms, coordinate across internal teams, bolster detection capabilities, and harden backup/recovery mechanisms.
Curtis and Prasanna dive into real-world ransomware response scenarios to highlight the complexity organizations face in assessing the scope of damage from attacks and recalibrating restoration priorities. Melissa offers tips on creating robust processes to rebuild compromised environments quickly. They discuss table-top exercises as cost-efficient ways to uncover plan gaps and get stakeholders aligned on roles and timeline expectations.
With Melissa's depth of experience assisting ransomware victims, she provides unique insights into preparation best practices often neglected until the worst happens. For IT/security leaders looking to build organizational resilience against ransomware threats, this engaging episode delivers actionable advice on architecting defense-in-depth capabilities tailored to your business requirements.
Join us for a great episode!
Changing your organization's backup system is no easy task - it requires careful evaluation of requirements, risks, and capabilities. Many admins get stuck with backup environments they've outgrown or that lag on modern demands.
On this episode, backup guru W. Curtis Preston and his cohost Prasanna Malaiyandi lend their expertise to help you determine if and when migrating your backup solution makes sense. You'll learn:
With ransomware threats growing, the bar for backup keeps rising. Tune in as our two hosts cover everything you need to make backup system change decisions that balance innovation, budget, and risk - avoiding needless switches while still meeting evolving data protection demands. You'll gain real-world clarity that turns unappreciated backup admins into cyber recovery heroes.
After diving into the details of the recent Okta breach enabled by password manager vulnerabilities, Curtis and Prasanna tackle the growing issue of copy data sprawl. They define copy data management – the practice of tracking and governing all duplicated production data for backup, DR, development, analytics etc. What problems result from copy proliferation? How feasible is a single consolidated platform? What regulatory and cost implications exist? Tune in as our hosts break down best practices for cataloging, securing, reducing, and better leveraging your organization’s data copies. Specific topics covered include:
Join Curtis and Prasanna for another engaging combination of news commentary, frameworks, debates, warnings, and recommendations – this week with a data protection slant. Whether you’re a backup admin or IT leader grappling with copy sprawl, this insightful episode has something for you!
Articles discussed in this week's episode:
Tired of backup windows and 24-hour recovery point objectives? Then it's time to learn about how snapshots and replication work together to create near-continuous data protection, or near-CDP.
In this episode, backup experts W. Curtis Preston and Prasanna Malaiyandi dive into leveraging snapshots for instant point-in-time recovery and replication for an offsite copy. By combining these technologies, you can achieve recovery point objectives measured in minutes rather than hours or days.
Listen in to understand what near CDP is, how it differs from backup and true CDP, and the key capabilities it enables. Discover when to take crash-consistent vs application-consistent snapshots. Learn how near CDP integrates with backup software and how you can use replicated snapshots for automated recovery testing.
If you need tighter RPOs and near-instant RTOs for your mission-critical systems, you can’t afford to miss this explanation of how snap and replicate delivers a high-frequency, budget-friendly data protection option. Tune in to become a hero by enabling your organization to recover quickly from data corruption, ransomware, and other threats!
Ransomware attacks and data breaches dominate the headlines, but is your data protection strategy truly secure? This must-listen episode dives deep on an unsung hero of cyber resilience - tape.
Tape may have been written off by some as a legacy technology, yet it offers unparalleled air gap protection that no hacker can penetrate. Top experts from Fujifilm and IBM (sponsors of this episode) reveal the major advances that make modern tape more scalable, reliable, and cost-effective than ever before.
Learn how the pioneering capabilities of the newest LTO-9 drives and 50TB tape cartridges can economically safeguard tens or hundreds of petabytes. Hear the shocking sustainability advantage, with tape generating 97% less CO2 emissions and using drastically less power than comparable disk solutions.
With powerful integrated encryption, quantum-safe algorithms on the horizon, and clever optimizations to tame growing data volumes, tape has been reborn as the undisputed information lifeline every organization needs. Don't let your backups remain exposed - get the insider intel on fortifying your last line of defense with tried and tested tape.
Stories referenced in the episode:
https://blocksandfiles.com/2023/11/03/backblaze-shard-stash-cache/
https://blocksandfiles.com/2023/11/06/cohesity-smartfiles-becomes-snowflake-analytics-playground/
What does "air gap" really mean when it comes to backups? Curtis takes us back to the early days of offsite tape backups with Iron Mountain to explore the principles behind physical air gaps. We learn about barcode tracking, unmarked vans, and multi-factor delete authorization. How do modern "virtual air gaps" in the cloud compare? Are backup vendors misusing important security terms? Join us as we separate marketing hype from real backup protection and learn timeless lessons around alerting, access controls, and immutable data. After this episode, you'll know how to assess if your backups are following air gap principles - no matter what technology you use.
In this episode of The Backup Wrap-Up, host W. Curtis Preston discusses the importance of understanding the difference between snapshots and backups. He emphasizes that storage snapshots should not be considered as true backups. The episode also covers the recent 1Password and Okta hack, highlighting the frustration of such incidents, especially for those who advocate for password managers and cloud technologies. Tune in to learn more about the risks and implications of relying solely on snapshots and the importance of proper backup strategies.
In this episode of the Backup Wrap-Up, W. Curtis Preston and Prasanna Malaiyandi discuss Continuous Data Protection (CDP) and its potential as the next great thing in disaster recovery. They explore the concept of meeting an RTO and RPO of zero and question why CDP isn't used for all backups in DR. Tune in to learn more about CDP and its role in backup and disaster recovery.
Article mentioned in the story:
https://www.theregister.com/2023/10/10/ransomware_attacks_register_record_speeds
In this episode, W. Curtis Preston, aka Mr. Backup, and Prasanna Malaiyandi discuss the fundamental technology of replication in data protection systems. They explore what replication is, how it differs from other methods, and why it's not used for everything. They also delve into the differences between synchronous and asynchronous replication and why it matters. The hosts also share news of a backup company called Alcion, which recently raised funding with support from Veeam, a backup company investing in Alcion's focus on Microsoft 365 backups for SMB customers. They also discuss a report from ESG about how cloud backup has evolved. The episode provides insights into the world of data protection and highlights the importance of replication in safeguarding valuable data.
Articles discussed in this episode:
In this episode of the Backup Wrap-Up, host W. Curtis Preston discusses the importance of distinguishing between a copy and a backup to ensure the protection of valuable data. He also explores key backup concepts such as multiplexing, incremental backups, block-level incremental backups, and source-side deduplication. The episode kicks off with a discussion on the recent MGM hack, highlighting the significant impact it had on the hotel chain and the potential for personal information leaks. Tune in to learn how to safeguard your data effectively and become a backup hero.
Articles mentioned in the episode:
https://www.reddit.com/r/vegas/comments/16hxwj0/explain_like_i_am_5_mgm_hacking/
https://www.reversinglabs.com/blog/what-we-know-about-blackcat-and-the-mgm-hack
In this episode of the Backup Wrap-up, we continue our Backup to Basics series by discussing the importance of protecting cloud infrastructure, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). We then dive into the differences between these various cloud services and highlight the need to back up various components of each. We also discuss a recent incident where a Danish hosting company lost a significant amount of customer data due to a ransomware attack, emphasizing the ongoing threat of ransomware and the vulnerability of service providers. Tune in to learn more about safeguarding your data in the cloud.
Links to articles mentioned in the post:
https://www.pcmag.com/how-to/how-to-back-up-restore-your-documents-in-windows-10
In this episode of the Backup Wrap-Up, host W. Curtis Preston and co-host Prasanna Malaiyandi explore the topic of data protection in the Internet of Things (IoT) era. With the increasing number of IoT devices in our homes and organizations, it is crucial to understand how to back up and secure the data generated by these devices. They discuss the importance of knowing which devices create important data and where that data is being stored.
They also discuss IBM's release of a 150 terabyte tape, which showcases advancements in data storage capacity, and a TechTarget ESG survey about the use of the cloud in data protection.
Tune in to this informative episode for insights on safeguarding your IoT data.
In this episode of the Backup Wrap-Up, host W. Curtis Preston, also known as Mr. Backup, and his co-host Prasanna Malaiyandi, discuss the importance (or not) of backing up data in hybrid cloud storage systems, with a possibly surprising answer. The episode begins with backup-related news, followed by a deep dive into a single area or lesson that can help protect against ransomware. The news segment includes a story about Toyota, where multiple manufacturing plants shut down during their production process. Tune in for the answer to the question about backing up hybrid storage systems, and to learn more about data backup and disaster recovery systems.
This is a very short episode to explain our name change and a few other minor changes to the format. The show you know and love is getting better! (Prasanna and I aren't going anywhere.)
In this episode of the Restore It All podcast, W. Curtis Preston, a.k.a. Mr. Backup, and Prasanna Malaiyandi are joined by Chris Groot and Stefan Voss from N-Able, a company specializing in backup, data protection and security systems. Nable focuses on serving the needs of managed service providers to deliver excellent service to small and medium-sized businesses. They discuss the importance of catering to the "Fortune 5 million," which includes businesses with 20 to 2000 employees, highlighting the significant role that small businesses play in our economy. Tune in to learn more about Nable's approach to the cloud data protection space and their goal of making backup admins indispensable.
In this episode of Backup Central's Restore It All podcast, the host welcomes cyber expert Rick Mishka to discuss the three aspects of IT: process, people, and technology. They explore the misconception that a new piece of gear or software is always the solution to every problem, particularly in preventing data exfiltration. Rick also shares insights into his short-form podcast, Cyber Pros, where he covers cybersecurity topics in just nine minutes. Tune in to gain valuable perspectives on backup, DR, and data protection.
In this episode of Restore it All, our hosts Curtis and Prasanna delve deep into the recent significant developments in the world of data backups, with a special spotlight on Microsoft 365's about-face on native user backups. They dissect Microsoft's sudden realization of its potential revenue streams and the ramifications of its new direction.
The duo also discusses the intricacies of Microsoft's new backup APIs, sharing insights into the former approaches and the strategic changes aimed at enhancing backup efficiency. They traverse the landscapes of various vendors like AWS and Salesforce, drawing parallels and noting divergences in their backup strategies.
Tune in as Curtis and Prasanna ponder the pros and cons of entrusting your backup with the same vendor, emphasizing the importance of not putting all eggs in one basket. The episode beckons listeners to contemplate crucial questions concerning data storage, protection, and ransomware attacks, urging for a meticulous evaluation of Microsoft's new offerings.
As they navigate these shifts, the hosts can't help but say, "I told you so," emphasizing the dire need for backing up SaaS services. The conversation leaves listeners with pertinent questions and considerations, beckoning them to anticipate the forthcoming nuances in backup offerings from giants like Microsoft and Salesforce.
Join us for an episode packed with expert analysis, predictions, and a little bit of gloating, as the world of data backup takes a turn no one saw coming but was perhaps desperately needed.
In this episode, we look at the latest Ransomware Trends Report from Veeam, which gives us a view into the sobering world of ransomware attacks and the critical lessons they teach us about cyber defense. Join W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi, as they break down the key insights from the report. We explore the ruthless tactics of ransomware operators, the eye-opening stats on recovery time, and the evolving strategies of cyber insurers. From the importance of robust password management and multi-factor authentication to the strategies for safeguarding your backup server, we lay out a battle plan to protect your digital fortress. Tune in to discover why ransomware isn't just a threat—it's a wake-up call for businesses everywhere to bolster their defenses and emerge stronger against the rising tide of cyber threats. Your data's future might just depend on it.
In this episode, W. Curtis Preston and Prasanna Malaiyandi are joined by Eric Olden, the CEO of Strata Identity. With over 25 years of experience in the cybersecurity industry, Eric sheds light on the concept of Identity Orchestration and how it addresses the complexities of modern identity management in multi-cloud environments. He discusses the evolution of technology consumption, the philosophy of "bought not sold," and the creation of a new product category in the world of identity management. Eric explains how Strata Identity's platform acts as an abstraction layer, allowing organizations to seamlessly integrate and switch between different identity providers without rewriting applications. He also shares insights on modernization, just-in-time provisioning, and the benefits of the open free IDQL standard. Don't miss this engaging discussion about identity orchestration and its role in simplifying the management of identities across diverse cloud ecosystems.
Our guest this week is a specialist at offensive cybersecurity; that is, they keep you safe by attacking you and showing you your vulnerabilities. They're a red team. We've got the leader of their red team, Duanne Laflotte, to help us understand how hackers think – and what we can do to stop them. He confirmed some of the recommendations we often make (Ahem: password managers good), but showed us some defenses aren't that helpful. A particularly relevant part to our backup audience is what he told us about the vulnerabilities of our backup system. At least one of them Mr. Backup had never thought of. Duanne is fun and scary all at the same time. I know this will be one of our top episodes this year.
Nothing tells the story like a good story, right? This week we have Mike Saylor, the CEO of Black Swan, a cybersecurity company. Boy, has he been in the trenches. He tells some great stories about responding to cyber attacks. They're great stories and he's a great storyteller. We also learn about FBI Infragard, a partnership between the FBI and the private sector. We hope you enjoy the episode.
This week the SEC has made a new rule that publicly traded companies must disclose any cyber attacks within four days. What if you're not a publicly traded company in the US? Should you reveal what happened to you? We bring in a wireless cyber security expert, Scott Schober of Berkeley Varitronics Systems, to talk about this topic. Closely related is also what should you do when you personally make a big mistake. Should you tell your boss? What if you're a boss and someone makes a mistake? How should you respond? We get into all of this and more in the week's exciting episode.
