Read the Press Release
Meet the people behind the UK and Ireland’s most exciting, up-and-coming cloud backup provider – Datastring. Jon Thordarson, CEO and Steinthor Kristinsson, CTO are highly experienced IT infrastructure engineers who have protected customer data using Asigra since 2004 at Securstore (later KeepItSafe), an award-winning Asigra Partner.
A couple of years after their former company was acquired, Jon and Steinthor decided to strike it out on their own. They formed Datastring with an eye for the growing market of organizations who need to protect their SaaS and IaaS data.
Datastring needed a robust platform that supported today’s growing diversity of data sources – from traditional to cloud data protection. Asigra was a tried-and-true solution from the founders’ perspective and the logical choice they immediately considered.
Asigra is proud to announce that we have earned Jon and Steinthor’s trust as the platform powering Datastring’s cloud backup services. Their decision to build their business as an Asigra Partner is a huge vote of confidence, from a team who has over 12 years of experience using our solution. They were impressed by how our software has evolved over the years, growing in functionality to cover Office 365, Salesforce, Google Apps, Azure, AWS backup, replication and virtual machine disaster recovery.
We are confident that Datastring will accelerate their growth with Asigra Cloud Backup, given the promising response from their customer base. Joseph Morsi, Lead Infrastructure Engineer at Digiterre noted “The Datastring solution meets all of our business requirements. Their proven industry knowledge, experience and reputation was crucial in our decision.”
Any organization seeking a trusted advisor to assist with Backup-as-a-Service (BaaS) and Disaster-Recovery-as-a-Service (DRaaS) projects should certainly consider contacting Datastring. All of their engineers have hands-on experience as network administrators, preparing them to tackle your most complex data protection requirements.
If you are a MSP who would like to know how the value of an Asigra partnership extends beyond the software, please visit our page about partnering with Asigra.
This is part of a series of interviews with Asigra Partners. In this post we’re talking with Greg Drumsta from tech42 about his experience protecting customers from ransomware and advice for preventing this type of attack.
SC: Tell us a little about yourself.
GD: My name is Greg Drumsta, and I am the Cloud Services Administrator of tech42 (@tech42llc). We understand that organizations need to keep their most important files both secure and accessible. Our focus is providing the most efficient technology stack for organizations to maintain high availability and mitigate security risks. We offer premium affordable services that enable our clients to get the most for their money from our Dunmore, Pennsylvania headquarters.
I am responsible for managing backup, anti-virus, Exchange, spam filtering and website hosting for numerous organizations. During my time at tech42, I have been able to restore files affected by ransomware encryption, saving many man hours of work for our clients. Along with my passion for technology, I am always striving to deliver quality customer service as a knowledgeable advisor to our clients.
SC: What are your experiences with helping clients protect their data against ransomware?
GD: One of our managed backup customers, an architectural firm, contacted us when 75% of the data across their file shares had been encrypted by ransomware. At that time in 2014, ransomware was a relatively unknown form of malware, so I had to familiarize myself with which file extensions this strain was targeting. As it turned out, many of the encrypted files were common Office formats like .doc and .xls. Asigra Cloud Backup™ gave me the control I needed to manually restore each affected file extension.
We were able to restore all of their files without the need to pay the ransom demand. The results would’ve been devastating to our client if they haven’t had a backup, forcing them to repeat months of lost work and face the financial consequences of missing deadlines.
SC: Do you have any tips for organizations on how they can avoid ransomware altogether?
GD: Sure. I have 7 key points organizations should keep in mind to prevent this type of attack.
- Regularly backup important data
Data is the lifeblood of most organizations and it can be difficult, if not impossible to recreate original data. Computers can be lost, stolen, or destroyed in a fire or other catastrophe so having a backup plan is essential to recover business-critical data. Besides scheduling automatic backups, it’s also a good habit to make extra copies of your personal or critical work data on a regular basis. This means copying your files over to a protected system that you can access when those files are needed.
The most commonly overlooked area when organizations are looking to create a backup plan is email. A lot of critical business information is contained in email alone so being extra careful to include it in your current backup plan is a must. I’m a big fan of Asigra’s platform-agnostic solution which helps organizations manage backup better over multiple point solutions, allowing backup for anything on any system.
