headtop

Connect to HealthIT News

FAQs on Data De-dupe Technologies - June 29, 2008

Orlando Florida -- In the storage business, data deduplication is all the rage. Our customers are clamoring to cash in on the savings, but most don't yet understand how to properly apply the technology to their environment. Sencilo Solutions can help customers sort through the three basic approaches and extract real value from data deduplication quickly will earn the trust of clients and gain lasting business.

As you know, deduplication offers a number of improvements over traditional storage for backups. But with those benefits comes a confusing set of questions from customers, the key question being: How do we choose the best dedupe technology? In answering that question, it's important not to jump ahead to focus on specific products -- by first choosing product type, whether it be host-based, VTL-based or NAS-based, Sencilo Solutions can simplify the decision process our customers. Here's how they break down.

Host-based data deduplication

Host-based deduplication requires the backup client to do a lot of the dedupe work. In many cases, that's not a problem, especially when the client is not CPU-bound. Host-based dedupe really helps when backup bandwidth is constrained by small wide area network (WAN) pipes or consolidated virtual servers.

Host-based data deduplication solutions usually require us to replace traditional backup software with the dedupe backup software, so before we recommend such a change, make sure that the benefits are significant enough.

Brian McCarthy President of Sencilo Solutions of Lake Mary Florida a reseller that specializes in Backup and Archive products and services.  "Remote office backups to the corporate site will benefit from Avamar's host-based deduplication because it eliminates most or all of the backup hardware located at the remote site and optimizes the network bandwidth required to centralize backups to corporate data centers", says McCarthy.  VMware backups benefit from host-based deduplication by limiting the network bandwidth required to back up multiple guest machines concurrently.

Some of the examples of host-based data deduplication technology include EMC Avamar and Symantec NetBackup PureDisk.  See - http://www.sencilo.com/storage-data-deduplication.php
Virtual tape library (VTL) data deduplication

Deduped virtual tape libraries (VTLs) work well when the backups are localized to the data center and/or bandwidth between the client and backup storage is not an issue. Naturally, many customers will want to take advantage of deduplication in their existing or planned virtual tape infrastructure. VTLs are already very common in midsized and large enterprises and consume a significant part of many companies' overall storage budget. Deduping at the VTL should be simple for customers because almost all backup software platforms support VTLs. In addition, deduped VTLs are a good fit for disaster recovery replication and when the customer wants to replace tape for primary backups. Given the increased efficiency and deduped VTL-to-VTL replication, there may finally be an opportunity to show real ROI for backup to disk instead of tape.

Examples of VTL dedupe technology include EMC DL3D, Sepaton S2100 and Quantum DXi Series.
Primary network-attached storage (NAS) data deduplication

VTLs introduce a lot of the same challenges that physical tape presents, such as tape contention, poor cartridge utilization and intolerance to high storage area network (SAN) latencies. In some cases, customers want the benefits of target hardware-based deduplication without the complexity and limitations of tape. In these cases, deduped NAS file systems may be the perfect remedy. Deduped NAS storage has some impressive cost advantages because it doesn't require SAN connections or VTL licensing in the backup software. In some cases, the deduped NAS storage can be used for more than just backups, such as highly duplicate archive data where throughput is less important than space savings.

Examples of NAS data deduplication technology include NetApp NearStore with Advanced Single Instance Store (ASIS), Data Domain's DD Series, EMC's DL1500 and Quantum DXi-series appliances.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

University of Utah lost 2.2 million Health Care and Social Security Records - June 26, 2008

Courier violated protocol, taking data home instead of directly to off-site storage facility  

Orlando Florida -- University of Utah officials this week acknowledged that a metal box of backup tapes containing billing records of some 2.2 million patients was stolen early this month from the car of a courier who left it in a parked car overnight outside his home.

The missing tapes were taken on June 2 from the car of an employee of Perpetual Storage Inc., an independent storage company hired by the university to transport its computer tapes to off-site facilities, said school officials. The tapes contained names, demographic information and Social Security numbers of patients of the University of Utah Hospitals & Clinics.

The health care system has suspended all backup tape deliveries to Perpetual Storage pending a full review of the company's protocols and procedures, said a university spokeswoman.

The spokeswoman confirmed that Perpetual Storage fired the individual involved with the data breach for violating company data security transportation protocols. The driver had been employed by Perpetual Storage for 18 years, she said.

The spokeswoman said the driver informed his employer immediately upon discovering that the tapes were lost. Perpetual Storage informed the University of Utah Hospitals & Clinics officials within 24 hours of the breach, she added.

Perpetual Storage did not immediately return calls by Computerworld seeking comment.

The university spokeswoman declined to say whether any of the missing data storage tapes were encrypted.

Lorris Betz, senior vice president for health sciences and CEO of University of Utah Health & Clinics, said in a posted alert that it's unlikely that any information on the backup tapes will be exposed to thieves. "Although it is unlikely that information on the tapes will be compromised, we are nevertheless taking aggressive steps to protect our patients' confidentiality," Betz said in the post.  "Not true" says Brian McCarthy President of Sencilo Solutions and well known speak of backup and security, "if their tapes do not contain encryption any one with a tape drive can read the files."