During this recording, Mr. Backup asked our guest how many backup systems that he had looked at had at least one critical security flaw, he said pretty much 100%. Holy. Cow. Doron Pinhas runs a company called Continuity Software, that does security assessments of storage and backup and recovery systems. They got the permission of some of their customers to anonymize and publish their findings, and the results were abysmal. (You can read the report yourself here.) He said it was extremely rare to find a backup environment that was properly configured from a security standpoint. He then went on to explain the kinds of things they look for, and how you can secure your storage and backup and recovery environments. He also explained how such environments are typically overlooked by most security scans! He said they have a lot of resources on their website to help you, and they also have automated tools that will ensure you stay secure once you zipped things up. If I were you, I'd check out those resources right now!
Krista Macomber, analyst from the Futurum Group, joins us this week to talk about a number of things, but one thing really bubbled up to the top: co-opting of marketing terms. That is, it's probably using terms to describe their product, because they think you want to hear them. Two big ones these days are "air gapped" and "immutable." Krista and Mr. Backup talk about what these terms really mean – and whether or not your product should be using them to describe their product. You may not get any answers from this episode, but your darn sure will get some questions to back to your backup vendor with.
Today we are proud to have as our guest, Zach Fuller, a founding partner of the Silent Sector, a cybersecurity firm -- and a former Green Beret who served in combat. We talk a little about how his service made him the person he is today, and how it lead him ultimately into helping people protect their own data. We talk about his top few things he wishes people would do to secure their environments (in addition to Mr. Backup's usual suggestions of password management, MFA, and patch management). we found Zach a very engaging person, and we know you'll learn a lot.
Our guest this week (Jim Love from the Hashtag Trending podcast and IT World Canada) touched on something we thought was profound. He felt that some organizations had what he called a "culture of recovery," meaning that they took recovery into account in all aspects of the org. He explained how he fostered this in companies where he worked, and how you can do the same. We also covered generative AI, and he shared several other tips from his many years in the business. Learn the old ways!
iCloud is not a backup; it is a synchronization tool. If you delete things on your phone, it deletes them in iCloud. iCloud is not a backup. In fact, if you have storage optimization turned on, the high-resolution verion of your photos is stored in only one place. If you delete it, it's gone forever. Mr. Backup tries tries three different ways to back up your iPhone, and finally settled on idrive.
iDrive was the only solution we found that worked for both iPhone and Android (including if you turned on optimized storage). If you'd like to try it, make sure to use the link below.
Listeners to the podcast get 90% off their first year using the following link (We will also get a referral fee):
This week we talk with Eric Jeffery, a cybersecurity SE and host of the Cyber Security Grey Beard podcast, and he is just a little miffed about how organizations are responding to cyber attacks today. It's not so much about how they respond to the attack itself; it's how they communicate what happened to the public – if at all. He's submitting what happened at the LA Unified School District as his case in point. He's a bit fired up, so this will be a fun one.
Imagine you're a small business or household that just lost everything in a fire, and your phones, ipads, and laptops went up in flames too. Where do you start? You've got a cloud-based password manager (e.g. Dashlane, OnePassword, KeyPass) and MFA system (e.g. Google Authenticator, Authy). How do you authenticate yourself with these systems if you have all new hardware? That's what we're talking about in this episode.
We reference this great previous episode about being prepared for disasters:
https://www.backupcentral.com/how-to-prepare-for-an-emergency-at-home-and-work/
There was a shocking article by Joanna Stern of the Wall Street Journal about how you are a simple bar trick away from losing access to all your photos (and some money) forever. All they need to do is steal your iPhone after seeing you type in your passcode, and they can lock you out of your account forever. 1. This is why we back up stuff and 2. There is a way to stop this. I'm not yet sure how vulnerable Android folks are to the same problem. If I've piqued your interest, this is the episode for you.
Here are two YouTube videos where the WSJ talks about this:
https://www.youtube.com/watch?v=QUYODQB_2wQ
https://www.youtube.com/watch?v=tCfb9Wizq9Q
Have we got a packed episode for you. This week in our continued Backup to Basics series, we dive deep into the various options for backing up and recovering databases, along with the pros and cons of each. Want to figure out the best way to back up your traditional or modern database? This is your episode. As usual, Mr. Backup and Prasanna also manage to make it fun. This is a great episode and we think you'll enjoy it.
A few weeks ago, Mr. Backup (W. Curtis Preston) said he didn't understand why people used flash for backups. He said it was overkill. A few days later, Howard Marks of Vast (friend of the pod) took issue with that statement, and asked for the chance to defend Vast's title, so to speak. Howard is a friend of the pod and we were happy to say yes. We also take the opportunity to get an update on Vast, and discuss their data reduction techniques in more detail. Bonus points if you get the cover art reference.
Are you doing all you can to stop ransomware attacks before they happen, or kill them the moment they show up? Have you looked into this and found yourself swimming in alphabet soup (SIEM, SOAR, EDR, XDR)? Have you looked at some of these tools and found them to be prohibitively expensive or too complex? This is the episode for you. We have Dez Rock, CEO of SIEMonster, a SIEM/SOAR/XDR as a service company. She helps us weed our way through these acronyms, and then tells us about how SIEMonster (pronounced sea-monster) is bringing this important technology to companies of all sizes.
Last year LastPass suffered two hacks that left their customer's data exposed. What can you learn from this event, even if you're not a LastPass customer? We use this hack as an example of what your company should do (or not do) if it ever suffers such a hack. We also talk about password managers, and what this hack means to those who use them. You do use one, right? This is a great episode, chock full of information. We hope you enjoy it.
It was a dark and stormy night in 1993 when paris (the database server) went down. It would be a night the new backup admin would never forget because he couldn't restore the database from backup. The only bright side of that very sad story is that it launched a career. Yes, that's the night W. Curtis Preston started his path toward Mr. Backup. Hear him tell the story in his own words, in the middle of the backup to basics series about backing up databases. Avoid the mistake that could have (but did not) cost him his job and enjoy a good episode while you're at it!
Are you backing up all the things you should be backing up? In this latest episode of our Backup to Basics series, Mr. Backup & Prasanna look at the list of the traditional things we think about backing up: servers, databases, laptops, mobile devices, file servers, virtualization servers, etc. The big question tackled in this episode is what of these things should you be backing up? Mr. Backup, of course, takes a pretty hard line about backup, but he may surprise you on some of his exceptions. We hope you enjoy the episode.
You know how we tell you to limit the amount of privilege each admin gets, in order to limit the blast radius if their account is compromised? What if you could apply that concept to applications that use private data to accomplish their task? We blindly give everything we have on each person to just about any app that needs anything. But if you had an app that only needs first name and email address, why not just give it that? And if it asks for more than that, what if you had a way to give it masked data, since it doesn't really need it anyway? That's how I would describe Sky Flow, a privacy as a service company, after interviewing its Head of Marketing, Sean Falconer. Fascinating new approach to the problem of personal data sprawl.
I was shocked to learn that my favorite password manager had a few known vulnerabilities, and you might be shocked too! We found this great research paper from the University of York, and invited one of the co-authors on to discuss it. Siamek Shahandasthi, an Associate Professor from the University of York, explained all the vulnerabilities discussed in the paper, and why each is important. I was able to verify that at least one is still found in my current password manager. How many are in yours? Let's pressure the companies to address these, shall we?
Check out the paper yourself here: https://eprints.whiterose.ac.uk/158056/8/Revisiting_Security_Vulnerabilities_in_Commercial_Password_Managers_2.pdf
In our latest episode of the Backup to Basics series, we talk about what I think is the most important invention in my career: deduplication. Without dedupe, much of what we do in backup and recovery, and disaster recovery, would simply not be possible. Without dedupe there really is no disk backup market; there is no cloud backup market. I'd be out of a job! What is dedupe, anyway, and how does it work? What are the different kinds of dedupe and does that matter? You should learn a lot about this important topic.
An incident response plan is the key to successfully surviving a ransomware attack, and it's a bit like Dramamine. The time to get one is too late to get one. @Vmiss (Melissa Palmer) joins us again to talk about this important topic. We talk about the important role cyber insurance companies can play in helping you find an IR team and helping you develop a plan. (They can actually force you to do so in order to get coverage.) @vmiss was a blast to talk to again, and we're sure you'll enjoy this episode.
We have talked about this a lot on the pod, and now we have someone that can explain what you actually do with your network when you get a ransomware attack. It's Tom Hollingsworth from Gestalt IT, and we're excited to have him on the pod. Some of his recommendations of course, require some configuration in advance. We talk about VLANs, SEIM and access management tools, and why many networking admins are terrified of the "reject all" concept that would actually make your network much more resilient in an attack. There is some really good stuff in this episode.
Sheltered Harbor is a non-profit organization dedicated to making sure financial organizations are able to recover after a cyber attack. Even if you're not a financial institution, there is a lot to learn hear. They've done a lot of work to make this standard practical in the real world. If nothing else, you can review what they ask orgs to do and see if you can apply it to your own environment. We once again have Eric Bursley to guide us through the topic. Even Mr. Backup learned something!
Today we're visited by Scott McCrady, the CEO of Solcyber, a leading managed security service provider. He says they're changing the model of how small and medium-sized companies secure their infrastructure against attacks, without any of the typical upfront cost or ongoing maintenance hassles of traditional methods. Have you tried securing your environment, only to suffer "alert fatigue?" Scott feels your pain and has fixed this by doing all of that as a service, which you pay for like a typical SaaS offering. Just a per-user fee per month - one SKU. It's a new way to secure your infrastructure.
How great is it to discuss your favorite topics, learn something new, and have a great time all at the same time? That's what this episode is like. @vmiss (AKA Melissa Palmer) came on the pod for the first time this week. I've read a lot of her content and tweets over the years, and it was great to finally put a face to the name. She knows her stuff when it comes to security, since she was actually working in it before she got into VMware. It was a great conversation I think you'll learn a lot from.
We've talked a bit on this podcast about ransomware groups targeting Windows-based backup servers, and Veeam specifically. There's a new product on the market targeted at this problem, and it's called Blocky for Veeam from Grau Data. Today we have the founder & CEO of Grau Data, Herbert Grau, and their head of North American operations, David Cerf. What we didn't know until recording this episode is that these are the same people that used to make the gigantic Grau tape libraries that is used covet back in the 90s! They got out of the hardware business and have been making software ever since. Blocky for Veeam is a new application of another battle-tested product. Fascinating story, and one that will have other applications in the future.
LastPass made some serious blunders: how they responded to the hack in August, code they created before August, and how they configured their backup system. All of that came to a head at the end of 2023 when the hackers from August used stolen credentials to download a backed up copy of customer information. Most of it was encrypted, but they still gained a lot of information. Many are calling for customers to leave the product. However, even if you're not a lastpass customer, there are lessons to be learned here. Learn those lessons and don't be like LastPass.
Today (Jan 23) marks 30 years to the day that W. Curtis Preston joined the backup industry. Fresh out of the US Navy and wanting to make a name for himself, he joined MBNA, a 35-billion dollar credit card company as "the backup guy." Within seven years he would write the industry's first book dedicated to backup, and since that time, he's gone on to be the world's leading expert in backup and recovery. What were backups like in 1993? How have things changed over the years? And how did he apapt to all of those changes? Prasanna takes the lead as host for this episode, asking Curtis a number of very insightful questions. Be sure to join us for this very special episode.
The latest in our Backup to Basics series is about making sure hackers don't delete, encrypt, or exfiltrate your backups as part of a ransomware attack. (Our Backup to Basics series reviews topics from Curtis' latest book Modern Data Protection, which you can download at druva.com/e-book.) We talk about how and why hackers are specifically targeting your backup system to either disable it or use it as a source for exfiltration. Then we talk about a number of things you can do to defend your backup system against these attacks. This is our most important episode in a while.
Hear the incredible story of Albert Uy, who was handed a two-year project that had already wasted 18 months. They told him he had four months to complete it. He looked at that timeline and told them there was only one way he could do, by switching horses in mid-stream. Not only did they finish it in time; they finished it early. Albert has also managed backup teams for many years, so before we cover this project story, we talk about backup has progressed over the years. We also talk about how much easier his job got once he started using Druva has his backup solution.
Nothing but the best for our listeners! Curtis and Prasanna review their favorite episodes from 2022, from the time Curtis had to restore Backup Central to the shocking outage at Rackspace ( which is still ongoing!). This is your chance to catch up on what you missed last year as we prepare for a new year! Here are links to all the episodes discussed. Happy New Year!
Mr. Backup Forced to Restore Backup Central
Restore Test Failed to Bad Documentation
Security expert rips Okta for their response to hack
How to prevent ransomware, slow its spread, and respond if you get it
How to prepare for an emergency (at home and work)
Backup practitioner tells stories from the trenches
Top 5 security mistakes you're making in the cloud
International lawyer discusses e-discovery in US & other countries
Tomorrow marks two weeks from when the RackSpace outage started on Dec 2, 2022. They confirmed it was via a ransomware attack and it is not. going. well. We're going to do a deeper dive into this once it is all over, but this is a first-blush look at what is happening and RackSpace's reaction to it. When we recorded this episode, their reaction was not looking good. I'm sad to say it's gotten even worse. Check it out!
