Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

MARLBOROUGH, Mass. – Sepaton, Inc., maker of the world's fastest and most scalable data protection solutions for large enterprises, today announced the results of the fifth annual Sepaton Data Protection Index, an annual survey of large enterprises in North America and Europe with at least 1,000 employees and at least 50 terabytes of primary data to protect. The survey elicited responses from more than 200 IT professionals across a wide range of vertical industries to define and quantify current data protection trends and challenges for enterprise data centers.

Specific areas covered by the survey, included data protection technologies currently in use; key data protection challenges facing enterprises; and data protection priorities for 2014.

The following are key findings based on the survey results:

  • Explosive data growth. Nearly half (43 percent) reported data growth of more than 15 percent annually, including nine percent who characterized their data growth as “explosive” with growth of 25 percent or more annually.
  • Massive data volumes. More than 52 percent of respondents have full backup volumes of more than 100 TB, including 27 percent with full backups between 500 TB and 1 PB.
  • More complexity. Most enterprises (27 percent) are using a mix of tape and virtual tape but many are also using a wide range of other technologies (snapshots, cloud, etc.). Companies are also using a wide range of protocols to backup data. Just five percent are using Fibre Channel (FC) only.
  • Inadequate data protection. Nearly half of respondents (46 percent) did not feel that their backup environment was meeting their needs. Fifty five percent are not encrypting their data at rest and more than a fifth of respondents (21 percent) are not providing disaster protection for their data.
  • Focus on accelerating performance and efficiency. Data protection priorities for 2014 are focused on addressing the challenges caused by explo­sive data growth. Specifically, on increasing backup performance, implementing data tiering, and controlling data center sprawl.

“As the survey report reveals, enterprises are focused on ways to mitigate the results of unprecedented data growth: higher performance systems to meet backup windows, reducing data center sprawl, managing costs and IT complexity by consolidating multiple backup targets, and reducing backup volumes through data tiering,” said Peter Quirk, director, product management, Sepaton, Inc. “Enterprises are looking for more efficient deduplication of databases and semi-structured data; fast, hardware-based encryption; and systems that provide performance and scalability to maintain service levels and meet regulatory requirements.”

For more details, interested parties can download the full survey report here.

About Sepaton, Inc.

Sepaton delivers the world’s fastest, most scalable and cost-efficient data protection solutions designed to enable large, data-intensive enterprises to store, move, access and protect critical data with the fastest recovery time in the event of a failure. Built on modular, grid scalable architectures, Sepaton offers the S2100®-ES3 for virtual tape library environments and the VirtuoSO for network attached storage (NAS) featuring multi-protocol support, highly efficient deduplication, performance-optimized data movement, and advanced management and reporting at the lowest total cost of ownership. Sepaton is headquartered in Marlborough, MA, and has an office in London. For additional information call 866-Sepaton or visit http://www.Sepaton.com.

Spreadsheets should be banned from the risk management process says Keith Ricketts.

Spreadsheets are universally loved. Why? Because they give everyone their own version of the truth, with complete autonomy to update and amend them as often as they like, without interference from anyone else. However, while spreadsheets might be great tool at an individual level they are completely un-scalable, and therefore totally unsuitable for compiling and analysing information enterprise-wide, or even for individual projects.

When applied to a risk management scenario, the potential horrors magnify. Who knows what risks are lurking in a spreadsheet so far undiscovered, with all around thinking that they have ‘ticked the box’ and that risk is managed.  Using spreadsheets and emails to manage risk, is a very risky approach.

Here are the main reasons that the spreadsheet approach doesn’t work:



Marsh has published a new document which aims to help organizations ensure business continuity during severe winter weather.

Winter weather events mixed with a lack of preparation can lead to building damage, freeze-up, flood, and business interruption losses says Marsh. Advance preparation can help to mitigate winter weather impacts on your operations and business continuity.

The document provides a useful checklist of winter weather impacts mitigation. Read it here (PDF).

Companies are no longer tolerant of security-and-compliance teams telling them they cannot go to the cloud: instead risk teams must learn how to adapt to the cloud environment. This is the view of John Overbaugh, managing director of Security Services at Caliber Security Partners.

Writing for http://www.isaca.org, Mr. Overbaugh suggests
four steps for organizational risk leaders to follow to help their companies adopt cloud technologies while minimizing overall risk:



Computerworld — The headlines about the storm approaching Georgia include a tinge of panic and wonder, but the view from Monty Hamilton's Atlanta office is of streets calm and empty.