The university plans to mail notification letters to all patients whose data was held on the stolen tapes and offer them free credit-monitoring services. The missing tapes did not hold any credit card information, noted school officials.

The university is offering a reward of $1,000 for the return of the stolen tapes with "no questions asked." The Salt Lake County Sheriff's Department, the FBI and U.S. Postal Service are investigating the theft.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php
 

About Us
 

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
 

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Kissimmee, Lakeland, Maitland, Cape Canaveral, Lake Mary
Other products include Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp Compliance vs. Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management CA Symantec Juniper

 

EMC CLARiiON CX now shipping with Solid-State Drives (SSD) - June 20, 2008

Orlando Florida -- EMC Corp. will add a new Clariion midrange storage array with solid-state drives (SSD) over the next few months, SearchStorage.com has learned.  EMC began offering SSD in its enterprise Symmetrix systems earlier this year, and industry sources say that EMC will extend its support of SSD technology with the Clariion CX4-80, which is expected to be generally available in August.  Brian McCarthy President and EMC Partner stated "tier 0 is long over do, and welcomes moving his client based to this new technology". 

One source familiar with the SSD-supported Clariion arrays said the latest versions of Symmetrix and Clariion arrays share hardware components, including disk trays and outer skins. This makes it relatively simple for EMC to slot SSDs into the Clariion now that it's been done for Symmetrix.

EMC would neither confirm nor deny the rumors about the Clariion CX4-80, issuing a statement saying, "At EMC World, we spoke about the many benefits of flash technology, EMC's investment in testing and qualification, and that we would incorporate it into our product portfolio where it made the most sense. Beyond that, we are not going to be able to provide any specifics as to announcements, products or time frames."

Since EMC pledged in January to support SSDs in Symmetrix, other vendors, including Xiotech, FalconStor, Nimbus Data Systems, Hitachi Data Systems, NetApp and Sun, have also said they would support SSDs in enterprise storage arrays. That leaves Hewlett-Packard and IBM as the two major players who have yet to divulge their plans regarding SSDs in enterprise storage arrays.  HP and IBM are still playing catch up on so many fronts, done look for SSD any time soon, stated McCarthy. 

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

Where will it end? PCI compliance now extends to POS car washes, quick lubes - June 17, 2008

When Innive Systems, Inc., began integrating credit card clearing into its point-of-sale systems for car washes by connecting to a credit card clearinghouse over the Internet, executives at the company knew they had to do something to protect the machines.


At first, they advised their customers to install antivirus software. But over time, it became clear the customers weren't heeding their advice: Support calls soared as machines became infected with viruses and other malware. The outbreaks would prevent the vendor's POS applications, which are integrated with the car wash tunnel operations, from running and disrupt business. Support technicians spent hours cleaning up customers' systems.


"It really led us to look at the fact that they weren't being proactive in protecting themselves so we had to look for a solution," said Joe Jennings, network administrator at Daytona Beach Florida-based Innive Systems.


The company began looking for software that would work with its application and provide affordable protection for its customers. Jennings and his team put seven antivirus products to the test on a POS system. They threw viruses and spyware at each, and looked at how fast they allowed the Innive Systems application to run.


"We went through the entire gambit with each one," Jennings said.


In the POS world, anything that slows down the ability to produce a receipt is unacceptable, he explained. "You don't want customers standing there waiting for anything." In that respect, Barracuda Antivirus, stood out from the others. With it, a receipt popped out in less than half a second. CA's antivirus caused the longest lag at 20 seconds, Jennings said.


Jennings and his team also liked Barracuda proactive capabilities in blocking malware, its integrated anti-spyware protection, Eset's automatic updates, and low price. The initial plan was to resell the antivirus protection to customers, but with the PCI Data Security Standard becoming a concern, the company's president decided that it needed to be included with every POS system, Jennings said.


By including the antivirus protection with its systems, Innive Systems is helping its customers at nearly 3,000 car wash and quick lube locations comply with the PCI standard, Jennings said. Barracuda, which is installed with the POS server in active scanning mode for real-time protection, prevents viruses, Trojans or other malware from reading or extracting any of the data flowing from the POS device and server to the credit card clearinghouse, he said. No credit card data is stored on the POS device or server, he added.


The need to secure POS systems was highlighted in the recent indictment of three men on charges of hacking into computer systems at 11 Dave & Buster's restaurants and stealing credit and debit card numbers. The trio allegedly gained unauthorized access to the POS servers at each restaurant and installed packet sniffers designed to capture credit card data.


Security expert Brian McCarthy of Sencilo Solutions in Longwood Florida have said "a common security problem at retail locations are POS systems that are managed by third parties via unsecured remote access systems that often use blank or default passwords."


