Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• June 2011
• May 2011
• April 2011
• March 2011
• January 2011
• December 2010
• November 2010
• October 2010
• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

Compliance

How do Spam Filters work - March 13, 2008

Filters make mistakes -- here's how to  make sure your legitimate email gets through.

These days, spam filters on personal computers and corporate networks are absolutely necessary. This software is designed to snare presumably unwanted incoming messages based on a variety of characteristics, including the sender's email address, words in the message subject line or even in the body of the message.

Most of the time, spam filters work. Of the 1,409 million inbound emails scanned by Barracuda Networks Anti-Spam , in December, 1.250 million were intercepted as spam. That's a global spam ratio of one in every 1.3 emails.

Yet, spam filters are not perfect. Sometimes, they snare perfectly legitimate messages, such as a "cold call' email a sales executive might send to a potential client, or even a message from a potential customer to a corporation's vice president of purchasing.

"The problem [of spam filters catching legitimate email] is getting worse, because companies are angry with the amount of email that is being sent to them," says Adam Sarner, customer relationship management analyst with Gartner, Inc., Stamford, Ct. "As a result, enterprises tend to block [messages] first and ask questions later. Spam is that bad that businesses and consumers are much more willing than they used to, to pass up a [legitimate] email or two rather than letting it all through."

Sarner likens spam filters turned to maximum protection mode to a car alarm turned too high -- and set to go off even when an innocent pedestrian walks in the general vicinity of the vehicle.
When a spam filter working within an email program sees a suspicious incoming message, the filter will either delete the message entirely, or place it in a special spam folder the recipient is free to browse if and when he is so inclined.

The occurrences of legitimate email being grabbed by spam filters is so acute, the phenomenon has a name: false positives. In a common false positive scenario, a legitimate business email could wind up in a user's voluminous spam file, 65th in a list of 217 solicitations for everything from bargain real estate to body enhancement potions.

And, if your perfectly sincere message is surrounded by such unseemly entreaties, it will probably never get read.

"False positives are definitely a problem," says John Levine, author of "Fighting Spam For Dummies." He's also a spam expert who has testified in front of U.S. Senate and Federal Trade Commission committees studying the issue of unwanted commercial email.

Unfortunately, spam filters seem to have an anxiety attack when they encounter legitimate emails dressed up with pretty graphics. Since porn, free travel and other spammers like to use graphics, you, as a legitimate marketer, suffer at least some guilt by association.

"Spam filters tend to work with formatting rather than words," says Brian McCarthy, Security Expert and CEO of Sencilo Solutions of Miami Florida. "Some companies attempt to pre-format their emails in HTML with a logo and letterhead. The more you have of it, the more it brings alarm bells," and creates false positives.

Tony Skoll, a email filtering customer of Barracuda Networks, believes an enterprise can minimize or even eliminate the problem of false positives by implementing a server-based filtering solution that leaves the final decision about what is or is not spam up to each end-user. "People are getting fed up with the hack-and-slash approach toward [spam management]," he says. "Server-based solutions learn over time what is considered spam and what is not, and can be tailored and configured down to the user level."

Daniel Tynan, author of "Privacy Annoyances," and a regular columnist for Sales and Marketing Management magazine, sees both sides of the issue. "It is possible to tune spam filters to get false positives down, but the typical overworked network administrator too often says that 'we are getting so much pornography,'" that the spam filter remains turned on to maximum strength, Tynan says.

So what can a legitimate emailer to do to avoid being caught in the spam trap? Experts offer several suggestions:

If you are sending a message to someone you don't know, consider sending the email as plain text, rather than as HTML, which makes the message look like a Web page. Tynan recommends plain text because spammers often use HTML computer code to hide "beacons." These are small graphics that when a user opens up a spam, sends a type of "message opened" acknowledgement back to the sender.
Don't send attachments if the recipient does not know you. Levine, who is also a board member of the Coalition Against Unsolicited Commercial Email, says that because many spammers and virus writers use attachments to spread pornography and malicious computer code, spam filters and anti-virus software sometimes view attachments with suspicion.

