Technical
Data Security Backup Rules
Mar 17th
If you back up your data to a managed service provider’s server or to the cloud, does your provider need to meet all of the data security standards you do? This vexing question becomes more complex as the number and scope of standards expands.
The Payment Card Industry Data Security Standard (PCI DSS) is a contractual obligation between credit card providers VISA, Master Card, and American Express with companies that that process credit card data and maintain personally identifiable information (PII). The standard is very prescriptive as to how data is protected and transmitted, but it does not require that a third party storing such data be required to meet the same data security requirements as the company that owns the data. That means it is perfectly acceptable for a company that processes credit card data and that has PII, such as credit card numbers or Social Security Numbers, to encrypt the data and then store it offsite. — just so long as your storage provider does not have the encryption keys and has no way of decrypting the data.
The key to protecting data that is backed up or archived is encryption. According to the PCI DSS standard, “Implement and use strong cryptography (such as SSH, VPN, or SSL/TLS) for encryption of any non-console administrative access to payment application or servers in cardholder data environment.” If data is encrypted, the standard allows for that data to be transmitted to a third party without additional security measures at the receiving site. That said, it behooves you to use secure data backup partners, regardless of what the standard say.
That is not the case for all standards. If, for example, your company is governed by The Health Insurance Portability and Accountability Act (HIPAA) of 1996, then your provider will indeed need to be HIPAA compliant as well. Federal regulations are very strict when it comes to medical records, although there is plenty of flexibility in the standard that defines who can have access. Essentially, authorized individuals include everyone from medical practitioners and hospital or clinic personnel to insurance adjusters and clerks.
Some non-medical or medical-related groups, such as law enforcement and federal intelligence agencies, also can obtain access to HIPAA-protected medical records, with or without a warrant. This becomes an issue when the records are held by a third party, such as an MSP. If a warrant is required to access confidential corporate data, only the company that physically holds the data – the MSP or cloud storage provider, for example – would get the warrant; the owner of the data might not know the data is being released.
If your company is bound by any data security standards, it is incumbent on the IT manager to know if that data can be encrypted and stored off-site. Failure to follow the rules set forth in the standards could end up costing the data’s owner with significant fines, loss of your corporate reputation, and in some cases, potential criminal litigation.
For more information on backup and disaster recovery, visit http://www.genie9.com
Should You Back Up a Virtual Machine?
Mar 6th
Virtualization has been touted as the future of data center computing — fewer pieces of hardware are consolidated to address the same or more computing requirements than in the past. However, as IT managers consolidate their resources, the question arises: Do I back up my virtual machine or simply make another copy of it?
One of the misconceptions about virtualization is that as you reduce the amount of computing resources, you also reduce storage resources. In fact, the opposite is true; storage becomes more important and a larger percentage overall of the IT budget.
Generally speaking, backup software will treat the virtual machines differently than a physical server. Running multiple virtual servers on a single physical server results in better resource use during normal operations but can, in some cases, overwhelm those resources during backup. When you have multiple virtual servers running on one host, performance could be reduced during a backup as applications battle for bandwidth. You can, however, run the backup in the background, reducing this fight for resources.
Backing up a in a virtual environment generally requires that VMs be shut down or put into a saved state. This is because part of the virtual machine state information is stored in memory. The state information in memory, plus the state of the virtual hard disk files, along with the state of the configuration file, makes up the current state of the virtual machine. If you choose to back up the files for a running virtual machine, they are most likely in an inconsistent state. Backing the virtual volumes in this state can result in corrupted data in the backup copy.
For additional information on backup products and technology, visit www.genie9.com
Transition to IPv6
Mar 1st
In 1977, father of Internet, Vint Cerf was the program manager for the ARPA Internet research project; he created IPv4 and chose a 32-bit address format for an experiment in packet network interconnection.
And that was the beginning; for more than 30 years IPv4 was used to connect billions of people all around the world until the Internet Corporation for Assigned Names and Numbers (ICANN) announced that it has distributed the last batch of its remaining IPv4 addresses to the world’s five Regional Internet Registries (RIR), the organizations that manage IP addresses in different regions. These Registries will begin assigning the final IPv4 addresses within their regions until they run out completely, which could come as soon as early 2012.