In addition to providing antivirus protection with its POS solutions, Innive Systems ships to each customer a router that's configured securely, without any standard open ports. And even before PCI compliance became an issue, the company realized it needed to replace its remote support solution for managing client machines with a more secure system, Jennings said. It chose the Bomgar Box, which he described as a secure, encrypted point-to-point system; no standard passwords are used and Jennings requires frequent password changes for employees.


In addition, Innovive Systems is working to get its software validated under the new Payment Application Data Security Standard. FL-DSS is based largely on Visa's Payment Application Best Practices (PABP) program.


Since the vendor starting shipping every system with Barracuda, calls to its support team about viruses and other problems dropped tremendously, Jennings said. The company also replaced its Symantec and Webroot Software antivirus products with antivirus on its corporate network.


For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php


About Us


Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.


Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland,     Cape Canaveral


Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp Compliance vs. Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management CA Symantec Juniper


 


 


 


The Next Generation of Backup will include incremental backups and CDP for VMware - June 13, 2008

Orlando Florida -- Symantec Corp. boosted its support for VMware's products in two new incremental releases for NetBackup at Symantec Vision.

The updates to NetBackup come as part of two new "double-dot" releases, NetBackup 6.5.2, which is available immediately and NetBackup 6.5.3, which is expected later this summer. "We have a new release model for NetBackup," said Matt Kixmoeller, vice president of product management for Symantec. "We're looking to get innovations to market faster, rather than just having an enormous big-bang release every few years."

Support for incremental and parallel snapshots of VMware hosts through NetBackup's VMware Consolidated Backup (VCB) integration are the main new features of the NetBackup 6.5.2 release, which also includes CDP and complete integration with PureDisk's data deduplication.

"On the large scale, the XenServer platform has some fundamental advantages," said Rob Soderberry, senior vice president for Symantec's storage and availability management group. "Our strategy is to create the best possible exploitation of the XenServer and VMware stack, and let customers and clients decide what they want to pursue."

Symantec is adding granular recovery technology into NetBackup. The feature was first incorporated into its product line with Backup Exec 11d, which allows unique object recovery from a single backup instead of through a secondary redundant backup that forced customers to use twice the space and time for backups if they wanted granular restores. Version 6.5.2 will make the feature available for Windows hosts, VMware hosts, and SharePoint Portal. Exchange integration will follow in NetBackup 6.5.3.

"Most snapshots, including Microsoft's VSS, don't allow you to get a file directly out without restoring the full snapshot," said analyst Lauren Whitehouse, Enterprise Strategy Group. "That feature puts Symantec a step above even Microsoft and other VCB integrations at this point."

NetBackup customer Eddy Navarro, a storage computer systems manager for J. Craig Venter Institute, said he's been waiting for the ability to schedule multiple concurrent snapshots of VMware hosts. "[In previous versions], NetBackup purposely set a cap on concurrent snapshots, meaning you could only schedule one at a time," Navarro said. This was done to avoid overwhelming environments that couldn't handle the load of parallel snapshots. "But, we have the infrastructure that can handle it," Navarro added.

Navarro said he's also looking forward to support for NDMP backups to disk in the new version. He wants that for his NetApp filers. While there might be ways to make the NAS backup standard dump directly to disk, Navarro wasn't familiar with them and wants all backups done through one portal. "I don't want to have to go back when I want to do a restore and say, now which way did I back this up?" he said.

New CDP, data deduplication integration

NetBackup 6.5.2 will also include the first integration with Symantec's CDP software acquired from Revivio in late 2006 and renamed RealTime 6.5.

NetBackup will be able to request snapshots from RealTime, but it will otherwise use a separate repository and interface until NetBackup 7.0 is released next year. While a new "NetBackup-like" interface on RealTime lays the groundwork for an integrated GUI, the repository will probably remain separate because Symantec expects users to deploy the "copy every write" software sparingly, according to Kixmoeller.

"The first generation of CDP struggled because there wasn't enough deep integration with applications," he said. With this re-release of Revivio's IP, NetBackup agents running on application servers will create pointers to quiesced snapshot copies in the CDP stream. The catalog of files and recovery screens will also be done in NetBackup.

Symantec has yet to integrate CDP with replication, another item on its roadmap since last year. "Symantec supports several replication products," said senior analyst Eric Burgener, Taneja Group. "Depending on how replication is linked into the CDP process, it can make it difficult to unlink it and use it with something else."

NetBackup 6.5.2 also completes an integration process between NetBackup and Symantec's PureDisk data deduplication software that has been ongoing since NetBackup 6.1. PureDisk agents can now perform data deduplication at the client, backup media server or target. Symantec is also supporting a stack of PureDisk, Veritas Cluster Server and Storage Foundation to create a grid architecture for post-process data deduplication on the target side.

While this stack of licenses could get confusing, the number of options Symantec is offering is more important, Whitehouse said. "It allows you to coordinate your backup strategy to your workload." "And, setting up various agents is a process you only do once."

