Information Technology Navigator

 

Mimecast held their 2020 Cyber Resilience Summit remotely this year, providing some interesting updates to their suite of cyber security tools.  As a leading Email Security Gateway, Mimecast has expanded their portfolio over the last few years into a more robust and comprehensive framework that they have dubbed “Email Security 3.0”.

 

The Email Security 3.0 Framework can be broken out into three zones of protection:

Zone 1:  Perimeter – This is your traditional email delivery path and is saturated with relentless attacks.  In order to protect against these threats, Mimecast leverages their advanced Targeted Threat Protection including impersonation protection, attachment sandbox, and URL Protection.

Read More

On February 11 2020, Microsoft released a patch for Exchange Servers that would fix a vulnerability pertaining to unauthorized access to the backend of the Exchange Control Panel. There is now confirmation from a source at the United States Department of Defense that multiple nation-state backed actors and other ransomware gangs are actively and maliciously exploiting this vulnerability on unpatched systems. The vulnerability results from the Exchange Server failing to properly create unique cryptographic keys at the time of installation. The hackers’ sophisticated exploits circumvent encryption, granting them full access of the server.

It is imperative that the latest patches from February 11^th be applied as even a single Exchange instance puts you at risk.

Read More

 

For many of us, a rock-solid business continuity/disaster recovery (BC/DR) plan can mean the difference between a good night’s sleep and living in constant fear of impending doom. Hyperbole aside, many BC/DR plans are under-tested, under-architected, and misunderstood by businesses. Sure, you may have a copy of your data at a secondary site, but how do you know it’s accessible to applications in the event of a failover? How do you ensure your most business-critical applications (complex interdependencies and all) come online properly and quickly? How do you automate and orchestrate changes to networking or startup scripts when your VMs fail-over? Just as importantly, how do you effectively test that all of this will work when it matters most? 

Read More

The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.

It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:

Read More

As businesses continue to look to the cloud to improve efficiency, reduce costs and meet the need for agility, data protection has been a workload worth strong consideration. As an alternative to tape, the cloud provides the potential for “cheap and deep” storage targets for data that needs longer-term retention, but not necessarily the recovery performance of local storage. However, those who have migrated backup to the cloud have been unpleasantly surprised by high cloud storage costs and suboptimal performance. The culprit: lack of deduplication.

Read More

Becoming a publicly traded company has a profound impact on the way a business operates. The technology that is in place, and how it is deployed, can also come under close scrutiny. That was certainly the case for one of Daymark’s life science clients whose pending IPO put a spotlight on network security and data protection. In this blog, Steve Caprio, Daymark Cloud Consultant, answers some questions on the security journey of this enterprise.

Read More

As a Daymark Senior Data Protection Consultant, I genuinely get excited when I can learn about new features and approaches that help keep our clients’ data efficiently backed up, recoverable and secure. So, I was excited when Veritas nominated me to attend their 2017 Data Protection Interlock, an invitation-only global technical training event.

Read More

Cybercriminals continue to use phishing attacks on individuals within enterprises. With increased sophistication and multiple attack vectors, businesses must be vigilant at every step of the way to prevent infiltration. Let me share a recent example-

Today I received an email from a recruiter. It’s not out of the ordinary for recruiters to ping us with resumes hoping that we will see a fit for their candidate. This one was well written, had a company logo, and a picture of the sender. Including pictures is a growing trend with recruiters

Read More

To date, we’ve looked at making a compelling financial case for an investment in software and making the business case for a new disk array. In this last blog, I’ll talk about making an increasingly frequent IT decision, seeking the expertise of an IT Managed Service Provider.

Read More

Data protection. Storage professionals have been worrying about securing, backing up, and restoring data pretty much since computers came into use. And just when you think you’ve got it figured out, there’s a new wrinkle – a new regulation, a new data source, a shorter backup window, and endless new technologies to manage it all. Here are answers to some of the most frequent questions our customers ask in the never-ending battle to protect data and manage data growth:

Q. What’s the most common missing element in an enterprise’s data protection strategy?

A. Two things come to mind – First, an active and consistent review of backup success, as indicated by the ability to perform an effective and timely restore. And second, a lack of policy based backup that mirrors the enterprises’ document retention requirements.

Read More