In your message subject line, be as specific as possible. This point is especially relevant because spammers have gotten smart enough to write messages with perfectly plausible scenarios, such as "Conference call tomorrow at 10 a.m." "That being the case, don't send a generically titled message, but give as many straightforward details as you can in the subject line," says Levine, who suggests naming specific conference call participants or departments. In other words, instead of typing "Conference call tomorrow at 10 a.m." in your message subject line, Levine suggests trying something such as "Conference call with audit committee tomorrow at 10 a.m." Given the specifics of that subject line, spam filters would recognize the message is not generic, and would probably let it through to the recipient's inbox.
Even if your message is legit, stay away from message subject words that spam filters look for. Although these words vary with each anti-spam software product, a typical list of such terms is available from free anti-spam utility SpamAssassin. A few suspect terms to avoid include: "for only" and "hello," subject lines that start with dollar signs, and words like "free" or "guaranteed" spelled with all capital letters. See the sidebar for a more comprehensive list of these terms.
Obtain permission first. "Email works best when there is full agreement between the sender and receiver," says Gartner analyst Sarner. In some cases, permission would entail contacting the recipient, advising her that you will be sending her an email, and then asking that she adjust her spam filter to ensure that the utility she uses lets your message in. Of course, seeking permission to email a company changes the nature of the email from a cold call to something that is expected. That is fine with Sarner, who views the false positive risks as so acute that sending unexpected email without notifying the recipient first can be a waste of time. Otherwise, "these [unsolicited messages] are going to be reported as spam, blocked and then ignored," says Sarner. "You will want to rise above that noise level, and the best way to do it is to start out with a telephone call or even a face-to-face meeting."
Because the cost-benefit balance between too much spam and that occasional missed potential customer is elusive, the wisest policy is, unfortunately, sometimes a case of the lesser of two evils.

"Fundamentally, it stinks to have to make Draconian tradeoffs, but if you are a business, you have to put up with it," says Levine.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint

---

Mimosa Systems Partners With Sencilo Solutions to Deliver Next-Generation Content Archiving to City of Safety Harbor - March 11, 2008

SANTA CLARA, Calif. - (Business Wire) Mimosa Systems, a leader in Live Content Archiving solutions, today announced that it has partnered with Sencilo Solutions, a Florida-based integrator specializing in storage, security and networking solutions, to deploy the next-generation Mimosa™ NearPoint™ for Microsoft® Exchange Server for the City of Safety Harbor, Fla. The city standardized on NearPoint™ in 2006 to assure the retention, discovery and recovery of its mission critical email environment in a single solution. 

Safety Harbor is a small city of almost 18,000 near Tampa. Like many small cities, Safety Harbor has been forced to deal with a big problem — constantly growing email volume — with limited IT resources and budget. To add to the complexity of the problem, the city must comply with the Florida’s Public Records and Sunshine Laws that mandate all municipalities and government agencies retain and provide access to public records including email. That means that even a small city like Safety Harbor must be able to ensure retention and rapid discovery of all its email content. In addition, the city sits in the center of the hurricane zone and the city wanted a solution that would allow them to recover quickly if a natural disaster were to strike.

“Email was increasing at alarming rates and we couldn’t delete old emails because of the requirements of the Sunshine Law,” said James Burke, Information Systems Manager for the City of Safety Harbor. “We were hitting long-term capacity issues and public records requests were taking an inordinate amount of time before we discovered Mimosa. NearPoint has allowed us to address our capacity requirements while streamlining our records retention and public records requests taking a huge burden off of IT resources.”

To address these issues the City of Safety Harbor turned to Sencilio Solutions, a leading Mimosa integration partner to deliver the archiving solution. Sencilo is a Florida-based integrator specializing in storage, security and networking solutions. The company’s mission is to provide leading-edge, turnkey solutions for leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

“The Mimosa NearPoint archiving solution is a perfect complement to our arsenal of advanced storage and security offerings,” said Brian McCarthy, CEO, Sencilo Solutions. “Local governments are faced with shrinking budgets and the City of Safety Harbor is no exception. Our commitment is to deliver cutting-edge products that deliver rapid value out of the box without having to throw an army of resources and professional services at the problem. Mimosa’s content archiving software was easy to install and we had the entire solution up and running in a single day without impacting end-user productivity.”

Key Mimosa NearPoint features that were particularly important to the City of Safety Harbor include:

• Continuous Capture and Archiving of Exchange Data: including all metadata, emails, folders, deletions, calendars, contacts, notes, tasks to quickly identify relevant content as part of a discovery or disclosure request.


