Podcasts Archives | Druva https://www.druva.com Druva: Data Management-As-A-Service Fri, 03 Jun 2022 22:55:25 +0000 en-US hourly 1 https://wordpress.org/?v=5.9.3 https://www.druva.com/assets/cropped-Rainbow-Druva-star-32x32.png Podcasts Archives | Druva https://www.druva.com 32 32 Salesforce backup that goes beyond restore https://www.druva.com/blog/salesforce-backup-that-goes-beyond-restore/ Mon, 06 Jun 2022 12:00:57 +0000 https://www.druva.com/?p=108613 Druva’s Salesforce support goes beyond simple backup and restore. In this episode of Druva’s podcast, we discuss added functionality after tackling the ever-present question of whether or not you need to back up Salesforce at all. (It’s become harder to argue against it after Salesforce came out with their own backup service.) After explaining how Druva’s service works, Stephen Manley […]

The post Salesforce backup that goes beyond restore appeared first on Druva.

]]>
Druva’s Salesforce support goes beyond simple backup and restore. In this episode of Druva’s podcast, we discuss added functionality after tackling the ever-present question of whether or not you need to back up Salesforce at all. (It’s become harder to argue against it after Salesforce came out with their own backup service.) After explaining how Druva’s service works, Stephen Manley (CTO) explains what else it does. Sandbox seeding (with data masking) and Salesforce archiving are two features that will bring a lot of value to Druva’s customers. Check out this episode to learn all about Druva’s support for Salesforce and how it goes far beyond backup.

The post Salesforce backup that goes beyond restore appeared first on Druva.

]]>
Holidays are a dangerous time for backups https://www.druva.com/blog/holidays-are-a-dangerous-time-for-backups/ Tue, 17 May 2022 12:00:09 +0000 https://www.druva.com/?p=107901 This episode of No Hardware Required focuses on the risk that holidays like Memorial Day pose from a cybersecurity perspective, especially for your backups. Stephen Manley (Druva’s CTO) and W. Curtis Preston (Mr. Backup) delve into this topic, discussing why this is the case, and what can be done about it. The episode gives advice to both Druva customers and […]

The post Holidays are a dangerous time for backups appeared first on Druva.

]]>
This episode of No Hardware Required focuses on the risk that holidays like Memorial Day pose from a cybersecurity perspective, especially for your backups. Stephen Manley (Druva’s CTO) and W. Curtis Preston (Mr. Backup) delve into this topic, discussing why this is the case, and what can be done about it. The episode gives advice to both Druva customers and to those who haven’t made that decision (yet). Learn what to do to secure your backups prior to this upcoming holiday weekend.

[00:00:00] W. Curtis Preston: This week on no hardware required. We’re talking about cyber attacks over the holidays, I My guest this week this week is Stephen Manley. Our CTO. Thanks for joining.

Hi and welcome to Druva’s no hardware required. Podcast, I’m your host, W. Curtis Preston AKA Mr. Backup and have with me, our ransomware specialist, Stephen Manley. How’s it going, Stephen.

[00:00:30] Stephen Manley: I’m doing pretty well. I I’ve, I’ve certainly increased my rate of ransomware attacks by, oh wait. No, that’s not what you mean. No. Okay.

[00:00:39] W. Curtis Preston: Yeah. You know, this is one of those things where we’re, we’re starting to see it almost so much in the news that you almost start to ignore them. Would you agree? I mean, at least it seems.

[00:00:54] Stephen Manley: I think, yeah, I think, I think there’s, it is that sort of thing where it’s, it’s become so ubiquitous and people just, yeah, every day it feels like there’s another attack and it does seem to customer. Yeah, this is a, this is just the new normal, right? It’s like, it’s like driving in California and hitting potholes.

Yeah. At one point you thought maybe the roads, maybe the road should actually be smooth, but then you realize, no, that’s just the way it is.

[00:01:24] W. Curtis Preston: Well, you know, just for the record, I’ve driven down in Mexico and there they have pot Hills where occasionally you get some road, it’s a very different experience, uh, experience. But this is the, I, I, I do think that we need to address that a little bit in that. If the ransomware attacks are so frequent that we, we become desensitized to them and we stop worrying about them.

I definitely don’t think that we should be doing that. If anything, there is this current, I don’t know if you’ve heard there’s this, uh, war going on over there in Europe, Eastern Europe, specifically Ukraine specifically. And there is a lot of talk in the cyber security community that. At some point we could and should expect a massive retaliatory attack.

And the cybersecurity folks on this side are preparing for that attack. They’re also preparing for a essentially, uh, you know, it’s like the global thermonuclear war, right? The only winning move is not to play. We kind of hope that they never actually do this because we have to wreak havoc if they do. But meanwhile, if you’re just a, an organization on this side and you just have stuff to protect, you can’t be concerned with that.

There’s nothing you can do to affect change there. You, you simply have to be prepared, uh, to respond.

[00:02:57] Stephen Manley: And I think what are they interesting things for me is, is, you know, using the analogy. You know, I don’t have to be faster than the bear. I just have to be faster than you. One of the things that we try to work with customers on is, is there, is that sort of sense of both? Gosh, it’s just, it’s going to be so hard for me to, to, to create protected backups, air gapped offsite.

Plus, I’ve got to figure out how I’m going to monitor and I’m going to have to operationalize all this. And then if the bad thing happens, I’ve got to figure out how to recover. And there’s almost that feeling of. I don’t know where to start. And, and, and it’s so hard. I’m just going to put my head in the sand.

And one of the things we try to tell them is, you know, Almost everybody else we meet feels just like you do. And, and, and, and, and if you put yourself in the mind of the attacker, who am I going to go after the one that’s at least got some defenses in place, some, some semblance of control or the one that has done nothing.

So you don’t necessarily have to be the best. You just have to be good enough that you’re not as easy of a target. And, and then once you get started, you can just keep ratcheting up. But, but, but so often I meet people who just go, well, you know, we, we, we, we’ve got a 27,000 point plan and it’s really hard to get funding, to get everything done.

You’re like, well, then don’t do all of it at once.

[00:04:20] W. Curtis Preston: Yeah. I, you know, it’s, it’s interesting. I haven’t thought about it this way before, but you’re right. That probably a lot of companies, they need to do a lot of things. They need to secure their backup environment. They also need to secure their primary environment. And I I’ve never really thought about it this way.

It by using a company like Druva to secure your backup environment. Right. It’s easy peasy, right? I mean, You know, I know I say it a little time. I know I work for Druva, but you compare what it’s like to secure your backups with Druva to what it’s like to security backups with any on-prem provider Ours is a PO. There’s is a series of steps and purchases and, and, and specialists to figure that sort of thing out.

It’s hard to find. Backup specialists that understand that, that understand both backups and understand cybersecurity. It’s hard to find backup specialists, right. Um, you know, I’m not available anymore. So, so, uh, you know, I’m only one person, but, but it is, I would think a lot easier to find cybersecurity specialists.

So perhaps you do need to do all these things. I would suggest that. Hand us the backend problem, hand us the backups and the restores and the data resilience. And then go do the. Perhaps, I don’t want to say more important. I, this is like 50, 50. You’ve got to have both, but ours is, you know, our side is a lot harder to do on yourself than the front end side, because the front end side, again, it’s a lot of common sense stuff that maybe you should have been doing already.

Well, I should probably take that word maybe out. And there are, you know, scores of specialists that will help you figure out what those things are.

[00:06:23] Stephen Manley: I think in, and, and I think you’ve hit on the right thing, which is for so many people, you know, that skill gap is, is one of the big things. And, and there are frankly, more people, more services, more things you can tap into on that production side, on that network security side. It’s. It’s been around longer, it’s bigger.

Uh you’re right. The number of backup people that truly get security and the number of security people that truly get or care about backup, that’s a much, much smaller Venn diagram. And so,

[00:06:55] W. Curtis Preston: group of people.

[00:06:56] Stephen Manley: so, so yeah, so, so why not focus on the problems you can, you can solve and offload the ones you can’t and, and, and, and.