Ok, so maybe not the most interesting topic. ;) But we promise you, this episode has a great story that involves Mr. Backup being kidnapped by a client, basically because he had a backup level issue. Learn about full backups, incrementals, cumulative incrementals, differentials, numbered levels, tower of hanoi backups, and why all this matters. It turns out it matters a lot more these days for structured backups than filesystem backups, which have typically gone to an incremental forever setup.
This episode we have Boris Agranovich, who has been a risk manager for decades, and speaks SIX languages (Russian, Ukrainian, Hebrew, Dutch, English, and Spanish). How amazing is that? He started the Global Risk Community, the largest online community for risk managers, and it's doing very well. We talk about the differences between what we do (as IT risk managers) and what he does, where he's managing risk for the entire organization. Fascinating guy with a unique perspective.
Archive is NOT backup, and hopefully this episode will help you understand how/why that is the case. In this continued romp through W. Curtis Preston's Modern Data Protection, we explore the definition of archive, and how different it is from backup. You should have no trouble understanding the difference between the two after listening to this episode. As usual, Mr. Backup fills in the definition with interesting stories of what happens when you confuse backup and archive. Enjoy!
As we continue our "Backup to Basics" series, we touch on one of the most important questions of all: what is backup and restore? (And how does it different than archive and retrieve?) The answer to these questions are both simple and nuanced. It's important to have a solid understanding of backup and restore in order to understand how archive is different.
Reminder: You can download a complimentary copy of Mr. Backup's latest book, Modern Data Protection here: https://druva.com/ebook.
This episode follows the previous one in a very interesting way. We have a guest, Eric Bursley, whose job is to divine business and technical requirements from a vendor perspective at Presidio, an IT solutions provider. He consults with customers and helps them get from "I want" to "I need." This was a fascinating conversation that took a turn into (surprise) ransomware. Eric is a fan of the pod and knows his stuff.
As mentioned in the podcast, here is a link to the music video that is the theme song of the podcast:
https://www.youtube.com/watch?v=fPoE7nlgYe4
The episode where we meet the voice behind the song: https://player.captivate.fm/episode/b60b207b-2dfc-4b38-b5ea-1cd4c6231025
We say it all the time: your backup requirements must be based on business/organizational needs. If you keep that mind, not only will your organization be better off, it'll be easier to get approval for the new backup system you want. This episode of our Backup to Basics series goes right to that core idea, and we get advice directly from one of our favorite guests: Jeff Rochlin. He is now the Head of Technical Operations at the LA Studio of Framestore, a visual effects company. In his 30+ year career he has designed and implemented dozens of systems (at least one of them with Mr. Backup). He shares with us his tips on how to design the system AND how to get it approved.
If you'd like to see what Jeff and Curtis do for fun, check out their other podcast, The Things That Entertain Us.
If you have sometimes wondered if your apps should be in a public cloud, private cloud, or in your own datacenter, have we got the episode for you. And we'll also talk about how to protect those apps regardless of where they reside. We looked hard for an unbiased cloud expert, and I think we hit gold. We found Sagi Brody, the CTO of Opti9, an MSP that supports both public and private clouds, as well as on-premises backup infrastructure! We talk extensively about which types of things are appropriate (from a cost and risk perspective) to go into the public cloud, private cloud, SaaS apps, and even your own datacenter. It was an informative and entertaining conversation that we're sure you will enjoy.
We get right to the heart of the matter in this next episode of our Backup to Basics series. (See what we did there?). Why do we even back up? It is expensive, time consuming, and no one seems to want to be in charge of it, so we do we even do it anyway. This episode is based on Chapter 1 of W. Curtis Preston's latest O'Reilly book, Modern Data Protection, which you can download for free courtesy of Curtis' employer, Druva. Curtis believes there are three categories of reasons: human disasters, mechanical failures, and natural disasters. We talk about the odds of each of these happening, and how that's changed over the years.
The episode also starts with Mr. Backup telling the story of how he got into backup in the first place, as well as telling the story of the first time he lost data. It's the whole reason he ended up dedicating his career to backup, and he learned a lot of things from that failure.
Here are the links to other episodes we discuss in this episode of the pod.
Real Life Hurricane Disaster Recovery Story
Disaster Recovery after a hurricane - a First Hand Account
Stop Ransomware Attacks in Seconds. (Includes the Derecho story)
This week are we pleased to announce we have Joe Dehner, specialist in International Law, to discuss the legal side of e-discovery and all the things that go with it. For the first time on Restore it All, we have a lawyer discussing legal things! (Usually we just tell you we're not lawyers!) My favorite part was listening to him tell stories from actual cases that make the various points we discuss. I also enjoyed when we talk about the e-discovery boogey man, adverse inference. If you have heard me talk about this before, it's usually around the context of backup and archive – and how they are different! Hear it from the horse's mouth, so to speak.
This is a trend that's happening around the globe, and the news we got from Lloyd's of London Insurance in August is just the latest example. They're looking to exclude payments for "catastropic" and "state-sponsored" attacks. We talk about what that means. We also discuss how a plaintiff lost a recent lawsuit against their insurance company, getting $100K when what they wanted was $600K. It was how their policy was written. We also talk about a new show (streaming on Peacock in the US) called "The Undeclared War" that is technically fictional but seems all too real. We finish up with a discussion of how we see the roll of cyber insurance in this scary world of ransomware. Saddle up and listen up!
The Uber attack is huge. The initial penetration teaches about MFA, and how they were able to escalate their privileges from there is simply wrong, wrong, wrong. What can you learn from this? Well, we have a cybersecurity expert, and host of the Tech and Main podcast, on the pod this week to help us figure that out. We had planned to just talk about the Uber attack, but he also wanted to talk about what happened to the LA Unified School District. Do you have kids in school, or know someone employed in K-12 education? Shaun St. Hill makes a solid point or two about what they should be doing. All that and Curtis complaining about how much he spent on his vacation to Hawaii. Boo hoo, right?
Cyber security attacks are everywhere, and they're definitely going after what you have running in your favorite hyperscaler. Today we are joined by Paul Hadgy, CEO of Horangi Security, a cyber security company specializing in securing your cloud infrastructure. We talk about a number of things, but at one point, Mr. Backup asked him what the thought was the five biggest security mistakes people make when building out their cloud infrastructure. He gave us a pretty good list, and then talked about how they're able to secure it AND make sure you're properly utilizing it. (They can tell you resources you're paying for that you shouldn't be!) Great interview with Paul.
Jira is yet another service that could be at the center of your organization, and losing the data stored in there could cost you a lot. Did you know it doesn't even have an audit trail for many things? Not only can you lose data, you might not know what was deleted or who did it! We are joined this week from two representatives from Revyz, a new service to back up Jira. They talk about what to back up and what you can do for free, along with what functionality that misses out on. They then explain how their new service works and what it offers. Great episode where I learned a lot. Even if you don't use Jira, you will find a lot of useful info in this episode.
If you don't meet your company's Recovery time objective (RTO) and Recovery Point Objective with your backup design, nothing else matters. Seriously. No one cares if you can back up – only that you can restore in a timeframe they consider reasonable. The only way that's going to happen is if you agree to these times UPFRONT. In this episode in our new back to basics series, we'll jump right into this extremely important topic. We'll explain what RTO & RPO are, what recovery time and recovery point actual are, and how they relate to RTO & RPO. We'll also explain how to get your company to agree to them.
Why don't you have a password manager already? Our guest this week, Chris Hayner, blogger at hayner.net and host of the Chaos Lever podcast, wrote a great blog called Yes, you need a password manager. "Yes, You Do Need A Password Manager, Brett. Yes You Do!" Both Prasanna and Curtis DO have password managers, so he's preaching to the choir. But if you'd like to hear the argument for why you need one, and arguments against many of the usual excuses for not having one, then this is the episode you need. And, as usual, we have a little fun along the way.
Datacore has been one of the storage industry's best-kept secrets for a long time, quietly growing a dedicated customer base in Fort Lauderdale. Their CEO, Dave Zabrowski, joins us on this episode to explain their background, and tells us about how their technology and some savvy business decisions resulted in them owning Open EBS, the most popular container-attached storage platform. Datacore is a software-defined storage product that virtualizing pretty much any kind of storage into any other kind of storage, giving you exactly what you need, without vendor lock-in. Join us on this podcast to hear what's special about Datacore.
This week we have Barry Lunt, one of two founders of Milleniata, the creators of M-Disc. The company may be gone, but the format lives on. Most modern DVD and Blu-Ray drives can write to M-Disc, and Verbatim still sells it. Barry explains to us why they decided to make M-Disc, and why it's different than any other optical product. He also offers a shocker: a study done many years ago that shows that recordable DVDs are nowhere near as good at holding onto data as they claim. There is a lot of good info in this episode. Hope you like it.
Druva's new data resiliency guarantee covers more than any other guarantee in the data protection/data resilience segment. It also was written with no silly exclusions (like some other guarantees) that are simply there to keep from having to pay anyone. It requires only a certain service level and that the customer follows Druva's best practices. It protects against the five areas of risk, including cyber, human, application, operational, and environmental. It includes SLAs for uptime, backup success, restore success, immutability, and confidentiality. This week we have Stephen Manley, Druva's CTO, to tell us about this new guarantee. Check out the new guarantee here: https://www.druva.com/resilience-guarantee/
Warshipping is yet another way hackers are taking advantage of how the pandemic has changed the workplace. Did you know you could be hacked by UPS, Fedex, or the postal service? Warshipping is shipping a self-powered device in a package so that it arrives at your office and is left unattended. (It's sent to someone working from home.) The device then sits there, sniffing the wifi, and eventually cracking your WiFi network and attempting to steal secrets. This isn't science fiction; it's reality. It's enabled by so much remote work, and by technology such as the Raspberry Pi. Read all about it in this article in DarkReading.com: https://www.darkreading.com/edge-articles/i-built-a-cheap-warshipping-device-in-just-three-hours-and-so-can-you
In this episode, Prasanna and Curtis discuss what this is, how it works, and what you need to do to stop this new attack vector.
If you're one of those people that look at typical storage offerings for backup and recovery and say, "I can't afford this," you're not alone. A lot of ready-to-go storage solutions can get very expensive very quickly. Our guest this week (Erik Ableson from Infrageeks.com) ran into this a lot with his small-government customers and SMBs in France, and knew he had to get creative. He wanted to build a hardened Linux repository for Veeam backups, and he also wanted an S3 object storage system to serve as the second copy. His customers couldn't easily buy cloud services, so he needed something they could own and manage themselves. (He explains the unique reason they can't buy cloud services.) He built the Linux repository using a Synology box to run both the storage and a Linux VM, and he built the object storage system out of the free version of MinIO and what I will call a very unique build of hardware. Learn the details in this fun episode of a real practitioner's solution to a unique and challenging problem.
Hammerspace offers a global filesystem that creates a single namespace across multiple storage systems and cloud storage providers. Hammerspace's name is inspired by the name for the magical place that cartoon characters get them from (e.g. Bugs Bunny pulling a huge hammer out of his pocket). They've taken a different approach to a global filesystem, using metadata to significantly minimize actual data movement and increase performance. Molly Presley, their SVP of Marketing (and friend of the pod!), explains the interesting use cases for this technology.
2022 is a new world in the cyber attack space, and Katie Nickels, SANS instructor, and director of intelligence at threat detection vendor Red Canary, describes the top five new attack they are seeing in the space. Spoiler alert: one of them is attacks against backups! Learn from an expert as we discuss the top five attacks they are seeing right now. We talk about living off the cloud, MFA exploits, an increase in nation-state hackers, the increased use of stalkerware, and YES: attacks against backup infrastructure. We discuss each of these in this important episode of Restore it All!
This week we talk about this exciting "new" medium for archiving data that is especially attractive to SMBs and home users. It's an optical disc that looks like a DVD and is readable in all Blu-Ray drives, but underneath it's something very different. If you haven't heard of it, then you're in luck! Thanks to Daniel Rosehill, backup anorak and friend of the show, we're going to talk about it – and its competitors on this week's episode! We discuss the good and bad about using all of the following for archiving: paper, SSD, disk, tape, DVD, Blu-Ray, ending with M-Disc. Learn what's wrong with these other mediums, and what's so great about this one in another fun episode of Restore it All!
Someone that knew Bill Gates when he was a boy in on the podcast this week, although we only talk about Bill Gates for a moment. He has 30+ years in backup experience and tells us what it's been like to adapt to all of the backup changes over the years. His first backup was to punch cards and punch tape, and he was in the same Boy Scout troop as Bill Gates. Fans of the podcast know his name already, as it comes up randomly on the show as a friend of Curtis. But this is the first time Stuart Liddle has graced us with his presence.
Like Mr. Backup, his career starts with a data loss story that actually involved people having to re-enter data. We discuss a lot of configuring and running backups, including deciding on retention periods, treating all backups the same (or not), virtual tape libraries and other dedupe systems, and how important a change management data database (CMDB) is. We also talk about the danger of becoming entrenched in a specialty like backup, knowing only one specialty or product. We talk about how it's not good for you or your company.
Finally we talk about the different way people are using the cloud today for IT and backup, and how that affects cost. Curtis and Prasanna use a great analogy that helps it make sense.
This week's episode is fully of useful information.