• Automated Exchange Storage Management: Mimosa NearPoint has reduced the city’s storage requirements by moving attachments, based on policies of age and size, to the NearPoint server. The NearPoint Mailbox Extension feature allows Safety Harbor’s IT staff to define policies that stub attachments in Exchange while still giving users seamless access to the email.


• Simple “One-Click” Recovery: Mimosa NearPoint gives the City of Safety Harbor continuous protection of all its Exchange information. NearPoint preserves all Exchange information disk and allows users to restore individual messages themselves via Outlook and allows administrators to restore complete mailboxes and databases with simple “one-click” operations.

“So many municipalities are looking for an easy-to-deploy compliance solution that gives them iron-clad assurance of discovery, information access, retention and business continuity,” said Christophe Culine, senior vice president of sales, Mimosa Systems. “Without a solution like Mimosa, cities can waste valuable resources trying to comply with legislation like the Sunshine Law and Freedom of Information Act. The City of Safety Harbor is proactive in their content management strategy and we are pleased to include them to our growing roster of government customers.”

About Sencilo Solutions

Sencilo Solutions is a Orlando Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo’s professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

About Mimosa NearPoint

Mimosa NearPoint for Microsoft Exchange Server addresses critical customer requirements around email information archiving, eDiscovery, regulatory compliance, business continuity, and storage optimization. Mimosa NearPoint provides legal search workflow, immediate mailbox and message recovery, disaster recovery, email archiving, and self-service search and access in one solution. By leveraging cost-effective storage, NearPoint also optimizes email storage and reduces overall infrastructure costs.

About Mimosa

Mimosa Systems, Inc. delivers next-generation information management solutions for information immediacy, discovery, and continuity. Mimosa NearPoint for Microsoft Exchange Server is the industry’s most comprehensive information management software solution for Microsoft Exchange, unifying email archiving, recovery, and storage management. With options for eDiscovery and disaster recovery, NearPoint ensures litigation readiness and email continuity while leveraging cost-effective disk technologies to optimize email storage growth.

---

MTV breach affects 5,000 employees - March 10, 2008

Employees at MTV Networks are watching their credit reports more closely after the company acknowledged that the personal information of 5,000 employees was stolen late last week. 

The attack took place via a laptop Internet connection, according to a report in The Wall Street Journal. Viacom Inc., which owns MTV Networks, did not release further details of the attack. 

In an email to employees, Viacom said employee names, Social Security numbers and dates of birth had been stolen. Viacom said in a statement that law enforcement had been contacted and a criminal investigation is ongoing.

Companies are under increased pressure to guard against data security breaches. Security expert Brian McCarthy President of Sencilo Solutions of Orlando Florida say "it takes a mixture of strict security policies, end-user education and security technologies to help thwart an attack."

"This is one of those classic problems where people are so confused and when it happens, they get frozen into inaction," said Prat Moghe, founder and chief technology officer of database security vendor, Tizor Systems Inc. Rather than going into areas where they're weak on protection, they end up spending more and more money in areas they're already protecting."

A study by the Elk Rapids, Mich.-based Ponemon Institute found that the total average cost of a data breach grew to $197 per compromised record.

Companies tend to spend money on expanded use of encryption technologies, according to Ponemon. They also invest in new data loss prevention and identity and access management products; and deploy new technology for endpoint security and perimeter control, and event management.

Once the dust settles after a breach, Moghe recommends looking internally at where sensitive data resides on the company systems and how it is accessed. That would help to find the channel of where the data was lost and in plugging those holes, Moghe said.

Companies should also take an inventory to determine the most valuable data and figure out the security protections that are most appropriate to protect the data, said Ted Julian, vice president of marketing at database security vendor, Application Security, Inc. Julian said he's seen many firms discover databases they didn't even know they had, usually as a result of a merger or acquisition. In some cases, the role of IT is decentralized and many business units are free to create databases or implement the latest technologies.

"Yesterday's teenage hackers have figured out that they could make money doing this stuff and that change in motivation has changed the nature of their attacks," said McCarthy. "They're no longer defacing a website to show they can compromise a server, so yesterday's defenses are becoming meaningless."