Just every little bit you do just, just, you know, again, uh, I think of someone with ransomware attack, they come in and they find that they can’t touch your backups. Well, immediately you’re a lower interests, a lower interest target for them. If I know I can go wipe out your backups, I know I can ratchet up the ransom.

I know that you’re a lot more exposed. If I see very quickly, I can’t get your backups, maybe I’ll still attack. But you’re going to be a lower priority target for me. That’s just logical.

[00:07:35] W. Curtis Preston: Well, we know that the, the number one ransomware group, which is Conti. We know what their, uh, method is. Right. They specifically target the backup server. They actually exfiltrate the backups and then delete them. So I like w I like what you’re, you know, where your head is there?

The. They can’t find a backup server, which they’re not in the case of, uh, Druva customers then, uh, they’re they’re saying, well, Hey, our MO is busted here. Let’s go look somewhere else. I, I do like that. The, and I, you know, going back to your Venn diagram comment, finding a group of people that understand both cyber security and perhaps system administration.

It’s, it’s certainly not a, quite, quite a circle. But it’s, it’s a whole lot, you know, in the case of security, cyber security and backups, it’s, it’s just two circles sitting next to each other. Right. Uh, that’s not a Venn diagram at all. It’s just sadness. But, um, I mean, first and the backup circle is really small.

Right. There’s

[00:08:32] Stephen Manley: Right.

[00:08:33] W. Curtis Preston: like

[00:08:34] Stephen Manley: Getting smaller every day. It feels like,

[00:08:36] W. Curtis Preston: Right, Absolutely. Um, so what I wanted to talk about here is this concern about. Holiday weekends. Right? We, we, we, we just had one. Um, and the, uh, but, but the, the ones that are, but Easter is not a national holiday. Right. So we don’t, we don’t take it off.

What I’m talking about are things like Memorial day where you, you get a third day in the weekend. And then there’s like, I I’d say the worst possibly is Thanksgiving because many companies unofficially take off Friday. So you get four whole days where no, one’s really looking at the, the data center.

And it’s, I think that we need to think about, so, you know, what happens when they do the, the, uh, The state of the union address, right.

[00:09:37] Stephen Manley: I mean vaguely right.

Half the claps.. And the other half, half of the room looks very angry.

[00:09:44] W. Curtis Preston: Well yeah, that’s a different problem, but basically you have the, you, you, you have the entire government in one room, so you have a massive risk situation. So there is the designated survivor. There is some, you know, he’s like the under secretary of transportation and he. Has to go sit very far from that, right?

Yeah. I think he actually sits in the white house and in a bunker. And that way, if some catastrophic event took out all, you know, everything, you’ve got this guy that, that, that, that is somewhere else. There’s an entire TV show called designated survivor. Right. Where I think it was, was it,

[00:10:25] Stephen Manley: Kiefer Sutherland. I saw someone. I was I was I was, I was on my way to a customer site and I was sitting next to a guy that’s watching this. And I was like, wow. Keifer Sutherland then went from Jack Bauer guy who is, you know, to now he’s like the president, you know, where’s David Palmer.

[00:10:45] W. Curtis Preston: absolutely. Yeah, yeah. Yeah. So, so what happens in there? He’s a designated survivor. They blow up the Capitol and he becomes president and it has to form the government. W w what’s my point here? What I’m saying is there needs to be somewhat. Sadly, who needs to be told, not only do you not get to take this holiday, you need to be, you need to be looking at all of the things that you’re.

These are all of the things that we need to be looking for over the holiday weekend. And I don’t, I mean, I remember. When I was in IT, which for awhile was a while ago when I was actively in an it department at a, you know, not, not a consulting phase, but I don’t remember us doing that. Right. I don’t remember us saying, Hey, Curtis, you know, whoever you don’t get to go on vacation this weekend at somebody else, uh, everybody else gets to go and you need to be looking at that.

But I definitely think that’s a good idea.

[00:11:39] Stephen Manley: Yeah. W I mean, we, we used to, to the thing you still have to be careful with because everywhere I’ve worked, I, you know, we’ve, we’ve definitely done that. I will point out it’s often the most junior of the staff that gets left behind, uh, often, often for reasons that are not bad, Right.

They sometimes the volunteer, I don’t have, I don’t have family.

I, you know, Say I want to, I’d rather go off, off time on my vacation, because if you don’t have kids, you can go whenever you want. And so you can, you can get better, all that kind of stuff. But, but what it means is that when bad things happen, you don’t have your most experienced, steady hands at the, at the till.

And then you’ve got this junior person who say, Again, almost, this is my shot to show that I can, that I know what I’m doing. A lot of times they will try to muscle through it. Um,

now let me go to stack overflow. Maybe there’s an answer there and it just gets worse before finally they, they throw their hands up.

I need help. And, and by then it might be too late. So, so, so I have seen companies do better at having, you know, having that designated survivor, but it is very rarely in the event of a catastrophe, the person that you really want. There it is the undersecretary of transportation.

[00:12:53] W. Curtis Preston: Yeah, it definitely is the, that’s a really good point because I would add to my recommendation that, cause you’re certainly not recommending don’t do it. You’re just saying, you know, you need to address that aspect. I, I agree. And, and I, you know, I would, I don’t know. I would think about. Some sort of lottery rather than just let’s pick Steve because we just hired him and Steve doesn’t know anything.

Uh, but he’s, you know, what’s he going to do? We just hired him. Right. Um, there also, I think there needs to be an acknowledgement that, you know, you’re in a you’re in production. It probably, everything will be fine, statistically speaking, but if we get hit, you’re coming in. Right. And, and, and there needs to be an escalation process or needs to be, uh, Uh, like a phone tree situation nowadays, it’s a lot easier because when I was in it, we didn’t have, you know, everybody didn’t have cell phones.

Right. Um, now any, any of the young folks listening are like, holy crap, Curtis is old. Yeah. Get over it. Uh, but, but there are some real examples, many, many examples of ransomware attacks over the holidays. I think about the, uh, was it J JBS or JSB the, uh, the

[00:14:12] Stephen Manley: Oh, this is the meat, the meat, the. meat Packers, uh, based in Brazil with JBS. Yeah, I remember that.

[00:14:17] W. Curtis Preston: they, they were attacked over the Memorial day weekend.

Um, and which is interesting because I’m not even sure they did, they celebrate Memorial day over there, but

[00:14:28] Stephen Manley: Well, so, so, so, so they’re anchored in Brazil, but, but they’re it, a lot of their, it was actually based in, in, in north America. So U S Canada, Australia. So yeah, so, so, so what got hit wasn’t necessarily their core packing facility in Brazil. It was all the mechanics and the, and the supply chain stuff that happens, uh,

[00:14:48] W. Curtis Preston: Uh, the supply chain once again. Uh, and then

[00:14:52] Stephen Manley: chain.

[00:14:53] W. Curtis Preston: I ha I really hesitate bringing this one up because we have to mention the. Let’s see, uh, what, what the author did with this story. Ransomware attack creates cheese shortages and Netherlands, and it was over the Easter and the subject or the, the, the, I don’t know, what, what would you call this?

The main heading there? It says it was, yeah, it was not a gouda situation. And I

[00:15:18] Stephen Manley: Yeah.

[00:15:19] W. Curtis Preston: just, you know,

[00:15:21] Stephen Manley: Yeah,

[00:15:21] W. Curtis Preston: nothing like nothing like a good pun,

[00:15:24] Stephen Manley: I had, that was nothing like a good pun.

[00:15:29] W. Curtis Preston: But that’s another one where basically they had a ransomware attack over a holiday weekend and, uh, you know, it took out everything. There are many, many examples of these where when, uh, you know, when a holiday comes up, that you could be subject to a ransomware attack. When, when we, I will say that again, this is another.

Benefit of having a service-based data protection company is that, you know, we’re going to be working, you know, there’s going to be more than one person looking out after the, the, the Druva infrastructure. So at least your backups are protected during this, uh, outage or, you know, during an attack or anything that you have, you don’t have to worry about that.

You just have to worry about securing your, your primary environment.

[00:16:24] Stephen Manley: Yeah.