Today we are joined by security expert and host of the Secure Talk podcast, Mark Shriner, to discuss information security. (Make sure to check out his podcast here: http://www.securetalkpodcast.com/)
We talk about it from a personal perspective, as well as for organizations. Mark, Curtis, and Prasanna talk about what are the bare minimum things you should be doing as an individual to protect your personal information and data, both from a security and backup perspective. We then move on to talking about it from a company perspective, and how very important things like MFA (while good) do not solve everything, and then we talk about many other things you could be doing. Then there was the moment that created the title of the podcast, where Prasanna disagreed with Curtis – but not quite. When it comes to information security and data protection (and many things in life), perfect is the enemy of good. Try not to be overwhelmed with all the things you could or should be doing; just pick something and do something. Something is always better than nothing when it comes to these areas. This episode is jam-packed with good information you won't want to miss.
So many people are surprised when their restore is slower than their backup. You shouldn't be, as it's quite common. The good news is there are things you can do to make it faster – if you know them in advance. W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi tackle the seven reasons why your restore may be slower than your backup. Topics covered include RAID penalties, tape issues, database concerns, and others. You'll walk away knowing what to do in order to find out how slow your restores are – and how to fix them. This podcast is packed with good info! (And the death of a USB hub.)
Pat Mayock is a Data Protection Warrior for HPE, and he helped us to understand where he thinks LTO & RDX (a removable disk technology) sit in the market. He explains how much tape is used today in enterprise and cloud environments, especially in the public cloud that so many think is a tapeless world. He says the cloud vendors are some of LTO's biggest customers! We talk about what LTO is good at, what it's not so good at, and what that means for how you should use it. Then we shift gears to talk about RDX, a removable disk product that has been around for roughly 15 years. It consists of a docking station and a disk-based cartridge that is built to kind of resemble a tape! Each cartridge contains a single disk drive that you can use very much like you would use a tape, except it appears as a drive letter (mounted filesystem) versus a tape drive. He explains what its target market is and how it meets a niche in the removable storage market in between removable USB disks and a standalone LTO tape drive. This is a fascinating episode you won't want to miss.
This whole episode is a Mr. Backup rant, where he talks about things that people should really stop doing with their backup systems, starting with backing up directly to tape. There is a place for tape, but it is NOT at the front end of the backup system. Curtis and Prasanna passionately discuss and explain several relics of the ways we used to do things, and why they no longer make sense. Another one is repeated full backups - synthetic or otherwise. Many of them can be addressed by just changing how you use your backup product, but a few of them may cause you to think about making a change. (Hint: if your backup product has been around for more than 20 years, it probably can't get away from some of the relics of the past.)
This week we are joined by emergency preparedness expert and prolific author and speaker, Virginia Nicols, webmaster of EmergencyPlanGuide.org. We talk about why and how to prepare for a disaster/emergency in your personal life, as well as how to do it for a small business. This is a bit different than our usual episode, as there is very little talk about backup and recovery. We talk about where to start when assessing what to do, and what steps you can take right away to prepare. Virginia is extremely knowledgeable on the subject and we learned a lot. You will too!
If you liked last week's episode where we talked about this "so let's talk about ransomware" series on reddit, you'll love this week. We have the author, Snorkel42, to talk about the origins behind the security cadence series, and why he decided to finally write some on ransomware. (He explains that everything he talks about his ransomware, but he admits he's been "Mr. Myagi'ing" it for a while.). This guy knows his stuff, and this is the second time he has been on the podcast. He's knowledgeable and entertaining. One of those rare combinations. This is a great episode you will not want to miss.
Here are the three posts:
https://www.reddit.com/r/sysadmin/comments/tdvbp4/security_cadence_okay_fine_lets_talk_ransomware/
https://www.reddit.com/r/SecurityCadence/comments/tedapy/security_cadence_ransomware_part_2_actions_on/
https://www.reddit.com/r/SecurityCadence/comments/tfm927/security_cadence_ransomware_part_3_the_worst_case/
This week, Prasanna and Mr. Backup (W. Curtis Preston) review a series of posts made by Snorkel42, who previously appeared on this podcast in the episode called "Security expert rips Okta for their response to hack." Things were recorded out of order, so this is the episode where we discovered him on Reddit, and tried our best to distill several thousand words into about 30 mins of advice on how to protect against ransomware. We talk about how to prevent getting it in the first place, how to limit its damage if you do get it, and how to respond and restore your data once that happens. There is a ton of really good advice here, so check it out!
Here are the three posts:
https://www.reddit.com/r/sysadmin/comments/tdvbp4/security_cadence_okay_fine_lets_talk_ransomware/
https://www.reddit.com/r/SecurityCadence/comments/tedapy/security_cadence_ransomware_part_2_actions_on/
https://www.reddit.com/r/SecurityCadence/comments/tfm927/security_cadence_ransomware_part_3_the_worst_case/
Vast is a massively-scalable storage system designed around multiple pieces of technology that weren't available just a few years ago (e.g. NVMe, Storage class memory, QLC) that offers both file and object functionality, immutable snapshots, and integration with the cloud to address the "smoking hole" problem. Their typical sale (of which they've made many) is north of $1 million, and they have many exabytes of disk in the wild. It's a scale-out storage system without all the typical East-West traffic such systems have. We do our best to poke holes in their offering, but Howard Marks goes toe-to-toe quite well. This one went a little long (one hour) but we truly were fascinated with the Vast story Howard was telling.
This episode is a unique look inside the Conti ransomware group, courtesy of a four-part series from Krebs on Security. We review the interesting takeaways from Brian Kreb's series of over 12,000-words from quite a bit of research. The series was inspired by a hack of Conti that resulted in a traunch of internal documents being made public. This gives a unique view into how the organization thinks, how it is laid out just like any other business, the weapons it uses to spread ransomware, and its attempts to branch out to other areas of cybercrime.
If you enjoy the episode, be sure to check out the articles that inspired it:
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-i-evasion
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-ii-the-office
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-iii-weaponry
https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-iv-cryptocrime
This week we are joined by John "Ricky" Martin, Director of Strategy at NetApp (and former owner of a tape recovery business), to talk about his paper that declares that backup is fundamentally evil and done in an unintelligent way. Mr. Backup wasn't sure how this one was going to go, and there were at least one or two arguments along the way. No blows were thrown, though. We definitely talk about what a tape recovery business is, and what it was like to do that. We also talk about tape backup, full backups, multiplexing, tape handling, and other elements of how backup is still done today by many people. It's a fun episode where you should learn a lot.
We have none other than Snorkel42 from Reddit on the podcast today. He has 20 years experience in InfoSec, and is a prolific writer on Reddit under the handle Snorkel42. (Check out his posts here: https://www.reddit.com/user/snorkel42/). (We will not be using his given name during the recording.).
He thinks Okta managed to turn a mole hill into a mountain by incorrectly handling the hack that happened in January – that we just learned about last week. That's right, we just found out about a hack that actually happened in January!
We dive deep into what happened, what it means, and how the worst problem of all is how Okta responded to it. Our expert says he no longer trusts Okta, and gives advice to customers on what to do next.
This is a very timely episode that you will really enjoy – unless you're an Okta customer or employee.
Gary Williams tells a great story about earlier in his career that taught him the value of testing backups and updating documentation. He explains how he thought his backups were fine, until a "new guy" came onto the scene and dared to ask the question, "When was the last time you tested your backups?" As Gary explains, sometimes new people have the best perspective. They let him do the first test, and .... it failed spectacularly! It all came down to the documentation they were so proud of. Hear Gary's story and learn from his mistake – one that defined his career. (Mr. Backup also tells the story that defined his career as well!)
When you back up your SaaS apps (because you know you are supposed to), should you back them up to a SaaS service or on on-premises backup system? After defining what SaaS is and isn't, Prasanna and Curtis discuss this important question. First they look at how sizing a SaaS system for backup is different than when you do it in a datacenter, and how that creates challenges for backup design. Does it make sense to use on-premises backup to backup a cloud resource like SaaS?
Learn from others' mistakes by reviewing last year's worst ransomware attacks with Mr. Backup and Prasanna Malaiyandi. Listen to them review the 10 worst attacks from 2021, then discuss lessons learned: Colonial Pipeline, BrennTag, Acer, JBS, Quanta, NBA,AXA, CNA, CD Projekt, and Kaseya. Then they discuss the trends they see, and the lessons we can all learn from these horrible attacks.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi weigh in on a reddit thread that started with a simple question from a user. He has MSPs trying to sell him a solution to back up Microsoft 365, and he's wondering if that's even necessary. As usual on reddit, there are many opinions. Mr. Backup debates the various points being made by the anit-backup crowd, including an article arguing the same point. We start with an overview of why it's important, then we take on the various arguments used to support not backing it up. We talk about how retention policies are not backup, and why. Even retention lock doesn't help, and neither do lagged copies of Exchange Online. We also talk about how the e-discovery tool is NOT a restore tool and will not give you what you're looking for. Finally, we talk about the idea that backup tools can't do DR for Exchange online, and how that is used to bash them as well. Great discussion on this one.
On this week's episode of Backup Central's Restore it All, Mr. Backup himself becomes the guest, while Prasanna Malaiyandi takes over as host. W. Curtis Preston explains the backup configuration of the website behind the Restore it All podcast, and how bit rot caused him to have to restore part of it. We talk about bit rot, the 3-2-1 rule, off-site backups, backups stored in S3 and Google Drive, and what it's like to restore part of a MySQL database. Luckily, the folks at LiquidWeb were very helpful. Watch Curtis explain how practices what he preaches over at BackupCentral.com.
If you want to watch the video version of this episode, it's here: https://www.youtube.com/watch?v=I3285etiYBs
This is a response to Tom Hollingsworth's (@networkingnerd) video "Disaster Recovery is a Security Function," found here: https://gestaltit.com/tomversations/tom/disaster-recovery-is-a-security-function-tomversations-episode-25/.
I respectfully disagree w/Tom's assertions in his video, and decided to use this as the first episode I'm going to publish a video version of. You can listen to the podcast on all the usual podcast channels, or watch the video version on youtube here: https://youtu.be/ym_ibNWVjgA
Tom said that backup and security are very closely related, and suggested that if we reported to the same team, we could perhaps accomplish more together. While I understand the point he is making, I disagree with it, and Prasanna and I discuss it on this episode. We believe Tom's opinion comes from an outdated concept of how security works in backup systems; we haven't worked like that in quite some time. I explain how modern backup systems work from a security perspective, then talk about the idea of backup folks reporting to security folks. I think it's a bad idea for several reasons.
This week's episode is about an incident that happened at the University of Kyoto, Japan, where they lost 77 TB of research data forever. What can we learn from what happened to them? First we discuss the concept of "we can't afford backup," that seems to be prevalent in a lot of universities and research institutions. We then ask and answer the question of whether or not it is every OK to not backup data, along with whose responsibility is it? We pause the recording for what appears at first to be a spam call, but you'll have to listen to hear that. We talk about what happened there, including a letter from HPE apologizing for what happened. Kudos to HPE for that. We also discuss a story from my very first week on the job in 1993; it's not pretty.
Vinicius "Vinny" Grippa, the co-author of O'Reilly's Learning MySQL (now in its second edition) talks MySQL and MongoDB, as well as that all-important topic of how to back them up! We first learn a little bit about Percona, where Vinny works, as they consult in the database space. We then discussed a hot topic from Curtis, which is this idea of companies that say they don't want an IT department. We then discuss the book, Learning MySQL 2nd edition, and Vinny's top 3 performance suggestions for MySQL, including a discussion about the differences between MyISAM and InnoDB tables. We then discuss the typical ways people back up MySQL and MongoDB, followed by a discussion of two free tools that Percona makes available: Xtrabackup and PerconaBackup for MongoDB. It is a fascinating discussion you won't want to miss.
This week we celebrate Data Privacy Day, which is an international event that occurs every year on 28 January. According to its website, "The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. It is currently observed in the United States, Canada, Nigeria, Israel and 47 European countries." Prasanna and Curtis discuss the latest in privacy practices and regulations, drawing on Prasanna's new experience protecting the privacy of Zoom's customers. We talk about the difference between PII and Personal Data, different regulations around the world, and some new tech features you can use to protect your privacy. We also discuss a few gotchas out there, such as Verizon's new system that they require you to opt out of! Happy Data Privacy Day, everyone!
Things got a little tense on this week's podcast when James Strong (@strongjz, Co-Author of O'Reilly's Networking & Kubernetes) hinted at DR being a thing of the past with K8s. Mr. Backups was having none of that. No blows were thrown, mostly because it was all online, but it was a really good conversation that K8s and DR enthusiasts alike will find interesting. We also cover the new book, Networking and Kubernetes, by James Strong and Vallery Lancey, including why the decided to write it, and what it covers. We talk about monitoring K8s networking, and James uses at least 25 acronyms that may be new to some listeners. Don't worry: we make him explain all of them.
Bob Plankers, resiliency specialist from VMware, joins us on this week's podcast, as we examine last year's major Facebook outage that took out Facebook, WhatsApp, and Instagram all at once. We discuss what we believe happened, just how bad it got, and our thoughts as to what we can learn from this huge outage. This isn't schadenfreude, and we acknowledge that we are Monday morning quarterbacking. It's an attempt to LEARN from the misfortunes of others – not to take joy in them. Solid discussion with @plankers.