Hamilton is the CEO of Rural Sourcing Inc., a domestic IT services company based in downtown Atlanta. He reported Tuesday afternoon that it was raining, but the streets were mostly deserted as weather reports forecast freezing rain and power outages.

"It's pretty vacant right now," said Hamilton, who said the city and state were doing a lot to prepare for the storm. That's in contrast to two weeks ago when a storm paralyzed the city with several inches of snow, leaving many stranded, including Hamilton.



The PC is dead. The PC is not dead. The PC is sort of dead, but that’s OK because the new client devices are much cooler.

By now, just about every theory on the PC’s future in the enterprise has been thoroughly consumed and digested by the technorati. And while the term “dead” gets thrown around a lot, it is clear that although the PC is no longer the primary means of data access in the enterprise, neither is it headed for the scrap heap.

A more likely scenario is that the PC will change in both form and function as the enterprise heads into the cloudy, mobility-drive future. The key question, then, is how.



There is a 75% chance of an El Niño event in 2013, according to an early warning report published in Proceedings of the National Academy of Sciences (PNAS). The researchers used a new method that uses network analysis to predict weather systems up to a year ahead, instead of the usual six-month maximum of other approaches. The model successfully predicted the absence of El Niño in 2012 and 2013.

El Niño events are characterized by a warmer Pacific Ocean, which results in a disruption to the ocean-atmosphere system. This can lead to warmer temperatures worldwide, droughts in Australia and Southeast Asia, and heavy rain and flooding in parts of the U.S. and South America. If such an event occurred toward the end of 2014, the increased temperatures and drought conditions could persist through 2015.

The researchers suggested that their work might help farmers and government agencies by giving them more time to prepare and to consider investing in flood- or drought-resistant crops.



The Target data breach is the gift that keeps on giving. It continues to capture attention with new revelations and insights.

The real opportunity for security professionals is to side-step speculation and use the coverage to spark productive conversations. The kinds of discussions that help others understand your value and set the stage for necessary changes.

The latest development was the potential compromise through a third party HVAC contractor. 

Now the details around Target, an ongoing investigation, are still a bit murky. Brian Krebs is on the case and providing a valuable service to the industry. Let’s leave investigation to Brian and take the opportunity to build on his work to improve our organizations.

- See more at: http://blogs.csoonline.com/security-leadership/2984/if-target-got-breached-because-third-party-access-what-does-mean-you#sthash.zZMSvMgx.dpuf

Leading business continuity solution provider Vocal has been awarded the ISO 22301 Standard accreditation

As the world’s first international standard for business continuity management, the ISO 22301 has been developed to ensure that organisations are able to anticipate their clients’, suppliers’ and partners’ abilities to manage the unexpected. Organisations who are awarded the standard understand and prioritise the threats to their business, and are therefore able to minimise the risk of disruption to their stakeholders in the event of an incident. When customers choose a product or service provider, an ISO accreditation is business shorthand for reliability.

In most cases, a robust business continuity management system can help a company to earn an ISO accolade. From fires to IT failures, extremist incidents to torrential rain – anything can happen in the world of business. An accredited organisation must have a system in place which is capable of protecting against, reducing the likelihood of, and ensuring their business’ recovery from any disruptive, dangerous, or damaging incidents.

This year, the iModus Suite, Vocal’s own award-winning business continuity management system, has helped Vocal to reach the ISO 22301 Standard, cementing its position as one of the forerunners of the worldwide business continuity industry.  

 “We are committed to delivering industry-leading services to our customers and exceeding expectations of all our stakeholders in the event of any business disruption,” says Vocal’s Business Continuity Program Lead, Glynnis Kellaway.

“The recommendation from the ISO further underlines the fact that Vocal upholds globally-recognised best practices and continual improvement with respect to our Business Continuity Management System. This furthermore gives our stakeholders more reason to have complete confidence in their relationship with us and their use of our products and notification solutions.”

To find out more about the ISO 22301 accreditation, please visit the following website: http://www.bsigroup.co.uk/en-GB/iso-22301-business-continuity/.

