Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

Sureline Offers Software for Storage and Application Migration and DR for PROMISE Technology Customers

SANTA CLARA, Calif. – PROMISE Technology has signed an agreement to resell Sureline System's SUREedge® Migrator and Disaster Recovery (DR). PROMISE Technology is a recognized global leader in the storage industry and the leading developer of high-performance storage solutions tailor-made for the data center, surveillance, cloud, and rich media markets.

SUREedge's capability to capture application and system images, and data from any physical system or virtual machine or storage system and recover it on PROMISE storage solutions makes it an ideal solution for application migration and disaster recovery. SUREedge removes the complexity of large-scale migration and disaster recovery with a simplified process for planning, capturing, replicating and recovering data in the PROMISE solutions.

"At PROMISE, we recognize that migration software is essential for the on-boarding of new disk arrays in a customer environment. SUREedge's ability to convert from any hypervisor to our VSky software defined storage solution is an added advantage for our customers," noted Jason Pan, Sr. Director of Business Development and Product Marketing, PROMISE Technology.

As part of the agreement, PROMISE Technology also receives:

  • Cloud Migration
  • Cloud DR
  • Local or remote recovery from any disk to PROMISE storage and PROMISE to PROMISE local and remote recovery

"Sureline is excited to partner with PROMISE Technology, and to see storage vendors' endorsements that migration software and hypervisor conversions are becoming an important part of everyday work for end user customers," said Peter O'Brien Vice President of Business Development at Sureline.

To learn more about SUREedge's solutions visit http://www.surelinesystems.com.

About PROMISE Technology Inc.:

PROMISE Technology is a recognized global leader with more than 25 years of experience in the storage industry. PROMISE has developed its own enterprise-class hardware and software storage architecture, in addition to complete SAN, NAS and Unified storage platform product lines. PROMISE is also committed to providing dynamic software defined storage solutions for vertical markets, including cloud and IT storage solutions, video surveillance storage solutions, rich media storage solutions and much more. With industry leading technology and research and development capabilities, combined with highly experienced global sales and after sales service teams, PROMISE is at the forefront of the industry with the highest levels of customer satisfaction. PROMISE Technology is an ISO-9001:2008 and ISO-14001:2004 certified manufacturer with operations and sales and support teams throughout the Americas, EMEA, and APAC regions providing unparalleled service and support to customers around the globe. For more information, visit: www.promise.com.

About Sureline Systems:

Your Application and Data, Any time to Any target

Sureline offers a proven enterprise-class Software Platform for Application and Data Migration and Disaster Recovery. Sureline's SUREedge® provides Application Mobility Solutions for Disaster Recovery, Migration to and from the Cloud, storage systems to storage systems, and Hypervisor to Hypervisor transition that is hardware, hypervisor and Cloud agnostic. Founded in 2010, the company serves a worldwide customer base from its Corporate Headquarters in Santa Clara, California and offices in Japan and India.

For further information, please visit the Sureline Systems website at www.surelinesystems.com or follow up on Twitter @Sureline.

Red Herring Top 100; Red Herring Global 100, CIO Review Top 100 

Enables DevOps Efficiency Across Two Datacenters for Multiple Developer, QA and IT Teams

SUNNYVALE, Calif. – Platform9, the company making private clouds easy, today announced that Box, a leading enterprise content management and collaboration platform, has adopted Platform9's solution to streamline development and accelerate delivery of new products and features.

"If anyone understands the value of ease-of-use, it's Box. They are passionate about delivering an easy, collaborative experience to their customers, and it's a value that transcends their entire operation," said Madhura Maskasky, co-founder and VP of Product at Platform9. "At Platform9, we share Box's commitment to the simplicity of our user experience, combined with a laser focus on the open APIs and enterprise readiness that are so critical to the operational efficiencies of private clouds; and we're therefore delighted to be powering Box's growth by providing their private cloud platform."

Box provides software that makes it easy for more than 40 million users at more than 50,000 organizations around the world to share and collaborate. Internally, Box's IT productivity team is responsible for making life easier for developers and quality assurance (QA) professionals who build and test Box products. They believed a private cloud was the best approach for satisfying the needs of these internal customers, providing them self-service access to the infrastructure resources needed for their projects.

After evaluating multiple options, the Box team decided Platform9's Managed OpenStack solution was ideal for their requirements. Platform9's SaaS-based offering now serves Box's engineering and operations teams across two regional datacenters.