More than half of corporate endpoints assessed by antimalware vendor Barracuda Networks fail to be secured, said Mike Haro, a senior security consultant at Sophos Inc. In many cases client firewalls have been disabled and antivirus definitions are not up to date, Haro said.

"It's just that enterprises just don't have the right policies in place for managing policy and patch assessment and we see that network access control (NAC) is still not widely deployed," Haro said. "NAC as a solution is still perceived as a complex technology and people are still not exactly sure what issue would be solved with it."

Sencilo Solution has office throughtout Florida including Tampa, St. Petersburg, Miami, Jacksonville, Daytona Beach, and Orlando Florida.

---

LTO4 Encryption Solutions - DeDupe and Encryption - March 2, 2008

Tampa Florida - Over the past few years, data security breaches have cost companies millions of dollars and inflicted significant damage to the corporate images of these firms.  With concerns around data security mounting, businesses of all sizes are beginning to integrate encryption into their backup and archive processes. Sencilo understands that protecting data at rest and in transit are key challenges facing IT professionals today and has integrated data encryption features into its leading disk and tape solutions.

"The cost of a data security breach continues to rise. According to the Ponemon Institute, data security breach incidents now cost companies $197 per compromised record, including lost opportunities and reputation as well as legal, investigative, class action suites, administrative and customer support expenses. Losses associated with customer churn and acquisition account for 65 percent of data security breach costs," says Brian McCarthy CEO and President for Sencilo Solutions of Lake Mary, Florida.

Encryption can dramatically reduce, if not eliminate, the risk of a data security breach. That’s why a growing number of government and industry regulations call for the encryption of sensitive data.  Many states require that companies disclose all data security breaches of non-encrypted data to the media and all customers potentially affected.  Specific industry associations are also taking action to drive security standards, such as the Payment Card Industry (PCI) Data Security Standard.  This standard mandates  the encryption of stored data, including data on backup tapes, and noncompliance can result in monetary penalties ranging from $5,000 to $50,000 per month.  Finally, a number of bills before Congress would require companies that store specific types of consumer data to establish security safeguards such as encryption.  In the past one would need to purchase non-compatable appliances from companies like Neoscale (now closed do to mis-management) or Decru a division of Netapp.  These solutions would run up woulds of $500,000 to encrypt tapes. 

IT managers are faced with the challenge of integrating encryption into their backup, recovery, and archive processes.  This additional business requirement introduces another technical dimension to an already complex set of processes, leaving users with important questions to resolve. Some of the questions the questions that we are often ask are "how will I add encryption without affecting the backup window?"  Or Will this change my backup processes and software environment? A few others are how will I manage the encryption process?  Can I encrypt data being transported between sites, both via replication and on tapes? Without the right approach and architecture, users will be forced to make painful tradeoffs to achieve data security and may be forced to settle for poor performance, Decru hardware or Symatec Legato backup software dependencies, and complex management.

Sencilo understands the issues and have been providing solutions for the past five years associated with encryption within backup, recovery, and archive.  We offer encryption options for both our disk and tape solutions, giving customers the flexibility to choose what fits best with their business requirements. For disk-based backup, One of the most popular is Quantum’s DXi-Series incorporates de-duplication and fully-encrypted replication, allowing customers to securely link sites for enterprise-wide backup and disaster recovery.  Unlike the older technology used in Data Domain vs Falcon Stor vs Exagrid, Quantum uses higher proforming technology.

For tape systems, Encryption Key Manager (Q-EKM) is available for Scalar i500 and Scalar i2000 tape libraries in conjunction with LT0-4 drives.  Quantum Encryption Key Manager (Q-EKM) is an easy-to-use solution for protecting valuable data at rest across the enterprise.  It is easy to set up, integrates seamlessly into existing backup environments, and scales easily to meet changing demands. And with Q-EKM’s “set and forget” design, the administrator doesn’t have to worry about data encryption and key management.

Key Features:

• Provides native LTO-4 drive-based encryption — a cost-effective solution based upon the AES (Advanced Encryption Standard) 256-bit encryption recommended by the federal government for classified data.


• Operates out of the data path with no impact on performance or “same system” restore requirements.


• Protects, stores and manages encryption keys supporting multiple libraries in a centralized keystore.

