Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

What do you want risk management standards, frameworks and guidelines to do for your success? Many people depend on these documents to provide needed guidance. Yet, you have heard the reasons people give for not wanting to deal with risk management standards and frameworks. Perhaps you have even voiced these yourself, at one time or another:

  • Our organization is so unique, no one standard or framework could possibly apply.
  • Standards are the same as regulations—we don’t need more regulations.
  • We know what we are doing—we don’t need any guidance. Those things don’t apply to us anyway.

Whether we like it or not, standards are a part of life and our daily language. We refer to a gold standard as a measure of excellence. There are standard breeds of dogs, horses and even chickens. We have internet standards. And what would we do without standards of care, and food safety standards?

...

http://www.riskmanagementmonitor.com/how-to-influence-risk-management-standards-frameworks-and-guidelines/

(TNS) - If all goes as planned, this will be an extra-special Fourth of July for Gerry Dees and his family.

Six months ago, Dees, 70, watched as floodwaters inundated his home on Garden Street in Kincaid, a small Christian County community about 30 miles southeast of Springfield, Ill. He was able to salvage some personal items, but the furnace, appliances, furniture and interior of the home were destroyed.

Luckily, Dees has a carpenter friend who volunteered to help him rebuild. They gutted the house and rebuilt it so that it now looks like new. Dees and his wife of 47 years, Luana, hope to move back into their home by July 4.

“I just want one day in the house. After that, God can come and get me,” Gerry Dees said.

...

http://www.emergencymgmt.com/disaster/6-months-later-Kincaid-flood-recovery-still-underway.html

(TNS) - Daniel Wurst knows to the penny how much the 2009 basement flooding of the duplex he rents out at 658 Ross Ave. cost him. And the flooding his property experienced on June 2 was much more costly, he said, when he recently urged city officials to solve the problem that sent two feet of raw sewage into its basement.

“Back in the high flood of 2009, I spent $1,845.94,” Wurst told Hamilton, Ohio, City Council last week. “I got a ‘Dear John’ letter, same as this gentleman got over here from the city insurance adjuster. He stated in there, in my copy, it was an ‘act of nature.’”

Wurst was among several property owners who addressed council last week , saying their buildings have been swamped multiple times by raw sewage and expressed frustration that the flooding hadn’t been addressed since a heavy storm in 2009 that cost many of them thousands of dollars.

...

http://www.emergencymgmt.com/disaster/Hamilton-still-formulating-ways-to-solve-flooding.html

Managed Service Provides Powerful End-To-End Security for Data 'In Flight' Over Public or Private Networks

DALLAS, Texas  Masergy Communications Inc. today announced WAN Encryption, a managed service that protects data end-to-end while in transit for software-defined WAN connectivity between applications and users.

WAN Encryption is the latest addition to Masergy’s robust managed network functions, which includes routers, firewalls, session border controllers and WAN optimization delivered on premise, via software and in the cloud. Masergy’s unique managed encryption solution offers customers the choice of either a hardware-based option or a virtualized network function running on the Masergy Intelligent Bridge (MIB).

WAN Encryption permits enterprises to leverage traffic from both dedicated WAN services and the Internet while maintaining full control over encryption policies and keys. This service is for customers who need to send highly sensitive data over public or private networks with strong encryption and service flexibility.

Organizations can add managed WAN Encryption to Layers 2, 3 or 4 of their networks on a per-application basis. Key features include:

  • Software-Defined Traffic Protection
  • Simple Policy Management
  • Powerful Key Controls
  • Certificate Management
  • Easily Audited Security for Privacy Compliance

The new service leverages Certes Networks’ patented Crypto-Flow® technology, which is among the strongest commercially available encryption solutions for protecting enterprise applications traversing any network. CryptoFlow ensures communications integrity and provides a foundation for advanced access control that shrinks an enterprise’s attack surface.

“In this era of increased threats, Masergy has teamed with Certes Networks to bring an essential layer of protection to business critical applications,” said Tim Naramore, CTO, Masergy. “WAN Encryption provides a managed service approach to encryption policies and key management, which reduces the complexity of managing a sophisticated safeguarding process.”

“Application security is a pressing concern for organizations today, and with new threats constantly being discovered, having flexible, adaptable software-defined security in place is essential,” said Satyam Tyagi, CTO, Certes Networks. “We are delighted to be working with Masergy to help more organizations combat these threats with our unique CryptoFlow Solutions.”