For developers:

  • Improve productivity. Box has enabled self-service provisioning and automated workflows for developers and QA accessing infrastructure across two datacenters, enabling developers to focus on the application lifecycle, not the underlying infrastructure.
  • Improve flexibility. Because Platform9 is based on OpenStack, developers have access to OpenStack's rich set of OpenStack REST APIs, as well as libraries and major automation frameworks to accelerate the development-test-release pipeline.

For IT:

  • Reduce costs. With Platform9, Box is able to swap targeted workloads to save money.
  • Reduce complexity. Because of Platform9's simplicity, Box was able to setup and deploy its private cloud in minutes, not months. Further, Platform9 removes day-to-day management of the private cloud control plane, removing the need for specialized OpenStack knowledge on the Box team.
  • Reduce risk. Box IT administrators exercise full control of their virtualized infrastructure and are able to manage it with the tools of their choice. IT also has control over allocation policies and quotas, ensuring that developers consume resources within agreed-upon bounds.

Additional Resources

About Platform9
Platform9's mission is to make private clouds easy for organizations of any scale. The company's service transforms an organization's existing servers into an AWS-like agile, self-service on-premise cloud within minutes, enabling organizations small or large to run their private clouds efficiently, at scale, while leveraging the latest open source innovations. Powered by OpenStack, the service is the industry's first 100% cloud-managed platform for KVM, VMware vSphere and Docker. Founded in 2013 by a team of early VMware engineers, Platform9 is backed by Menlo Ventures and Redpoint Ventures and headquartered in Sunnyvale, Calif. For more information, visit: http://www.platform9.com, or follow Platform9 on Twitter @platform9sys.


Joint Solution Discovers and Attacks Hybrid Cloud Shadow IT and Malware at the Source Through Detection, Quarantine, and Eradication Capabilities

WALTHAM, Mass. – CloudLock®, the leading provider of Cloud Access Security Broker (CASB) and Cybersecurity-as-a-Service solutions, and Check Point® Software Technologies Ltd. (NASDAQ: CHKP), the largest pure-play security vendor globally, today announced a partnership, providing a best-of-breed and API-centric CASB integration aimed at unifying on-premise and cloud cybersecurity. The innovative integration enables organizations to address the growing barrage of cloud malware and other cyber threats as well as cloud and on-premises shadow IT in a comprehensive solution.

"We are very excited to announce our partnership and integration with Check Point, allowing customers the ability to unify security across their hybrid cloud environments," said Gil Zimmermann, CEO and co-founder at CloudLock. "With the rapidly evolving threat landscape, security is no longer a luxury - it's a mandatory necessity. Our combined solution is a powerful way to address these threats head-on, and non-intrusively."

Security teams are challenged to unify cybersecurity across on-premise and public cloud environments. This leaves organizations in a diminished capacity to address a growing number of cyber threats. The proliferation of user-enabled cloud applications brings inherent security risks particularly as many apps connect to the corporate environment via integrations with sanctioned apps. Findings from the CloudLock CyberLab Q3 2015 cybersecurity report revealed over 52,000 app installs are conducted by privileged users - users such as administrators who typically have unrestricted access.

Shadow IT applications create a trifecta of risks: data loss through unauthorized channels, the introduction of malware into the environment and compromised user identities. The joint solution from CloudLock and Check Point combats malware by providing unified visibility into malware introduced through Shadow IT applications and direct remediation actions that help organizations enforce quarantine policies to isolate threats and render them innocuous.

The solution focuses on the following areas:

Cloud App Control

  • Discovers cloud applications used by employees regardless of how and where users access them, including both on and off the corporate network and with or without corporate credentials
  • Aggregates crowdsourced risk intelligence across CloudLock and Check Point to determine the risk of cloud apps combined
  • Generates a unique Risk Probability Index to assess unsanctioned cloud apps
  • Enforces best practices and mitigates risk through automated, policy-driven application control

Malware Detection and Eradication

  • Identifies both new and unknown malware including spyware, keystroke loggers, Trojans, and rootkits through signatures, behavior blockers, and heuristic analysis
  • Analyzes malicious files hosted in cloud environments through Check Point's advanced threat emulation capabilities ("innovative zero-day threat sandboxing capability within the Check Point SandBlast solution")
  • Prevents infections from cloud-based and on-premise-based malware
  • Enforces automated quarantining of files determined to be malicious through CloudLock

"Check Point's partnership with CloudLock helps usher in API-based CASB technology in the enterprise network firewall market," said Alon Kantor, vice president of business development, Check Point. "Customers can now combine data protection and Shadow IT discovery & control, across on-premises and public cloud environments."

