Friday, July 25, 2008

PC LCM----> Your Virtual Assistant…

Are you a Sys Admin perplexed and tired of running around maintaining your systems…
Are you worried that the right patches have not been downloaded and installed….
Are you not aware of which licenses are about to expire and when?

Do not Despair… Just adopt a PC Life Cycle Management Solution and put all your fears to rest… Relax and Relish your work…

Properly managing an IT environment requires expertise and often takes significant amounts of time and effort. System administrators are responsible for providing their organizations with access to critical applications and services while ensuring that systems perform optimally and remain secure. Unfortunately, keeping pace with the frequency of changes in an IT environment of any size can be a daunting task. The problem is often more pronounced in midsize organizations, where system administrators are forced to juggle many responsibilities.

Issues such as deployment, monitoring, and updating computers can have a significant impact on organizations’ budgets (not to mention system administrators’ blood pressure).

While it might be possible to complete some tasks manually, the number of devices and applications that must be managed can quickly become overwhelming. Add in priorities unrelated to desktop lifecycle management, and help is sure to be welcome. The best solution for managing IT environments that are increasing in size and complexity is through automation.

It is here that PC Life Cycle Management Solutions step in and help you mitigate all the associated complications.

A typical PC Life Cycle Management Solution will do the following for you:

• Sophisticated MSI packaging
• Unattended remote client resets
• Comprehensive inventory-based distribution
• Global scheduling of jobs and executing them
• Intelligent multicast replication
• Complete system repair

• Drag and drop configuration management
• Backup/restore of user personality and locally saved data from a single PC
• Centralized reporting functions
• Native integration with the Directory services.
• Patch management to distribute patches and virus updates
• Bandwidth throttling
• Mandatory (push) and software request (pull) distribution
• Wake on LAN
• OS deployment
• A single Management console to manage all your devices
• Security Management
• Define process workflows to dynamically manage the devices on the network right from purchase to retirement

How does my organization and I benefit if we opt for a PC LCM?
• Reduces I.T. Labour and Asset ownership costs
• Adherence to both internal and external compliance standards.
• Consistent User Experience
• Centralized and Single Management Console reduces the strain on the Sys Admin
• Know what you have in your network and where in a jiffy.
• Up to date and current information about the health of your devices allows you to undertake preventive measures.
• Streamline the existing process and ensure that there is a common policy to handle unforeseen circumstances.
• Automatically update, deploy and manage the software on the clients.

References:
1. www.Microsoft.com : White paper on PC Life Cycle Management
2. www.Pactech.net/wininstall

Thursday, July 24, 2008

BACK UP, For The Sake Of Your Critical Data



Critical data is the lifeline of any business and hence needs to be archived. But what is the best way to do so? How long can this data be stored? And can lost data be recovered?

We look at some answers.

Key BenefITs

• Don’t lose any essential data.
• Comply with all audit and government requirements.
• Reduce storage costs, by moving data across a hierarchy of media.

Back up, For The Sake Of Your Critical Data

Every day, a huge amount of critical data is created in any business through its daily transactions with dealers, distributors, customers, employees, etc. There are also records like contracts, taxes, client contact details, etc, which are of immense importance. All this critical data needs to be preserved/archived for future reference. This is done by making a back-up of the data regularly, based on the requirements of the company. Most firms take daily back-ups of critical data. The back-up helps them when they need access to a file that was used a few months, or even years, ago.

“The business data, be it in paper or digital form, is the lifeline for any organisation. So, storing and backing it up carefully is of utmost importance to keep the lifeline always up,” justifies Arun Attri, IThead, Barista Coffee Company