- Tighter exclusions on antivirus software
Relying exclusively on antivirus to protect you from all threats is not enough because it’s ineffective in spotting and stopping ransomware. Make sure you have an internet policy for web browsing that’s clearly communicated to your employees. It’s important to remember that the spam filter can’t catch every harmful email that’s aimed at your organization, particularly zero-day viruses.
I think all IT departments should prohibit illegal or non-compliant downloading of pirated materials in an Internet use policy. They can be major bandwidth stealers which may contain viruses.
- Double-check the email sender
Often times, emails from people we don’t know can contain suspicious attachments, so looking at the email sender can help you identify whether an email attachment is malicious or not. Always check the “to field” to see if it matches the name it comes from. If it looks strange check the IP addresses and Mx record origin from the sender. There are many great resources online to check for IP origin as well. On the other hand, an attachment can be malicious even if you know the sender! If an email from someone you know is questionable, you may want to give them a call or ask them in person. If they didn’t in fact send the email, they’ll appreciate you notifying them that their computer or email may have been hijacked.
- Don’t click links in a suspicious email
If you are unsure, do not click the link in an email. As a best practice, hover over links to ensure they are going to the correct destination before clicking them. Also, headers may have strange IP addresses meaning it’s coming from a different country, which is a dead giveaway.
- Don’t download questionable attachments
Generally speaking, reading the contents of an email is safe, but the attachments can be harmful. Even though many email servers will do most of the work in removing potentially dangerous attachments, you still have to be extremely cautious to never run an attachment unless you are absolutely sure of its origin.
- Maintaining up-to-date software
To prevent ransomware, make sure you have updated software, including your operating system, browser and any toolbar plug-ins you use. In addition, ensure that your antivirus software and firewall protection is up to date as well. A great way to ensure that your endpoint software is updated is by having a remote monitoring and management tool.
One major security risk that may occur with outdated backup agents is code exploitation which can result in backup fails or having it finish slower.
- Having both anti-malware software and software firewall
It’s always a good idea to have both anti-malware software and a software firewall set in place to identify suspicious behavior. These two layers of protection can significantly help strengthen your defense against new malware variants and emerging cyberattacks.
Having anti-malware software and a good anti-virus program in place that has an anti-malware component is a step in the right direction. Ensuring it is centrally managed and monitored by an administrator is also key to ensure any issues are identified right away. Workstation software never replaces a traditional firewall, only working in conjunction with it.
SC: Greg, thanks for your time today.
GD: No problem. If anyone is interested in learning more about how tech42 can help you mitigate risk against ransomware or other forms of data loss, please contact us at www.tech42llc.com/contactus
Sometimes you don’t have to lose your data outright to suffer major disruption to your business. With more companies outsourcing their IT infrastructure to IaaS providers like AWS and Azure, cloud reliability is becoming more of a concern.
In the past week alone, Microsoft Azure has suffered from two major outages: one on 9/9 bringing down cloud services for many customers in its North Europe, West Europe and India regions completely. Then on 9/15, there was a global DNS outage which again, left some Azure customers without access to their SQL databases, Virtual Machines and backups.
It’s not just Microsoft who is having these issues. Google Apps for Work users also went down for over an hour on 9/14, leaving US and UK users who rely on the cloud productivity platform in the lurch. In the past, AWS has also had hiccups up to and including complete outages, bringing down popular websites including Netflix, Reddit and IMDB.
What does this mean for you as an IT professional? First, you need to realize that no cloud is perfectly reliable and downtime is not a matter if, but when. Even a couple of hours of disruption can rack up millions in lost sales and/or productivity – according to an IDC report, the average hourly cost of an infrastructure failure is $100K/hour, or in the case of a critical application, $500K - $1MM/hour.
While some public clouds have a better reputation for uptime than others, the only sure-fire way to maintain business continuity is creating a disaster recovery plan. A disaster recovery plan, may include backup, replication, and failover to a different hot/warm site. Although services like Azure have their own backup facilities, your best defense is to keep backups on a different cloud entirely. Even when an IaaS provider has different availability zones, consider that outages like the recent ones with Azure frequently span across multiple regions.
The worst thing about a cloud outage is how you’re entirely at the mercy of the ops team at Microsoft, Amazon or Google to fix it. They have thousands of customers to serve, and unless you’re a major customer with a SLA, good luck getting in touch with anyone besides front-line support. With a private cloud, you could put “boots on the ground” to repair the faulty part of your infrastructure, but with a public cloud, you don’t have that access because everything beyond your virtual server is very opaque.