For more information, read the Check Point + CloudLock solution brief, Eliminating Shadow IT & Cloud Malware.

About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. [www.checkpoint.com] is the largest pure-play security vendor globally, provides industry-leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises' networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes. At Check Point, we secure the future.

About CloudLock
CloudLock, the leading CASB and Cybersecurity-as-a-Service provider, offers the Cloud Security Fabric™ enabling enterprises to protect their data in the cloud, reduce risk, achieve compliance, manage threats and increase productivity by continuously monitoring and protecting more than one billion files for more than 10 million end users daily. CloudLock delivers the only complete, risk-appropriate and people-centric approach to cloud cybersecurity. Learn more at www.cloudlock.com.


Netwrix Sums Up the Statistics on Data Breaches in 2015 and Identifies Types of Cybercrime That Will Potentially Affect U.S. Companies in the Coming Year

IRVINE, Calif. – According to the Chronology of Data Breaches by Privacy Rights Clearinghouse, a nonprofit organization that aims to raise awareness about how technology affects personal privacy, the number of companies that experienced a data breach in 2015 reduced by 44% since 2014. At first glance, it would seem that predictions about 2015 being the "Year of the Super-Mega Breach" did not come true. But a closer look reveals that hackers stopped wasting time on trifles and focused on jackpots instead. Fewer incidents resulted in over 197 million compromised records, compared to 295 million in 2014.

Furthermore, security experts still cannot assess the actual damage for 68% of data breaches, so obviously the number of compromised accounts is going to increase. Apparently, cyberattacks have become more targeted and sophisticated than ever and now pose an equal threat to all companies that handle any type of sensitive data, including financial and personal.

Netwrix Corporation, a provider of IT auditing software that delivers complete visibility into IT infrastructure changes and data access, has picked out five patterns of cybercrime that were the most common root cause of security incidents in 2015. The data breaches listed below are ranked by the number of reported cases and point to the security threats that will require the most vigilance in 2016.

1. Hacking or malware. Malware and electronic entry by an outside party remained the leading cause of data breaches for the second year in a row. Overall, 92 registered cases occurred because hackers gained unauthorized entry into a company's systems via Web app attacks, spyware, social engineering and Trojans. This includes the lion's share of all customer data compromised (around 195 million records).
2. Portable devices. The second most frequently reported type of cybercrime was the unauthorized access to information stored on portable devices, including laptops, smartphones and external hard drives. Overall, 28 security incidents investigated to date resulted in the loss of over 20,000 sensitive data records this year.
3. Unintended disclosure. The human factor is still a serious issue for data security. More than 38,000 records were exposed in 26 incidents due to employees' errors, such as misdirected emails and confidential information accidentally posted on companies' websites.
4. Insider misuse. Company employees or contractors with legitimate access to sensitive information posed a threat to data integrity in 11 cases. Despite the relatively small number of incidents, insiders caused significant damage and compromised more than 600,000 customer records.
5. Physical loss. Lost, discarded or stolen, non-electronic assets with sensitive information (e.g. paper documents), as well as card skimming and theft of stationary devices, became the root cause of data leaks in five cases, resulting in the loss of 1,100 records.

"Although we saw fewer security incidents than expected, the actual damage from data breaches is still substantial. What is even more disturbing, more than half of all breaches are still at the stage of investigation, and we don't know their real scope yet," said Alex Vovk, CEO and cofounder of Netwrix. "The huge number of compromised records shows that we are still lagging behind highly motivated intruders. We need to adopt a new cybersecurity mindset and combine conventional perimeter protection with deep visibility into our networks to gain better control over the IT infrastructure and minimize the risk of data loss."

About Netwrix Corporation
Netwrix Corporation provides IT auditing software that delivers complete visibility into IT infrastructure changes and data access, including who changed what, when and where each change was made, and who has access to what. Over 150,000 IT departments worldwide rely on Netwrix to audit IT infrastructure changes and data access, prepare reports required for passing compliance audits, and increase the efficiency of IT operations. Founded in 2006, Netwrix has earned more than 70 industry awards and was named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest-growing companies in the U.S. For more information, visit www.netwrix.com.