Yeah And I think, I think the other thing to look at is as, as you go through any of these things and into your point of a plan, a plan is critical because. We, we work with a lot of really, really big companies. We also work with a lot of smaller companies and, and, and the smaller companies, especially smaller companies, government schools, school districts, all those, all those sorts of things.

You usually have one or two, you know, sort of more experienced generalists. You can’t keep them on call 24, 7 forever. And burnout is real. And so you’ve got to figure out the sorts of things you can offload. You’ve got to figure out how you can survive to give them downtime. And, um, and, and, and these, these, these, these, this holiday weekends are key for people.

And so, so it puts a target on your back. Yeah.

And we get that right? Because again, putting, putting my, my bad guy, hacker hat on. Yeah. I’m absolutely going to try to expose the periods of time where I think you’re de staffed and I have more time to, to create havoc. Uh, But at the same time, you’ve got to set up and, and, and so this, this to me is always why it comes back to, if you can offload the job to somebody else, especially if you’re a smaller company, it’s the right thing to do.

Uh, there’s just, there’s, there’s too much work to, to keep trying to do it all by yourself.

[00:17:50] W. Curtis Preston: Absolutely. And you do need, uh, you need both a DR plan and you need a ransomware recovery plan, which starts with a DR plan, right. It starts with the ability to recover everything. And then you need to talk about what would happen in the event of a ransomware attack. And, you know, back when I was. Working with companies one-on-one helping them to do DR plans. I remember being very critical of, of companies that would, they hired. Like, um, I remember that he would hire like Deloitte right to come in and build a DR plan and none of, no one in this company, building a DR plan, would ever talk to the person responsible for the backup system that was going to actually do the recovery.

And so I was always, you know, the backups have to work right for, right. So, and I’ll just say that, that at least you have that part of it handled. You do need a DR system on top of that, and we can provide that, right. We can provide Dr as a service. And then on top of that, you do need to build a and how do we respond if a. Ransom, you know, if we are attacked by ransomware and we can help you with that as well. So, um, yeah, so I think we’re in violent agreement here that this is something we should be concerned about that as we come up to the Memorial day weekend, something that you might want to think about, get a designated survivor and please don’t just make it be Steve. Poor steve, you know, just, just got hired. He doesn’t know anything.

[00:19:17] Stephen Manley: Three days into the job, I guess I’m working this weekend and I can’t even have cheese now because it’s all gone.

[00:19:25] W. Curtis Preston: Absolutely. That’s not Gouda. No, no, no. That didn’t, that wasn’t any better the second time. All right. Well, uh, thanks for, thanks for chatting with me about this.

[00:19:35] Stephen Manley: Uh, everybody be safe out there and enjoy your holiday weekend.

[00:19:39] W. Curtis Preston: Absolutely. And remember to subscribe to the podcast. So you don’t miss an episode and remember here at Druva there’s no hardware required.

The post Holidays are a dangerous time for backups appeared first on Druva.

]]>
Take the win! (Introducing Druva’s enhanced EC2 backup) https://www.druva.com/blog/take-the-win-introducing-druvas-enhanced-ec2-backup/ Mon, 02 May 2022 16:09:50 +0000 https://www.druva.com/?p=107578 W. Curtis Preston (Mr. Backup) and Stephen Manley (Druva’s CTO) discuss how Druva has enhanced how its customers can back up AWS EC2 instances. Customers can now create a single policy that specifies how many snapshots they want to keep, and how many they want to be deduplicated and migrated into the Druva cloud. The latter offers quicker recovery and […]

The post Take the win! (Introducing Druva’s enhanced EC2 backup) appeared first on Druva.

]]>
W. Curtis Preston (Mr. Backup) and Stephen Manley (Druva’s CTO) discuss how Druva has enhanced how its customers can back up AWS EC2 instances. Customers can now create a single policy that specifies how many snapshots they want to keep, and how many they want to be deduplicated and migrated into the Druva cloud. The latter offers quicker recovery and enhanced security while also reducing costs. This is one of those rare instances in IT where you get something that is less expensive, while also being more secure and easier to use. Take the win and check out Druva’s EC2 backup.

[00:00:00] W. Curtis Preston: This week on No Hardware Required, we’re talking about backing up EC2. With me as always is my co-host Stephen Manley our CTO. Thanks for joining. Hi and welcome to Druva’s No Hardware Required podcast. I’m your host W Curtis Preston, AKA Mr. Backup, and I have with me, Stephen Manley our CTO, ready to talk about backing up EC2 .What do you think Stephen?

[00:00:25] Stephen Manley: I tell you this is gonna be so good that we’re gonna get it all the way to EC3 finally.

[00:00:33] W. Curtis Preston: You know, your jokes are corny, but they make me laugh. You know, I, I dunno what, I dunno what to tell you about that. So, so this is one of those things where. If you weren’t following the company as close as obviously you and I do. If you saw the headline that went out today, we, we, we actually were recording this on the day that we actually announced this functionality.

It would almost look like we just started backing up EC2, when you just read the headline. And, and that is, is obviously not the case because we’ve been backing up EC2 for a while, but. The way we’re now backing up EC2 adds an additional layer protection, uh, and additional level of awesomeness that we didn’t have before.

So why don’t you first talk about what we have done that, that we were already doing up until the point that we announced what we announced today.

[00:01:28] Stephen Manley: So prior to this, you know, customers had kind of two options when they wanted to use Druva with EC2. So, so the first option would, would be what I consider sort of snapshot management, snapshot orchestration. So you would set a policy, um, You know, based on your EC2 instances, you know, keyword tag based kind of thing.

Um, you could set obviously across the whole VPC, if you wanted multi account, all that great stuff, you could set different snapshot policies. Uh, but the result is that it would be creating and managing snapshots in your account. These would be those AWS snapshots, which is good.

Right. Great for rapid recovery, um, you know, really resilient, you know, the, the, the data’s stored on S3 storage. So there’s a lot of greatness that comes with it. Um, or the other approach that we had some customers doing was, you know, they would put an agent on the EC2 instance, whether it’s running Oracle or it’s running Microsoft SQL, or it’s just a file server.

And then we’d back that up, that, that data up to the Druva cloud, which would give them protection, uh, offsite protection, long term retention, uh, you know, help protect them from things like ransomware attacks better, because it’s in a separate account. Um, but you, you really had to be in that position where you were sort of choosing one or the other, the, the schedules weren’t integrated and you know, and, and it wasn’t necessarily, you, you were sort of in that zone of which one am I gonna do?

I could do both, but, but it was. It was a challenging time for people, I think.

[00:02:58] W. Curtis Preston: Right. So you, you, you pretty much chose whether or not you wanna recover the server or you wanna recover the application. If you were concerned more about the application, then you used the, the, the, the Druva Phoenix way of backing it up using a client. If you were concerned more about DR and restoring a whole bunch of servers, then, then you would, uh, use the EC2 way.

And we would typically ask customers to. Do cross account and cross region backups. We, we totally automated that for them. My favorite way was to pick a single or, or at least a, a small number of accounts whose sole purpose was backup as much as they could do that. Where basically there’s no one should ever need to log into this environment except for the backup system.

In fact, many of our customers, I actually recently learned this, that many of our customers, they have a cloud administrator where. They create an account, uh, for Druva to use and they, or they create an account for someone in their environment to use and they give that the administrator there, they help them authenticate each service they’re going to use with that account, but they actually never actually give that, that internal administrator cloud privileges to the console for that account.

Right. So imagine if you have this separate account. And, and you, you limited to almost no one that has access to that account. And then that way you can do this and you can have that close to EC2, the snapshot recovery, the full DR orchestration. All of that. One of the challenges that the customers had was that if you wanted any sort of long-term retention, those snapshots would add up over time.

[00:04:45] Stephen Manley: Right. So, so the snapshots would add up and, and obviously first that, that, that can be, yeah, that can be a little bit expensive. Uh, additionally, it can, it just gets really hard to track. Right. You know, we, we had customers with 20, 30, 90,000 snapshots and, and nobody, nobody on the planet loves snapshots more than I do, but there’s a time and a place.

