Archives for : June2012

Inclusive VS Exclusive Backup Policies

Protecting your critical data is no longer the burden it once was. That online backup software you’ve hopefully installed on your computer has been faithfully protecting you day after day, and you probably never even give it a second though.

But if you open up your online backup client and fiddle around a bit, you may find that there are a number of customizable options that you can set to make your backups more efficient, more secure or more convenient.

But before you try and modify any of your settings, it’s important to consider how this will affect your backups. Although the settings you pick today might be ideal for today’s files, it’s important to consider that your computer and your data will continue to change as time goes on.

And it’s important to make sure that the settings you apply today will continue to protect you in the future.

Inclusive vs. Exclusive Backup

When it comes to setting up your backup software filters, there are 2 approaches you can take. You can be exclusive or inclusive.

An inclusive backup would involve telling the software:

  • Back up everything except for what I’ve outlined in the filters.
  • Back up all folders except for the “Program Files” folder
  • Back up all files except for movie files

An exclusive backup policy would involve telling the backup software:

  • Don’t back up anything except what I’ve outlined in the filters.
  • Only back up the “My Documents” folder
  • Only back up files produced by MS Word and Excel

Let’s suppose that your hard drive contained 5 very large files A, B, C, D and F. And you only need to back up file F, since A, B, C and D do not contain critical data.

An inclusive filter would say “Back up everything except A, B, C and D”

An exclusive backup filter would say “Only back up file F”

Which of these 2 is the better approach?

At first, the exclusive backup filter might seem like the best approach since it’s the easiest to implement. But what would happen if – 6 months from now – you created another file named E, which also contained critical data? Would you remember to change your backup filters?

With an automated backup service, you may completely forget that you even have backup software running on your computer. So it’s not very likely that you’ll remember to update it.

Think about this in terms of a real life scenario. You install your backup software and forget about it for a year. As time goes by, your computer changes in a number of ways:

  • You install new software, which saves its data files in an unusual location by default.
  • You create a new hard drive partition.
  • Your favorite program unveils a new data format, with a new file extension.
  • Your laptop hard drive fills up. And instead of upgrading you purchase a very large external hard drive and move all of your data over to this device.
  • A technician adds a new virtual machine to your datacenter without advising you.

With an exclusive backup filter, you’d have to go back and add a new rule every time one of these events occurs. And a simple mistake could end up leading to data loss.

With an inclusive backup filter, you might end up backing up more data than you actually need to. This is ok, since backing up too much is always better than backing up too little.

Inclusive filters are also good for saving you from your own mistakes.

Let’s suppose that you want to back up only word files, so you create a filter that catches all *.doc and *.docx files. Well, you may have forgotten that MS word also produces the DOTM and DOCM file extensions. And it can also save files in other formats such as PDF, HTML, and TXT. And new supported extensions are being added every year.

Although making a detailed listing of the files you DON’T want might take a lot of work and lead to larger backups, it’s generally safer and easier than constantly updating your filters to include the files you do want.

This applies to files, just as much as it applies to machines, servers, and drives. Whenever possible, back up everything by default, and then cut out as much waste as you can. And you should also revise your backup filters at least once per year when you perform your annual backup recovery tests.

Now that we’ve gone over the basics, let’s try a test.

Programs need to be installed in order to work. So backing up program files is pointless, since you can’t restore a program using only its associated files.

But your Program Files folder also contains working data for various programs, and simply excluding the entire folder would potentially exclude this critical data along with the useless working files.

This is further complicated by the fact that the Program Files folder contains a potentially infinite variety of file types, including both standard and proprietary file extensions.

So what kind of backup settings would you implement in this situation?

It’s a bit of a trick question.

First of all, critical and non-critical data should always be stored separately.

Microsoft knows this. That’s why they’ve assigned a My Documents folder for your working files, and a Program Files folder for your program files.

If you uninstall a program, you also usually end up deleting all of the files contained within the installation folder for that program. This further increases the risk of data loss if you have working files stored within that folder.

Unfortunately, software developers often save working files in the installation folder by default, because they can’t imagine the possibility that anyone would ever want to uninstall their fabulous software. As an end-user, you should make it a habit to only ever save files within your My Documents folder, or another appropriate location that designated exclusively for critical business data.

If you ever find that an application is trying to save data to its installation folder, you should immediately change this setting.

This way, you can exclude the entire Program Files folder with a single statement, without putting any critical data at risk.

The other alternative would be to simply back up the contents of Program Files folder. But we advise against this whenever possible, since eats up a lot of space on your backups without providing much value.