About Masergy

Masergy owns and operates the largest independent Software Defined Platform in the world, delivering hybrid networking, managed security and cloud communication solutions to global enterprises. Our patented technology, customizable solutions and unmatched customer experience are why a growing number of leading organizations rely on Masergy to deliver performance beyond expectations. Learn more about Masergy and follow us on our blog Transforming Enterprise IT, Twitter @Masergy, LinkedIn and Facebook.

The Business Continuity Institute - Jun 28, 2016 15:02 BST

Almost half (45%) of firms with cyber insurance are unsure if their policy is up-to-date for covering new cyber social engineering attacks, and only 10% believe it is completely up-to-date. Just 43% of firms with cyber insurance are confident that their policies would pay out for whaling financial transactions. Nearly two-thirds (64%) of firms don’t have any cyber insurance at all.

The research by Mimecast highlighted that the rise of whaling (CEO fraud) has created an attack climate where many insured organizations may not be protected from fraudulent transactions because they fall outside of the coverage scope of when their policies were originally signed. While over half (58%) of organizations have seen an increase in untargeted phishing emails, 65% have seen targeted phishing attacks grow and 67% have seen a spike in whaling attacks, where a cyber criminal dupes employees into making fraudulent transactions on behalf of a CEO or CFO. Additionally, 50% said they have seen social engineering attacks that utilize malicious macros in attachments increase.

With cyber attacks and data breaches being the top two concerns for business continuity professionals, according to the latest Horizon Scan Report published by the Business Continuity Institute, it is important that organizations have plans and processes in place to deal with these types of attacks materialising. If this includes having an insurance policy, then clearly it makes sense that the policy covers what it is intended to.

Cyber insurance uptake is growing quickly but a lack of employee training on the latest email attacks is leaving organizations at great risk of breaking policy terms,” said Steven Malone, director of security product management, Mimecast. “While insurers often pay for clean-up fees after a breach, it is important that organizations check that their policies protect them if an employee is tricked into sending a large amount of money to a fraudulent account. Attacks where employees are tricked into sending personal data or intellectual property are even less likely to be fully covered."

"With the cyber security landscape constantly evolving, cyber insurers will have great difficulty keeping their coverage up-to-date. A comprehensive cyber resilience strategy is only effective alongside regular employee training on the latest threats combined with appropriate technology fail-safes.

The majority of organizations are not able to establish full control over user activity in their IT infrastructure, and new technologies make it even more difficult

IRVINE, Calif. – A majority of organizations report that they lack visibility into their cloud infrastructure, file shares, user activity and mobile devices, greatly impacting data security and system uptime. This data is among the findings of the recent 2016 Netwrix Visibility Survey conducted by Netwrix Corporation, the first vendor to introduce a visibility and governance platform that supports both on-premises and hybrid cloud IT environments. The survey represents more than 830 respondents who shared their experience and insights about visibility into their IT environments and the impact on cyber security.

The survey, conducted by Netwrix in April and May 2016, was designed to identify the means organizations are using to gain visibility into IT infrastructures, understand whether they get a competitive advantage from their choices, and explore what challenges they might face in the future. The organizations surveyed operate in 30 industries worldwide and represent businesses of all sizes.

The survey’s key findings include:

  • Almost 65% of organizations do not have complete visibility into user, IT and third-party activity in their IT infrastructure

  • 75% of respondents have partial or no visibility into their cloud and hybrid IT environments

  • A strong majority of respondents (78%) are unaware or only partly aware of what is happening across their unstructured data and file storage

  • BYOD infrastructure is the most challenging area, with 83% of organizations reporting zero or only partial visibility into user personal devices

  • Almost 47% of respondents believe that the increasing complexity of IT infrastructures will make achieving visibility even more difficult in the future

Organizations around the globe show growing interest for ensuring visibility into IT infrastructure. In today’s ever-changing threat landscape, companies simply cannot foresee all possible cyber threats that could affect their data security and system uptime. Understanding what is happening in the IT infrastructure, including who or what causes malicious events, enables timely threat detection and prevents serious damage,” said Michael Fimin, CEO and co-founder of Netwrix. “We expect market demand will remain high in the next few years, as visibility software will be further improved to offer comprehensive insight and security analytics into problem areas like cloud, user activity, unstructured data and mobile devices.”