And, and most of these accounts were well beyond that time and place. And those snapshots needed to be converted to what I would consider more traditional backups. And that is the big announcement. What we’re doing with EC2 backup, uh, and, and, and this is, this is gonna be great for people is, is, is first.

It’s not that either or anymore. So, so you’re gonna be able to set a policy and say, I want to keep around this number of snapshots for this retention. And then I want be able to store these backups in the Druva cloud for this retention and get the benefits of long-term retention. Get the benefits of offsite, uh, offsite or, or alternate account, alternate administrative management to sort of retention.

So keep you safe from that ransomware attack and, and it’s all bundled into one. And then the other cool part is you might be asking, okay. But, but you know, doing that backup copy to the Druva cloud, is that gonna have a performance impact on my system? Is that gonna be expensive? And, and I’ll tell you first. Like everything at Druva.

This is source based, deduplication, global deduplication and change data only when we’re searching. And we are leveraging AWS APIs that tell us exactly what blocks have changed on your EC2 instance so that it has the absolute minimum impact on your cloud environment. Because, you know, we get it, you’re paying for the cloud.

You know, one of the great things about cloud is that you’re paying for what you use. So we wanna minimize how much that backup’s gonna cost you so that all of your AWS infrastructure is being used to drive your business and make you money.

[00:06:46] W. Curtis Preston: And I’m gonna go back to the recommendation that I made earlier. It basically makes that recommendation moot because the whole point of that was to get data into another region and another account, and to get it into a different administrative domain to protect it from ransomware. Well, first obviously to protect it from, uh, a physical disaster, that what that might take out a particular region, but also to protect it against some sort of ransomware account, because there have been, uh, you know, incidents where a hacker gained control of an administrative account and deleted a company.

If you don’t believe me, just Google the company codespaces. They, they, they ceased to exist when a, when a, a hacker gained access to their account. And when they deleted their account, they deleted the account and all of the backups out of the account, because it was all in one administrative domain. But the beautiful thing about this is that you get all of that functionality without having to do any of that management.

So you get the offsite, you get to pick the, the region that you’re gonna back up to. So you’ll pick a region different than the one that you’re working in and you get that different administrative domain and different technology. And so you get all of that security and then this is one, you know, the beautiful thing is.

And it’s less expensive, right? Because we bring all the deduplication to bear we’re we’re advertising. I believe a 50% reduction in TCO for people that did what we did before moving to what we do now. And so that, that makes, uh, you know, for a very easy move to a new way to doing things. So it’s simpler and less expensive and more secure.

It’s sort of the, I don’t know, the awesomeness trifecta how’s that?

[00:08:32] Stephen Manley: Exactly. Right. It’s very rare, right. In, in the technology industry, almost always you sit there and say, you know, there’s tradeoffs, right? The, the classic question, what should I do? Well, it depends, you know, this is really one of those where there isn’t the, it depends, you know, cuz cuz like Curtis said, you get, you get all the, the cost, the performance, the, the security, the reliability savings.

And, and it’s all wrapped up in one easy to manage policy. So it’s also not complicated to set up. So, so it really is one of those, you know, there there’s, there’s a, and, and I don’t know if this is this nationwide, but, but, you know, I’ll listen to ESPN radio sometimes, and there’s always a commercial on there.

Uh, I won’t name the company, but their tagline is it’s the no brainer in the history of man. And, and, uh, and, and I tell you. This is sort of up there. This is one of the biggest, no brainers in the history of humanity.

[00:09:25] W. Curtis Preston: It really is. And by the way, one thing that we haven’t mentioned is that the data is encrypted along the way. It’s encrypted in flight it’s encrypted at rest. So there, there isn’t, you know, there are no security concerns. Obviously our existing cloud ranger customers, they’ve, they’ve perhaps grown used to, you know, having the data, you know, In their hands.

And the idea of handing the data over to, uh, to us might concern them. And they need to understand that all of the data is encrypted before it’s sent it’s encrypted again, when it’s stored using keys that we do not see, manage or have access to. And so, uh, you, you, you are not in any way ceding control of your data or access of your, to your data, to us.

[00:10:07] Stephen Manley: For those customers, Again, this is, this is the, the equivalent of when you back up a VM or a, a server or your Microsoft 365 or your Salesforce to the Druva cloud, it’s the same thing. So all those security, you know, protocols that are in place, all of that infrastructure, that’s there to, to make sure your data’s safe, it’s that same infrastructure.

So, so you really are now able to protect. The entirety of your environment, um, in one standard way, in one reliable, one secure way.

[00:10:41] W. Curtis Preston: And we’re also able to restore directly back to EC2 from the, the backups that have migrated to the Druva cloud. So that’s also, you’re not giving up anything in terms of restore. I will say that. We still believe strongly in that local copy. That’s still going to be your quickest way to do a restore, but it’s not gonna be any more complicated to restore from the, the Druva copy.

It just might take a little bit longer than restoring from a, you know, there there’s no beating physics.

[00:11:11] Stephen Manley: Right. Exactly. And, and, and I think, again, as always, like I said, there’s, there’s no bigger fan of snapshots than I am. Snapshots have their place backups have their place. Uh, and, and again, that’s why we, we, you know, we, we introduced this integrated policy, so that again, you as a customer, You’re simply picking.

And the, and the great part is if three months from now you decide actually, maybe I have too many snapshots and I’d like, you know, like more things to go over to the Druva cloud, just, just tweak this, the policy and it automatically happens. There’s no, you know, there’s no restarting, there’s no installing another appliance.

You know, you can, you can so sort of adjust your policies as you need as your business needs. So. It’s okay. If you want to change. Hey, it’s okay. If you get it wrong at the beginning, just keep tweaking till you find the spot that you like.

[00:12:00] W. Curtis Preston: And does that mean that this can, that, that existing customers can apply this to existing backups?

[00:12:07] Stephen Manley: They can, they can. So, so, yeah. So if you’ve got an existing environment, um, You know, you, you are going to be able to, you know, sort of take, take your existing, you know, sort of the cloud ranger policy that says I’m gonna keep 30 snapshots and you can then tweak that and say, no, I, I now want it to be 10 snapshots and 20 backups.

Uh, so you, you you’ll be able to, to just adjust your policies.

[00:12:32] W. Curtis Preston: Yeah, that’ll be really nice. Um, I, I can imagine there’ll be a lot of data moving around behind the scenes, but our customers won’t have to worry about that all. And, and, and I think, you know, just like everything else with Druva that basically the idea is you just need to tell our UI. What it is that needs to happen.

And then magic happens behind the scene. We will create the appropriate number of snapshots. We will migrate the data directly into the Druva cloud. After doing that source-side deduplication. Now, let me just talk about that for a minute, because I, I did have a, a conversation with a customer the other day and he mentioned that the he, well, we already sort of have deduplication in that, that Inc that the.

The snapshots are block level incremental. And I’m like, well, yes, but no, right there is still plenty in there. And, and I say this only because what we’ve seen when testing with real customer data, we’re able to reduce that, that, that 50, we didn’t just make up that 50% reduction in TCO. That’s big based on the testing that we’ve done with real customer data.

And the reason for that for those that haven’t followed the deduplication world, you know, as much as and I have, there’s two really important words there there’s source side and there’s global. So source side means that we start the deduplication process at the very beginning of the backup process, which means in this case, at that EC2 volume.

Or the EBS volume that we’re backing up for that EC2 instance. And the way it works is you do the slicing and dicing. You create a hash, there’s a look up at a table, a hash table that’s that’s in our cloud instance. And then if that hash is determined to be unique, then we transfer the data after encrypting it. And th that means that this. The process happens at the very beginning and, uh, that limits the amount of compute that needs to be done to send the data. And then the other really important thing is global it’s global across your entire Druva account. So if you’ve got. Hundreds of AWS accounts and you’ve got hundreds, you know, potentially thousands of EC2 instances, and there are copies of Linux or Windows or whatever all of that gets de-duplicated because we’re globally de duplicating across your entire account without limits. And I’m gonna put that, that part in, in italics. I don’t know how to do that vocally, but you know, we have plenty of competitors that that start with. Uh, they, they always have some sort of. Number where they top out. We don’t have that number. We have customers that have double digits of petabytes and we’re deduping all of that data in one giant, uh, deduplication system.