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

CEO fired after major data lost! - June 7, 2008

The practice of sending across the country unencrypted, CD-based files on millions of child benefit claimants could have continued indefinitely if the discs hadn't gone missing, we have learned.

Orlando Florida -- Seven months before the CDs went missing, HM Revenue and Customs had already established a practice of transferring onto CD, for despatch by post, insecure, though password-protected, files on millions of child benefit claimants.

The lost discs contained details of all child benefit recipients: records for 25 million individuals and more than seven million families.

The records included parental names, addresses, dates of birth, child benefit and national insurance numbers and where relevant bank or building society details. Paul Gray, the chairman of HM Revenue and Customs, has resigned because of the incident.   This is not uncommon to see CXOs being asked to resign because of a data lost on their watch, after all it's the CXO who is signing or cutting the IT budget, say Brian McCarthy President and well know Security Consultant for Sencilo Solutions based in Orlando Florida. 

The practice of transferring all of the child benefit data onto CDs began in March this year after HMRC's auditor, the National Audit Office (NAO), ceased to accept sample records for its audit of the department's accounts.

In the past officials at the Department for Work and Pensions had selected sample child benefit files and passed these to the NAO whose auditors checked for possible fraud and error.

But in March this year, for an audit of HM Revenue and Customs's 2006/7 Resource Accounts, the NAO, to do a more robustly independent check on the child benefit data, requested a full copy of the details of claimants, not merely a part of the data that had been selected by the department.

Though HMRC does have rules on handling sensitive data, it is unclear whether it had specific, established procedures for handling the request of the National Audit Office.

Aware that the files on child benefit claimants were sensitive, the NAO in March 2007 asked that HMRC filter the information before sending it to the audit office. The National Audit Office asked for the child benefit records to be stripped of details of the parents, addresses and bank information, which McCarthy states is a best practice here in the States. 

HM Revenue and Customs replied that it could not do this - its systems were not sufficiently flexible. It explained it could download only the whole of the information. So it sent to the NAO, by courier-post, all of the details of parents and children, including some bank account details.   Not true states McCarthy, their are disk based encryption appliances on the market today which can protect anything from a USB hard drive to tapes, HM has their heads in the sand.

That was when the insecure practice began of HMRC sending unencrypted files to the National Audit Office. No alarm bells were raised over the practice in March 2007.

It appears that it was thought easier to send the claimant files on CD than trying to send them electronically. This raises questions about whether government departments are routinely sending CDs with sensitive data around the country, thus avoiding technical challenges and security restrictions on exchanging files electronically.  Easier, how is anything that is a manual process and the cost of mailing a disc easier?

So in March 2007 HM Revenue and Customs transferred the child benefit data onto CDs and sent them by courier-post from Washington, Tyne and Wear, to the National Audit Office which is near Victoria Station in London. They arrived safely - and the practice became established.

The data was sent to the NAO only partially formatted. It had to be loaded on the National Audit Office's mainframe systems before it could be manipulated.

In October this year, when the NAO wanted to do an audit of HMRC's 2007/08 Resource Accounts, it again asked the department for its child benefit data.

The sequence of events:

2 October 2007: The NAO formally asks HM Revenue and Customs for files on child benefit claimants.

18 October: HMRC tells the NAO that the CDs have been sent

24 October: The NAO informs HMRC that the discs have not arrived. The NAO asks for a second set to be sent - it needs them urgently to ensure an audit of HMRC's accounts is not delayed.

25 October: The NAO confirms receipt of the second set of discs. It staff point out that the first set has still not arrived.

5 November: HM Revenue and Customs confirms that the first set of CDs is still missing.

8 November: The NAO begins a search for the missing CDs and the loss of the data is raised formally as a security incident. It is only at this point that HMRC's senior management is informed - but not the Chancellor of the Exchequer Alistair Darling who is responsible for HMRC.

10 November: HMRC with the cooperation of the NAO begins a search for the CDs at the offices of the audit office at Victoria. The NAO has no record of having received the first set of CDs. Only now is Alistair Darling, the chancellor, informed.

11 November: HM Revenue and Customs and the police search the NAO's offices. Nothing is found.

20 November: Alistair Darling makes a statement to the House of Commons on the missing discs and Paul Gray, the chairman of HMRC resigns.

21 November: HM Revenue and Customs issues an apology.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management

How much should you spend on disaster recovery (DR)? - May 31, 2008

Orlando Florida -- It's a trick question that few, if any, storage administrators know how to answer. You can easily spend a king's ransom to protect your data, but few companies have that kind of money. The key to cost-effective DR is first placing a value on the data--and understanding how the data's value changes over time--and then matching various data protection technologies to that value.  Here in Florida Hurrican season starts tomorrow, June 1 and last until November 30th.  So my guess to those of us in the Gulf States - Will you be ready? 

In an earlier blog (see The search for cost-effective disaster recovery), I described how to develop an application/data classification foundation (ADCF) that lays the groundwork for cost-effective DR. This foundation has six steps:
Classify each application and its data into four categories:


  • Mission critical

  • Essential

  • Important

  • Less critical



  • Determine the required recovery point objective (RPO) and recovery time objective (RTO) for each class of data.