Microsoft attributed its DNS outage last Thursday to high traffic, illustrating how a neighbor overwhelmed by a burst of traffic in the public cloud (whether legitimate or a DDoS attack) can bring you down along with them.
Many companies have enjoyed cost savings and productivity gains from moving to the cloud, but it’s imperative to mitigate the risks as well. Using a Disaster-Recovery-as-a-Service (DRaaS) solution such as Asigra Cloud Backup can help you easily meet your recovery time objectives (RTOs). Key benefits include:
- End-to-end solution protects traditional and cloud data sources
- Seamlessly failover to an alternate datacenter with Virtual Disaster Recovery (VDR)
- Flexible and scalable solution for companies of all sizes to meet business needs today and future
For more information, contact a Recoverability Specialist who will be happy to discuss your SaaS, IaaS and cloud-to-cloud backup needs.
Date: Wednesday, October 5th, 2016
Time: 1:00 – 2:00 PM EDT
According to Gartner, 50% of SMBs will move to a cloud productivity suite by 2020, with many large organizations swept up in this trend as well. If your organization has migrated to, or is considering a migration to Office 365, you won’t want to miss this webinar.
Did you know? Microsoft backs up its customers’ data, but you don’t have access to those backups. By default, Exchange Online purges deleted emails from the Recycle Bin in 15 days, after which it is irretrievable.
In this webinar, you will hear from a panel of leading data protection experts, moderated by industry analyst Marc Staimer at Dragon Slayer Consulting. They will discuss options to protect your Exchange, SharePoint and OneDrive data with a single, end-to-end solution.
You will learn:
- Why you can’t afford to rely on Microsoft’s backups to protect your Office 365 data
- The reputational and financial risks a data loss can inflict on your organization
- How to convince your organization to protect cloud and on-premise data equally
- Tips for deploying a data protection solution that can protect Office 365 (Exchange, SharePoint, OneDrive) in addition to other cloud data
By Peter Ely — Channel Marketing Manager, KeepItSafe®
Have you seen that amazing new TV commercial where the guy drops a high-end enterprise server into a lake — and then they fish the thing out, plug it in, and show you that all of the data survived intact?
Of course you haven’t. That commercial doesn’t exist. Servers don’t do that.
(And if you do see a guy throwing a server into a lake, he’s not filming a TV commercial; he’s destroying evidence.)
I bring this up because, as an IT professional, you no doubt devote a good amount of time to anticipating and preparing to respond to a myriad of technology-related threats to your business — your IT architecture falling behind the competitive curve on capability and efficiency, cyber attacks against your network, etc.
But your company's mission-critical data being wiped away in a flood? I’m guessing you don’t spend many cycles fretting over that.
The Baton Rouge Flood: Time to Re-Examine Your Data Backup Protocols
Of course, you’d be fretting plenty over the potential for catastrophic corporate data loss in these last weeks if your business were located in Baton Rouge. For businesses of all sizes, in all industries, the 2016 Louisiana flood provides a stark reminder of the need for bulletproof, redundant backup of your mission-critical data.
Many businesses — even large, industry-dominant enterprises with sophisticated IT teams — continue to invest in expensive, high-end data backup systems, which they maintain entirely onsite.
Given that some of these enterprises are in heavily regulated industries, or maintain highly sensitive data and hard-earned intellectual property, their inclination to keep all of this data “in-house” is understandable. But as the Louisiana flood illustrates, it’s also extremely dangerous.
If there is a lesson for businesses in the 2016 flood, it’s that you cannot afford to keep your corporate data in just one location — because disasters happen.
What if Your Offsite Data Center Were Located in Baton Rouge?
Now, you might be thinking, Well, that wouldn’t apply to our company because we already keep our data in an offsite data center. Fair enough. And if you do back up your data to an offsite location, then in terms of data protection you’re a step ahead of those companies keeping their only digital copies of everything on in-house servers. But this begs the question: What would happen to your backed-up data if your offsite data center were located in Baton Rouge?
No data backup provider, no matter how successful or trustworthy, can guarantee you that any one of its locations is in a disaster-free zone — where no floods, fires, earthquakes, tornadoes, crippling power outages or other catastrophes could harm its facilities.