And it’s because of the technology that we have access to in AWS, that we’re able to do that. But the point is that we bring that of that technology and all of the, you know, the over decade of experience that we have at doing that. Bring that, to this new part of our customer base. And, um, you know, you get all of that power and security and strength of restore by simply changing a button in your user interface. I, I think that’s pretty awesome.

[00:15:57] Stephen Manley: You know, I, I, again, it’s all win. It’s all upside.

[00:16:02] W. Curtis Preston: All upside. It’s not, it’s not often we get to say that in IT. You you said, you said that already, do you want to go fast or do you, these are your choices you can have,

[00:16:14] Stephen Manley: You want it to be easier? Do you want it to be secure? Right? I mean, this is one of those cases where it’s both easy and secure. Take the win, take it.

[00:16:21] W. Curtis Preston: And it costs less. I mean, I

[00:16:23] Stephen Manley: yeah,

[00:16:23] W. Curtis Preston: yeah, take the win, take the win, right. That should be the name of this episode. Take the win. All right. Well, thanks Stephen, for, uh, helping me explain this, uh, new part of our product.

[00:16:33] Stephen Manley: my pleasure have fun everybody.

[00:16:36] W. Curtis Preston: And, uh, thanks again for listening. Don’t forget to subscribe so that you don’t miss an episode. And remember here at Druva there’s no hardware required.

The post Take the win! (Introducing Druva’s enhanced EC2 backup) appeared first on Druva.

]]>
Challenges of an on-premises backup system https://www.druva.com/blog/challenges-of-an-on-premises-backup-system/ Fri, 15 Apr 2022 13:00:52 +0000 https://www.druva.com/?p=106825 Two experts who have built hundreds of on-premises backup systems talk about how difficult it is to build them correctly – especially the first time out. W. Curtis Preston (Mr. Backup) and Stephen Manley (Druva CTO) have helped hundreds of customers navigate these challenges and can speak to them firsthand. The two biggest challenges are capacity planning and cyber security. They […]

The post Challenges of an on-premises backup system appeared first on Druva.

]]>
Two experts who have built hundreds of on-premises backup systems talk about how difficult it is to build them correctly – especially the first time out. W. Curtis Preston (Mr. Backup) and Stephen Manley (Druva CTO) have helped hundreds of customers navigate these challenges and can speak to them firsthand. The two biggest challenges are capacity planning and cyber security. They say it is impossible to correctly provision an on-premises backup system before explaining why. Finally, they discuss how important cyber security is in the current world where the bad actors are coming directly for your backups. They do all this while being entertaining as well. Enjoy!

[00:00:00] W. Curtis Preston: This week on No Hardware Required, we’ll be talking about challenges of on premises data protection. With me as always is my co-host Stephen Manley. Thanks for joining.

Hi and welcome to Druva’s no Hardware Required podcast. I’m your host W. Curtis Preston, AKA Mr. Backup, and I have with me, our CTO, Stephen Manley. How’s it going, Stephen?

[00:00:26] Stephen Manley: I’m feeling a little competitive today. Curtis, I’m ready to run through a wall. I’m ready to, just get out on the court and start a fight. Let’s do this. let’s destroy something.

[00:00:36] W. Curtis Preston: When you have such a different architecture that we have -that being a SaaS-based product, it is still new enough that there are still people that say, why would I want to do this in a SaaS way?

And so I, I usually turn that on its head. And I say if you could do all of this and get all of the functionality that you need, and you could meet your recovery time, objective, and recovery point objective, why wouldn’t you wanna do it this way?

[00:01:07] Stephen Manley: Yeah. it reminds me of the early days of VMware, where we used to have those conversations of should I virtualize this? And then there was a day and I don’t remember exactly what day it was, but it was probably a Tuesday and all of a sudden, every customer I started meeting said, no.

Now we do, explain to me why you aren’t virtualizing this, and that was the moment where it just felt like the skies opened up and the light shown down and everyone went, that’s a really good point. and I think we’re coming closer to that day.

[00:01:38] W. Curtis Preston: Yeah, I liken it to the virtualization journey as well, because if you’ve never tried virtualization, then you don’t really understand what’s the big deal. And then someone sits you down. And you show them vMotion and your mind is blown and you’re like, how did you do that? I did it because we virtualized, and because we virtualized, we can do these magical things.

And once you’ve seen that, you don’t want to ever go back to physical servers again, and you find yourself in a situation of saying, why shouldn’t we virtualize this particular application? And for a while, there were some reasons for some, if you really wanted that bare-metal performance, then it didn’t make sense to virtualize it.

But even then, they dealt with that issue. And so then basically people were virtualizing everything. Again, you and I have been in the backup space for a while. We have seen the pain from two different angles, but we’ve seen the pain

[00:02:40] Stephen Manley: yeah.

[00:02:41] W. Curtis Preston: of what it’s like to try to build and maintain that last part being really important an on-premises backup system, which is the alternative to what we do.

So either you can have us do it, or you can, buy a box or buy some software and put it in your own box and do this yourself. So I thought we could talk about what it’s like to build an on-premises backup system. And so let’s talk about the first aspect, which is the first thing we have to do is we have to figure out what it is that we’re backing up.

[00:03:17] Stephen Manley: Right. Because to me that ties in with, you know, everyone has their least favorite part of, of running a traditional backup system. For me, it was always capacity planning because it is guaranteed 100% that you will be wrong. And even if you’re right today, by tomorrow, you’ll be wrong. But we always have to make an attempt at, or you, and so you would go around and you would say, okay, let me look at my environment.

All right. what’s the data I’m backing up. How much does that add up to? Okay. Well now I have to think about. how many, fulls, incrementals, what’s my change rate. What’s the growth rate versus the change rate. and then well we’re gonna throw dedupe and compression, in sure.

Why not? Because we could just have a guess on top of a total hyperbole, and our answer is we need 87 boxes and you’re like, It, there are so many variables in figuring out what you need to back up and how much of it there’s going to be that I, I don’t know.

I mean, just, just from a pure capacity standpoint, I’ve never met a customer who went like our error bar is like four X and you’re like, that’s probably not even a big enough error bar.

[00:04:26] W. Curtis Preston: Yeah, I’ve helped many customers basically redesign or redeploy a backup system and move from system A to system B. And question number one was how big is a single full backup. No one ever knew the answer to that question. And now you a, you add to that, the challenge of SaaS providers.

So if you’re going to back up SaaS providers, if you’re gonna back up G Drive if you’re gonna back up your, SharePoint or your online Exchange environment, how big is that from a gigabyte standpoint? Do you have any idea? and then you also added on to that, the change rate, how much changes every day, because if we’re gonna do this to an on-premises system, we’ve gotta figure out how much bandwidth we need from there to here.

[00:05:17] Stephen Manley: right.

[00:05:17] W. Curtis Preston: Because we have to allocate over here, the incoming bandwidth that we’re bringing the cloud back down, but we have to figure out all of that before we buy anything.

And you’re right. You’re never going to get it right. And so the, have two dangers, you either undersize or you oversize, if you undersize, you had this big meeting with your company and you asked for $1 million and, and then you got it wrong and you’re back with them six months later, and they’re mad at you, right? And, or maybe even sooner than six months later, I remember a customer of a dedupe product that is still on the market, but when it first went on the market, it had this really bad problem that it was really good at backing up, but couldn’t restore.

So, it had a 400 megabyte, a second throughput incoming, but the maximum aggregate output of it was a 10th of that. And he discovered this after he’d bought the system and he couldn’t tell his boss because he’d messed up. So you either undersize. Which is a disaster for everyone.

Perhaps the backups don’t even work. Perhaps you run out of capacity too soon, perhaps you don’t have enough throughput. And if any of those happens, you’re back in the boardroom explaining why you need a whole bunch more money. When you said you only needed X, apparently you needed two or three X.

So that’s one, the alternative is to oversize. And that’s where most people go. I don’t wanna do the first thing you said. And so I’m gonna buy way more than I think I need. And so the dream is that you get that right, that you way oversize, which is a horrible thing to do.