About Vocal and the iModus Suite:

·        Vocal is recognised throughout the world as a trusted innovator of multi award-winning and proven business continuity and communication solutions. In 2007, Vocal launched iModus; the first fully integrated business continuity suite encompassing Notification, Planning, Mapping, Alerting, Staff Safety and Incident Management modules. iModus has been used by many of the world’s largest businesses during major business-affecting incidents, for example the 7/7 terrorist attack in London, the London 2012 Olympics, and the operation which was put in place after Hurricane Sandy caused devastation to the US east coast.

·        iModus now operates in over 85 countries and is a key part of the critical plans of a large number of global organisations.

·        As well as providing solutions to various challenges, Vocal provides its clients with exceptional technical support and accomplished account management, underpinned by a 24/7 customer service team which ensures that clients get the most out of their iModus suite.

New Data Center Facilities, Enhanced Cloud Services and

Leading Partnerships Capture Market Share

BATON ROUGE, La. – Further elevating its leadership in business continuity, cloud-based virtualization, and battle-tested data recovery, Venyu today announced a strong finish to FY2013. The notable results underscore the company’s value as a proven leader in cloud-based services as well as its ability to cost-effectively secure and protect mission-critical data.

In September, Venyu announced its acquisition by EATEL, a leading regional telecommunications service provider.  The agreement provides access to new growth opportunities and resources, while strengthening complementary service lines with integrated business solutions.  As a wholly-owned subsidiary of EATEL, Venyu is now focused on accelerating company growth beyond its regional service areas and into new markets.

The company also broke ground on its data center expansion in Baton Rouge, LA in 2013. The new data center will open in April 2014.  Highlighting an ability to provide quality, secure cloud-based services, the data center is designed to guarantee the highest levels of security, uptime, connectivity, and redundancy.  The footprint features fully redundant power distribution, climate control, and fire suppression – with an enhanced emphasis on power density and management. 

“Whether we’re offering cloud hosting, backup, or colocation, companies rely on Venyu as a strategic business partner to help protect their digital assets and cost-effectively augment their IT services,” said Scott Thompson, CEO of Venyu.  “As the demand for more value-added cloud services continues to increase, we will meet these challenges by expanding our offerings with leading applications supported by the industry’s best customer service and support teams.”

Additionally, Venyu’s agreement with Alert Logic now provides access to superior data protection through full integration of intrusion detection and log management.  The partnership is the foundation for Venyu’s Web Security Manager (WSM) – an enhanced layer of security, blocking suspicious traffic at the firewall and appliance level, and protecting web servers from attack without compromising availability.

Venyu also partnered with CMA Technology Solutions in an effort to support joint customers using IBM System i Power Servers.  With the CMA Series I technology infrastructure – a new resource placing IBM servers within Venyu’s data centers – legacy users can now harness Venyu’s RestartIT® cloud-based backup and recovery services.  Spotlighting several 2013 successes, Venyu partnered with Coretelligent to bring data backup services to venture capital investment firms in New England and to California’s Bay area and provided Baton Rouge-based Woman’s Hospital – one of the nation’s first specialty hospitals recognized for superior care of women and infants - with disaster recovery services. 

Rounding out the year, the Louisiana-based business collected high marks from the industry with a range of accolades, including:

To find out more or connect with Venyu for back-up, recovery, colocation and managed services, please visit www.venyu.com

About Venyu

Venyu is a premier provider of data center, managed hosting, cloud, virtualization and data protection solutions. By leveraging Venyu's portfolio of innovative, ROI-focused solutions, including VenyuCloud and RestartIT, within secure, highly available data centers, organizations can reduce IT costs while increasing security and scalability. For more information about Venyu and its industry-leading offerings, please visit www.venyu.comYour Data Made Invincible™.

Mark Kedgley examines the importance of real-time file integrity monitoring in a constantly and quickly evolving threat landscape.

Few experts would argue against the importance of real-time file integrity monitoring (FIM) in an era of fast changing and sophisticated security threats. It is literally impossible to second guess the method of a breach and therefore the ‘last line of defence’ detection offered by FIM has never been more critical. The worldwide coverage of the recent breach at Target shows how vital cybersecurity is, and how high the stakes are if your defences are breached. Little wonder that leaders in security best practices such as NIST, the PCI Security Standards Council and the SANS organisation all advocate FIM as an essential security defence.

That said, many would also challenge the actual value and quality of some FIM deployments over the past decade. From the highly complex, $multimillion software investments all the way down to freeware, far too many deployments are actually increasing, rather than reducing, business risk by creating a deluge of unmanaged and unmanageable alerts. Put simply - too much information and not enough context to provide an effective solution.