On this first business day of 2022, let’s take a look back at the year that was. It was, of course, another year of COVID. In fact, Curtis contracted COVID right at the end, despite being boosted. This is also the year of the OVH fire that we talked about for three episodes:
https://www.backupcentral.com/datacenter-manager-dan-frith-discusses-the-ovh-fire-restore-it-all-podcast-105/
https://www.backupcentral.com/how-do-you-prove-your-backup-service-is-real-restore-it-all-podcast-106/
https://www.backupcentral.com/ovhs-backup-service-didnt-work-restore-it-all-podcast-107/
We think our most interesting episode of the year goes to Paul VanDyke from Kodiak Island, who deleted his whole environment and then tested his backups: https://www.backupcentral.com/it-admin-deletes-entire-datacenter-then-tests-his-backups-restore-it-all-podcast-135/
We even had a barbecue episode. No backups, just beef and BBQ. https://www.backupcentral.com/no-backups-just-beef-bbq-restore-it-all-bonus-episode/
Prasanna said he learned a lot about tape this year from these three episodes:
https://www.backupcentral.com/tape-drive-designer-schools-mr-backup-on-tape-restore-it-all-podcast-111/
https://www.backupcentral.com/deep-dive-into-why-tape-still-has-a-future-in-storage-restore-it-all-podcast-129/
https://www.backupcentral.com/fujifilm-tape-evangelist-explains-past-present-future-of-tape-lto-restore-it-all-podcast-132/
We think our best “get” was Peter Krogh, who talked about how he coined the term “3-2-1 Rule” while writing the first edition of The DAM Book: Digital Asset Management for Photographers.
https://www.backupcentral.com/peter-krogh-who-coined-the-3-2-1-rule-on-our-podcast-restore-it-all-podcast-131/
This led to a brief discussion about solar flares, where I mention a talk I watched by Intel. This is a link to that talk:
https://techfieldday.com/event/eicd16/
We also had two Druva competitors on this year, Veeam and HYCU.
https://www.backupcentral.com/dave-russell-answers-our-questions-about-veeam-restore-it-all-podcast-104/
https://www.backupcentral.com/veeam-reps-explain-defense-against-conti-ransomware-restore-it-all-podcast-127/
https://www.backupcentral.com/hycu-vp-explains-their-service-to-mr-backup-2/
The big winner of the year was ransomware. We talked about it a lot:
https://www.backupcentral.com/ransomware-victim-tells-his-story-restore-it-all-podcast-96/
https://www.backupcentral.com/is-entity-level-encryption-the-answer-to-exfiltration-ransomware-restore-it-all-podast-119/
https://www.backupcentral.com/protecting-your-network-from-ransomware-restore-it-all-podcast-122/
https://www.backupcentral.com/restoring-quickly-from-a-ransomare-attack-with-a-long-dwell-time-restore-it-all-podcast-123/
https://www.backupcentral.com/veeam-reps-explain-defense-against-conti-ransomware-restore-it-all-podcast-127/
Curtis this everyone should be looking into an intelligent DDI (DNS, DHCP, IP management) system that will spot (and stop) ransomware when it tries to reach out to its command and control servers.
https://www.backupcentral.com/stop-ransomware-in-its-tracks-with-dns-dhcp-ipam-restore-it-all-podcast-87/
You also need to monitor your bandwidth to look for exfiltration:
https://www.backupcentral.com/securing-speeding-up-network-traffic/
https://www.backupcentral.com/stop-ransomware-attacks-in-seconds-restore-it-all-podcast-126/
Finally, we talked a little about the book, and the upcoming 2022.
https://www.backupcentral.com/why-you-need-a-copy-of-modern-data-protection-restore-it-all-podcast-110/
Happy New Year, everyone! Here’s to a better 2022!
This week’s guest tells the most incredible story we’ve ever had on the podcast. We’ve had ransomware restores, disaster recoveries after a hurricane, but we’ve never had someone who deleted their entire computing environment and then restored it using their backups. (Backups that had never been tested to this degree, BTW.)
Paul VanDyke is the IT Supervisor at the Kodiak Island Borough in Alaska, which is the second largest island in the US and has to satisfy its backup and DR needs while staying on the island. Cloud resources are not a possibility due to bandwidth concerns, so he’s doing things “old school.” We first talk about the kinds of things they are protecting from, including tsunamis, fires, and strong winds. They are primarily based on tape, and for DR they store copies of all backups in a nearby safe. We discussed ways they could improve their resilience, such as shipping some tapes to a location on the mainland.
But the highlight of this episode is the story of when Paul intentionally destroyed his entire environment and then tested his backup system! He learned many valuable lessons, starting with “don’t ever do that again!” Luckily, his test was successful, albeit not without some challenges. He wiped the storage arrays on five servers: two domain controllers, an email server, a file server, and an application server and then restored them. (He had his reasons for doing it this way, which he goes into in the podcast.)
One big thing he learned was how restores are often slower than backups. So he prioritized critical apps (e.g. email, fileserver, logins) and got them up by Monday morning. Then it took him a few more days to get the application server up and running due to a more complicated restore. We have a really good discussion on how Paul could have done things better, including a really good idea that Prasanna came up with it. Curtis also tells a similar story about the first time he “tested” backups when he actually needed them, versus doing it in advance.
We cover a number of topics and questions on this podcast:
What was an Exabyte Mammoth (M2) tape drive?
What is a helical scan tape drive?
What is multiplexing?
Why can restores be slower than backups?
What happens when you rebuild a RAID array?
Should you have a post-mortem after a large incident?
How important is recovery testing?
How important is it to set expectations in IT, especially when it comes to recovery times?
The founder of rsync.net, John Kozubik, joins us on the podcast this week. It's a unique offering: a ZFS filesystem running in a private cloud – accessible only via SSH – that is designed just for sending your backup data to. They support anything that can run over SSH. Use rsync, scp, etc. to copy your data unencrypted, or something like restic, duplicity, or borg, if you want your backups to be encrypted. (All backups are encrypted in flight, of course, because they are all over SSH.).
The servers are completely locked down except for the SSH port, so they're about as secure as they can be for what they are. You can configure ssh to behave the way you want it (e.g. passphrase, MFA, etc.), and the ZFS filesystem automatically creates daily snapshots of the backups you send there. (More complicated schedules can also be created.)
You pay by the gigabyte ($.025/GB/mth) for the size of the ZFS filesystem and its associated snapshots, but they urge you to NOT over-provision. Provisioning is easy and non-disruptive, so only add storage when you need it. For an extra fee ($.017/GB/mth), they can also replicate your backups to another region.
It's a no-nonsense offering that seems to be unique out there – especially when you add the ZFS features. Check out the website and rsync.net, and you'll see they aren't spending any money on being flashy. They just want to build a rock-solid ZFS syncing destination that is separate from any cloud provides.
This week, we talk to Nick Craigwood, the creator and principal developer of rclone, a very popular open-source tool for copying data to and from cloud providers. Rclone is downloaded roughly 250,000 times each month, and has over 30,000 stars on GitHub. There are six core developers, and a great community of users and other developers at rclone.org.
We talk a little bit about Nick’s development philosophy, which is that he doesn’t mind adding features - as long as they don’t break backwards compatibility. Then we talk about how rclone works, and what it’s like to sync a filesystem to an object store – including support for multi-part uploads and downloads. We also talk about rclone’s encryption support, while Nick was “relaxing” on holiday. We then talked about how rclone can be used to minimize the risk of backing up to any one cloud provider, preventing things like what happened during the OVH fire earlier in 2021. We also discuss some strategies, such as backing up directly to two different clouds, versus backing up to one, then syncing to another – and how CloudFlare’s R2 might figure into things. Finally, we talk about Nick’s plans for rclone’s future, such as making their web UI better to increase usability for many more people – while not sacrificing the command line. Join us for a fascinating episode, the first one where we’re talking to the creator of the tool in question.
Don’t forget the drawing for a free e-book version of Modern Data Protection. All you have to do to be eligible is sign up for my newsletter at https://www.backupcentral.com/subscribe-to-our-newsletter/
Fujifilm's tape evangelist, Rich Gadomski, joins us for an interesting discussion on tape and LTO. We talk about the different subtrates that have been used over the years, and how that changed things. We then talk about LTO-9 and what that brings to market. We also talk about how tape has seen a bit of a resurgence in interest in the backup market due to the advent of ransomware. Always fun to talk to someone that can talk at this depth on such things.
The term "3-2-1 rule" comes up on almost every episode, and we have the guy that coined it with us on the podcast! How exciting! Peter Krogh coined the term fifteen years ago. He is now Chief Product Officer at Tandem Vault, but this week he is talking to us.
He first talks about how he coined the term “3-2-1 Rule” while writing the first edition of The DAM Book: Digital Asset Management for Photographers, now in it’s 3rd edition. He didn’t invent the idea of three copies and offsite backup, but he did distill it down to what we now refer to as the 3-2-1 rule. (Three copies on two media types, one of which is offsite.) We’ve played with it a bit over the years, but that is the core idea.)
He explains how digital photographers were some of the first to need significant amounts of storage -- and to have the need to protect that storage so they don’t lose everything. Hard drives were too small to hold your whole collection, so what do you do?
Like a lot of folks in this space, his love for good backups goes back to a moment when he thought he lost it all. Curtis then tells his very similar story of how his company almost lost the company’s purchasing database, which also launched his career in backups. Peter then explains the incredible importance of metadata, and the huge importance it plays in the overall value of an image.
Then we get into the nitty-gritty of what the person who coined the term “3-2-1 rule” was thinking for each of the numbers. And interestingly enough, Mr. Backup had a slightly different understanding of the 2! Peter feels that the “2” refers to different media types. (This led to a very interesting discussion about how you do what he’s asking for in today’s cloud world.) One idea he talked about is that if you have two hard drives on the same network, they’re still subject to many of the same risks, which isn’t really keeping in line with the original idea of the 2.
We then talk about those that believe that RAID is backup, and follow that with a discussion about how SaaS services aren’t backing up your data – unless they specifically say they do so in your contract. Then we get into a discussion of Peter’s company, Tandem Vault, and how they have designed the next generation of Digital Asset Management and delivered it as a SaaS offering.
Ever had questions about SQL Server, Azure, SQL Server ON Azure, how to backup SQL Server, or how to backup Azure? This is the episode for you. Denny Cherry, a SQL Server and Azure specialist and author of seven books, talks to us about both of these technologies. Before talking about anything important, we tackle the mystery of how you pronounce Azure. Surprise! I was pronouncing it wrong, according to Denny, who talks to Microsoft people all the time.
We first talk about performance tuning, and Denny explains some things that most DBAs can do to improve performance, starting with indexes. (He also explains what an index is for those that don’t know.) We then talk about how bad query code needs to be in order to justify looking into that, and he gives us a few examples.
We also (of course) talk about backing up SQL Server, starting with the political discussion of WHO should own the backup process: a backup admin or a DBA? Denny and Curtis clearly do not agree on this one, but the discussion is a good one. Grab your popcorn! One of Denny’s best quotes is that he feels one of the primary jobs of the DBA is to be able to restore the database if something happens and if you can’t do that, nothing else matters. So beautiful.
Then the topic of dedupe comes up and things get heated again; our guest hates dedupe and Curtis loves it. That was another good discussion. Short version: make sure you have more than one copy of a deduped data store.
We continue the discussion of different ways to backup SQL Server, and Denny definitely prefers the native backup capabilities of SQL Server, and he explains why. Curtis then makes a suggestion on a way for DBAs and backup admins to both get what they want, but it doesn’t sound like Denny is taking the bait.
After a brief discussion on SQL Server vs Oracle, we move into the various ways one can use SQL Server in Azure. Denny’s gives advice as to what makes sense for most customers – and his opinion on the question of whether or not you save money in the cloud. Short answer: not usually, but you get a lot more power, flexibility and ease of use.
Regarding Azure vs AWS, it appears that Azure is very equivalent to AWS in overall functionality at this point, and there appears to be a number of cost and functionality advantages to running SQL Server in the cloud. One of the biggest advantages is that you can use an on-prem license of SQL Server in the PaaS version of it in the cloud. That’s pretty cool. We also talk about how roughly half of the VMs in Azure run Linux, and why that might be the case.
All-in-all it’s a really interesting podcast, even though we almost came to blows once or twice. (OK, not really.) But really good discussions about SQL Server, Azure, and backups of both.
Mark Lantz, Manager CloudFPGA and Tape Technologies for IBM, joins us on this week’s podcast to talk about how he feels that tape still has a future in data storage. We talk about past and future advancements in the substrates tape uses, as well as how tape has not approached the superparamagnetic limit, the way we have with disk. (This is the limit at which you cannot increase the storage capacity of a particular magnetic medium without creating more problems.) We have reached this limit on disk, where the magnetic grains have gotten so small, they can’t get any smaller without assistance. One such method of assistance is heat-assisted magnetic recording (HAMR), which we discuss – and how HAMR comes with its own problems. By contrast, tape hasn’t come even close to the superparamagnetic limit. In fact, tape can scale the aerial density 100X before it starts getting close. We also discuss coercivity and bit error rate (BER), which are extremely important concepts to understand. Another topic we talk about is how tape is getting better at scaling capacity faster than speed, because most people do not need faster tapes. (We talk about how and why we can’t stream the ones they have.) We finish out the podcast with an explanation of why helican scan drives (e.g. 8mm, 4mm, & AIT) all disappeared overnight. We cover a lot of territory in this episode, so buckle up!
Every wondered what you're supposed to do with all your old backups, now that you've moved on to another backup product? Simon Brown from StoneRam believes he has the answer to this problem that has plagued backup customers (and vendors) for ages. He's able to transfer backup data out of common backup formats and into your new product, or restore backups from your old product without having to maintain that infrastructure. It's a fascinating approach to this age-old problem. Check them out at https://www.stoneram.com.