  • Determine the available DR options per class of data.

  • Establish each option's TCO for the expected life of the implementation.

  • Evaluate the skills required at all DR locations.

  • Match the data, DR options and skills to the budget to determine the breadth of the DR GAP (the difference between the level of DR required and the level of affordable DR, or the difference between the actual level provided and the level required).

  • Remote mirroring

  • Remote mirroring provides data accessibility protection for an application using physically separate locations. While similar to mirroring within a RAID array, remote mirroring takes place over MAN or WAN distances. It's usually between storage arrays or storage appliances, and can be synchronous or asynchronous.


Synchronous remote mirroring is the highest possible level for DR RPO and RTO. The RPO is "zero" lost data, and the RTO is typically seconds to minutes. Synchronous remote mirroring does this by neither completing nor acknowledging the local write until the remote write is completed and acknowledged. Additional writes can't occur until each preceding write has been completed and acknowledged. This means local performance is directly related to the performance of the DR remote device; distance is the limiting factor. Remote synchronous mirroring is rarely deployed for circuit distances greater than 160km (100 miles).  http://www.sencilo.com/storage-software.php

With asynchronous remote mirroring, local writes are completed and acknowledged before the remote writes. Asynchronous remote mirroring is a "store-and-forward" technique that reduces I/Os and wait delays, allowing remote writes to fall behind the local writes. This means the RPO for lost data can range from seconds to minutes, and even hours in some cases. Asynchronous remote mirroring is most often utilized when the remote site is a long distance from the local site.

The primary advantage of both synchronous and asynchronous remote mirroring is the minimal (asynchronous) to zero (synchronous) risk exposure in losing data during a disaster. A secondary advantage is the potential for quick data recovery when a disaster occurs. Remote mirroring doesn't require server agents, and it provides heterogeneous server and application support. 

Remote mirroring applications are often pricey, the equipment is usually expensive, and it typically requires at least twice the primary disk space and sometimes much more. However, when the lowest possible RPO and RTO are the requirement, remote mirroring is the answer.

Another disadvantage is that remote mirroring doesn't prevent a rolling disaster, data damage, corruption or accidental deletion. If data is corrupted, damaged or deleted at the primary site, it will also be at the DR site. Some asynchronous remote mirroring products timestamp each transaction and allow recovery to a point in time before the corruption or deletion occurred, but they're exceptions to the rule. This means procedures other than remote mirroring must also be implemented to allow for recovery of corrupted, damaged or deleted data. Other disadvantages include lack of support for heterogeneous arrays, no support for internal storage, and nearly no application and file information.

Less-expensive alternatives to remote mirroring can also provide the lowest possible RPO and RTO. They're generally continuous data protection (CDP) products and include time-based continuous snapshots, automated backup, replication of changed data and automated, generational-change distributed backup. They offer a lower TCO than remote mirroring, support heterogeneous storage and provide better rollback capabilities. But they usually require installing and managing agents. 

Backup
Backup applications copy primary stored data directly from the application server and move it over TCP/IP networks to a local backup server or remote DR backup server. The server then writes the copied data to disk or tape. RPO is the window between backups or incremental backups. RTO is minimally hours, but usually days to weeks.

While backup is the primary DR application deployed in most IT organizations, it also has the highest failure rate. Failures can be attributed to user error, bandwidth issues, throughput issues, tape issues and even application server availability requirements. http://www.sencilo.com/prod-storagesoftware.php

The primary advantage of backup is its familiarity--it's a known quantity, both good and bad. Storage administrators know how to deploy and use backup, and the TCO is relatively low depending on the storage environment.

The two key disadvantages of backup are that its RPO and RTO are usually quite high, and backup is a local process. There are exceptions, however. Several backup programs distribute and centralize backup while providing continuous incremental backups, shrinking the RPO considerably. Unfortunately, recovery time is still a lengthy process. Data consistency and usability--the ability to use the backed up data without modification, reordering or re-creation--may also be a problem. Backup programs require server-based agents and backup costs escalate sharply as the environment scales and grows more complex.

Backup products are evolving and improving. Virtual tape, disk-to-disk-to-tape (D2D2T) and massive array of idle disks (MAID) technologies speed backups and recovery times. New types of backup software, such as content-addressable storage (CAS), reduce the amount of data required to back up by sending only changed data and meta tags about data. This significantly reduces recovery times and dramatically increases recovered data usability. Distributed backup eliminates the installation of server agents. These new types of backup have RPOs and RTOs that can be used for critical data. http://www.sencilo.com/storage-data-deduplication.php

Replication
Replication software replicates data from server to server synchronously and asynchronously. There are incremental and CDP modes. Replicated data travels over TCP/IP networks to a remote server's disk, and then a backup client is needed to move the data to a storage device. RPO for replication is similar to the RPO for storage array remote mirroring, depending on whether it's synchronous or asynchronous. RTO can be a little faster because the DR application servers are already collocated with the DR storage.