According to Gartner, “Advanced targeted attacks make prevention-centric strategies obsolete. Securing enterprises in 2020 will require a shift to information- and people-centric security strategies, combined with pervasive internal monitoring and sharing of security intelligence.”1

1 Gartner, Prevention Is Futile in 2020: Protect Information via Pervasive Monitoring and Collective Intelligence

To download the 2016 Netwrix Visibility Report, please visit: http://www.netwrix.com/go/visibilitysurvey2016

About Netwrix Corporation

Netwrix Corporation was the first to introduce a visibility and governance platform that supports both on-premises and hybrid cloud IT environments. More than 150,000 IT departments worldwide rely on Netwrix to detect insider threats on premises and in the cloud, pass compliance audits with less expense and increase productivity of IT security and operations teams. Founded in 2006, Netwrix has earned more than 90 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S. For more information, visitwww.netwrix.com.

VDO for hybrid cloud enables enterprises to maximize density, lower TCO

CAMBRIDGE, Mass. – Permabit Technology Corporation, the leader in data reduction technology, today announced the latest release of its Virtual Data Optimizer (VDO) software, VDO 6. The newest release of VDO delivers the company’s patented deduplication, HIOPS Compression™ and thin provisioning in a commercial software package for Linux, expanding availability beyond the OEM marketplace to include the leading Professional Services organizations that are enabling today’s modern Hybrid Cloud data centers. New to this release is the VDO for Hybrid Cloud package, which simplifies the installation and configuration of VDO in data centers running Red Hat Enterprise Linux. Also new is the addition of the VDO Optimizer™ file system, which provides up to 20x improvement in data reduction rates when used with existing archive and backup applications. “As the volume of data they store continues to grow and at ever-increasing rates, IT infrastructure teams find themselves between this irresistible force and the relatively inelastic walls and power distribution systems of their data centers,” said Howard Marks, Chief Scientist at DeepStorage, LLC. “A solution like Permabit’s VDO will not only optimize data on local storage but also in a hybrid cloud, significantly reducing the cost of cloud storage as well as the network load and storage ingest charges, since data is reduced before it’s transferred.” VDO is the only modular data reduction solution available for the Linux block storage stack that works with the broad range of open source and commercial software solutions. As a ready-to-run kernel module for Linux, VDO works directly with Linux block devices and file systems across all types of cloud storage. This unique block-level approach allows Permabit customers to leverage existing file systems, volume management and data protection to deliver 4K inline, highly scalable data reduction in their Linux storage environments. Out of the box, VDO supports block, file and object storage on Red Hat Enterprise Linux and is compatible with Red Hat OpenStack, Ceph and Gluster. “Widespread adoption of public, private and hybrid cloud computing is ushering in a new age of efficiency in IT,” said Tom Cook, Permabit CEO. “Data reduction increases data center density and maximizes cloud efficiency. By introducing data reduction technologies, like Permabit VDO, on a global basis we could see $1.5 trillion saved in data center build-out, $10 billion saved in power costs and the prevention of 20 million metric tons of carbon emissions by 2020. This not only saves businesses precious capital outlays, it will help save the planet! Embracing efficiency is the only way to get more into your cloud.” VDO for Hybrid Cloud is currently being evaluated by the world’s largest financial and communications companies as well as large government agencies. It is available immediately to Permabit storage OEMs and Hybrid Cloud Professional Services partners. For additional information on VDO 6 visit us at http://www.permabit.com.
About Permabit Permabit pioneers the development of data reduction software that provides data deduplication, compression, and thin provisioning. Our innovative products enable customers to get to market quickly with solutions that cut effective cost, accelerate performance, and gain a competitive advantage. Just as server virtualization revolutionized the economics of compute, Permabit software is transforming the economics of storage today. Permabit is headquartered in Cambridge, Massachusetts with operations in California, Korea and Japan. For more information, visit www.permabit.com.
ioFABRIC Survey of Spiceworks Users Shows That SDS Is On-Track With Extending Life of Storage

TORONTO, ON – A recent survey revealed the most common storage challenges facing IT professionals today – and it's no surprise that meeting capacity and performance demands, and containing costs, top the list of complaints.