[00:07:09] Stephen Manley: All right.

[00:07:09] W. Curtis Preston: And from a, because basically what it means is the best you can hope for is that you wasted a bunch of money.

[00:07:16] Stephen Manley: Yep. Yeah, no, I, there were many customers of my previous company. Again, love the product, but you would look, and I remember once there was a customer call and we’re a little bit worried that we’re pushing the system too hard. And so we pulled up the, the auto support, the phone home, logs, like the maximum CPU you, your system has hit ever is 10%, but if you wanna buy more, you bet.

[00:07:42] W. Curtis Preston: Absolutely. Absolutely. Yeah. and the thing is, why do we bring this up? Both of the thing is that our customers don’t have either of those concerns. yes, we want you to size your environment. Your, if you’re gonna back up Microsoft 365, what do we need to know? We need to know how many users we’re backing up.

Yes. We want to size your data center, because we do want to bill you properly, but it’s not the same in that. If you get the size wrong. if you drastically undersize yes, you will need to renew early, but you don’t ever end up paying for something that you end up throwing away.

and it’s not, you don’t, undersize it in, it’s not possible to undersize it in the same way. What you could just undersize it from a long term capacity standpoint, you will run out of capacity over time, sooner, and then end up, you just need to buy more capacity, but you don’t have this possibility that you create a system that it’s just physically impossible of doing the job on day one. That’s not possible with our system. And the other thing is it’s not possible to over configure it because there’s really no need to do that. If you did over configure it, basically you have credits that roll into the next year. It’s not a big deal.

[00:08:55] Stephen Manley: That’s one of the things I tell people that I think is the difference between SaaS and even sort of, well, no, I’m gonna run a virtual appliance in the cloud. With a virtual or physical appliance, when you hit the limit, you have to get another one. There, there are finite sizes that they can grow to.

that’s just the, that’s the nature of having a box, either physical or virtual is there is a box has a limit. You can only get so far. and your growth then becomes a step function, which can be very tricky because you can very quickly go from under provision to over provision. And you’ve got the worst of both worlds in, in the same timeframe.

when you look at SaaS and you look at something that’s truly cloud native, again, it’s a smooth line and so there’s no need to over provision. Because, know, there’s not that step function penalty. and if you under provision, yeah. then you’ll size it up. You’ll true up. But again it’s that smooth line where you can draw that clear spot between, yeah, we have more data, so it, we need a little bit more backup space.

so the other, the other thing that you hit on that I think is important is. In a traditional box world, your performance is tied to the type or size of the box, especially when it comes to recovery. the nice thing in a SaaS world is, you could be our smallest customer. You could be our biggest customer when it comes time to restore your data, we unleash the full power of the cloud for you, no matter what size you are. And, and so there’s not some sort of thing of, now you bought the smaller box, so you only get half the performance. It’s you get it all. No matter how much you’ve got, you know, that’s sort of a nice to me, a nice aspect. You never have to worry about that performance part.

[00:10:28] W. Curtis Preston: Yeah, that’s huge. The other thing I want to talk about in terms of the challenges of on premises data protection. So we talked about capacity management, the second, and it’s moving to the front challenge of this is the cyber security aspects that, when you and I were worried about backups, on behalf of a customer, no one was attacking the actual backup system, but now they are. Yes. I’m more worried about customers that are using Windows-based backup servers, because Windows is such a hot target from a ransomware perspective. They come in with their infected Windows-based laptop.

They connect to the VPN or they come into the, into the office. Do you remember when people used to do that? And then it spreads to the data center. And then your backup system is running the same OS. Yes, I’m. I’m more worried about the window systems, but even the Linux systems, there was a, we mentioned it on last week’s episode that there was there’s a new exploit that came out this week that allows a regular user to become a super user, which means they can get around every single one of the security features that your backup vendor sold you on, they might have told you that they have an immutable file system or that they have a, an append only file system.

Both of the, those are completely defeatable with the newfs command as root. You couple that with the fact that the typical backup system is being administered by a junior person who perhaps isn’t the most, sophisticated when it comes to cybersecurity, needs.

So that to me is now becoming the number one concern with managing an on-premises backup system.

[00:12:05] Stephen Manley: Yeah. one, one of the things I try to just simple question I ask customers is how many different things does it take to put together to make your backup system? Because the reality is almost all bugs. When you’re developing software, when you’re deploying a system, in general, you tend to get good components, but the component itself is rarely the problem.

It’s where the components interact. That’s where things tend to break that’s it’s that murky middle of who owns it, or are we integrating properly or our mental models the same? And the average backup person’s environment. You have a server running Linux or Windows, and you have backup software and you have, a network configuration that you’ve gotta manage.

And you’ve got. you’ve got different components that you’re putting together to manage all that. That’s where this is going to go wrong. And like you said, if it’s a junior person who probably hasn’t seen as much of the world, they may not even know exactly what things to be worried about.

so I always look at it as, the more you can turn that into there’s just one thing you’re a lot less likely to have a problem when it’s just one thing than if it’s just five or six things.

and this is, again, our customers don’t have this concern because the, we manage the security infrastructure of your backup infrastructure, because that, is our sole reason for being, and you get to move all of your backups behind many, layers of security behind a completely different authentication system, a completely different infrastructure a completely different storage system. We’re not storing backups on files. We’re storing them in object. the object system is, S3 in this case is, configured so that only our application can read and write to it. You’ve got all of the encryption there that is, is entirely managed by your keys, not our keys.

[00:13:54] W. Curtis Preston: We have zero ability to see your backups and by the way, not all of our competitors. That or I’ll, put that in the affirmative some of our competitors that have SaaS based products still maintain root on the servers that, which means they have the ability to see your backups. And I would just really think about that and ask about that.

Is there any way that someone at your environment can either see or do damage to my backups and our customers just simply don’t have to worry about that.

[00:14:25] Stephen Manley: right. and the way I always look at it is, look, we do a lot of complicated jobs. So that you have that just one thing, which is my data goes to Druva. Cool. I don’t have to worry about that. I’m not stitching a bunch of things together, So we do the job for you because let’s face it, there’s 27 other things you need to be doing right now. Let us take it. It’ll be okay.

[00:14:50] W. Curtis Preston: The way I’ve been saying it lately has been, get out of the backup business, go straight to restores. And that’s basically what we allow our customers to do. it’s hard to cover this in, 20 minutes, but we did our best, so so thanks. Thanks for giving it a shot.

[00:15:04] Stephen Manley: It’s always fun. and again, the thing I wanna tell everybody out there is, joking aside, really think very hard about where the exposures in your environment come from and how you can close them because there will always be risk. There will always be danger of things going wrong. If you can shrink that window, you’re gonna make your business a better place to be.

[00:15:25] W. Curtis Preston: Absolutely. Well, thanks for listening to this episode and don’t forget to subscribe so that you don’t miss an episode. And remember here at Druva, there’s No Hardware Required.

The post Challenges of an on-premises backup system appeared first on Druva.

]]>
Druva Celebrates World Backup Day https://www.druva.com/blog/druva-celebrates-world-backup-day/ Thu, 31 Mar 2022 11:00:25 +0000 https://www.druva.com/?p=106486 Did you know the day before April Fools is World Backup Day? If not, now you do! Druva’s W. Curtis Preston (Mr. Backup) and Stephen Manley, CTO, relate backup stories from their lengthy careers, in commemoration of this important day. Then they both wax philosophical on what they think backup and resiliency will look like five years from now.

The post Druva Celebrates World Backup Day appeared first on Druva.

]]>
Did you know the day before April Fools is World Backup Day? If not, now you do! Druva’s W. Curtis Preston (Mr. Backup) and Stephen Manley, CTO, relate backup stories from their lengthy careers, in commemoration of this important day. Then they both wax philosophical on what they think backup and resiliency will look like five years from now.

The post Druva Celebrates World Backup Day appeared first on Druva.