Replication software is easy to install and operate. It can run locally and distributed, and because it's server-, storage- and infrastructure-agnostic, there are no hardware lock-ins. Replication software costs are less than those for backup software and much less than storage array-based remote mirroring. Replication has evolved to include application-aware agents, continuous protection and rollback capabilities. One important benefit to replication is data migration. Replication software simplifies the process and replicates only the data that needs to be replicated in a non-disruptive manner.

Replication software can't prevent damaged data from being replicated, and server agents must be maintained and managed. RTO can be significantly increased if there's a single DR server caching the replication from different application operating systems. In the event of a disaster, all data must be recovered and rewritten before the applications can access the data. This is similar to backup. If there's a DR replication server per operating system, the RTO rivals storage array mirroring.

Snapshot
A snapshot provides a point-in-time reference marker to data stored on a storage system. Snapshots are a way to speed RTOs. There are two primary types of snapshots: copy-on-write and split-mirror.

A copy-on-write snapshot stores changes and additions to existing data. Data recovery is rapid in case of a disk write error, corrupted file or program malfunction; however, all of the previous snapshots must be available if complete archiving or recovery is required. A split-mirrored snapshot references all the data on a set of mirrored drives where one is local and the other is local or remote. Each time the snapshot is run, it snaps the entire volume, not just new or updated data.

Snapshot is easy to install and operate. A copy-on-write snapshot provides a short RTO and a relatively slow RPO (data must still be recovered before it can be used). Split-mirror snapshots have a relatively long RPO, but they speed data recovery (RTO), duplication and data archival. One important benefit to split-mirror snapshots is that it's possible to access data offline for tasks such as data mining and offline production data testing. Some snapshot applications provide continuous snapshots and rollback capabilities based on a point in time, which offers faster RTO.

A split-mirror snapshot uses a lot of system resources and will degrade the performance of the platform it's running on while it creates the snapshot. And snapshots can't prevent a rolling disaster of snapping corrupt data.

DR hardware platforms
There are four principle hardware delivery platforms: storage array, general-purpose server, purpose-built storage appliance and the intelligent storage networking switch. The storage array is a purpose-built storage server for block or file-based storage. Many storage vendors provide optional storage array DR software, which includes synchronous and asynchronous remote mirroring and snapshot. These software products are typically specific to the individual vendor and its storage offerings.  http://www.sencilo.com/storage-area-network.php

Storage array-based software usually doesn't require application server agents. The arrays are server operating system-agnostic and the DR applications run fast. They are also installed in thousands of locations, and are proven and mature.

However, the array DR applications don't work with heterogeneous storage. In general, they don't have file-level or application awareness. (Array applications with application awareness use agents.) Storage array IOPS and throughput decline while DR applications are running. And these DR applications are licensed and managed on a per-array basis. Storage array DR applications have some of the highest TCOs and, in some cases, consume more raw storage than non-array based alternatives.

General-purpose servers have very low acquisition costs and low TCO. Implementing, servicing and managing them are known quantities. Performance is tunable and DR application performance leverages ongoing improvements in server technology. Increasing performance or scalability may be as simple as buying the next-larger server, and more memory and processing power. Other advantages include support for heterogeneous storage, and application and file-system awareness. General-purpose servers require DR application agents.

The purpose-built storage appliance is nothing more than a DR application optimized server. A good way to think of the purpose-built storage appliance is to view it as a networked storage controller. It leverages technologies specifically optimized for storage DR applications. Optimization includes I/O performance, throughput, scalability and high availability (no single point of failure). TCO is definitely lower than for the storage array or intelligent server, but the purpose-built appliance is proprietary. It may also have higher initial acquisition costs and may not keep up with server technology advances.

The intelligent storage networking switch is a relatively new DR delivery platform. The storage area network (SAN) switch is the ideal system to provide DR applications because it sits between application servers and their target storage, and it also has visibility into all servers and storage targets.

There are two principle types of intelligent storage-network switches. The first essentially integrates the purpose-built storage appliance as a server blade into a Fibre Channel SAN switch or director. The second packages it as a storage software delivery platform that just happens to use switching as part of its architecture. It leverages a new technology called split path acceleration of independent data streams (SPAID). SPAID improves performance by separating the control path (the slow path) from the data path (the fast path). It enables out-of-band virtualization without requiring server agents and runs most DR software applications without any changes. Initial costs and TCO will probably be much higher than for non-integrated systems.  http://www.sencilo.com/back-up-restore.php

No other platform has the DR application performance potential of the SPAID intelligent storage networking switch. SPAID switches have an inherently higher level of reliability, availability and serviceability than storage appliances because of the separation of control path from data path. Unfortunately, there are only a small handful of products that use the SPAID architecture. These include software from Incipient Inc., Maranti Networks, StoreAge Networking Technologies, Troika Networks Inc. and Veritas Software Corp. Of these, only StoreAge has a comprehensive suite of DR applications that works with all of the SPAID intelligent storage networking switches. Maranti has its own suite of DR applications, and Troika is working on a suite with tie-ins to other software-based DR applications. Incipient and Veritas are currently limited to volume management only.