By now, you should have a good general overview of how to set up your backups for maximum efficiency, while also minimizing the potential for accidental data loss due to forgotten file locations.

What are the Differences Between the Main Brands and Types of SSL Certificates?

It’s no secret that the internet is an increasingly dangerous and malicious place, with hackers looking to compromise both a website’s own integrity and the integrity of its private information. The best way to stave off these malicious attempts to undermine a website’s security is by implementing an SSL certificate. Short for Secure Socket Layer, this technology creates an encrypted and secure connection directly between a user’s web browser and the website’s server as they browse that website’s content. This is most commonly used to secure financial information or other private data, although SSL certificates are becoming increasingly common on social networking websites as users place more private information into their account profiles.
SSL certificates come in a number of varieties which are designed to cater to specific kinds of sites and web applications. The key to successfully securing a website with this technology is to pick the right kind of certificate for the job. The main differences between each type of certificate are relatively basic and easy to understand, and brushing up on these terms will help website owners implement the best solution for their needs.

Extended Validation

This is perhaps the most thorough type of SSL certificate that a business can secure for themselves. It can only be issued after the governing body has conducted a thorough vetting process of the applicant organisation itself, as well as their rights to use the domain name where they currently serve their customers. The industry body which determines SSL certificate standards has issued the following guidelines and requirements for those businesses looking to secure an EV certificate:

  • The identity of the applicant entity must match public record accounts of that entity
  • The applicant must have the exclusive right to operate at the domain name for which the SSL certificate is necessary
  • The legal existence of the applicant entity, as well as the physical and operational existence of the applicant, must be verified
  • The applicant entity must have properly authorised the issuing of an Extended Validation SSL certificate

It’s easy to see how this sort of verification and vetting process should be saved for only the most serious organizations. The process is tough, thorough, and can result in a number of disqualifications for smaller businesses and less official online entities.

Organization Validation

This certificate is a bit less thorough when it comes to vetting a company’s information. When an organization applies for this SSL certificate type, the granting body verifies that they have the legal and exclusive rights to operate at their current domain. It also conducts light verification of the organization’s actual business information, but this process is far less in-depth than what is required for an Extended Validation application. Any validated information is displayed to users when they click the “padlock” SSL certificate indicator in their browser’s address or status bar area. While EV certificates are great for big businesses, OV certificates are perfect for smaller businesses and independent organizations.

Domain Validation

This is the easiest type of SSL certificate to get, as the granting authority merely verifies the right of the organization to operate at the domain where they currently conduct their business and interact with consumers. No verification or validation of company information is required during this time, as the process focuses solely on the domain registration and the rights to that domain name. This SSL certificate is best suited to sole proprietors, independent users, and very small businesses, who are looking to operate securely online.

Less-Common SSL Certificate Types

While the three types of certificates described above are easily the most common ways to secure a website’s operations and customer interactions, there are a few miscellaneous types of SSL certificates which perform more specialised functions. From online collaboration to email, these certificates each have a relevant niche online.

  • Email Certificates, also known as MIME Certificates, are used to securely sign email and verify that it was sent from the email address it claims to be from. This is good for corporate communications and official records.
  • Unified Communications Certificates are perfect for multi-domain implementations where a collaboration server, such as Exchange Server, is used to connect various official groups.
  • Wildcard Certificates can secure first-level sub-domains within a single top-level domain, such as “subdirectory.domain.com.”
  • A Code Signing Certificate is a way to ensure that any code written by a developer is being transmitted securely, in its original form, and has not been modified or corrupted.

Plenty of Options for Web Developers and Businesses

SSL certificates continue to gain in popularity as malicious external threats make it necessary to encrypt information, verify its authenticity and integrity, and reassure users that they won’t put themselves at risk by browsing an e-commerce or social media website. With the wide variety of certificate types available, it’s really possible for developers and organizations or any size to gain the protection and peace of mind that SSL verification has to offer.

About The Author: Oliver Macpherson has worked for an ssl certificate provider for the past 10 years and believes in the importance of protecting confidential data where possible.

Is The Cloud The Right Place For Your Backups?

In a recent report, Gartner predicted that a significant percentage of the server data at large enterprises would be moved into the cloud. In its report, titled Magic Quadrant for Enterprise Disk-Based Backup/Recovery, Gartner states that, in the next three years, at least 30 percent of organizations will have commenced cloud-based data migration and changed backup vendors — mainly due to frustration over cost, complexity and/or capability. The report also states that 80 percent of the market will have chosen advanced online or cloud backup software-only solutions over distributed tape or disk-based appliance backup approaches.