Storage options

There are various methods of storing critical data. In general, back-ups are done to tape, with multiple back-up sets. Critical data is often backed up to disk storage and then moved to tape. When backed up to disk, the data restore time is less. The use of disk-based storage improves recovery time objectives (the time and service level within which a business process must be restored after a disaster), offers superior reliability and improves the efficiency of WAN Wide Area Network)-based remote back-up and replication. Disk storage is the best way to preserve data for longer periods of time. With data de-duplication in use, disk storage can offer the same economies as tape storage. “Data de-duplication is one emerging solution to the challenge of backing up exponentially growing volumes of data and preserving it for extended periods of time. Data de-duplication is a process that eliminates redundant data from the total volume of data that needs to be backed up. In doing so, it reduces both secondary storage requirements and network bandwidth needs,” adds P K Gupta, director, Asia Pacific & Japan (back-up, recovery and archive solutions), EMC Global Services. For example, when an e-mail with an attachment is received by multiple recipients within the organisation, data de-duplication ensures that only the first instance of the attachment is backed up. All other back-ups simply point back to the previously stored instance of the file.

For network-based solutions, the recommended method is using a centralised storage solution—the user’s data is stored to NAS (network attached storage) and then backed up to tape. Disks are expensive, so data is stored in tapes with multiple copies. Most firms use disks and tapes for critical data storage. “Tapes as well as disks are used for storage. We use HP-Tape Library (Ultrium-3)”, says Attri. Renny V Mathew, systems administrator, Avio Helitronics Infosystems, reveals, “We use LTO (linear tape open—a high performance magnetic tape storage technology) Gen 3, Symantec Backup exec 11d for server software, and Tandberg T24 Tape Library Single Drive with 12 tape slots.”

The frequency of back-ups

Daily and weekly back-ups of crucial data are the need of the hour. There are two main back-up methods: daily incremental and weekly full back-ups. “We take daily incremental and weekly full backups,” says Mathew. The daily, weekly or monthly back-up is stored and also tested regularly. Attri asserts, “We take incremental (daily) as well as full back-ups (weekly) of our critical data in our Backup Tape Library using HPData Protector software. On a monthly basis, the copy of the full back-up is also replicated to separate disks for storage. We even do restore tests for old tapes after some interval to check the health of the data and media.”

Software like Buffalo’s Memeo Auto Backup help users to take regular back-ups by setting instructions for daily or weekly back-ups. The EMC Avamar data de-duplication solution provides daily back-ups that can be quickly recovered in just one step — eliminating the hassle of restoring full and subsequent incremental back-ups to reach the desired recovery point.

Backed up for years and years

The time period for data storage depends on company policies, regulations and guidelines. “We can store data to tape for a period of 2-3 years. And we can store data to disk depending on the life of the disk. Using RAID (Redundant Array of Independent Disks) technology (that uses two or more hard disk drives to achieve greater levels of performance and reliability for large volumes of data) we can store data for over a 100 years,” says Kamal Kannan, engineer storage, 22by7 Solutions Pvt Ltd.

This is an excerpt from the article "Critical data Storage" published in the July 2008 issue of BenefIT magazine.


Source: ManageIT section from BenefIT magazine July Edition.

Monday, July 21, 2008

Guaranteed!!! Peace of mind... with Disk Encryption


“700 laptops with crucial, sensitive Military secrets have been stolen in U.K.” ….. This was reported by a leading news daily on Saturday 19th July 2008.

Imagine the threat of this data falling into the wrong hands….

Imagine a similar situation befalling your organization?

Are you prepared to thwart such an eventuality?

If the answer to the above question is no, then DISK ENCRYPTION will help you overcome such situations and will ensure your peace of mind.

What is Disk Encryption?

Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e.g., a hard disk, USB drive, Zip drive or a flash card/drive). It is a technique that allows data to be protected even when the OS is not active, for example, if data is read directly from the hardware as compared to access restrictions commonly enforced by an OS.

What are the types of Encryption?