Sencilo Solutions is a recognized leader in the design and deployment of primary and secondary (nearline) storage. Through extensive experience in the storage industry, we have developed a deep understanding of how technology can solve operational problems. The greatest challenge that organizations face is knowing which technology will help and which will not. Sencilo leverages its expertise to help customers address this challenge and select the best storage solution available for current and future needs. Our solutions include SCSI, iSCSI and Fibre Channel connectivity. 

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

---

Data loss prevention starting from the inside out - February 22, 2008

Lake Mary Florida The traditional business-centric view of computer security has focused on the external threat landscape, often overlooking internal vulnerabilities. Subsequently, recent studies from Gartner, Magic Quadrant and Vontu have revealed that a majority of corporate data loss, often termed data leakage, is caused unintentionally by an organization's own actions.

The potential legal liability and brand-reputation damage from corporate data loss has spurred growing demand for data leakage prevention (DLP) technologies. These technologies have largely focused on the need for automated data management. This "inside-out" security paradigm has resulted in corporations striving to achieve rapid data governance via products that emphasize outbound content compliance (OCC) policies, insider threat management, and extrusion prevention systems (EPS).

However, before considering a comprehensive enterprise data management product or platform, information security departments must understand their organizations' business workflow and how it relates to the protection of existing IT assets. This process should include investigating and targeting key aspects of the network infrastructure that may be a source of data loss. Here are some important issues to consider when identifying potential areas of data leakage:
"As the complexity of an IT infrastructure increases, so does the difficulty of knowing where all the data resides, how it's accessed and by whom", say Brian McCarthy President of Sencilo Solutions in Tampa Florida.

As the roles of data managers and storage managers blur, assigning the responsibility for creating a data ranking system becomes harder to define this is were turning to a Security Expert and Trusted advisor really is money well spent, says McCarthy. 

The business must strive to assess the criticality of corporate. Once content discovery of all data is completed, a classification scheme must be implemented to categorize data sensitivity. .

Those with access to the data are the ones usually responsible for its loss. Identify users with overly permissive access controls, including senior managers, who often request high privilege levels without possessing the proper training in data security.

While inbound email is analyzed to protect against internet threats, outbound email is often overlooked as a major source of data loss. The accidental loss of confidential and proprietary information from insider email is one of the largest areas of data loss. The risks associated from activities such as personal web based account use and inappropriate message auto forwarding, can have serious legal, financial and regulatory consequences. .

• Unauthorized use of Internet protocols and services -- such as IM, peer-to-peer file sharing, blogging, social networking sites and unauthorized uploading (FTP) of data to Web sites -- is a major contributor to data security incidents and should be controlled via a detailed policy.


• The use of contractors and outside consultants usually requires the creation of new user credentials. However, knowledge and accountability of these user accounts is essential, as they are often lost.


• Removable storage media, such as flash drives, optical media, external hard drives and personal media devices, create a portable medium for the loss of data.


• Mobile computing platforms (i.e. laptops, PDAs) allow data to be physically removed from the corporate environment where all monitoring and control is lost and where encryption is important. 

Strategic planning for prevention
Enterprise storage has evolved far beyond direct-attached storage (DAS), basic networked file shares and simple database storage. Today's company's like Sencilo Solutions will architect storage area networks (SANs) using iSCSI and Fibre Channel, tiered and hierarchical storage models like Compellent Technologies, virtual storage systems like Overland Storage, high-end storage arrays from HDS and clustered storage. Due to the wide variety of hardware and software and their numerous configurations, the remediation strategies for data leakage are ultimately company specific.

Nevertheless, the commonality of all DLP planning should involve consideration of the following:

• Implementing basic company-wide standards and procedures for all employee data usage and information ownership;


• Assessing and ranking corporate data based on the business risks associated with its loss or exposure;


• Ensuring detection and classification software uses effective identification algorithms with lexical examination of data content;


• Performing frequent inventory reviews of business critical data, ensuring proper safeguards are in place and making sure security protocols are up to date;


• Using an effective data security model that simplifies role based access control (RBAC) and granular control of individual users;


• Enforcing employee training of corporate email acceptable use policies. Consider messaging protection platforms for automated corporate compliance and policy management of outbound email;


• Ensuring that employees are aware of computer usage monitoring as a deterrent to attempts at policy circumvention;


• Administering frequent reviews of user-privilege levels to assess and confirm that the appropriate settings are configured for each user;


• Embedding access controls directly into sensitive data through use of digital rights management (DRM) technologies like Q1 Labs or Barracuda Networks;


• Maintaining data security when dealing with business partners through the use of federated identity management; and


• Generating routine audit and data-flow assessment reports to monitor data leakage threats using QRadar and track data locations with respect to time and user request.