So now what?
IPv6 (with 128 bits address size, that is 2128 IP addresses) must be adopted for continued Internet growth.
However, Internet users won’t notice the effect of IPv4 depletion in the foreseeable future, but in the future there may be parts of the Internet that you cannot reach if the website or service is an IPv6 only network, and your Internet Service Provider (ISP) does not provide its customers with IPv6 addresses.
As a response, the Internet Society (IS) and large site operators, like Google, Facebook, and Yahoo, have agreed to test their readiness for IPv6 and announced for “World IPv6 Day”. A 24 hours test period for the Internet’s savior in which the participants will offer their content over IPv6. The goal of the Test Flight Day is to motivate organizations across the industry – Internet service providers, hardware manufacturers, operating system vendors and web companies – to prepare their services for IPv6 to ensure a successful transition.
So are you ready?
Mirroring is not Backup
Feb 17th
Although backup and disk mirroring are often used interchangeably, a mirror is decidedly not a backup. Mirroring and backups serve different purposes. A mirror is designed to keep your system up and running in the case of a hard disk failure. While a backup essentially serves that purpose, it is designed to provide you with data protection should a file, folder or an entire disk drive fail.
Let’s say you have a system with two 500 GB drives configured in a RAID 1 mirror. Any data written to one drive is automatically duplicated to the other. This is great if you are concerned that you might be susceptible to a disk drive failure. Should your primary hard disk fail, all you need do is move the mirror into the primary drive’s position and keep going. But mirrors come with their own set of issues. Let’s say your antivirus or antimalware software allows an infection to get by. Now you have a problem on both your primary drive and the mirror. Mirrors let bad things happen much faster.
Now let us assume that you are backing up your primary drive with either a file- or image-based backup software and your primary drive gets a virus. You have options. If you have a file-based backup, you need only to clean the primary drive and then copy the cleaned files to your backup. This is the same technique you would use for backups to cloud-based backup environments.
If you back up using sector-based disk images backed up to local drive or network-attached storage device and your image becomes infected, simply mount your image as a virtual disk in read/write mode. Run your antivirus software against the mounted image and clean the virus. Once that’s done, save the image as an incremental backup and your image will be clean.
Some computers ship from the manufacturer with a preconfigured disk mirror. Don’t be mislead that you have a preconfigured backup; you don’t. There are a variety of RAID configurations that are designed to protect data, but each serves a different purpose. For RAID 1, the disk mirror, the purpose is protection from a failed hard disk.
Introducing Genie Timeline Business 2.1
Aug 9th
Genie-soft proudly introduces our latest software Genie Timeline Business 2.1.
Genie Timeline Business 2.1 was created to cater to the backup needs of businesses looking for a powerful, reliable, easy to use software that will ensure full system backup and recovery for every computer. Whether your company has 5 computers or 5,000 computers you can dramatically reduce the time of deploying your backup system with the use of the Administrative Template (ADM) component that works with Active Directory and Group Policies to pre-configure all backup settings and perform remote deployment.
To learn more about Genie Timeline Business please visit our site: http://genie-soft.com/business/genie_timeline_business/overview.aspx
To download a free trial of Genie Timeline Business please fill out this form: http://genie-soft.com/business/genie_timeline_business/download.aspx
Windows File Systems: Types and Limitations
Jul 6th
What are file systems?
File systems are methods of storing and organizing data on your computer. File systems are used on data storage devices such as hard disks or CD-ROMs to maintain the physical location of the files on these media types.
But how does that affect my data and computer operations?
For each type of file system there are certain specifications and limitations that govern the way you can read and write data on your disk. Windows makes use of the FAT and NTFS file systems.
FAT
File Allocation Table (FAT) is supported by all versions of Microsoft Windows. Older versions of the FAT file system (FAT12 and FAT16) had file name length limits this is commonly referred to as the 8.3 filename limit. VFAT, which was an extension to FAT12 and FAT16 introduced in Windows NT 3.5 and subsequently included in Windows 95, allowed long file names (LFN).
To address the need for even larger storage capacity, Microsoft introduced FAT32 with Windows 95 OSR2, FAT32 also addressed many of the limits in FAT12 and FAT16, but remains limited compared to NTFS.
