All posts by Stewart Parkin

Cloud Computing: Data Protection in Healthcare Industry

July 24, 2015 Stewart Parkin

Whenever news about data breach or failure of cloud system is on the media, it seems as if cloud is not a reliable source of data protection. In fact, all clouds are not created equal; they come with different purposes. There are certain clouds which are developed to cover sensitive information. Companies cannot avoid the cloud. Keep in mind that each cloud is designed for specific purpose; so it is in your interest to find the right cloud solution for the right function.

HIPAA Compliance

Health Insurance Portability and Accountability Act (HIPAA) is basically a chain of codes that controls the design, transmission and right to use electronic protected health information (ePHI). In other words, HIPAA protects sensitive health information of patients. Health care providers require a secure system for HIPAA compliance. To fulfil such demands, cloud is one of the best and quickest ways.

If you are IT provider, you must know two significant factors before serving healthcare industry’s clients:

1/ Protection and Right of Access

It is true replicating of data and transferring to the cloud is quite an easy job. What matters a lot is the level of security. What is the kind of safety provided to customers to protect offsite data? Keep in mind that entities which are covered require access to facilities and information systems. Make certain that data is encrypted all the time, in flight and at rest. Remember that all service providers do not provide such encryption feature. If it is your objective to secure ePHI, choose the right cloud service provider. Healthcare industry needs to select service providers that have capability to encrypt data whether it is in transit, onsite or at data centre location. Physical access to the system is another notable factor to consider. Selected data centre should provide digital and physical safeguards to avoid unauthorized access.

2/ System for Backup and Disaster Recovery

It is confirmed through CFR 164.308 that disaster recovery as well as backup plans are basic requirements of Covered Entities. Cloud gives long lasting benefit to companies as offsite backup is easy to recover if onsite backup data can not be recovered. Many clouds are developed to make recovery process fast and easy which is important for HIPAA compliance. Covered Entities are required to work in emergency conditions and have data backup for immediate recovery. Clouds which are developed to handle all these issues are ideal for IT providers.

No doubt, the cloud is dependable way to handle some aspects of HIPAA; however, it does not cover all aspects. For some IT providers, HIPAA is nothing more than a mess. However, the fact is, HIPAA is based on rules to provide highest level of security standards.

Any system working through private or public cloud can suffer a disaster at any time. Cloud service providers must use a meticulous approach for data protection by making use of technologies, such as malware protection tools, and encryption systems. The healthcare industry must have local disaster recovery and offsite data recovery plans for HIPAA compliance.

Fundamentals for Managed Business Continuity & Disaster Recovery Services

July 20, 2015 Stewart Parkin

Many companies are facing problems due to unsatisfactory data recovery plans. Some of them are not paying attention to key points; whereas others do not have relevant strategies. For companies, it is highly important to have appropriate backup and recovery system. For this purpose, they search for reliable services which give surety of business continuity, even if disaster strikes. It is often assumed that plan for disaster recovery (DR) is similar to business continuity (BC). In fact, plan for DR covers IT operations and infrastructure, whereas BC plan covers entire organization.

There are some fundamentals which DR Service providers must consider. The following five fundamentals give guideline to develop a well executed DR and BC:

1/ White Glove Service

It is the responsibility of the service provider to arrange disaster recovery plan, handle accomplishment, make schedule for backups and provide testing facility. White glove service works to improve recovery plan to support business resiliency. As a result, clients get enough time for other business concerning tasks.

2/ Undisturbed Deployment

There are many companies that do not have proper system for recovering data. In traditional Information Technology, it is a bit challenging to plan, implement or administer projects that need money for investment, time and staff. Only a managed solution can give instant and reliable results. Service providers must have straightforward unending management with automated procedures to update the recovery of applications and data system.

3/ Clients’ Control over DR Plan

Only a managed service provider gives some control to clients over DR operations. For this purpose, clients are given relevant tools to test disaster recovery plan, system backup and folders and files recovery processes. Though white glove treatment is provided, clients must have enough knowledge to carry on simple recovery operations. Clients’ know how of recovery operation is critical if you are pressed with RPO and RTO.

4/ Proper Tools for Smooth Integration

For managed disaster recovery, clients must be empowered with relevant tools. White gloves services supply tools that can simplify the managerial aspects and help in seamless consolidation of IT environment of the company while integrating personnel, processes and tools that are already available.

5/ Affordable Solution

When companies get DR management service for business continuity, they need vendors that are within their budget. Vendors are providing solutions for business continuity that most of companies cannot afford. Service providers can make disaster recovery plan affordable, as well as beneficial for clients by offering cloud computing services. One of the advantages of the cloud is that companies are able to scale up or scale down depending on the resources needed while only paying for the resources they have used.