Like the comedian who asks, “Hey, since they always seem to find the black box intact after a plane crash, why don’t they just make the whole airplane out of that same stuff” you’d have to wonder, “Hey, if such a disaster-free zone really existed, why wouldn’t everyone move there?”
This is all a way of saying that even if you’ve moved your data to a cloud backup service, you might not have fully solved your company’s data protection problem — not if that backup provider itself maintains your corporate data in only one physical location.
After all, if that single data-backup location suffered a Baton Rouge-caliber flood, and your data were maintained only at that location, then you and those companies keeping all of their data in-house would essentially be, for lack of a better phrase, in the same boat. (Sorry — bad flood humor.)
You Need a Geographically Redundant Cloud Backup Solution
What this means is that the only cloud backup solution worthy of safeguarding your corporate data is one built on a large, geographically dispersed network of data backup facilities — where you can, at all times, maintain multiple copies of your data across several of these geographically distinct data centers.
But even that is only one component of truly safe, redundant data protection. You’ll also want to deal only with a cloud backup provider that can guarantee you the ability to restore 100% of your lost data from one of its locations quickly, in the event disaster ever does strike. If you lose data or access to a network that your business needs to maintain ongoing operations, you don’t want to have to wait days or weeks for your backup provider to get you back up and running.
And finally, you’ll want to demand that your cloud backup provider not merely store copies of your data on its cloud and then leave it there unattended — but that it maintain a team of trained support engineers actively monitoring your data around the clock, ready to take action to protect it at the first sign of trouble.
Date: Wednesday, September 28th, 2016
Time: 1:00 – 1:30PM EDT
Can cloud backup add to your bottom line? We’re confident it can. The numbers don’t lie. According to a recent MSP survey, 89% of backup-as-a-service providers say the service is "somewhat" or "very profitable."
Stop chasing after point solutions, which suck up valuable IT resources. Instead, try a comprehensive data protection solution that protects your customers' laptops, servers and mobile devices in addition to cloud data sources such as Office 365, Google Apps and Salesforce.
You're invited to our webinar How Asigra Helps MSPs Lower Costs and Increase Revenue by 50%. In this webinar you will learn:
- The performance & security benefits of a 100% agentless backup solution
- How to turn SaaS users into lucrative cloud backup customers
- How to win business from the top growth markets for backup
- If it makes sense to position backup as a leading or trailing complementary service
As a thank you for participating, attendees will receive a complimentary P&L analysis. Space is limited. If you miss the webinar, we’ll send you the recording, but you need to register to receive it.
Acclaimed privately owned shipping company, Masterbulk Pte Ltd, has been one of the major players in the shipping industry. Email correspondence in Masterbulk’s business is crucial to provide the coordination and document flow required to transport cargoes around the world. With tape backup, problems started to arise in restoring data and the management team needed a highly dependable offsite backup service in preparation for future audit requirements. With the need for a better backup system becoming more urgent, Masterbulk finally selected Pantropic’s ATEGO Cloud Backup service powered by Asigra as it offered the most favorable combination of cost effectiveness, reliability, and ease of use.
Masterbulk is completely confident in the ATEGO solution based on the following key features that give them peace of mind:
- ATEGO’s disk-based backup technology removes concern for reliability of tape
- The autonomic healing process automatically finds, fixes and flags any errors in the backup file structure
- The ability to schedule an automated validation job on a specific file or database
- Service provider Pantropic keeps multiple copies of backups at their secure data centers
“ATEGO Cloud Backup has doubled my productivity rate” says Richard Maquilan, IT Manager at Masterbulk Pte Ltd. Maquilan is happy with the amount of time saved when backing up data and exclaims “it seems that Asigra has created another me – a clone”.
This is part of a series of interviews with Asigra Partners. In this post we’re talking with William Bush from Tectrade about his experiences and thoughts surrounding SaaS backup for enterprises.
JL: Tell us a little about yourself.
WB: My name is William Bush, and I am the Technical Services Manager at Tectrade (@TectradeHQ). We are a UK-based MSP focused on designing cloud storage & data protection solutions for enterprises. Our client base includes FTSE 100 companies as well as smaller organizations. Many operate in sectors where IT compliance is especially important, such as financial services, education and government.
