Greg Schulz of Computerworld shared some guidelines of tape virtualization. Tape virtualization is one of the popular topics when it come to storage. Some of the said advantages of making virtual tape libraries would include improvement of the performance of the back up, archiving and other related processes and smooth transition (from tape-based to disk-based).

Here are the ten points he raised in his article:

1. Integration of VTL in your business continuity, conditions of your site/location.
2. Storage devices to be attached to the VTL.
3. Projected storage capacity needed in the future.
4. Backup, archiving, etc. software supported.
5. Support of differencing or single-instance repository capabilities.
6. Determine if you are looking for a turnkey solution.
7. Resiliency and redundancy needed.
8. Security level needed.
9. Tape device and library emulation for your environment.
10. Necessary changes to your current setup.

The questions he raised in his article really make you consider your needs and the conditions of your system. All these questions will help you evaluate if you would use virtualization. You cannot just decide right away if you will use VTL because it could affect your system in a major way.

It is always good to look at the possibilities before arriving at some decisions like this one. It is best to do a full study before you spend on it. One of the important things you also have to consider would be the people who would be in charge of this project in your company. Who will be the ones in charge of the study and the follow up in case you do push through with it. Your data will be at stake so it is better to be safe than sorry.

Tags: Backups, Physical Security, Storage, Tips

Categories: Backups, Physical Security, Storage, Tips

Leave a Comment

Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.

For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.

Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.

[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]

Tags: infections, Malware, scan, Spyware, trojans, virus

Categories: Backups, IT Security Basics, Malware, Network Security, Operating Systems, Programming, Real-World Issues, Security Policies, Spyware, Storage, Tips, Wireless Security

Comments Off

When it comes to network security, the main focus is to of course protect your IT infrastructure. But if you had a choice, which is really important; the program or the data you have gathered?

At first glance it would have to be the data for sure. Software programs can be easily modified and replaced depending on the requirements of any organization. Database protection is important since without it, companies have no basis for analysis and comparison as far as actual performance and reference for clients stored in the database is concerned. If you had to rate both, it would be data first and software second.

There are other people who put premium on software of course. But this will depend on their contingency plan better known to most IT professionals as backed up or archived data. Normally this is so basic that you don’t need to remind anyone the need to have archived historical data in cases where system crashes or intrusions may occur. There will always be scheduled backups and archiving for any program using entity since these are valued and important as far as linking all transactions and tracing revenue.

But the actual safeguarding of these two IT elements is how you expose it. There are usually policies governing the actual level of exposure such as net presence or the use of external storage devices like CDs and floppy disks. Normally, these are discouraged but knowing people who are hard headed today, some of them still ignore these policies and even get away with it.

Tags: Backups, data, devices, Storage

Categories: Backups, IT Security Basics, Network Security, Operating Systems, Security Policies

3 Comments

Citibank an arm of Citi Corp, has suffered a data breach in the form of 7-11 Store installed ATM machines which were broken into by hackers who got away with millions according to the report on Yahoo News. The three hackers have been found, arrested and are currently under custody as the case is further studied and discussed in the courtroom.
The problem happened when these hackers got through third-party computers who handled debit card account transactions taking all the information they needed that was enough for them to engage in online transactions without the need for physical contact with any ATM machine.
The problem is another case of lax data security which in terms of ATM pins are said to be the most secure of all bank information systems for the potential is horrendous in terms of loss.

“PINs were supposed be sacrosanct — what this shows is that PINs aren’t always encrypted like they’re supposed to be,” said Avivah Litan, a security analyst with the Gartner research firm. “The banks need much better fraud detection systems and much better authentication.”

This shows that even with the repetitive problems and incidents of identity theft not everybody is listening and taking action to protect their information, as in the case of Citi Corp., their third party providers should have had ample measures such as encryption, and redundant security measures to prevent such incidents from even happening. Citi Corp., being one of the biggest multi-national banks with accounts all over the world should have check and balance systems that ensures customer information is safeguarded from such intrusions which in this case is going to cost them millions of dollars. The company has relied so heavily on systems based on Microsoft Software technology which has received continuous attacks and this is just another addition to the types of attacks they suffer from hackers.