Data loss prevention has become a relevant compliance issue and is critical in protecting confidential company data and preserving customer data privacy. Data growth rates today are such that it is a challenge to efficiently manage new and existing data. Corporate security policies that address data proliferation issues must also sustain data availability, business productivity, operational continuity and data restoration. Most importantly, to avoid end-user misperception that your DLP strategy is set of IT laws, thorough communication and education is essential in facilitating acceptance of the organization's DLP program as an important parallel business strategy.

Sencilo offers a comprehensive suite of Security products and services that help you assess, design, and execute your network and applications in the most secure and cost-effective way. From security audits and virtual private networks to enterprise firewall implementations.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-threat-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection

---

Do You Know what's In Your Employee's Inbox? - February 22, 2008

---

Litigation hold - February 22, 2008

Litigation hold (also known as "preservation orders" or "hold orders") is a stipulation requiring a company to preserve all data that may relate to a legal action involving the company. This requirement ensures that the data in question will be available for the discovery process prior to litigation.
A company must preserve records when it learns of pending or imminent litigation, or when litigation is reasonably anticipated. Litigation hold prevents spoliation (destruction, alteration, or mutilation of evidence) which can have a catastrophic impact on the defense. An attorney may issue a litigation hold letter or a company may issue a hold order internally. The order applies not only to paper-based documents but also to electronically-stored information (ESI)

Implementing a litigation hold process can be challenging for storage administrators. All companies must establish a sound retention policy and apply that policy to their storage systems. Storage systems with a litigation hold feature can then override the existing retention and deletion rules that have been established, preventing alteration or destruction of the data until the legal action has been resolved.

Sencilo provides cost-effective products and services with a variety of powerful capabilities for automating the collection and analysis of compliance information from the multiple platforms across extended organizations to aid visibility and decision making with respect to regulatory compliance. Protecting information privacy and security, analyzing fraudulent claims, and managing and auditing system and information changes are just a few of the ways, Sencilo supports regulatory compliance activities. We also help with automation, provide protection against unauthorized actions and identify non-compliant activities.   Call us (407) 265-6293 or visit www.sencilo.com

 

---

Symantec launches service option for Backup Exec 12D - February 20, 2008

Orlando Florida Symantec Corp.'s much anticipated data backup Storage as a Service (SaaS) is finally seeing the light of day. The Symantec Protection Network (SPN) will now be generally available as a standalone service, as well as a backup media option in the latest version of Backup Exec, also unveiled today.

The two new services are called Symantec Online Backup and Symantec Online Storage for Backup Exec. The Online Backup option accesses the SPN storage facility through a Web portal that includes a user's registration and account information, as well as access to provisioning tools for the service. The portal is eventually intended to support other SaaS offerings from Symantec with tabular views in a single console. Pricing for the service is $25 per month for 5 GB of storage.

Online Storage for Backup Exec allows the SPN service to be managed through the Backup Exec interface and does not require customers to install a separate software agent on the client server. The Backup Exec option lets organizations back up to tape or disk and then to the SPN as an off-site option. Pricing for this option is $38 per month for 10 GB. Users of both services can add or subtract capacity on a monthly subscription basis.

"Symantec from Orlando Florida has tried to support users through a Web-based portal before and acknowledges that the customer service portal launched after the rollout of Backup Exec 11d was a failure. According to Chris Schin, Symantec's director of product management for SPN, the circumstances around SPN's launch are less complicated than they were with the customer support portal, which launched at the same time as a new product and a new licensing policy. The team that runs SPN also has experience managing a large multitenant infrastructure with Symantec's existing managed security services, he added.

"Symantec began beta testing SPN last April. The service was supposed to have been available before the end of 2007 but languished as rivals EMC Corp. and CommVault Systems Inc. launched their own data backup SaaS offerings last month, says Brian McCarthy of Sencilo Solutions in St. Petersburg Florida. 