Limitations of the FAT32 file system include:
• Clusters cannot be 64 kilobytes (KB) or larger. If clusters are 64 KB or larger, some programs (such as Setup programs) may incorrectly calculate disk space.
• A FAT32 volume must contain a minimum of 65,527 clusters. You cannot increase the cluster size on a volume that uses the FAT32 file system so that it contains fewer than 65,527 clusters.
• The maximum disk size is approximately 8 terabytes when you take into account the following variables: The maximum possible number of clusters on a FAT32 volume is 268,435,445, and there is a maximum of 32 KB per cluster, along with the space required for the file allocation table (FAT).
• You cannot decrease the cluster size on a FAT32 volume so that the size of the FAT is larger than 16 megabytes (MB) minus 64 KB.
• You cannot format a volume larger than 32 gigabytes (GB) in size using the FAT32 file system during the Windows XP installation process. Windows XP can mount and support FAT32 volumes larger than 32 GB (subject to the other limits), but you cannot create a FAT32 volume larger than 32 GB by using the Format tool during Setup. If you need to format a volume that is larger than 32 GB, use the NTFS file system to format it. Another option is to start from a Microsoft Windows 98 or Microsoft Windows Millennium Edition (Me) Startup disk and use the Format tool included on the disk.
• You are not allowed to have 4GB or more data file to a FAT32 File System.
You can follow this link to the Microsoft Support page for more information about the FAT32 file system:
http://support.microsoft.com/kb/154997
NTFS
NTFS, introduced with the Windows NT operating system, has much less file size limitations. a log-based file system, addresses FAT’s reliability and recoverability problems. A partition’s clusters are numbered sequentially using a 64-bit logical cluster number (LCN). Theoretically this system would allow access to 16 exabytes (16 billion GB) which far exceeds current storage needs. For now, Windows 2000 limits volumes to 128 Terabytes, but later operating systems could take advantage of even larger storage capacities. Like FAT, it sets a default cluster size depending on the size of the partition, assigning a size of 4KB for anything over 2GB. Also like FAT, administrators can override the defaults and use drop-down box to specify sizes up to 64KB.
The following are a few limitations of NTFS:
• File Names
File names are limited to 255 UTF-16 code words. Certain names are reserved in the volume root directory and cannot be used for files. These are: $MFT, $MFTMirr, $LogFile, $Volume, $AttrDef, . (dot), $Bitmap, $Boot, $BadClus, $Secure, $Upcase, and $Extend;[3] . (dot) and $Extend are both directories; the others are files. The NT kernel limits full paths to 32,767 UTF-16 code words.
• Maximum Volume Size
In theory, the maximum NTFS volume size is 264−1 clusters. However, the maximum NTFS volume size as implemented in Windows XP Professional is 232−1 clusters. For example, using 64 KB (64 × 1024 bytes) clusters, the maximum Windows XP NTFS volume size is 256 TB (256 × 10244 bytes) minus 64 KB. Using the default cluster size of 4 KB, the maximum NTFS volume size is 16 TB minus 4 KB. (Both of these are vastly higher than the 128 GB (128 × 10243 bytes) limit lifted in Windows XP SP1.) Because partition tables on master boot record (MBR) disks only support partition sizes up to 2 TB, dynamic or GPT volumes must be used to create NTFS volumes over 2 TB. Booting from a GPT volume to a Windows environment requires a system with EFI and 64-bit support.[43]
• Maximum File Size
As designed, the maximum NTFS file size is 16 EB (16 × 10246 bytes) minus 1 KB (1024 bytes) or 18,446,744,073,709,550,592 bytes. As implemented, the maximum NTFS file size is 16 TB (16 × 10244 bytes) minus 64 KB (64 × 1024 bytes) or 17,592,185,978,880 bytes.
• Alternate Data Streams
Windows system calls may handle alternate data streams.[3] Depending on the operating system, utility and remote file system, a file transfer might silently strip data streams.[3] A safe way of copying or moving files is to use the BackupRead and BackupWrite system calls, which allow programs to enumerate streams, to verify whether each stream should be written to the destination volume and to knowingly skip offending streams.
You can check the following Microsoft Support link for even more information about the Windows Fily systems:
http://support.microsoft.com/kb/100108
Recent Comments