 

That’s a pretty big change when you compare it to the situation of only three or four years ago, when most companies were buying tape- and disk-based backup solutions. A closer look at the report reveals that it is mainly mid-size companies (not huge enterprises) that are seriously considering this approach for their enterprise server data, as well as for their branch-office and desktop/laptop data.

 

Here are some factors that I think are driving this trend:

 

  • IT managers and business owners want to spend less time managing hardware and software. The SaaS revolution certainly triggered that, especially for smaller companies, which were attracted by the low up-front software and hardware costs of on-demand software.
  • The high level of frustration with the ongoing babysitting and laborious procedures associated with tape-based approaches. (If you’ve ever had to restore a server or desktop computer from backup tapes, you know how tedious this can be.)
  • Smaller companies are often technically sophisticated and nimble. For example, many of small and medium-size businesses (SMBs) are familiar with concepts such as virtualization, and they don’t have a major lock-in with software and hardware vendors.

 

Smaller companies are less tolerant of risk and waste

SMBs are also less tolerant of wasted time and inefficient processes than large enterprises because they have smaller teams that are more sensitive to wasted effort and redundancy. Similarly, SMBs are extremely interested data protection and business uptime because failure in these areas directly —and quickly— affects their bottom line. So, while SMB owners or IT managers at these businesses are familiar with continuous, online backup —they may even already be using it at home for their family’s computers— they also want to know if it represents a viable solution for the more complex office environment, which is characterized by the number and diversity of data sources: servers, desktops, laptops, and even tablets.

Cloud backup services are a great solution to their data security needs: they require little or no capital investment, are simple to install and manage, and are incredibly reliable. But, are all cloud backup services equal? It’s important to understand that there are huge differences among the various online/cloud backup solutions. Even file-sharing services like Dropbox and Box.net talk about backup as one of the things they offer.

 

If you’re a small-business owner or IT manager interested in cloud backup, you should focus your attention on true, enterprise-grade cloud backup that offers long-term data storage and compatibility with today’s networked environment. In other words, cloud backup solutions with these key attributes:

 

  • Bare-Metal Restore: the ability to recover and restore the entire operating system, all applications, settings and data, for an entire machine, onto a new machine with different hardware than the original one. Most remote backup providers cannot perform disaster recovery this way, and yet this is a common situation.
  • Agentless Architecture: in a typical SMB, there are numerous machines that must be backed up continuously. No one has time to install and update dozens of backup agents across all these machines, so it’s essential that just one server runs the backup/restore system and sends the backup data to the secure cloud-based data vault over a secure connection.
  • Intelligent De-duping: to reduce bandwidth requirements, a smart cloud backup solution recognizes where data is duplicated across a network —no easy feat— and sends only one copy to the server.
  • Message-Level Restore: often, a user doesn’t need an entire disk restored, but just a few crucial emails that were inadvertently deleted from the server. Message-level restore provides fine-grain resolution of the backup data, right down to a single email message for a specific user.

 

Sizing up a cloud backup system

If you’re a small-business owner or IT manager interested in cloud backup, here are some tips to get you started:

  1. 1.       Select a solution that meets your needs. Most businesses are now totally dependent on their computers and the data that resides on them. One major trend in small and midsized businesses, in particular, is that servers are now often used to manage email, contacts, directories and business-specific databases. To backup that data and —more importantly— to properly restore it, the backup system must be capable of accurately recreating the state of the server at the time of the disaster. Keep in mind that none of the consumer-grade backup solutions offer this facility.
  2. 2.       Look for flexible implementation models. Many SMBs have upwards of 80 GB of data that needs to be backed up, which means that it’s just not practical to use online backup solutions designed for consumers. Pricing models optimized for SMBs make it possible to make the jump to enterprise-grade cloud backup immediately, and then add advanced features like Exchange, Small Business Server, SharePoint Server, and Active Directory down the road.
  3. 3.       Shop around for the best price. Cloud backup services have driven down the cost of online data backup. Look for a provider that can get you started for as little as $50 per terabyte, per month, and yet still deliver comprehensive enterprise-grade cloud backup services.

Keep these ideas in mind as you shop for your cloud backup service and you’ll soon have one less think to worry about: the safety of your data.

About The Author: Omry Farajun is founder and president of Storage Guardian, a service used by small and midsize businesses, enterprises, and multiple-platform LAN computing environments that want to safeguard their critical business data in a secure, off-site location.