Encryption can happen at the following levels:
1. Full Disk encryption- ideal for devices on the move like laptops, notebooks, palmtops, USB sticks.
2. Partition level encryption
3. Encrypted Containers stored in the regular file system also called as HIDDEN VOLUMES
4. File System level Encryption

Most Disk Encryption systems use a combination of the below mentioned techniques:
• Cipher Block Chaining(CBC)

• Electronic Code Book(ECB)
• Cipher Feedback(CFB)
• Output Feedback(OFB)
• Counter(CTR)
• Cryptographically Secure Pseudorandom number generators(CSPRNG)
• Message Authentication Codes(MAC)

Advantages of Disk Encryption:
1. Assures that intellectual property and sensitive or legally protected information is accessible only to authorized users.
2. Meet regulatory compliance requirements through strong, centrally managed encryption
3. Ensures confidentiality of data
4. Protects data even when OS is not in use.
5. Ensures that data cannot be accessed by unauthorized users
6. Makes the disk/data unusable in the event of unauthorized access.
7. Encryption/Decryption is done transparent to the users.

Monday, July 14, 2008



The Storage Disk Space you bought recently is soon exhausting. Are you considering buying more disk space?

Ever thought of reducing your Backup Window?

Read on…


Data De-Duplication often called "intelligent compression" or "single-instance storage" is a method of reducing storage needs by eliminating redundant data, operating at the file, block, and even the bit level. Only one unique instance of the data is actually retained on storage media, such as disk or tape. Redundant data is replaced with a pointer to the unique data copy. Hence only one instance of the data is saved.

Why do you need it?

Data de-duplication helps to improve data protection, speed up service and reduce cost.

Where does de-duplication take place?

De-duplication can happen at:

1. The Host or Source: Here, the data is checked for duplicate matter at the client itself before sending the data to the storage system.

2. The Destination: Here, the complete data is sent over the network to the designated storage system. Then the De-duplication system starts working at the disk device or on the virtual tape library as a process after the data is received.

Host Based systems are significantly advantageous over the Destination based systems because they send only one instance of the data over the network, thereby ensuring that the network bandwidth is not clogged. Also, since only the unique data is received by the storage system, it makes it easier and faster to store the data and create recovery points.



What are the Key business benefits of data de-duplication?

The following are the benefits derived by an organization that implements data de-duplication:

· Increasing overall data integrity and end with reducing overall data protection costs.

· Lower storage space requirements – it reduces the amount of disk space needed by users for backup by 90 percent.

· Longer disk retention periods

· Reduced power, space and cooling requirements

· Higher restore service levels

· Media Handling errors are reduced

· Availability of more recovery points on fast recovery media

· Efficient use of disk space

· Better recovery time objectives for a longer time

· Reduces the need for tape backups

· Reduces the data to be sent over a WAN for replication, remote backups and disaster recovery, which in turn ensures that the network bandwidth is not choked.

Say Good Bye to Data Leakage--



A recent survey of top security professionals carried out by a leading Consultancy firm revealed some scary but realistic statistics:

1 in 3 companies investigated a breach of confidential data last year.

1 in 4 companies experienced an “embarrassing” leak of confidential information.

1 in 5 emails contains a legal, financial or regulatory risk.

If you are like most corporations, you are finding yourself in the midst of an information explosion. Sensitive data is no longer controlled under lock and key in data centres or file cabinets. Sensitive data is everywhere. This data is an easy prey to leakage which will hamper the competitive advantage that you may have in the market.

This is where Data Leak Prevention (DLP) technology/products come to your rescue.

What is DLP?

DLP is nothing but the use of various techniques to prevent critical data from unnecessarily leaving the organization. DLP products can be defined as:

“Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use, through deep content analysis.”

Some of the most common techniques used in these products to detect and prevent unauthorized extrusion of data are:

1. Rule bases/ Regular expressions

2. Database fingerprinting

3. Exact File Matching

4. Partial Document Matching

5. Statistical Analysis

6. Conceptual/Lexicon

7. Predefined Categorization.

What are the main features to look out for in a DLP solution?

In this day and age, it is impossible to expect your employees to be fully cognizant and ready to comply with all data protection compliance rules. Hence look for a DLP technology that can:

1. Protect sensitive data without slowing down your business or frustrating employees trying to do their job.

2. Meet data protection compliance guidelines through the ability to encrypt, redact, block or quarantine sensitive data before it damages your business.

3. Real time performance

4. Virtually zero false-positive rates.