Nearly 200 people responded to the survey, conducted by ioFABRIC on Spiceworks, the social and professional network for tech workers. IT pros said their biggest frustrations by far are capacity limitations (34 percent) and high costs (29 percent), followed by delivering appropriate performance (15 percent).

  • "It is a constant conflict between rapid growth in data, and keeping up in terms of storage space, backup capacity, and resources," said the technology manager at a Statesville, NC manufacturing company.
  • "Budget restrictions require us to use equipment long beyond normal life cycles," said a technical support specialist at a Colorado nonprofit.
  • "The biggest conflict is bandwidth limitations, and almost always hitting peak when it's under mass usage," said a technician for a California public school district. "It greatly disrupts workplace action due to the strain."

Concerns about capacity, performance, and costs are driving users to software-defined storage, because one of its major benefits is extending the capability of existing storage, and adding performance and capacity without excessive costs. Indeed, nearly half (48 percent) said extending the life of their current storage investment would help solve their problems. One-third (33 percent) doubted this would be of use, and the rest (nearly 18 percent) said maybe or somewhat.

  • "Anything to save money and extend the life of our equipment reduces stress," said the director of IT for a small network of New England hospitals.
  • "I would rather get newer equipment with larger capacities and more processing power than try to extend the life of my existing SAN," said the network manager for a South Florida social service organization.
  • "Somewhat. I have about a thousand other problems right now, but extending the life of my existing storage would solve at least one of those problems," said the systems administrator for a Midwestern agricultural equipment retailer.

"While some of these issues are evergreen – increasing capacity and performance, within budget – the interest in maximizing their current infrastructures shows that most users are not motivated to perform major upgrades now, which is good news for software-defined storage," said ioFABRIC CEO and Co-founder Steven Lamb. "Fortunately those who are hoping to upgrade will find a software-defined approach enables them to add newer technologies like flash arrays or cloud storage easily and without risk or downtime."

About ioFABRIC

ioFABRIC Inc. is a software-defined storage company that increases business agility while reducing storage costs. Its vision is to transform storage into something a business can simply depend on, eliminating admin demands, and freeing IT time to focus on true business innovation. Its flagship product, ioFABRIC Vicinity, drastically reduces storage OPEX and CAPEX with intelligent automation and growth through commodity hardware and the cloud. Vicinity Solutions are available to extend existing storage systems, solve migration problems, and deploy as distributed storage, hyperconverged, or Docker. Vicinity is sold through ioFABRIC's reseller and distribution channel, supported by its industry leading LEaD program. Partners sell Vicinity as licensed software with support or by white-labeling it with additional hardware and/or software. Founded in 2013 by an executive team that has worked together for more than 20 years, the company is funded by private investors and Real Ventures. ioFABRIC is an industry leader in customer service and product development: agile and responsive. For more information visit www.ioFABRIC.com/Learn.

Follow us on LinkedIn
Follow us on Twitter

With ECX 2.4 Catalogic Expands Enterprise Use Cases for Copy Data Management and Delivers New Advanced Capabilities for DevOps and Hybrid Cloud

WOODCLIFF LAKE, NJ – Catalogic Software, the leading provider of software-defined copy data management (CDM), today announced the release of ECX 2.4, the newest version of its award-winning software platform. This release delivers significant capabilities by adding Oracle and SQL application aware integration, support for EMC Unity storage, native support for Amazon Web Services (AWS) and deepening integration with popular DevOps tools. ECX 2.4 includes several other significant features that expand the capabilities of the platform for new and existing customers. 

As the market's only independent "In-Place" CDM solution, ECX is designed to leverage the snapshot and replication technologies of the existing storage and virtual infrastructure in a customer environment. This in-place CDM approach has significant advantages over alternatives in that it requires no additional infrastructure for the customer to purchase and manage, and leverages the existing production environment rather than requiring the creation of new copies of data. This advantage is especially powerful in database environments where the databases need to remain online and accessible continuously, and there the data volumes make the creation of extra copies untenable. 

"Today's release of ECX 2.4 delivers deep integration for both Oracle and SQL, allowing our customers to leverage their existing infrastructure to further expand their ability to eliminate copy sprawl, while dramatically improving their capabilities to deliver fresh copies of key databases to those functions and business units that demand them," commented Ed Walsh, CEO of Catalogic. "At the same time, we are delivering huge advancements in ECX's capabilities for both Hybrid Cloud and DevOps -- two key modernization initiatives that our customers are pursuing." 