After the recent stories about Veeam customers being directly targeted by the Conti ransomware group, we invited Rick Vanover and Dave Russell from Veeam to discuss the topic on the podcast. The stories in the press seemed to focus on the attack, as well as how ruthless the Conti ransomware gang tends to be. We thought we'd give Veeam a chance to explain exactly what Veeam customers can do to protect their backups from being exfiltrated and deleted. It seems that Rick, Dave, and company are doing everything they can to explain to all Veeam customers that this is something they should pay attention to. The following are two resources they said should prove useful:
Ransomware in 2022: 7 Capabilities You Need for Rapid and Reliable Recovery
https://bit.ly/3m32gI8
5 Ransomware Protection Best Practices
https://bit.ly/3nh7aAx
This week we are joined by Greg Edwards, CEO and founder of CryptoStopper, to discuss once again the important topic of ransomware. We talk about the challenges typically experienced by ransomware victims, especially exfiltration and potential exposure of sensitive data. The only way to stop that particular attack is stop the data from being exfiltrated in the first place. CryptoStopper has a way to detect that a ransomware attack has begun, but stopping it before it does any actual damage.
This one will get you talking! Jody Bruchon, author of “ZFS won’t save you: fancy filesystem fanatics need to get a clue about bit rot (and RAID-5),”, joins us on the podcast. The blog post went viral, resulting in three times as many words in the comments as the original article had. We start with an explanation of bit rot, why it happens, and why ZFS won’t be able to fix all bit rot. (For more information on bit rot, check out Episode 111 of this podcast here: https://www.backupcentral.com/tape-drive-designer-schools-mr-backup-on-tape-restore-it-all-podcast-111/). Jody then explains how ZFS needs disk redundancy in order for its self-healing features to work, and how if you don’t have that, you’re going to need backup to repair a ZFS volume damaged by bit rot. (We also talk about how it’s possible for a bit to be flipped without being noticed – even with ZFS.) Jody’s main concern is that people talk about how ZFS can be used to repair data corruption – without explaining how you need RAID-Z (or something) to use those features. He also explains why he prefers RAID-5 or RAID-10 to RAID-6. We then discuss “shucking,” the practice of buying external drives and ripping the drive out of them – to save money.
Curtis (Mr. Backup) then gets into an argument with Jody about the merits of Blu-Ray vs disk vs tape as a backup medium. Jody has some good points, but Curtis was unconvinced.
If you want to read Jody Bruchon’s original article, you can do so here: https://www.jodybruchon.com/2017/03/07/zfs-wont-save-you-fancy-filesystem-fanatics-need-to-get-a-clue-about-bit-rot-and-raid-5/
Inspired by the article "How good is your backup, really?" by Sandra Vogel, we discuss how to evaluate and potentially redesign your backup system. We talk about different kinds of backup systems, and how that impacts how you evaluate them. We also talk about how important it is these days to ensure that your backups are impervious to ransomware. We also talk about the importance of including recovery testing in your evaluation, and what kinds of restores to test.
Here's a link to the original article: https://www.itpro.com/server-storage/backup/357713/how-good-is-your-backup-really
We talk to Celeste Kinswood from Druva about cyber resilience, and specifically ransomware attacks that have long dwell times – which is most of them. The median dwell time (the time between infection and you finding out you have ransomware) is 23 days, and the average is around 90. It's encrypting files during that entire time, and responding to that is beyond difficult. Celeste talks about a novel approach that Druva is taking to solve this growing challenge.
We review and discuss Mark Dargin's Network World article "Credible threat: how to protect networks from ransomware." His article lays out several steps, each of which we discuss and expand upon: train your people, update your servers and apps, antivirus tools on endpointsm backup your data (of course), test your backups, and conduct vulnerability assessments (Pen tests).
Read the original article here: https://www.networkworld.com/article/3218708/how-to-protect-your-network-from-ransomware-attacks.html
We all know how important it is to verify your backups. But many companies simply lack the technical ability or time to do such a thing. Chris Marshall's company, VerifiedBackups.com to the rescue. They have a service that is aimed at companies with under 100 GB of SQL data. and will do an end-to-end verification of your SQL backups, guaranteeing that they are recoverable and safely stored offsite. I'm a fan of "as a service" anything, but this really takes the cake. Such an important thing to do, and he makes it happen.
Brian Greenberg and Cameron Laghaeian argue the point that individually encrypting each entity in a database storing personal information is the only true way to stop ransomware attacks that have exfiltrated data and threaten to release it. While Mr. Backup likes the idea, there was a pretty heated discussion on this episode, because he believes that doing this will roll back all advancements in backup in the last twenty years. Thanks to an olive branch from Cameron, though, they may have come to a hybrid solution that makes both sides happy. This is a great episode with heated discussion and good news for companies trying to protect themselves from ransomware attacks that include exfiltration of data.
In this privacy-themed podcast, we start with Apple's bombshell of a new feature, where they are scanning your pictures to see if you have any child porn on your Apple devices. While stopping child porn is a laudable goal, we discuss the privacy ramifications of this feature. We also discuss how Apple's iCloud backups aren't encrypted! The next topic is Luxembourg's huge $900M GDPR fine levied against Amazon for failure to get permission to track users. Then finally we discuss Prasanna's experience with using CCPA to find out how a company got his cell phone number. Spoiler alert: it's a sad ending. We then round out the podcast by discussing whether or not we need a more Federal response to privacy in the US.
Dave Lukens from Cockroach Labs joins us to discuss CochroachDB, a highly resilient SQL ACID-compliant database. We discuss the CAP theorum, which says you can choose any two from Consistency, Availability, and Partition Tolerance – but you can't have all three. We talk about which two they chose, and why they believe they're the most resilient SQL database. We also, of course, discuss how you back this monster up! (We also discuss why it's named CockroachDB, and it's exactly what we thought!)
In this bonus episode of Restore it All, Mr. Backup talks BBQ! A few months ago, Curtis did a 15-stop BBQ tour of Texas, and made a series of youtube videos (https://www.youtube.com/wcpreston) about it. This is a bonus episode where Prasanna interviews him about his experience. If you have no interest in BBQ or beef, you can skip this one. Our regular episode will go live next Monday.
Subbiah Sundaram, VP of Products at HYCU, joins Mr. Backup and Prasanna Malaiyandi on the podcast to explain the evolution of the HYCU product line. They have expanded well beyond their original product that was aimed at Nutanix AHV. In addition to VMware, they've added support for Google Cloud Platform, Azure, Kubernetes, and Microsoft 365. They are also clearly focused on delivering their offerings as a service. We then have a very interesting discussion about the use of the multi-region object storage that Google Cloud offers.
Mr. Backup and Prasanna grill George Crump, CMO of StorOne, a software-defined storage company, about their product. We start with an overview, alon with George's claims about not needing backup... .then we challenge him on that topic. George used to be Curtis' boss, so this one's a fun one.
We are super excited to have the Emmy Winning sound mixer Larry Blake on the podcast to talk about his upcoming book "Solving The Digital Dilemma." It is a response to "The Digital Dilemma," which is a paper released in 2007 by the Academy's Sci-Tech Council that discusses long term archiving of a movie. (It describes a very NON-digital solution.) He has edited the sound on over 60 motion pictures, over 30 of which with Oscar-winning director Steven Soderbergh. This is both a very entertaining and very informative podcast about the about the art and science of archiving motion pictures.
Wolfgang Goerlich, Advisory CISO, explains the current state of information security, and why he thinks many environments are focusing on the wrong things. We speak about ransomware, extortionware, and phishing, even giving examples where we know we have personally been phished! He explains how this illustrates his point that we need more emphasis in different areas of information security.
Mr. Backup and Prasanna discuss the Kaseya attack that happened over the July 4th weekend of 2021. First, we talk about how bad actors use long weekends for attacks, then discuss various things you can/should do to ensure that your environment would not be vulnerable to such an attack. We talk about the kinds of questions that even an unskilled person can ask to help mitigate this risk, including (especially) the all-important questions about backups. We also talk about the need for establishing a "bat-phone" type connection between your environment and any providers you may be using. We have a short talk about the impact that all these attacks are having on ransomware costs, and how you can use your DR site to test patches.
Joe Jurneke has been designing the innards of magnetic devices since 1973, and now he's here to answer our questions. He started with disk, and moved over to tape over thirty years ago, and is now retired – but consults with the tape industry from time to time. We talk in detail about how tape drives work they way they do, their reliability and more. We take down a couple of myths from the guy that was there, even correcting a misunderstanding Mr. Backup has had for many years. If the phrase "magneto crystalline anisotropy" has been used on any other podcast, we'd be surprised. This is a good one you won't want to miss.
We cover my latest book, Modern Data Protection, by O'Reilly & Associates on this podcast. I give an overview of the book, which covers the "Why, What, Where, and How" of backup, archive, and disaster recovery. After giving an overview of the book, I talk about why I wrote, and what it's like to write a book for O'Reilly. Prasanna acted as a tech editor on the book, so he offered his unique perspective as well.
Prasanna and Curtis discuss whether or not can (or will) OVH properly redesign their backup infrastructure to prevent another incident like what happened in March, where many customers lost their sites forever. As we discussed in our previous podcast, OVH had a backup service already that people paid for, and it was not up to the task. OVH"s CEO made an 8-minute video where he discussed some of the things they were going to do to make things better, and we discuss what he said. We talk about their idea of a centralized region just for backups, and whether or not that's a good idea. We also talk about how big of a job they have in front of them. We applaud what we see, but have many concerns that the brief video do not address. We also talk about how this plan is supposed to take five years, and what do OVH customers do in the meantime?
We talk to Mike Johnson of ComplyTrust, who says they "remember those you are supposed to forget." We talk about the data management challenges created by data subject access requests (DSARs), right-of-erasure (ROE, AKA right to be forgotten, or RTBF) requests, and the fact that we have many parts of the datacenter that are much better at remembering than forgetting. Backups are a particular challenge, but Mike brings up other challenges, such as mergers and acquisitions, and salespeople importing old data. ComplyTrust SaaS offering has a unique solution to this problem by remembering (on your behalf) those you are supposed to forget, and continually checking to see that they stay forgotten.
This week we discuss further lessons from the OVH fire, which starts with an admission by the CEO that some customers who paid for the backup service lost their backups in the fire. It then morphs into a discussion about designing resilient systems, starting with the concept of designing for failure. You have to protect against both physical and logical damage to your apps and data. We talk about using both cloud-native apps that have resiliency built in, vs having to add resiliency to your own app. Most importantly, know how your app/data is protected, and don't tolerate wishy-washy terminology in your service agreements. Above all, test, test, test!
This week we discuss a topic brought up by the OVH fire. It appears some people actually had a contractual backup service that wasn't doing it's job. How do you verify that a service you're paying for is real, and is doing what it claims to be doing? Especially how do you make sure they are storing data offsite? We've got some ideas.
Datacenter manager Dan Frith (@penguinpunk) joins us on the podcast for our first discussion of the #OVHFire. A massive fire destroyed a datacenter of a large cloud provider in Europe, and millions of websites disappeared. We talk about the lessons we can learn from this event.
Dan talks about how outsourcing the servers doesn't outsource the responsibility for data protection. I make the point that this fire shows what happens when you completely rely on a single entity for both production and data protection. We end up talking about the 3-2-1 rule and how it applies in this scenario.
I also give a discount code during the podcast for my new O'Reilly book Modern Data Protection, which is now available for purchase. If you use the URL below and the code I give on the podcast, you can get 35% of the retail price.
https://shop.aer.io/oreilly/p/Modern_Data_Protection_Ensuring_Recoverability_of_/9781492094050-9149
It only took us 100 episodes, but we finally got Dave Russell, VP of Enterprise Strategy at Veeam, as our guest on the podcast. Dave and Curtis go way back, and this was a great discussion. We cover the proper use of tape, and what it was like for Dave when he went to Veeam. Another big discussion point was Dave clearing up misconceptions (some of which may have come from this podcast) about what Insight Partners acquiring Veeam really meant. We then get into a great discussion about how Veeam works, ending that discussion with Dave explaining what Veeam is doing to address concerns about Windows and ransomware.
Our anonymous guest this week is from a Fortune 100 company who is considering swapping out their backup product. Our guest has been at the company for over 20 years, and remembers swapping out NetWorker for NetBackup many years ago. Now he is considering swapping out NetBackup to address his challenges with that product. We discuss a number of topics, including the age-old argument of who should be in charge of database backups, as well as the challenges of moving to a modern backup product when you are still using operating systems not usually supporting by such products. Our guest's final thoughts center on the importance of a good relationship with the vendor in question.
A Veeam user warns of what he felt is a confusing option in Veeam Backup for Microsoft 365. He says he likes the product, but that the first retention setting mentioned in the documentation (item-level retention) might not do what you think it does. He thinks everyone should use snapshot-level retention, which behaves more traditionally. We also discuss IBM Spectrum Protect (AKA TSM) a little bit, as they also use that product. Our guest is speaking on conditions of anonymity, so we gave him a fake name (Puddleglum) and altered his voice in the recording. (Want to talk about your environment, but don't want to use your name? We'd love to have you on and we'll keep you anonymous too!)