Tuesday, 05 January 2016 00:00

Close of 2015 Sees More Rate Reductions

Insurers’ competition and ongoing fight for market share resulted in a composite rate down 4% in December for the U.S. property and casualty market. But while market cycles are here to stay, the current cycles are tame compared to some previous years. In 2002, there was a mean average rate increase of 30% and, in 2007, a mean average decrease of 13%, according to MarketScout.

“Market cycles are part of our life, be it insurance, real estate, interest rates or the price of oil. Market cycles are going to occur without question. The only questions are when, how much and how long.” MarketScout CEORichard Kerr said in a statement. “While it may seem the insurance industry has already been in a prolonged soft market cycle, we are only four months in. The market certainly feels like it has been soft for much longer, because rates bumped along at flat or plus 1% to 1½% from July 2014 to September 2015.” He pointed out that the technical trigger of a soft market occurs when the composite rate drops below par for three consecutive months.



If you come across the name Booz Allen Hamilton, it’s usually in connection with defense-agency IT services contracts worth tens of millions of dollars. The tech consulting and engineering giant, more than 100 years old, is primarily in the business of solving big technology problems for government agencies, although it does also work in the private sector.

What you don’t see is Booz Allen mentioned in the context of open source technology. But that’s something that may soon change, as the company’s recently formed group charged with driving the giant’s participation in the open source community picks up speed. Most of this group’s work is focused on data centers and cloud, Jarid Cottrell, a Booz Allen senior associate who leads its cloud computing and open source practice, said.

The reason Booz Allen now has an open source practice is the same reason companies like GE, John Deere, Walmart, and Target dedicate resources to open source. Like the manufacturing and retail giants, Booz Allen’s customers in government and in the private sector want to build and run software the same way internet giants like Google, Facebook, or Amazon do, and they want the kind of data center infrastructure – often referred to as hyper-scale infrastructure – those internet giants have devised to deliver their services. Market research firm Gartner calls this way of doing things “Mode 2.”



Tuesday, 05 January 2016 00:00

A new approach to business continuity…

Mel Gosling explains why he believes that business continuity needs a new way forward, and why the traditional business continuity plan no longer works for today’s organizations.

There is a growing body of business continuity practitioners that believe that a new approach to the discipline is both required and overdue. An example of this is the recent debate opened up by the publication of ‘The Continuity 2.0 Manifesto’ by David Lindstedt and Mark Armour.

I have recently added to that debate with a presentation to the November 2015 Business Continuity Institute’s BCI World conference entitled ‘The BC Plan is Dead!’, and in researching examples of companies that have stopped using traditional document based business continuity plans I have identified a set of key practices that I believe will drive the new approach. One of those companies, Marks and Spencer, gave an excellent practical demonstration at the end of my presentation of what they have managed to achieve with a new approach, ensuring that the audience understood that this is already happening and is not just a nice theory.



The Business Continuity Institute’s North America business continuity and resilience awards will take place on March 15, 2016, at DRJ Spring World 2016 in Orlando, Fla.

Entries are now open and this year’s categories include:

  • Continuity and Resilience Consultant 2016
  • Continuity and Resilience Professional (Private Sector) 2016
  • Continuity and Resilience Professional (Public Sector) 2016
  • Most Effective Recovery 2016
  • Continuity and Resilience Newcomer 2016
  • Continuity and Resilience Team 2016
  • Continuity and Resilience Provider (Service/Product) 2016
  • Continuity and Resilience Innovation 2016
  • Industry Personality 2016

The deadline for entries is February 14th 2016.

To enter, click here.

Barrels of apples can go bad, both literally and figuratively, because of just one rotten apple. The rot spreads from one apple to another until the whole barrel is infected. Not so long ago (in 2014), experts from security company ESET discovered 25,000 servers infected with malware, some of these servers being grouped together in a network and infected together. The common factor was the installation of the Linux/Ebury malware, allowing login information to be harvested and communicated to the attackers that installed the malware. According to the experts, attackers needed to compromise just one server to then gain easy access to others in the same network. But was this one bad apple – or the whole lot?



Emergency response, information technology, and healthcare communications are three scenarios in which notification systems play a critical role. Recent disasters have demonstrated the benefits of crowdsourcing during response efforts, so notification systems are leveraging this responsiveness through two-way communication technology that can both disseminate and receive information.

The critical communications world continues to evolve, resulting in users taking a closer look at their existing notification systems to determine whether they remain effective tools for communicating crucial information. However, before these systems can be assessed, it is important to first understand a few of the ways these tools are being utilized, the challenges faced within each use case, and how, as we look forward to 2016, these hurdles can be overcome.