Disaster Recovery as a Service is the dominating segment of DR market. By 2018, MarketsandMarkets projects that the DRaaS segment will reach the $5.7 Billion figure. Therefore, IT providers are given an opportunity to get maximum profit in the coming years. If you are an IT company planning to get a slice of the DRaaS market, please contact us and we will assist you in reaching your goals.

Backup Technology Powers IIJ Europe’s Enterprise Cloud-IIJ GIO

July 15, 2015 Stewart Parkin

We are delighted to announce that IIJ Europe Limited (IIJ Europe) has selected Backup Technology to deliver enterprise cloud solutions in EMEA.

The partnership, which gets underway immediately, is a fundamental driver for IIJ Europe, whose parent company is Internet Initiative Japan Inc. (NASDAQ: IIJI TSE1:3774) , as they look to establish a dominant place in the European and African markets for the provision of enterprise cloud services.

Backup Technology (BTL) will provide strategic licensing, sales and technical support for its public and private Asigra-based cloud solutions which IIJ Europe will incorporate into its cloud solutions’ offering to larger organisations.

Matthew Parker, Managing Director of BTL, said: “We are delighted to have been chosen by IIJ Europe to play a significant role in its partner network. This is an exciting opportunity to use our significant expertise in the strategic design and delivery of public and private cloud backup plus disaster recovery solutions to benefit larger organisations across Europe, the Middle East and Africa.”

Manabu Yamamoto, Managing Director of IIJ Europe, said: “We are delighted to collaborate with BTL. Adding their proven and robust Asigra-based solution to our competitively priced cloud IIJ GIO, provides significant added value to our offering. Furthermore this partnership will help us fully satisfy our customers’ service level requirements for mission critical systems. These added attributes makes IIJ GIO even more compelling to customers by catering for their complex needs. ”

IIJ Europe is a fully owned subsidiary of Internet Initiative Japan Inc. (IIJ), one of the leading cloud providers in Japan. IIJ Europe has huge ambitions to replicate IIJ’s success by providing IIJ GIO- their world-class, enterprise-ready cloud service – to the European market. IIJ GIO is a comprehensive, modular offer, based on a tried-and-tested platform, without the lock-in of a traditional private cloud or the risk and instability of a public cloud environment. IIJ Europe will offer their cloud service featuring BTL via strong partnerships in the channel.

Significant Software Features of Cloud Backup

July 15, 2015 Stewart Parkin

To overcome the chances of data deletion, businesses need offsite and onsite backup plans. Whether you are running a small business or have thousands of customers online, you must have at a minimum a local backup system. In addition, it is important to secure your data using a cloud backup service. In order to get the best possible services, you will need to hire the right cloud purveyor, and ask some basic questions or check the features of the software.

Various organizations use a variety of software systems for server, databases and virtual machines. Consequently, organizations need multiple systems for different backup applications. Lack of consistency could result in unsuccessful recovery attempts. Therefore, it is preferable to have all in one standardized backup solution.

In the cloud world, there are companies offering cloud backup services with specific features. Requirements of your business depend on risks associated with data, type of data, and privacy features. If your company is searching for cloud backup plan, check software features before selection. Some of the significant features are as follows:

Importance of Granularity

To search data, it is basic need of businesses to have granularity, as it helps in e-discovery procedure. Granularity is a process that checks bulk of data to get required information therefore software must accomplish search depending on:

Type of data: Microsoft Office Documents, PDF, emails, and etc.
Source of data: Search should be based on financial app, particular server file or Microsoft SharePoint
Analyzing information on the basis of Social Security numbers, bank account and credit card numbers

Logs & Alerts

It is one of the software features of cloud backup to monitor backup and give alerts concerning current backup status and failed backup jobs. Email alerts are sent on daily, weekly and monthly basis to keep your company ahead of customers. In this way, issues can be fixed before they change into catastrophe.

Customized Storage Option

Some of the benefits of customized storage are low risk, improved form of information, reduced capital, and use of secondary data for analysis and reporting. When data archive expands, it is troublesome to see search results with many copies of one file. To cope with this problem, deduplication engine is used to avoid copying of similar files. For data security, backup plans are used; always select software that offers fast recovery procedure.

Flexibility of Data for Cloud Backup

Flexibility of data archiving software supports various platforms at a time. Moreover, it can handle different data targets and data sources for extraction.

Secure and Fully Protected

Cloud vendors must have impenetrable system to enhance data security feature. Advanced features such as round the clock surveillance and biometric access controls should be used to make sure that cyber criminal cannot access cloud backups.