Our alliances include being an Asigra Partner and the only IBM Storage Specialty Elite Partner in Europe, with over 25 years of experience and 50 technical staff around the world.
JL: William, based on your experience working with various organizations, how quickly would you say IT departments are moving to the cloud?
WB: According to IDC, the market for cloud services is currently growing at 20% and set to exceed $37B this year alone. IT departments are migrating to cloud-based SaaS applications such as Office 365, Google Apps and Salesforce at an unprecedented pace.
The SaaS market is continuing to grow at a phenomenal rate due to a number of factors. The key factors from my perspective being, reduced time to benefit, the SaaS provider taking responsibility for the hardware and software upgrades and uptime and a lower cost of entry with predictable monthly costs.
SaaS enables businesses to focus more time and energy on their core objectives and removes the pain of architecting, installing, managing and maintaining on-premise software solutions.
JL: That’s an exciting trend. With everything happening so quickly, how well-thought out are the deployments you’ve seen?
WB: Moving to the cloud is a smart opportunity but undeniably, also presents some risks.
Most organizations I speak with are either in the process of migrating to Office 365, or worse, have been running Office 365 for months without a plan to revise their data protection strategy.
Their legacy backup systems often aren’t compatible with new data sources like SaaS apps. Even if there are workarounds to make their existing backup tools pull data from the cloud, it’s often not an ideal solution. For example, an admin who is looking to retrieve an individual file might need to spend hours restoring an entire volume from tape.
JL: What are the most common misconceptions about SaaS data protection?
WB: Many organizations falsely assume that the SaaS vendor’s backups are enough to protect their data. Yes, Microsoft will regularly back up Office 365 accounts but mainly to protect against hardware failure in their data center.
Hardware failure isn’t even the top cause of data loss, not even close. User error (64%) is the most common, followed by hacking (13%), account closure (10%) and malicious deletion (7%). Microsoft does not retain copies of your data for nearly long enough to mitigate these other risks.
By default, deleted files in Office 365 are purged from Microsoft’s servers in 15 days. Admins can update the setting to 30 days, but accidentally deleted or corrupted data often goes unnoticed beyond that timeframe, after which it is unrecoverable.
JL: What about other applications such as Salesforce or Google Apps?
WB: These SaaS applications are not much better.
Google Apps for Work purges deleted data after 25 days. There are add-ons for Google Apps like Postini (deprecated) and Google Apps Vault which allow you to set longer retention periods, but consider: Do you really want to manage a different point solution for every cloud? Also, going with Google Apps Vault isn’t a true off-site backup because it doesn’t isolate your data from Google’s environment.
Deleted Salesforce records stay in the Recycle Bin for up to 15 days, with “up to” being the emphasis here. If you are close to capacity in your Salesforce account, they may delete your Recycle Bin files in as few as 2 hours. Once a file is deleted from the Recycle Bin, Salesforce can only attempt a manual recovery, billed at $10,000 a pop.
JL: How responsible are SaaS providers in the event of a data loss?
WB: None of the three providers I mentioned provide an especially strong guarantee you will be able to successfully recover your data, even if the data loss stems from their own negligence. The maximum liability that Microsoft and Google have written into their Terms of Service (TOS) is the past 12 months of subscription fees paid.
Is this enough of a financial guarantee for most organizations? I think not. A single email could be the difference between winning or losing a lawsuit worth millions of dollars.
JL: What is the broader impact of data loss on organizations as a whole?
WB: A data loss event can cause major operational and legal headaches. Recently, a major US airline who had a datacenter outage suffered significant reputational harm and was forced to pay millions in passenger compensation for the incident. Unfortunately, I have seen businesses not recover from a catastrophic data loss.
In the UK, the legal ramifications could include up to a £500,000 fine under the Data Protection Act 1998. Similar laws in the US such as HIPAA and Sarbanes-Oxley (SOX) govern healthcare organizations and public-traded companies, with fines up to $10 million for neglecting to protect customer data. To stay in compliance, you need to be able to show auditors that you have a secure, off-site backup at all times.
JL: What should compliance driven organizations look out for when they engage a backup provider?
WB: Be wary if your storage and/or backup provider is scant on details but assures you “not to worry” that their solution is compliant.