With its application aware integration with Oracle and SQL database management systems, ECX delivers the most robust and cost effective CDM solution for mission critical database environments, solving the database sprawl problem that most customers wrestle with today. Today, it is common for an enterprise to have more than 200 database instances and have more than 10 copies of each database, creating an unmanageable amount of copy data that wastes capital and operational costs. Managing the copy environment slows down IT efforts across multiple fronts: test and development, reporting and analytics, DevOps and more. The enhanced database features in ECX 2.4 -- including data masking, integrated pre- and post-scripting and log management -- eliminate the copy sprawl problem and dramatically simplify managing, tracking and accessing database copies.

"Catalogic has been making great headway in the management of copy data, and their move into deeper database integration is a logical and significant progression," said David Floyer, CTO & Co-founder of Wikibon. "By simplifying the complex steps involved in providing actionable, up-to-date database copies to multiple data consumers in an organization, Catalogic enables IT to provide much faster and controlled time-to-data-copy, significantly increases the Data Value of databases, and take a long step towards full digitization of the organization."

The addition of integrated AWS S3 storage support enables ECX copy policies to now be directed to AWS S3 destinations, giving ECX customers the option to extend the management and use of data to the public cloud while maintaining full control and orchestration through the centralized CDM platform. This is one of several hybrid cloud use cases where ECX allows customers to extend the creation and management of copy data to the cloud without changing existing processes and methodologies.

Catalogic continues to offer IT organizations innovative ways to enable rapid DevOps development methodologies. Adding to the already available ECX ability to drive "infrastructure as code" using enterprise storage arrays, today's release includes a plug-in for popular DevOps tool Puppet, allowing Puppet users to directly manage and deploy live operating environments that include the use of a copy of the relevant application data, entirely through the Puppet console using native Puppet commands. The Puppet plug-in is one of a series of new add-ons via the Catalogic ECX Marketplace, a new on-line store for sharing and downloading new capabilities. Pre-built, downloadable scripts and plug-ins allow easy integration of the ECX RESTful API with Chef, Puppet, IBM UrbanCode DevOps tools among others. In addition, Catalogic ECX is now available as a development tool on the IBM Bluemix Garage, giving developers an easy means to access system-of-record infrastructure without affecting production environments. https://www.ibm.com/devops/method/content/code/tool_catalogicecx/

"DevOps is hard. Don't let anyone tell you different. It requires buy in from all relevant individuals, the willingness to change departmental and even corporate culture, and above all the right tools," commented Trevor Pott, founder of eGeek Consulting. "Catalogic's self-service portal and API access give developers the ability to manage and provision their IT environments. At the same time operations can set limits using profiles and role based administration. This latest release delivers a bundle of valuable capabilities, further demonstrating Catalogic's commitment to enabling DevOps for a broad set of IT customers. Catalogic makes taking that first, critical step towards more modern IT practices easier and more palatable for all involved."

With this release, Catalogic ECX is the first copy data management solution to support the EMC Unity product line ECX 2.4 also adds support for the EMC Unity Family of storage arrays, including Unity 300, 400, 500, 600 (All-Flash and Hybrid Flash) and EMC Unity VSA.

ECX 2.4 Summary of New Key Features:

  • Oracle and SQL integration
  • Support for EMC Unity storage
  • Native support for AWS S3 Storage
  • IBM Bluemix Integration
  • Integration of customer pre- and post-copy scripting
  • Multitenancy and scalability
  • Integrated Developers Marketplace
  • Plug-In for Puppet

Key Links

About Catalogic Software
Catalogic Software is the market's only independent provider of in-place Copy Data Management (CDM) solutions. Founded in 1996 and with thousands of customers worldwide, Catalogic's mission is to enable IT organizations to leverage their copy data, delivering significant reductions to CAPEX and OPEX while providing superior services to the business. With its software products, Catalogic helps clients Manage, Orchestrate and Analyze their Copy Data across their enterprise and cloud in support of mission critical IT functions including disaster recovery, test/dev, DevOps, next generation data protection, and business analytics. Learn more at www.catalogicsoftware.com