Adi Ruppin, founder of Ananda Networks, joins us on the podcast to discuss how they secure – and increase the performance of – network traffic without deploying a VPN or SD-WAN. He talks about how the technologies we use for networking are actually very old designs that come with a lot of downsides. Ananda Networks aims to address those downsides while giving you everything a VPN and SD-WAN do – and more. Faster and more secure internet connections without the technologies we usually use for such things.
It's hard to believe, but this is our 100th episode! Prasanna and Curtis discuss the favorite topics we've had over 100 episodes, as well as the many things we've learned along the way. We talk about containers and K8s, tape, COVID-19, election security, and how recoveries are impacted by other factors. We also talked extensively about ransomware, and talked to someone who had actually been through a recovery from an attack. We talked about DDI, cloud backups, the importance of segregating your Windows backup server, and many things about the 120+ database products that have to be backed up.
Thank you so much to our listeners! We look forward to 100 more episodes!
Russ Cantwell (@rcantw3ll), CTO of SHI Corp, joins us to talk about Kubernetes, the Container Storage Interface (CSI), and backups. Before we get to that, however, we talk about how he, his pregnant wife, and two-year old child all got COVID-19. We discuss how that went and continues to go, and then we talk about Kubernetes. (If you're not interested in our banter, and just want to hear about K8s, just fast-forward to 11:50.)
Another industry veteran, Jose Calhariz. joins us this week to explain how he uses the community versions of two open-source backup tools to meet his university's backup needs, while saving money. We have a very interesting discussion that includes coverage of dump, tar, and Amanda. Jose also tells a great story of a huge recovery he had to do, that took several days.
Darren McBride, CEO of Highly Reliable Systems (http://high-rely.com/ ) joins us on this podcast to talk about their product, which he says is designed for SMBs to get reliable offsite backup without using tape or an Internet connection. They have purpose-built appliances that support mirroring, but with removable disks. This product has been on the market for almost twenty years, but is having a surge in demand due to the desire by many companies to have an air-gapped backup for ransomware protection purposes.
In May of 2020, Tony Mendoza of Spectra Logic found out his company had been attacked by ransomware. Hear his harrowing tale of how long it took just to get the data center ready for a restore, and then the various tools they used to bring things back online. He did not want to pay that ransom! Spectra Logic is actually a tape vendor, so Tony has a unique viewpoint. We thank him so much for being so candid about his experience. You will learn a lot.
Rob Morrison joins us from Bacula Systems, the commercial arm of the open-source backup product, Bacula. It's tagline is that it roams the datacenter at night and sucks the vital essence from your computers. Bacula Systems has come a long way since I first saw them years ago. Check out what they're been up to.
This week’s episode is dedicated to my friend Jim Bougor, who passed on this week. Jim, this week’s guest (Darryl Baker), and I all worked at Collective Technologies back in the day. Darryl comes with over 30 years of backup and IT experience, and he and I walk down memory lane about the way things used to be with backups. Apropos for women’s history month, we also talk about Grace Hopper and Ada Lovelace a little bit. The Grace Hopper speech Darryl references can be seen here: https://www.youtube.com/watch?v=9eyFDBPk4Yw&ab_channel=funbury We talk about all sorts of tape drives from the old days including: 9-track, VHS, QIC-180, 8mm, AIT, 4mm, TK-70s, DLTs, and LTOs. We discuss the concept of coercivity and how that relates to magnetic media. We also discuss the difference between helical scan and linear tape drives, and Darryl’s theory as to why helical scan disappeared.
Chainkit Founder & CEO Val Bercovici returns to the podcast to build on what we learned last week. This week we talk about how distributed ledger technology (such as the one in BlockChain, but there are others), can be used to increase security. We talk about the SolarWinds hack and how that could have been prevented using such technology.
We invite blockchain expert Val Bercovici, Founder & CEO of ChainKit, on the podcast to explain the basics of distributed ledgers, as well as the biggest distributed ledger – BlockChain. He explains what a distributed ledger is and why you might want one. We then talk about why someone would contribute to such a ledger, meaning why you would volunteer your resources to be part one – a process known as "mining." Then, as a precursor to our next episode, we talk a little bit about the security possibilities of a distributed ledger.
Prasanna and Curtis discuss the importance of occasionally refreshing your hardware (or virtual hardware) and how important backup in in that scenario. There are many modern tools that can help you migrate from one thing to another (e.g. iPhone migration), but you'd better also have a decent backup. We also discuss the pros and cons of TimeMachine. It's nice, but not perfect. (Still better than anything in WIndows, though.)
Julie Ulrich, Systems Engineer at Farm Bureau Insurance of Michigan, joins us on this episode to talk about her experiences with NetBackup and Rubrik in her world. She’s been working in backups for over 25 years, so has seen a number of iterations of both products. We talk about many of the challenges she had with NetBackup that led her to considering Rubrik, as well as the pros and cons of using Rubrik. We also talk a little about her concerns about Microsoft 365.
These are the kinds of stories that keep you up at night. UK police deleted hundreds of thousands of records. Sysadmin accidentally deleting thousands of users. A new backup "feature" that made the backups worthless. The infamous story of Toy Story getting deleted with no backups! All this and more!
In another fascinating look into a very different world (backup-wise), we are delighted to have Timo Piiparinen from Multicom in Finland. He’s been in the IT industry for over 40 years at the same company! TImo gave us a fascinating look into a very different backup world. He makes a case for tape in the backup system (something I gave up on a while ago) because he’s using a backup software vendor that didn’t give up on the medium and actually innovated for it. Using a unique multiplexing setup that used flash disk as a big cache for the tape, very large block sizes, and what he called read-optimized writes, they run these tape drives at over 650 MB/s during backups and can guarantee restore speeds! He and I spar a bit over the value of disk during DR, and his position was that this was only necessary for the most critical systems. He’s a fan of tape, which is hard to find these days. TImo will be back.
We welcome Andrew Wertkin, Chief Strategy Officer of BlueCat, a DNS, DHCP, & IPAM (DDI) security company. Like backup, properly securing these parts of your infrastructure are both extremely important – and everyone thinks it's boring. I knew nothing about DDI before this recording and I learned a ton about the ways that bad actors use these technologies to either attack or exploit your company. Using technologies like Bluecat can actually stop ransomware in its tracks! Andrew explains exactly how ransomware attackers use DNS for Command and Control, and how products like Bluecat can be used to stop them in ther tracks. This is a great episode with a lot of really good information.
Vanessa Toves joins us again to explain exactly why you need to backup Microsoft 365 and similar services. We talk about how Microsoft is only responsible for that platform; you are responsible for the data. Particular attention is given to the idea that somehow Retention Policies are a substitute for backup. She explains exactly why that is not the case. In fact, her experience with such policies has her struggling to wrap her head around why someone would want to do that.
Vanessa Toves, a Microsoft 365 expert, joins us on Restore it All to explain the unique architecture of Microsoft 365 (formerly known as Office365). We talk about Teams and Groups, and how many people misuse both. We cover Sharepoint's role in this as well, and how Exchange Online figures into the picture. This was originally going to just be an overview, but our architecture questions just kept coming, and Vanessa kept answering them. This episode lays a good foundation of what we will cover in the next episode, which will be dedicate to backing up Microsoft 365.
Prasanna and Curtis wax philisophical at the end of 2020, and try to predict what they think will happen next year. We look forward to the end of 2020 (don't we all?) and look with a positive outlook to 2021. We talk about the vaccine, and what it's going to be like getting back to work, and whether or not there will be a new normal there that's not like what it was. We talk about SaaS products and their prevalence, as well as the emergence of a number of backup products based on Kubernetes. 2020 has been quite the year; let's hope 2021 is better.
Here is the FTC page I referenced in one of the editor's notes: https://www.ftc.gov/tips-advice/competition-guidance/guide-antitrust-laws/single-firm-conduct/predatory-or-below-cost
Fathom Analytics (https://www.usefathom.com) is a privacy-first analytics engine, and they were attacked in November 2020 via a very big DDOS attack that threatened their core business. Jack Ellis, co-founder of Fathom Analytics, is a developer and first used the developer mindset to address this threat. He quickly realized he was out of his depth and decided to call for help. The AWS Shield Advanced team came to the rescue and helped them shut down the attack, and helped to stop additional attacks that were still on the horizon.
Jack wrote about his experiences in the blog post "Someone attacked our company," and its URL is below. Now he shares his experience with us. What's it like to be attacke by an unknown assailant bent on doing your company harm – and to not be sure how to stop it? Join us on this episode to find out!
Someone Attacked Our Company: https://usefathom.com/blog/ddos-attack
We get a closer look at the eye of the storm. A few episodes ago, we had an anonymous guest we called Harry Potter, who told us what it was like to manage a DR remotely. This week we hear from the man on the ground, recovering two datacenters after a hurricane wiped out the island where they resided. We learn all sorts of lessons, especially about how so much of a disaster recovery has very little to do with what backup people think of when they think about a "recovery." In fact, we spend almost this entire episode NOT talking about backup! We talk about network connections, places to sleep, how to eat, and how to recover your datacenter when the neighborhood power won't even stay on. This guest is also remaining anonymous, and since he is Harry Potter's friend, we called him Ron Weasley. (My apologies to the Potterheads out there.)
Cornelia Davis, 30-year industry veteran and CTO of Weaveworks, explains what cloud-native design is and why it matters. She explains that you do not have to go fully cloud-native on day one if you are moving an app to the cloud, but everything you do "refactor" to a cloud-native architecture will be more resilient, scalable, and cost you less to operate. We talk about Kubernetes and how that figures into everything, but how it is not the only way to be cloud-native.
Listeners to the podcast can get a 40% discount on Cornelia's book by using our code "podrestore20"
https://www.manning.com/books/cloud-native-patterns?query=Cloud%20Native%20Patterns
Lindsey Schulz MD/MPH joins once more on the podcast to discuss the great news we have had in the last few weeks around the Coronavirus (COVID-19). There are THREE vaccines that have been announced that all exceed the goals the medical community set, and will all be applying for emergency use authorization from the FDA. She explains the pros and cons of each of the three vaccinees we know about at this point, as well as giving a little info about another vaccine that is expected to announce soon. This is great news!
In a departure from our normal coverage, I decided to bring on Mark Thompson, who was the Site Manager for the election polling site I volunteered at last week. He gives us insight into how elections are managed in the US, and what we do to prevent fraud and ensure the overall integrity of the system. We talk about the technology used on the front end of the polling process, which in San Diego county including Electronic Poll Books (EPBs) and Ballot Marking Devices (BMDs). We then also talk briefly about the checks and balances in the actual counting process. Although this is a departure from our normal fare, I think a lot of people will benefit from the info we discuss.
Also, I also posted a blog post about this topic here: http://www.backupcentral.com/why-its-really-hard-to-rig-a-national-election/
Prasanna and Curtis talk about two recent ransomware attacks on hospitals and what we can learn from them. They also discuss things you can do to protect yourself from such attacks, and how to prepare to respond if you get one. We especially talk about the 3-2-1 rule and the remote desktop protocol (RDP) and how these figure into protecting yourself from such things.
This isn't a rebuttal to last week's podcast, but it might seem that way. Last week we talked about the advantages of tape for very long term retention (e.g. 10 years), one of which is a significant cost advantage. This week we will discuss how backup, recovery, and disaster recovery are very different use cases, and why disk and cloud is a much more appropriate place for that use case. Joining us to discuss this topic is Druva's CTO, Stephen Manley, who has spent many years at companies that use disk for this purpose.
Matt Starr, CTO of Spectra, comes on the podcast to discuss the advantages of tape for long term storage. We talk about how tape is actually better at holding data long term than disk is – 10,000 times better if you compare it to SATA disk. We also talk about the advancements in tape in the last 10-20 years that have made libraries like Spectra's even more reliable than they used to be. Finally, we talk about the Spectra T-Finity library that can now hold an Exabyte of data in a single unit! What started this whole idea of bringing Matt on was Spectra's eBook that said that the T-Finity tape library was significantly cheaper than Glacier Deep Archive if you store your data for a long period of time (e.g. 10 years or more). Here's the eBook that got the conversation started: https://bit.ly/37BtTkK
Daniel Rosehill, a self-described "backup anorak," joins us to discuss how difficult it can be to backup consumer SaaS services, such as Evernote. Daniel used to use EverNote on Linux, and sent a message to their support system on how to backup its data. They had no answer unless you were using it on Windows. We talk about Google Drive, Dropbox, and other consumer-grade cloud services, and how the challenges of backing them up should be a concern for any users of these platforms – not just backup anoraks. (An anorak is a slightly prejorative term that refers to someone who is interested in a not-so-leading idea – like backups.)
The Palo Alto Networks’ Unit 42 threat hunting team found that a big customer of theirs had misconfigured two critical Amazon Web Services (AWS) services. If these misconfigurations were exploited by hackers, it could have created a data breach that could have cost the customers tens of millions of dollars. Prasanna Malaiyandi and W. Curtis Preston (Mr. Backup) discuss this misconfiguration, and what you can learn from it to protect backups you store in the cloud.
A mystery guest from a multinational corporation that experienced a disaster during a recent hurricane describes their mostly-disk NetBackup environment and how they used it to recover from a hurricane that ravaged an island. (Company and location names are changed or not mentioned so "Harry Potter," our mystery guest, can speak freely.)
Shalabh Goyal(@goyalshalabh) joins us on this podcast to discuss sharded databases – and MongoDB and Cassandra in particular – and how one might go about backing them up. Suffice it to say that it is complicated. We learned a lot from recording this podcast and you will learn a lot listening to it!