Tags: ATM's Hacked, ATM-Fraud, Citi Corp., Citibank

Categories: Backups, Cryptography, General, IT Security Basics, Network Security, News, Physical Security, Real-World Issues, Security Policies

Leave a Comment

If you happen to be a small or medium scale company that cannot afford multiple data stores and infinite numbers of mirrored hard drives, that becomes a problem. An encrypted hard disk in a laptop that gets banged up damaging the hard disk may still have some of the information intact enough for recovery but damage some of the vital keys and software and you are left hanging by a thread or down in the gutters. Data recovery is possible but only through expensive methods with the hard disks being opened up, the platters extracted and installed into another similar hard disk for data extraction. Only the military and federal government would have enough cash to burn in terms of data recovery at that level for the price is computed in the amount of megabytes recovered and on a per hard disk basis, and imagine a 1 terabyte drive at say $50/MB then you’d be scratching your head by now, and that’s just for a single drive.
The risks of identity theft and information leakage is real but the technology is still quite prone to failure even with today’s quad-core which is why we didn’t discuss the performance issue in the discussion. Today’s multi-core processors are capable of handling complex tasks such as real time encryption and decryption as if there was nothing happening on the background. The performance issue has been addressed by more powerful microprocessors but the reliability of the hard disks which stores the information and even the CD’s are still quite weak. Till there is more definite proof that all parts of the computer has reached such a reliable level that failure is a less of a factor more people would still retain their own proprietary security measures (birthday passwords, flash thumb drives that always get lost and physically carrying their discs with them).

Tags: encryption, Security Policies

Categories: Backups, Cryptography, General, IT Security Basics, Malware, Network Security, Operating Systems, Physical Security, Real-World Issues, Storage, Wireless Security

Leave a Comment

McAfee, one of the industry’s leading software developers of anti-virus software have through its Avert Labs has discovered a new Trojan that infects WindowsCE which was developed for the Microsoft PocketPCs. The Trojan, disables data and network security rendering it useless and can be installed via memory card. The Trojan has the nasty ability to defy removal through software methods with the exception of a total re-format and re-installation of the applications and OS from a secure and safe source. Infected users are also asked not to use flash drives or memory sticks with saved data for they can also contain the code which spreads the trojan.The Trojan was discovered in China and makes itself the home page of the heavily reliant PocketPCs on the web. Information regarding the device, serial number and other personal information are then sent to the author of the Trojan leaving it open to future attacks and installation of malware due to security that has been turned off by the said Trojan.

The Trojan has been found contained snugly within legitimate installers and Asia being one of the fastest growing areas for mobile devices it would only take a little time before the said Trojan aptly named InfoJack spreads and wreaks havoc on Asia’s growing mobile PC community. The US-CERT or Computer Emergency Readiness Team has already taken notice of the said Trojan and is closely monitoring for further developments. Them along with anti-virus developers are currently developing methods of defeating the perpetrator and hopefully also capture the crook who designed the said malware.

Tags: PocketPC, Trojan, US-CERT, Windoes CE

Categories: Backups, Cryptography, General, IT Security Basics, Malware, Network Security, News, Operating Systems, Real-World Issues, Spyware

1 Comment

As the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
The name and brand which we would not name for obvious reasons have indeed admitted the weakness and that the advertised capability of the drive was wrong. As it turns out, the true 128-bit AES security system was used only by the RF chip and the controller on the drive which was easily defeated by removing the drive from the case and connecting to a now standard SATA drive connector. The drive was encrypted, but not at the ‘military grade’ levels that were advertised for the encryption chip used only a basic encryption level which was not up to par with accepted high-encryption standards.

Both the manufacturers of the controller boards, casing and key, have acknowledged the flaw and promise a more robust system (which is to use a more secure encryption chip that is said to come out this year but is still only in development) by the end of the year. So we guess the false advertising with regards to the encryption standard of the drives should be changed from ‘Strong 128-bit AES encryption’ to ’standard encryption’, which would only be fair for people do make choices based on the products qualities and capabilities.