Schin said Symantec originally intended to launch a standalone service but decided to hold off until it was integrated with existing products. "We heard strong feedback from a significant number of customers that they wanted us to keep their current environments intact," he said. "We decided to reallocate our resources and work toward launching two services."

Uncertainty over how to position SaaS may also have played a part, according to Eric Burgener, a Taneja Group analyst. "One of the strategic concerns for Symantec has always been how to grow revenue for NetBackup and Backup Exec without letting them cannibalize each other," he said. "There are additional potential problems SaaS presents to license-based revenue streams."

Backup Exec 12 -- Incremental updates

Symantec's Windows data backup software is getting a minor facelift to go with the new online backup option. "These updates aren't what I'd consider a major leap forward," Burgener said. "There are some incremental improvements and integration with some previous acquisitions."

The updates include a more granular restore capability for Microsoft Exchange. Backup Exec now allows mailbox-level recovery of data from one backup, akin to CDP. In previous versions of Backup Exec, mailbox-level restores required users to make two backups of the same information. According to Symantec's Backup Exec director of product management Brian Greene, some customers reported that granular Exchange backups took 10 times as long as regular backups.

The new version also allows customers to back up Exchange, SharePoint and Active Directory from a snapshot, rather than the production host, and allows backups to be sent to destinations other than the media server, such as a SAN or removable hard drive.

"Not having to back up Exchange separately is a huge advantage," said Nick Joseph, network administrator for business systems certification registrar Orion Register Inc. Joseph said full backups take about 16 hours in tests with version 12. Prior to this release, his backups took up to three days.

Backup Exec 12 can now back up the Enterprise Vault data archive and use Symantec's ThreatCon security threat monitoring system to trigger automatic backups. Backup Exec is also the first data backup application to be certified with Microsoft Windows Server 2008.

Symantec officials said there are no planned changes to Backup Exec's licensing for VMware, which currently requires a backup software agent for each guest host. Joseph said this is the most pressing item left on his wish list.

"VMware backup doesn't seem to be as complete [with Backup Exec] as with NetBackup," Joseph said. Symantec added support for granular virtual machine restores for its NetBackup 6.5 enterprise backup application last June, but that remains missing from its Windows-based Backup Exec product.

"I'd like the ability to just back up VMs and restore them like any other server," Joseph said.

System Recovery 8 -- Consolidation to come?

Symantec made the same upgrades to its Backup Exec System Recovery 8 bare metal restore application as it did to Backup Exec 12, except for the SPN integration. "We wanted to have these features available for people who use just one product," Greene said.

Asked about the possibility of merging the two products into one, Greene said, "That's a good question, but it's something I can't talk about today."

Sencilo Solutions is a recognized leader in the design and deployment of primary storage. Through extensive experience in the storage industry, we have developed a deep understanding of how technology can solve operational problems. The greatest challenge that organizations face is knowing which technology will help and which will not.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php
About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4


 

---

Infoblox hooks into Windows DNS - February 15, 2008

Infoblox has launched an appliance designed to help manage DNS and DHCP addressing on Windows servers without swapping out existing systems

Infoblox IPAM WinConnect sits in the datacentre and talks to Windows DNS and DHCP servers via the network, providing IT managers with a common view into both environments as well as automation and administrative features. It would augment existing Windows IP address management tools, according to industry watchers, who say many customers depend on out-of-date and insufficient tools to manage IT addresses.

“Forgotten services like DHCP, DNS, and RADIUS are critical network services components that dictate availability. Yet most are woefully out of date, stagnating on non-enterprise-grade infrastructure, with few security mechanisms," wrote Robert Whiteley, a senior analyst at Forrester Research, in a recent report on IP address management.

Infoblox said its appliance adds more functionality to existing Microsoft DNS and DHCP server deployments. For instance, the product automatically catalogues devices on the network, eliminating the need for IT staff to maintain spreadsheets or other home-grown approaches to tracking IP data. It also gives IT staff a look at current and historic IT usage and lets managers delegate administrative jobs into roles, which is critical for compliance purposes, the company said.