Remember, a cost-effective DR strategy requires a mix of DR applications running on several platforms. Managing cost and effectiveness requires matching the value of the data to specific DR capabilities. This mix-and-match approach will reduce overall DR cost while meeting the organization's needs (see Sorting out disaster recovery options). Of course, this process must be repeated periodically to re-evaluate new technologies, products, SLA requirements and compliance regulations.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/continuity-disaster.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

Simply steps to reduce your IT's carbon footprint - May 31, 2008

Lake Mary Florida -- The National Association of State Chief Information Officers (NASCIO) believes CIOs should be on the frontlines of their states' environmental programs and policies. The organization, which advocates for technology policy, urges its members to take steps now to become leaders in reducing their states' carbon footprints, issuing a 17-page brief on ways to do that.

Although specific to state CIOs, NASCIO's recommendations can be employed by large organizations as well. Here are the group's tips for getting started:

Develop a plan: States that have developed green IT plans, including Missouri, Kansas and Oregon, have incorporated ideas for green efforts in nearly every aspect of their state CIOs' jurisdictions. These include purchasing equipment, recycling, and consolidating and virtualizing data centers, among other areas. Reaching out to states that have developed plans can help put you on the path toward implementing green IT initiatives.

Establish a baseline and determine a metric: Before you move a project forward, ascertain where your state is on energy consumed, greenhouse gas emitted, etc. Developing a baseline and a way to measure progress can be built into a total carbon footprint reduction plan at the outset of an initiative, For state data centers: The Green Grid and other industry groups have published a metric that can tell state CIOs how much energy is spent on the productive use of IT versus wasted on the physical infrastructure.

Track and monitor success: Once a metric is determined, continue to track and monitor a project's success rate. For example, in following a data center consolidation initiative, examining the energy usage rate prior to consolidation and then comparing that to energy usage in the aftermath of consolidation can help determine success and show the benefits accrued from the project.

Become a transformational leader: Utilize existing authority through enterprise architecture or other means to drive toward greener practices without making major jurisdictional policy changes. In other cases, state CIOs must often work to gain authority to implement these programs for their employees. For instance, despite the significant increases in employer adoption of telework, it still remains a subject of debate, particularly among older workers. In order to incorporate a telework process, state policy issues must first be resolved. By emphasizing these green benefits of telework, state CIOs may be better poised to advocate for the implementation of these initiatives.

Don't go it alone -- enlist partners: Collaborate with other agencies within your state to establish jurisdiction and authority and to gain buy-in for a green IT initiative or agenda. Reach out to other states to gather best practices and lessons learned. Engage staff members -- they also hold a stake in enterprise success and may be eager to help drive these green efforts. Tell vendors green initiatives are important to your state. Many vendors offer green components to their products and services, as well as those dedicated solely to incorporating green practices. 

Reach-out to a trusted advisor like Sencilo Solutions of Lake Mary Florida that has consolidated 100's of data center thoughtout Florida.  Brian McCarthy CEO and Consolidation Consultant advises companies to start small, move your under utilized file servers over to a modern NAS storage device.  Most files servers use 80 to 160 giga-byte drives, today's drives are 1,000 giga-bytes with 1,500 gigs units arriving later this summer.  Next look at VMware to again consolidate those old Compaq, Gateway, etc. servers in few VM servers.  Sencilo has just completed a Florida based Bank and retired several hundred servers in favor of ten dual CPU, quad core units. http://www.sencilo.com/network-attached-storage.php

Leverage the circumstances: With rising energy costs -- particularly fuel prices -- on the mind of nearly every citizen and lawmaker, green initiatives will likely be met with unprecedented support. State CIOs are uniquely poised to become leaders in the green IT revolution.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-consolidation.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4 FAQ Storwiz Primary Storage Compression Ocarina Networks

Stolen data ending up in Google cache, say researchers - May 31, 2008

Orlando Florida -- The Finjan security researchers, who uncovered several unprotected hacker servers containing the sensitive email and Web-based data of thousands of people, demonstrated how easy it is to find the data using Google.

By using a simple string of search terms the researchers were able to find stolen passwords and usernames, Social Security numbers, and even the usernames and passwords of internal databases of companies all stored in Google's public caching server.

Google returns the results based on log files available on the unprotected servers. The servers stored stolen data collected by Trojan horses running on infected end-user PCs, Ayelet Heyman, a researcher at Finjan's Malicious Code Research Center, said in Finjan's Malicious Code Research Center blog.  It not that hard to protect these assessts, says Security Consultant Brian McCarthy of Sencilo Solutions.  Sencilo can provide both security services that can true up open areas but also we offer products to close and protect your company information. 

"Google just indexed these log files as they do with any other public file on the Web," Heyman said. "It's not a hoax as some people wrote; it's 100% harsh reality."