Tags: data-security, Encrypted Hard Drives, encryption

Categories: Backups, Cryptography, General, IT Security Basics, News, Physical Security, Real-World Issues, Security Policies, Storage

1 Comment

The accessory cards for the standard PC has become so widespread that they come in many shapes and form allowing the connection of any number of security cameras. Triggered systems which rely on other security deterrents for activation allows the people monitoring the site to save on storage which used to be a bank of video recorders that were set to record in extended mode on a loop in a back office which was hopefully secure enough to prevent tampering and destruction by perpetrators. Off-site security allows monitoring over high-speed internet lines of the site without the danger of loosing valuable evidence in the form of video footage safely secured onto the company’s own storage servers or can be out-sourced to off-site data storage companies like Iron Mountain who specialize in secure and reliable data storage. The advent of high capacity hard drives like the Toshiba Terabyte Drive allows a huge amount of data to be stored with minimal hardware footprint. Seagate on the other hand has gone a step further by releasing hardware-based encryption in it’s hard drives which can be activated with the use of the Operating System making for one ultra-secure hard drive (well, till you forget the password or key to decrypt the drive making it useless or exceed the MTBF of the specified drive, ouch.. that’s 931 GB of lost data).
Security has become an ever present need and so is the drive to protect assets that are the essence of business organizations. These newer and cheaper versions of security systems add a level of security that assures us our assets stay safe and secure in the event of either man-made or natural disasters that are becoming quite common as life becomes harder and money is harder to come by turning people to a life of crime never before seen on this earth.

[tags]Securing Assets, Security[/tags]

Tags: Asset-Protection, Remote-Security-Systems, Security-Systems, Video-Surveillance, Wireless-Surveillance

Categories: Backups, General, IT Security Basics, Network Security, Privacy & Anonymity, Real-World Issues, Security Policies

1 Comment

Security cameras in its many shapes and forms have evolved into more of a necessity rather than a luxury usually available to those firms who could afford it. Developments in CCD technology and miniaturization of electronics components have allowed the price to fall steady making them widely available and easy to deploy. Similar to webcams, IP based security systems like the one from LPM, are now more and more becoming well accepted for like VoIP, it allows the video feed from a site hundreds of miles away to be sent over the internet to a security center in the company’s security center allowing centralized monitoring of warehouses and other facilities that would otherwise need security personnel saving in manpower costs.

The technology has evolved to a point that all one needs for IP-based security surveillance monitoring is a peripheral card one installs into the standard PC and the necessary cameras that are desired. Another deterrent of security systems of past was the requirement for extensive cabling which can be quite costly if one wishes to monitor a large area which needs to have all supporting cabling installed (power, video feed cables, audio cables, etc.). The advent of the many wireless radio communication technologies have also contributed to ease of implementation allowing wireless communication between a site’s central console and it’s subordinate cameras, who then send the information through the internet to it’s security base which can be a few blocs to hundreds of miles away.

[tags]Security Systems, Video Surveillance, Remote Security Systems, Asset Protection [/tags]

Tags: Asset-Protection, IP-Based-Surveillance, Remote-Security-Systems, Security-Systems, Video-Surveillance

Categories: Backups, General, IT Security Basics, Network Security, News, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage

Leave a Comment

USB has been around for quite sometime and was designed to replace the interface capabilities of the old legacy standard. Today, most PC’s, Laptops and other peripherals have USB ports or have the capability of connecting to one such as keyboards, mice, digitizing pads, digital camera’s, video camera’s, flash disks and the device types goes on and on. They have become so common that many security experts warnings on their danger have gone unheeded, till now that is. Recent security holes and other problems associated with malware and viruses that have been transmitted through the USB port have risen to the point security people had to listen. These interface ports are quite convenient and easy to use that even the most beginner can plug an infected device such as a flash disk loaded with malware or viruses that they easily get through standard security. They are so small that physically banning them can be next to impossible and I’m sure you’ve read the several articles regarding the iPod which was connected to the corporate network…etc. Expert’s advice that to minimize their use for no good, disable them on-board or do not bother connecting them at all at the hardware level. This would render them truly unusable for some people however innocent of the workings of a PC or other computer type can enable them in the control panel easily. Unbeknownst to many, most devices that have flash memory can be used to store files other than video or pictures for they can be formatted using the operating system’s format utility or the propriety software such as iPod’s iTunes which can have even the most basic iPod Shuffle function as a flash disk allowing transport of say documents and other such files.

Tags: Flash-Drives, USB-devices, USB-Dongles

Categories: Backups, General, IT Security Basics, Malware, Network Security, Operating Systems, Physical Security, Security Policies, Storage, Tips

4 Comments