Tony McGarry, Senior Principal Engineer at Druva, joins W. Curtis Preston and Prasanna Malaiyandi to talk about backing up large, multi-node, sharded NoSQL databases like DynamoDB, Cassandra, and MongoDB.
Adam Fisher (@BonzoVT), Cloud & DevOps Engineer at RoundTower Technologies, visits the podcast to talk about VMware Cloud on AWS (AKA VMC), and what it's like to actually use and administer it in a production environment. We also talk about how people backup VMC.
Carol Nichols and Jake Goulding, the authors of the Rust in Motion video series, join us to talk about Rust and why it makes such a "safe" programming language. We discuss what it means to be a safe programming language and how Rust accomplishes that.
We also discuss the upcoming free Live@Manning Rust Conference.
Finding Rustaceans weird but intriguing? Secretly wanting to become one? Tune-in, Sep 15, to the live@Manning #Rust conference to find your #Rustlang pincers! http://mng.bz/qNoA
Somewhere in the podcast we also give out a 40% discount code for anything at Manning.com.
Gina Rosenthal (@gminks) joins us on this week's podcast to talk about the edge, Kubernetes, and how to protect it all. Good conversation that also includes som Texas Brisket talk!
We also mention the Women in Tech conference that will go live on October 13. Here's what they have to say about themselves:
When the girls get coding!. Join us on your screens, Oct 13, for the live@Manning “Women in Tech” conference to celebrate the rising movement of women in technology. http://mng.bz/7GZm
We still have a long way to go to achieve diversity, inclusion and equality in technology. Our contribution is the live@Manning “Women in Tech” online conference, Oct 13, starring the women rocking the tech boat! http://mng.bz/7GZm
Cloud navigators and serverless gurus; algorithm sorceresses and community advocates; we proudly bring you the women creating the tech world we live in. Oct 13, live@manning “Women in Tech” Twitch conference!
#womenintech #womenwhocode
Prasanna and Curtis discuss their opinion of an ITPro article called Nine Tips to Improve your Disaster Recovery Strategy. In case you're curious, they are:
1. Have full documentation
2. Assess the risks
3. Drill for disaster
4. Prepare for disasters of different levels
5. Consider the cloud
6. Prioritize resilience
7. Evaluate security practices
8. Revise and Revisit
9. Build a critical response team
Scott Lowe (@otherscottlowe) joins us on the podcast to discuss the recent major hack of Twitter, where hundreds of accounts were compromised using backdoor access gained via a Twitter employee.
W. Curtis Preston and Prasanna Malaiyandi discuss the pros and cons of the various ways to backup a NAS filer.
Curtis and Prasanna discuss the very difficult problem of "forgetting" someone using a backup system that is fundamentally designed to remember. This is a direct conflict between GDPR/CCPA and backup.
Antone Kom, 7X Certified Salesforce expert, explains to W. Curtis Preston and Prasanna Malaiyandi all the things that can go wrong when you don't backup your Salesforce database.
Chris Evans (@chrismevans) discusses with us the idea of cloud "snapshots" (which are actually image copies & very different than array snapshots) and the pros and cons of using them for backup & recovery – as well as other purposes.
We are joined by Jake Burns, who is an industry veteran and an AWS and Druva customer before he became an AWS employee. He is now Enterprise Strategist at AWS and shares with us how LIveNation moved their entire corporate infrastructure to the cloud in one year, and how he now supports AWS customers in their cloud journey.
On this special US Independence Day edition, we talk a little bit about history in general, and how we all owe those who came before us. Then we morph that discussion into one about backups, and how we must also remember the backup lessons of the past. W. Curtis Preston (@wcpreston) then tells old backup stories.
Zoë Rose, a cyber investigator from the UK, joins us to talk about the lessons we can learn from the ransomware attack on Honda. We discuss a number of "common sense" things a company can do to protect their data.
GigagOm analyst Enrico Signoretti (@esignoretti) is our guest this week, and he helps us understand their latest radar report, which evaluates data management vendors.
On this first anniversary special, we are joined by my daughter, the voice behind our podcast's theme song. Fun times talking to her, and talking about our dreams for next year's broadcast.
We continue our series of how Hollywood Picks backup products, discussing vendor selection and proofs of concepts. Jeff Rochlin returns as a guest, hosted by W. Curtis Preston and Prasanna Malaiyandi.
We talk to Jeff Rochlin, a veteran of many Hollywood studios and related businesses, about how he would go about picking a backup product in that environment. W. Curtis Preston and Prasanna Malaiyandi hosting.
Prasanna Malaiyandi and W. Curtis Preston discuss an article that says that backups are worthless for DR. Are they? Some are, some aren't. Have a listen and see if you agree!
If you've ever wondered about whether or not drive recovery services are a good option, then this is the podcast for you. W. Curtis Preston and Prasanna Malaiyandi discuss whether or not they're a viable alternative to backup.
Is it appropriate to backup your data to the cloud? Which workloads work well to be backed up to the cloud? Even more importantly, which workloads don't backup to the cloud well? These are the questions we answer in this episode of Restore it All, with W. Curtis Preston and Prasanna Malaiyandi.
W. Curtis Preston & Prasanna Malaiyandi discuss the reality of egress charges (AKA data transfer charges) in the cloud, and how they are the digital equivalent of the fees we all used to pay to Iron Mountain.
There are backup & disaster recovery lessons to be learned from Netflix's The Tiger King, and HBO's Westworld. The 3-2-1 rule rules!
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss free services that vendors are offering during the Coronavirus lockdown, as well as an interesting discussion about how this might change how we work for the long haul.
Special guest Christopher Kusek ( @cxi )talks about #masks4all, why he was always a fan of the idea, and the current logic behind it now.
Lindsey Shultz, MD/MPH (Masters in Public Health) gives us hope for the future in this part of our three-part interview with her. If you haven't heard parts 1 and 2, please do so. They focus on defining the problem: what is COVID-19 and why is it so scary. This episode focuses primarily on hope for the future.
We continue our three-part interview with Lindsey Shultz, MD/MPH about the Coronavirus. In this second part, we focus on the reaction to COVID-19, and why it's so much more extreme than our reactions to other diseases of the past.
Lindsey Shultz MD/MPH (M.D. and Masters in Public Health) joins us to answer all our Coronavirus/COVID-19 questions. This is the first in a three-part interview with her, as she was so helpful we talked to her for almost two hours. You won't want to miss this one!
Enrico Signoretti (@esignoretti) joins us from Italy to discuss how the Coronavirus/Covid-19 quarantine is going. We also get a first-hand report about what it's like for a company that didn't have anyone working remotely to suddenly have hundreds doing so.
Prasanna Malaiyandi and W. Curtis Preston discuss week 2 of the Coronavirus scare. We dispense some helpful advice, both technical and non-technical.
@wcpreston and @pmalaiyandi discuss Coronavirus and how it's going to affect the IT community, as well as your backup and recovery system. We discuss remote employees, cloud data protection, and disaster recovery.
Brian Biles (@BrianBiles), Co-Founder and Chief Product Officer of Datrium, is our special guest. He explains their offerings, with a focus on how they use VMware Cloud on AWS to do DR.
W. Curtis Preston & Prasanna Malaiyandi discuss how to create a backup plan, including discovering what can harm your data, gathering requirements, and looking at design options.
Special guest Chris Mellor (@chris_mellor) joins us on the podcast, and he asks some very good questions about the future of backup for Kubernetes, including a discussion about Portworx.
Our special guest this week is Preethi Srinivasan, Technical Product Architect at Druva. We talk about Machine Learning, analytics, and how they relate to Data Protection.
We discuss how Salesforce.com has reversed their position on their "recovery service" that costs $10,000 and takes 6-8 weeks.
We have a special guest this week! None other than the author of "Knative in Action," Jacques Chester is joining Prasanna and Curtis to help us understand the interesting world of Kubernetes, Docker, Knative, and how it all relates to backup and storage.
One of the most successful investors in technology stocks is our special guest this first podcast of the new year! Matt Feshbach has managed billions in tech stocks, and he lends his brain to answer questions such as:
- What does it mean that a private equity company just bought Veeam?
- Why would they do that?
- What's next?
It's a great podcast where I learned a lot. Hope you like it!
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss the various ways to back up IaaS, PaaS and SaaS data.
W. Curtis Preston & Prasanna Malaiyandi discuss the announcements of re:Invent 2019, and how Curtis fought zombies and lost.
W. Curtis Preston (Mr. Backup) and Jon Owings, Principal Solutions Architect for Cloud Solutions at Pure Storage (@jon_2vcps), discuss what container backup is, why it's so difficult, and what you need to do to back them up.
In this special Thanksgiving Episode of Restore it All, Prasanna and Curtis talk about the things they're thankful for. Important stuff, like smart phones, virtualization, and containers. Yea... we're nerds.
W. Curtis Preston (Mr. Backup) & Prasanna Malaiyandi discuss some vendor FUD about using AWS snapshots (which are really image copies and not snapshots) for protecting native AWS resources like EC2, Redshift, S3, and EBS.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss whether or not backup admins are no longer needed. They also discuss tapas and sangria. :)
W. Curtis Preston (Mr. Backup) & Prasanna Malaiyandi discuss SaaS backup: what it is, what it isn't, things to look for in a SaaS data protection solution, and how to decide if SaaS data protection is for you.
Jeff Rochlin, a former actor and Hollywood IT Industry veteran, makes his second appearance on Restore it All. W. Curtis Preston (Mr. Backup) & Prasanna Malaiyandi ask him to design a greenfield datacenter. We also talk about GDPR & CCPA.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss the various ways one can backup a relational database, like Oracle, SQL Server, DB2, MySQL, and PostgreSQL.
W. Curtis Preston (Mr. Backup) and a mystery guest discuss why it has become so popular for data protection companies to offer their product as a service.
W. Curtis Preston (Mr. Backup) & Prasanna Malaiyandi talk about the concept of "Instant boot" what companies use it for, and when (and when) not it might be an appropriate tool.
Curtis & Prasanna greet their special guests Chris Mellor (Editor, The Register) and Chris Evans (Storage Unpacked Podcast), and talk about The Forrester Wave: Data Resiliency Solutions, Q3 2019.
If you want to download the report yourself, you can do so here: https://resources.druva.com/analyst-reports/the-forrester-wave-data-resiliency-solutions-q3-2019
W. Curtis Preston (Mr. Backup) interviews Eugenia Buzogly, Senior Director of Legal and Data Protection Officer for Druva about a recent GDPR ruling that some have interpreted to mean they no longer have to comply! (Here's the ruling: https://regmedia.co.uk/2019/09/24/cp190112en.pdf) Does the ruling actually mean that?
W. Curtis Preston (Mr. Backup) and Rob Worman discuss various backup configuration mistakes they've seen throughout their many years of backup.
In this "bonus" episode of Restore it All, I offer a complete departure from our normal podcast content as Rob Worman regales us with stories of what it's like to be a Jeopardy champion, as well as the path he took the get there. Some good advice for anyone thinking about being on the show.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss two recent huge ransomware attacks. One that affected dozens of cities in Texas, and hundreds of dentists in the US. We discuss things you can do to ensure you don't get attacked, as well as what to do in case you get attacked.
W. Curtis Preston and Prasanna Malaiyandi discuss the AWS outage that happened over Labor Day weekend, where some customers actually lost data. We also discuss what they could/should have done to prevent that.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi talk with Steve Schaub at VMworld 2019 about VMware's announcements, and we also tell funny backup stories.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss various challenges with disaster recovery. We also have a very special guest star!
W. Curtis Preston (Mr. Backup) and Ben Patridge talk about the things they learned while working in IT and backups at a bank.
Special guest on the podcast this week, Ben Patridge (Portland beer Ben), and W. Curtis Preston (Mr. Backup) discuss horror stories and other things gone wrong with backups, while drinking a couple of Trappist beers from Belgium.
After covering in the last episode why tape isn't really good for backup anymore, W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss the continued uses for tape. It's not dead -- even growing.
W. Curtis Preston (AKA Mr. Backup) explains to Prasanna Malaiyandi the early days of tape, and what happened to make backup and tape to become bad for each other.
Today we have a special guest on Restore it All, and it's none other than Jeff Rochlin, an industry veteran and long-time friend. He's going to be giving us the inside scoop about how they do storage and backups in Hollywood, where he has worked for over 40 years. He started out as an actor, and has run IT for the likes of Disney, Dreamworks, and is now head of IT at Fandango and Rotten Tomatoes. This episode is a little longer than most, but it's full of good stuff. I hope you enjoy it.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi are joined by a guest, Matt Leib, and they discuss how Microsoft disabled the registry backup in Windows 10 and told no one.
W. Curtis Preston (Mr. Backup) and Prasanna Malayaindi interview an IT director from a tech company in the bay area. (Company and full name withheld for privacy reasons.) . We discuss what it's like to be an IT and security manager in today's world.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss different ways of using the cloud for backup
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss why it's important to backup SaaS services such as Office 365, G Suite, and Salesforce
W. Curtis Preston (Mr. Backup) and Prasanna Malayaindi discuss how to protect yourself from ransomware, and how to recover from if it happens.
W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi discuss various things people say are backup, which actually aren't backup.
In our premiere episode of Backup Central's Restore it All Podcast, W. Curtis Preston (Mr. Backup) & Prasanna Malaiyandi discuss the one year anniversary of GDPR
En liten tjänst av I'm With Friends. Finns även på engelska.