It's not the first time the search engine giant was used to uncover sensitive data or common security flaws in websites. Penetration tester Johnny Long was the first to make headlines explaining ways to turn Google into a malicious tool. Long's website has a Google hacking database. Tom Bowers, managing director of Allentown, Pa.-based Security Constructs LLC has also warned that IT professionals must learn how hackers use search engine queries to ensure sensitive data doesn't end up on the public caching servers.

Heyman urged people not to blame Google for caching the stolen information. Google indexed the log files on the server as they do with any other public file their crawlers find on the Web, Heyman said.  McCarthy goes on record and says Finjan and Heyman are nuts to cast the blame of Google, or another search engine company. 

In April, Finjan announced that it had discovered an unprotected server and others used as a drop site for the AdPack exploit toolkit. The server wasn't encrypted and no authentication was used to access it.

Yuval Ben-Itzhak, Finjan's chief technology officer, said more and more stolen data is turning up on popular search engine caching servers. The increase in sensitive data on search engine servers is likely due to the easy availability of crimeware toolkits such as NeoSploit, MPack, and AdPack. The toolkits make it easy for a novice to quickly find an unused server and begin stealing data. 

"The whole idea for selling these toolkits is to provide to people who are not security experts and do not have a computer science background," Ben-Itzhak said. The management features enable the criminal to use social engineering tactics and target a country or IP, or even by log types, he said.   http://www.sencilo.com/security-web-application-controllers.php

The researchers discovered sensitive information from Microsoft Outlook accounts including mail and personal folders, calendar, public folders and contacts. A mountain of healthcare information was also discovered, including personal data, health data, treatment, medications, insurance details, Social Security Numbers, and healthcare providers' data, including the physician's name. Banking data, including credit card numbers and account login numbers were also discovered on the server.

Businesses are also not immune. A large chunk of business data was discovered, including network folders and business contacts. Personnel files and business files marked confidential were also stolen using a Trojan. One message revealed details about an upcoming court case, while a few others contained business financial data such as invoice information.

The Finjan researchers said they notified more than 40 major international financial institutions located in the United States, Europe and India whose customers were compromised as well as various law enforcement agencies.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management

State Street's lack of security policies to blame for the lost of 45,000 Social Security Numbers - May 31, 2008

Jacksonville FLorida -- State Street Corp. is the latest firm to acknowledge a data breach, after a contractor hired to conduct data analysis lost a disk drive containing the personal information of 5,500 employees and 40,000 customer accounts.

State Street disclosed the information on its website four months after it learned of the problem. The financial services firm said Thursday that it began notifying employees and customers of the former Investors Bank & Trust Company, which it acquired in 2007. 

"As a precaution, State Street is notifying legacy IBT employees and certain legacy IBT customers that have been identified as having certain personal data on the stolen equipment," the firm said in a statement.

IBT contracted out a legal support service to review its electronic records and compile data for federal regulators as part of the acquisition in 2007. The data was initially encrypted, but State Street said the vendor unencrypted the information when it loaded the data onto computer equipment, which was stolen from its facility.

The information included individuals' names, addresses, dates of birth, and Social Security numbers.

State Street said it notified state and federal law enforcement, which is conducting an investigation. The firm said it took several months to reconstruct analyze a copy of the data stored on the stolen equipment. So far State Street customers and employees are not affected by the breach. State Street said it would be offering free to the victims that its analysis indicates may be affected.

The loss of disk drives and tapes is prompting more businesses to encrypt data at rest, said Scott Crawford, an analyst with Boulder, Colo.-based Enterprise Management Associates. 

In the State Street breach, the vendor handling the data unencrypted the information to conduct its analysis, but never encrypted it again. It happens often and companies sometimes fall prey to a false sense of security when deploying encryption. Ultimately the data is going to be accessed and sometimes another instance of the data is made that goes unencrypted, experts say. 

"The devil is in the details of implementation with crypto, where a poor implementation of a good algorithm gives a false sense of security and it's potentially worse than not using encryption at all," Crawford said. "Even when experts are involved, the processes can be a killer." 

What technology can do ends at how effective it is in managing or enforcing how people actually work with the data, Crawford said. Banks and financial services firms must comply with Basel II regulations with address operational risk management.

"Financial services have more motivation to be more thorough in managing operational risk, including risks posed by business partners," Crawford said.

Firms should have a centralized vendor management process in place that takes into account risk factors and be continually assessed to determine if the vendor is meeting the security requirements, said Ramon Krikken, a research analyst at Midvale, Utah-based Burton Group.

"Financial institutions are relatively quickly catching up with whole vendor management issue, but security has been an afterthought with vendor management," Krikken said.

Vendor evaluation should include assigning a risk score based on the sensitivity of the outsourced process. Vendor contracts should cover security issues and safeguards based on the risk factors assigned to the data, he said.

"It all comes down to having solid vendor due diligence, an area getting an increasing amount of attention," Krikken said. 

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management



headerbottomrounded