The onus is on you to verify that the architecture your MSP uses is compliant from end-to-end. For example, section 8 of the Data Protection Act requires personal data not be transferred outside the European Economic Area (EEA), with a couple of exceptions.
To protect your organization from fines and reputational risk, make sure you have your MSP’s promises in writing when it comes to compliance. A blanket statement like “HIPAA Compliant” isn’t enough, you need to understand each component of the setup, especially if you are going with a public cloud.
JL: How can working with a managed service provider help organizations gain a competitive advantage from their data?
WB: With the growing volume of data in the enterprise from traditional and cloud sources such as Office 365, it can be difficult for IT departments to navigate the challenges alone. From embedding ourselves at client sites, we possess a depth of experience in working with different data architectures.
An end-to-end solution like Asigra Cloud Backup lets IT departments simply “check off” data protection and instead, spend their time focusing on strategic IT opportunities.
Organizations won’t incur the costs of training their employees on multiple, platform-specific solutions anymore, because Asigra backs up virtually any data source from laptops, servers, mobile devices to SaaS and IaaS clouds.
JL: What are the other benefits of using an end-to-end solution like Asigra?
WB: First, Asigra is an agentless solution. Most backup solutions require a piece of software to be installed on the client-side, but Asigra does not. Because there are no agents to install or update, you save even more valuable IT time, not to mention the improved security.
Asigra is also extremely flexible, letting you set separate recovery time and point objectives (RTO and RPO) for different datasets within your organization, based on the business impact of that data.
In addition, you have the choice of backing up data to a public, hybrid or private cloud. The hybrid or private cloud options are commonplace in industries like financial services or government which have heightened privacy and security concerns.
JL: Will, thanks for taking the time to share your insights about SaaS backup. What are the next steps IT professionals can take to learn more about cloud-to-cloud backup?
WB: We recently hosted a webinar about this topic, titled “Data Protection Considerations with utilizing SaaS.” We went over a few customer examples and showed the attendees how simple it is to retrieve an accidentally deleted record from Salesforce. You can download the recording here.
Case Study: Goetze Dental Partners with Dataedge to Offer Dentists Data Protection Services powered by Asigra
Goetze Dental, a full-service dental supply company wanted to deliver data protection services to their entire client base with increased confidence. Initially, they depended heavily on portable disks for frequent import and export of data for backups and full restores, but needed to find a speedier process in order to provide a faster service to their clients. In addition to ensuring the reliability and manageability of the backup services they offered their dentistry clients, they also needed a solution that increased wallet share and drove monthly recurring revenue. With these goals in mind, Goetze decided to select the secure data protection solution provided by Dataedge and powered by Asigra.
Goetze Dental highlighted the following capabilities as key factors for selecting Dataedge’s solution powered by Asigra:
- Agentless deployment, supporting a wide range of computing systems and platforms
- Simple, centralized backup that eliminates the need for multiple point solutions
- Highly scalable design for on-demand expansion
- Support for both physical and cloud IT environments
- High-performance local and remote backup and recovery
- NIST FIPS 140-2 certified security with 256-bit AES encryption in-flight and at-rest to protect sensitive client data and comply with HIPAA compliance mandates
“The overall backup process is now so much easier yet costs are still very affordable” says Ben Poese, Helpdesk Manager, Goetze Dental. He also mentions implementing this solution has allowed them to “reallocate IT resources that would have been spent on a less efficient platform and focus it on other important projects”.
Strand Diagnostics, a provider of identity confirmation testing services, was dealing with different backup solutions from different third-party providers to address a variety of data protection requirements. This approach was time consuming from a management perspective, so they decided to invest in a seamless comprehensive solution to back up data off site and decided Echopath’s solution powered by Asigra was the right choice for all their stringent encryption requirements for personal medical information.
Strand Diagnostics achieved many business benefits with the Echopath solution powered by Asigra including:
- Confidence to restore data quickly and efficiently
- Peace of mind and reduction of time thinking about data protection issues
- One comprehensive platform to protecting data
- High reliability – backup and restore capabilities have been 100% successful to date
- Simple, centralized backup that eliminates the need for multiple-point solutions
“I have a very subjective measurement for success” says Gay Bush, Facilities Director and Compliance Officer, Strand Diagnostics. She measures success by how much time she spends thinking about problems, and happily claims “I don’t spend much time at all thinking about problems with respect to IT anymore”.