]]>
Cyber security in light of the Ukrainian invasion https://www.druva.com/blog/cyber-security-in-light-of-the-ukrainian-invasion/ https://www.druva.com/blog/cyber-security-in-light-of-the-ukrainian-invasion/#respond Tue, 15 Mar 2022 11:00:11 +0000 https://www.druva.com/?p=105541 Stephen and Curtis discuss how customers should react to the invasion of Ukraine from a cyber security perspective. They review a series of articles from Krebs on Security that talk specifically about the Conti ransomware group, and how they are responding to this crisis. Conti is a Russia-based group that is known for targeting the backups of its victims. This episode […]

The post Cyber security in light of the Ukrainian invasion appeared first on Druva.

]]>
Stephen and Curtis discuss how customers should react to the invasion of Ukraine from a cyber security perspective. They review a series of articles from Krebs on Security that talk specifically about the Conti ransomware group, and how they are responding to this crisis. Conti is a Russia-based group that is known for targeting the backups of its victims. This episode gives solid advice on how you can be better prepared for this new threat.

W. Curtis Preston: This week on No Hardware Required, we’ll be talking about what’s going on in the Ukraine and Russia and how that plays into our world. Joining me this week is Stephen Manley. Our CTO. Thanks for joining.

Hi, and welcome to Druva’s no hardware required podcast.

I’m your host, W. Curtis Preston, AKA Mr. Backup. And I have with me none other than Stephen Manley, fresh back from his time at the multi-cloud summit.

Stephen Manley: Absolutely.

W. Curtis Preston: I wanted to talk about this, I dunno, this mess. That’s going on over in Europe right now with Russia’s invasion of the Ukraine and mainly how it is potentially impacting the rest of the world. There has been a lot of chatter on the news channels, amongst people like you and me, that this could potentially result in, cyber attacks.

W. Curtis Preston: We know that there are several large cyber attack-type organizations in Russia. And the worry is that Russia, would sponsor this even as a way of getting back at the US and other, countries for being on the other side of this war. Is this one of these things where are we Henny penny? And we’re saying the sky is falling. Is it. Because obviously we, when we talk about it, we’re telling people, you need to make sure that you have a good data protection strategy and be ready for ransomware. And so some might accuse us as being ambulance chasers, and we’re making this up just to, just to sell more software. So what are your thoughts on that?

Stephen Manley: So a couple of things. I think you were a little gentle. I think a lot of these. cyber attack groups. I think they are fully state-sponsored. And I think there are a handful of nation-states that, to whom they’re directly tied. And so I don’t think there’s necessarily a big leap to say, Russia would have to go work with them.

Russia is in charge of these groups. they would set them against us. and then I think the second part as this invasion goes on and, frankly probably not the way that Putin imagined it was going to go. I think we’re going to see increasingly desperate lashing out.

especially given that in what we’re trying to do is tighten up and put the screws on the Russian economy. So I would not be at all surprised to see lashing out in that way, because I think all of us look at this and say everything short of potentially nuclear launches are on the table for them and cyber attacks.

Stephen Manley: They’ve proven to work. we talk about how often people are hit. It’s not a big leap to say that there’s going to be an increasing rash of them.

W. Curtis Preston: When I was researching for this episode, I found this blog. it’s called Krebs on security. All he does is blog on cybersecurity and things like that. And he actually did a four-part series. He’s calling it the Conti ransomware group diaries. Now, for those of you that are not familiar with the Conti ransomware group, they are a really big, cybercrime group in Russia.

And they are well known. It’s interesting. I didn’t specifically seek out Conti. This article was sent to me by somebody, but they are definitely known as one of the ransomware groups that are specifically targeting backups. They are the organization that we point to when we say people are coming for your backups.

But what was interesting here was a Ukrainian security researcher, published years of the internal chat logs of this organization. And, there’s this big thing they got published saying, as a response to Western fearmongering and American threats to cyber warfare against the citizens of the Russian Federation, the content team is officially announcing that we will use our full capacity to deliver retaliatory measures.

That does not sound good.

Stephen Manley: Yeah.

W. Curtis Preston: That does not sound good, nor does this sound like us making it up, This is an organization that believes in what Russia is doing. Actually, I’m going to take that back. It’s not necessarily that they believe in what Russia’s doing. They believe in their need to do what they do, and that us disrupting the infrastructure over there would disrupt what they do, which is, rob people have money. They need the infrastructure that we’re messing with.

Stephen Manley: And there’s a word that they used in there that’s interesting, and a little bit scary to me is retaliatory because when I’m just looking for profit, there’s certain boundaries I’m going to follow. I, I want to make the money. Let’s say you don’t get your backups back. I’m still gonna find a way for you to get your data back.

Retaliatory to me may mean, maybe we’ll ask you for money. Maybe we won’t because, and we’re just going to start launching and carpet bomb all of these businesses. So that’s a little bit scarier to me because when you’re launching for money, there are stages you go through, there are people that are monitoring, you’re trying to maximize your profit potential.

If you’re just going for retaliation, it could be a lot more damaging and a lot more widespread.

W. Curtis Preston: Yeah. that it’s funny. I didn’t even really think about that, but, but I completely agree with you in that if they do, they could be doing it for financial reasons. But if all they’re trying to do is inflict pain and they don’t necessarily have to get financial gain for it. Because they’re thinking of it as retaliatory because we, in their mind if we strike out against their infrastructure, which we almost assuredly will do that they have to retaliate against us. I agree with you with that. It’s an incredibly scary situation indeed. And this worry of since, especially the Conti ransomware group.

and I think it’s very, it’s apropos that it was sent to me because, obviously it was sent to me because somebody knew that I care about cybersecurity and backups and things like that, but it is interesting that specifically, the Conti ransomware group is one of the organizations that, what they do is they tend to exfiltrate backups first and then delete them and then give you the ransomware demand. And it’s, this is why we talk so much about air gapping your backups. And why, when we hear other vendors using the term air gap to refer to a server that is sitting in the data center.

Stephen Manley: Right.

W. Curtis Preston: It’s why we struggle with that. Why don’t you talk about that a little bit.

Stephen Manley: I get why people do it. You’ve got an infrastructure in place and you’ve been told to add an air gap and you look and you say, given the infrastructure I’ve got, the best I could do is again, get another server on the network, but I’ll have it off the network most of the time.

And at quote-unquote random times, I’ll reconnect it to the network so I can get the backups over there. And at least that’s reducing my risk window because there’s only online for the amount of time. It takes me to copy my backups. So how scary could that be? And the answer is pretty darn scary because when you’re talking about software monitoring for these things, this isn’t like you’re sneaking behind the back of Barney Fife and the Andy Griffith show. And now there are six people in the world who understood that reference. Cause we’re both old, but we had a Gary Cooper reference in the last one, so it’s okay.

W. Curtis Preston: Oh, here we go. we’re modernizing, we’ve at least gotten to color TV, Andy Griffith kinda split between the two, but, anyway, the point being that you’re hoping your sort of homemade makeshift air gap is going to work. And it’s just, it’s not a great strategy.

You contrast that with what I consider a true air gap, which is not just you’re on a separate network, but you’re on a completely separate location under a different administrative domain, separate passwords, separate access, separate monitoring, the more separation you get, the safer you are.

Stephen Manley: And again, I think everybody intuitively gets it, I think the challenge everybody faces right now is. But I’ve got to get something done. My boss told me I had two weeks or, this has gotta be done by end of the quarter. This is the best I can do. And so a lot of it is talking to people and saying, you can do better.

And it’s actually not that hard to do it. if you switch your mindset to, I’m going to, I’m going to bring some people on board.

W. Curtis Preston: went somewhere completely different than where I was thinking. But I like where you went. What I was thinking was about products that are appliances that are sitting in the data center and they refer to their storage as air-gapped when it’s sitting in there and there is no disconnection, like what you were talking about.

And there are reasons that they say that they will say that they have an append-only file system, or they have the immutable flag turned on in Linux, but the thing is, all of those are defeatable if you become root. All of them. And the thing is. It’s not like Linux is impervious to hacking I just saw the news today, for example, that there’s a new Linux vulnerability known as dirty pipe, and it allows local users to gain root privileges through publicly available exploits.

And what it has to do is it allows any user to modify any file. And to put it even with special bits, setuid bits and things like that. And then from there, you can easily become root. one of the examples I gave was modifying the /etc/passwd file and deleting the password for root. Suddenly your root.