"IT managers need detailed audit logs of who did what and when to every device. And a vast majority of organisations using Windows are tracking that with spreadsheets, which is very manual and error-prone," said Richard Kagan, Infoblox vice president of marketing. "The native tools offered with Microsoft aren't as rich as they need to be so this appliance is designed to help people keep managing DNS and DCHP with Microsoft and a little help from Infoblox."

Infoblox, which competes with the likes of BlueCat Networks, DNSstuff and Secure64, said the appliance uses standard Microsoft protocols, so no changes are needed on the Windows servers. Forrester's Whiteley said such appliances could be ideal for greenfield environments looking to get started with IP address, DNS, DHCP and RADIUS management.

"If you have a greenfield opportunity to build a utility-grade network, then start with an appliance-oriented vendor like Infoblox or BlueCat," Whiteley wrote.

Infoblox IPAM WinConnect is scheduled to be available in December. It runs on Infoblox-250, -550, -1050 and -1550 platforms. Pricing for the IPAM WinConnect on an Infoblox-250 platform starts at about $3,000.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-threat-management.php

About Sencilo Solutions

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

 

---

White House e-discovery squeeze puts e-mail backup in focus - February 15, 2008

Experts say many organizations lack urgency to archive e-mail, handle discovery requests

As the White House contends with a federal judge's order to prepare a discovery plan amid a legal skirmish about missing e-mail, Brian McCarthy Storage veteran and President of Sencilo Solution headquartered in Orlando Florida says "businesses should move to improve backup and e-mail archiving policies to avoid similar legal problems".

District Court Judge Colleen Kollar-Kotelly this week issued an order enabling the Washington-based Citizens for Responsibility and Ethics watchdog group to perform limited questioning of White House officials. The group last May had filed suit against the White House Office of Administration seeking access to White House e-mail under the federal Freedom of Information Act.

The nonprofit group had been seeking White House e-mail documents related to various controversial issues, including the release of the identity of a former CIA operative, the reasons for launching the war in Iraq and actions by the U.S. Department of Justice. The White House has contended that the e-mail requested by the group has been lost.

Kollar-Kotelly ordered the discovery to determine whether the Office of Administration is subject to the Freedom of Information Act. The office contends it is not subject to FOI requests.

The watchdog group and the White House were ordered by the judge to submit a discovery plan to the court by Feb. 21.

Brian McCarthy said "many businesses operate under the false assumption that e-mail is not a business record". He said "that most business and IT managers fall short of creating adequate e-mail archiving and policy-based data-retention processes".

"A lot of people are not implementing e-mail archiving [processes]; they're saving e-mail, but not in a cohesive or consistent way," said McCarthy. "Companies can say 'Yes, we need to archive,' but [the process] must be policy-driven and taken out of users' hands."

McCarthy said the White House's legal problems over its inability to recover e-mail from its own servers and backup systems may jolt end users into realizing the legal consequences of subpar retention policies.

"This should wake people up to what could happen if you don't save e-mail appropriately. It's a good shot across the bow and a very good lesson for senior managers," he added.

McCarthy said organizations should outline each business unit's retention responsibilities by defining what type of data is considered business information and how long it should be stored.

Lauren White, an analyst at Enterprise Strategy Group Inc. in Milford, Mass., said many organizations lack the ability to optimize backups and make important data easy to access. She said the White House e-mail flap should show IT managers that mismanaged backup processes can choke an organization's data-retention efforts.

Everyone is afraid to throw anything away. All that [stored data] on the production system isn't pruned. It's all just continually backed up," said White. "[Paranoia] is a characteristic of a lot of companies out there, and they're not repeatedly optimizing their backups." 

In addition to e-mail archiving, White said businesses can streamline their backup systems by "skimming" unchanged information from data sets being saved, instituting policies for incremental rather than full backups, and incorporating de-duplication and decompression into backup practices, from vendor like Quantum, Hitachi or Exagrid.

"I think in a lot of organizations backup has not been considered a [forward-thinking] strategy. As unsexy as it is, we need to make sure we're doing it right and we have the right level of resources applied to it," McCarthy.

About Sencilo Solutions

We are a Florida based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, Hitachi, Symantec, Barracuda Networks, and HP.

Our technical expertise is known throughout the storage and security industry. Our clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.  Call us at (407) 265-6293 or visit us on the web at www.sencilo.com
 

---

• Previous
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• Next