Backup with Server Configuration

One of the great advantages of getting cloud backup is to store folders, OS, files and settings according to their present status. It gives benefits to enterprises as backup is much more than folders and files backup. In fact, it covers whole system and recovers data in minutes based on your RPO and RTO.

Online Backup for Recovering Data

July 8, 2015 Stewart Parkin

Internet based cloud backup has become the topic of discussion as companies are concerned to keep important information safe from cyber criminals. The target of hijackers is not only to trace out Credit Card numbers. In fact, data breaching has covered email addresses, purchase data, registration numbers, and birth dates. By using such details, cyber criminals are able to make profiles of individual customers for black mailing and/or black marketing.

Famous and less known companies are always in danger of data breaches. As passwords and security software cannot protect data, companies must search for another method. When system faces problems, encounters security threats or malware, rest be assured that data can be restored in the system and retrieved from online backup repositories.

Change in business analytics and information management have made it possible for companies to have large sets of data and get more advantages from this information. Whether it is social media’s incoming data or companies’ private information, various ways are adopted to manage and protect data. In this regard, data backup is preferred to minimize the chances of loss or theft.

It does not matter whether your company gets some important files or bulk of data within a day; what is important is the way to protect for effective business continuity. Protection of data becomes problematic when volume increases day by day. As a result, small companies and large enterprises search reliable software for disaster recovery. Common sense dictates that presence of valuable and bulk of data make it essential to use data protection and restoring methods.

Data Backup
All companies must have data backup system implemented for data security and recovery. When effective solutions are selected for data backup, businesses get opportunity to recover data swiftly and reduce the chances of loss as well. Selection of data security solution depends on factors like type of data and its importance. It is essential to check operations and find out whether online backup system or local backup can become more appropriate or not.

Backup Data is Continuous Process
Selection of backup system is not enough for a company. There must be regular program for making backups. Usually small companies get solution in the form of server backup and overlook to update it regularly. Keep in mind, updating of backup is key to have a successful disaster recovery. Data is considered as backbone of a business so loss of data will be catastrophic and affect negatively on company’s progress and bottomline.

Test Backup Data
When companies make schedule for backup, it becomes certain to test data and check whether it is functioning in different scenarios. Whenever a disaster occurs, it is usually different from the last one. For business continuity, it is essential to understand how to respond accordingly in critical situations.

Data Recovery
Eventually, the effectiveness of cloud backup can be tested when some catastrophic situations occur. If your company has worked systematically for backup, scheduling and testing; it becomes easy to apply for disaster recovery. If you are prepared and are ready for uncertain conditions, you will be able to help in recovering data as soon as possible. As a result, businesses can decrease lost productivity, downtime and lost profits by recovering data immediately.

Security Threats Are Changing, So Are The Strategies

June 24, 2015 Stewart Parkin

Security threats are changing. They are becoming more persistent, virulent and debilitating. But strategies to control and counter these threats are also changing; evolving.

Two APTs that created ripples in the recent years are RSA SecurID Hack and Operation Aurora. Unfortunately, both these were state sponsored threats and cannot be classified with the normal types of threats that are faced by organisations in the course of computing over the Internet. RSA SecurID Hack is an APT that was released in 2011. This attack compromised systems that used RSA SecurID two factor authentication tokens to generate one time passwords.

Operation Aurora was an APT that stole sensitive intellectual property along with source codes from computing Giants like Google; Adobe. The attack was very sophisticated, coordinated and orchestrated. The attackers had immense technical skills and an ability to take advantage of weaknesses of the target organisation. The attacks also, are not short term with aim to capitalise on temporary windows of opportunity. They were threats that exploited vulnerabilities that had not yet been identified by the organisations themselves and were designed to unfold over a period of time (spanning years) using multiple vectors; combining a number of security breaches.

As a result, any traditional methods of securing the organisations data stores, fails in the face of an APT. Alternate strategies will have to be discovered and implemented. The security strategy will have to be more proactive and have the capability of detecting and preventing an APT even as the perpetrators attempt to reconnaissance the organisation for weaknesses.

Organisations and cloud services may have to institute a layered security. The layering will have to begin at the Perimeter. Shared accounts will have to be managed effectively by encrypting and securing passwords; creating complex passwords that are difficult to break; restricting access to administrative accounts and preventing password sharing by automatic login.

The next security layer should include server hardening. Server hosts should be protected with firewalls and definitions of high risk applications for exclusion. Sessions should be recorded; examined and unusual activities should be instantly highlighted for deeper investigation. Analytical tools should be made available to evaluate and examine these activities and track the time, date, source IP and user ID of the login. Phishing protection; anti-virus installation and employee education should follow.

In short, “defense in depth” security concepts should be implemented.