And then when you’re root, you can become any other privileged user that can do things like delete your backups and things like that. That’s why I don’t consider that an air gap in any way, because all it takes is physical access number one, or a privilege escalation attack, and your air gap, as I make quotes in the air, is gone.

Stephen Manley: I’m with you. In fact, in my mind that’s so not credibly air-gapped that I just immediately dismissed it and went to, oh, if you want to make it like homemade air gaps to a second system, but yeah, the first one, no serious security professional. No serious security professionals are like that seems totally reasonable. That’s going to protect you that’s not even, that’s not even hoping at that point. That’s simply deluding yourself

W. Curtis Preston: Hope is not a strategy. I’ve heard that before.

Stephen Manley: Yeah. and I will tell you, putting on a blindfold and the, and pretending that there are no bad guys out there: also not a strategy, the bad guys are out there.

They’re going to come. You got to figure a way around it. and to me, going back to the Conti problem again, the bad guys now are just a little bit more motivated or maybe a lot more motivated. And that means that you’ve got to up your game that much more because they’re coming. And so this is the other part I think we talk about a lot is: this isn’t the sort of thing where you can just set it and forget it. This is a constantly evolving set of threats. And so you need a constantly evolving way to protect yourself from it, or you’re gonna wake up in six months and when you’re compromised, you’re going to tell your bosses, your CEO.

We set this up six months ago. Oh, the world. Changed in 16. I have no idea, right? You don’t want to be that person. That’s a very unpleasant conversation.

W. Curtis Preston: Yeah, the world has changed in a matter of a week or so. I would say the world is a very different place than it was in February. And so I guess the question is what would we be advising? our customers. And certainly, if you’re not a customer, our advice is easy: become a customer and you get all of this protection and we have built-in ransomware protection, built-in, all of the things that you talked about, actually air-gapped, so that the worst thing could possibly happen in your infrastructure, and it wouldn’t be able to spread to your backups. and we also have specific ransomware features that are built in to protect you.

so for me, it’s three things. and the first one is something, we’re doing internally, which is, is going out and warning people about phishing and text phishing and all those sorts of things. Because at some point you as a huge security professional.

Stephen Manley: You say, it’s falling on deaf ears. How often can I bring it up? But again, this is one of those moments when people are a little bit more sensitive to listening and learning and saying, maybe I should be safer. This isn’t just a security team or a backup team problem. This is something we all need to come together on.

So that’s one is, really work with your users and make sure they understand that this is a period of higher risk.

The second thing I would do is, frankly be just a little bit more proactive in terms of, watching your backup console. And the truth is most of our customers, again, they deploy and they say, Druva’s a SaaS

So, we are taking care of security and patching and capacity management, all those things for them, and it’s awesome. but we do also generate alerts and we show them what’s happening with their data and trending. and this is a good time to say, I really should just check in on that a little bit more often to make sure that Druva’s not saying something that it wants to tell me about.

and then the third one, that we’re telling all of our customers is, just again, look at your infrastructure and make sure you didn’t miss some. So is there a patch of VMs that you kept thinking? Yeah, I really should get around to backing those up, but you just haven’t configured it yet.

Or are there some end points or, your Microsoft 365, have you been thinking to yourself, should I protect 365 or Salesforce? This is that moment to say, I should probably use this as that forcing function to actually take care of that, being on my to-do list that let’s get that thing

W. Curtis Preston:  Yeah, I like the one, uh, about, you know, about the idea of monitoring, what Druva is doing on your behalf. We do notice things, right? I, you know, I’m aware of a very large attack that we noticed on a customer of ours just recently. And we were able to notice it. We notified the customer what was going on and they said, yeah, we’re under attack.

And then we were able to help them remediate that. But what if they hadn’t noticed right. Druva can do a lot of things and can monitor a lot of things. And we use a lot of machine learning to detect patterns. Perhaps you have, or you haven’t tied Druva into any of your reporting and management and SIEM/SOAR tools.

If you haven’t, it’s definitely the time to be looking at the Druva interface to make sure that any alerts that we provide are being noticed by someone. I would add one additional thing. And that is make sure that you have multiple cloud administrator accounts. Because if you get locked out of those, that is, you know, that is not a situation that you want to be in. Those are the keys to the kingdom. This is again my personal preference and that is, I like for. It’s a log-in as important as what you use for logging into the Druva console. Not to be part of something like Active Directory I would like it to be separate. I would like it to be in a password manager with password history, by the way, that way, if you accidentally change your own password to something that you don’t know, you can go back to your previous password, but I don’t like it being part of Active Directory because that can be compromised and, or anything like Active Directory. If you’re using the same username and password everywhere, I would consider changing that. This would be the time that I would do that is to segregate your backup system as much as you can from the primary environment.

Stephen Manley: It’s a good point. And it’s this constant tension I have with customers when they configure is yeah, but one password, one authentication mechanism. It just makes everything so much easier. And the answer is if it’s easier for you, it’s easier for the bad guys when something bad happens. So I get it. And, we give both options, but, but I am with you that my recommendation to customers is. Deal with that little bit of extra inconvenience, because it might save you, you know when something really awful happens.

W. Curtis Preston: yeah, I’ve been a backup person for coming up on three. I almost said three centuries, on three decades.

Stephen Manley: Well, you don’t look a day over someone has been doing it for two and a half.

W. Curtis Preston: Thanks. Um, and I remember being at war with the security folks. I remember thinking that they were my enemies almost because I was just trying to get my job done and they were just trying to secure everything and, and we both jointly hated each other. You know, security has always been a challenge. No one in information security ever made anybody’s life easier.

It’s always harder to do the right thing from a security perspective. So the key, like you said is to find that balance. And that’s why I do like a password management system for other things. Uh, partly because it’s outside of your infrastructure. It’s one of my hobby horses is password managers. So anyway, I wish all our customers the best, in this difficult time. And, I also wish those in Ukraine and the countries around them right now, and the things that they’re dealing with the best as well. So thanks for taking the time to talk.

Stephen Manley: Thanks. Be well, everybody.

W. Curtis Preston: Thanks for listening everybody. And don’t forget to subscribe to the podcast so that you never miss an episode and remember here at Druva there’s no hardware required.

The post Cyber security in light of the Ukrainian invasion appeared first on Druva.

]]>
https://www.druva.com/blog/cyber-security-in-light-of-the-ukrainian-invasion/feed/ 0
Three Challenges of Enterprise Data Protection https://www.druva.com/blog/three-challenges-%e2%94%80-enterprise-data-protection/ https://www.druva.com/blog/three-challenges-%e2%94%80-enterprise-data-protection/#respond Tue, 01 Mar 2022 13:00:08 +0000 https://www.druva.com/?p=104466 In part 2 of our enterprise series, Curtis and Stephen talk about three challenges that enterprise customers have when trying to protect their data: one very large server, many large servers, and data distributed across many locations. They discuss how one would solve each challenge with an on-premises system, and then explain how Druva solves these problems. The Druva Data […]

The post Three Challenges of Enterprise Data Protection appeared first on Druva.

]]>

In part 2 of our enterprise series, Curtis and Stephen talk about three challenges that enterprise customers have when trying to protect their data: one very large server, many large servers, and data distributed across many locations.

They discuss how one would solve each challenge with an on-premises system, and then explain how Druva solves these problems. The Druva Data Resiliency Cloud is designed to handle all three of these challenges, and this episode will help you to understand exactly why.

W. Curtis Preston: Hi and welcome to Druva’s No Hardware Required podcast. I’m your host, W. Curtis Preston, AKA Mr. Backup, and I have with me, our CTO, Stephen Manley from his video recording studio. How’s it going?

Stephen Manley: I’m feeling very enterprise today. This is an enterprising kind of day for me. So I’m excited.

W. Curtis Preston: So on our previous podcast, when we were recording a podcast about what it means to be enterprise scale, you mentioned three challenges that an enterprise typically has when it comes to backup and recovery. I’m going to play that clip now.

Stephen Manley: There’s a lot of different things that come into what enterprise means. Enterprise scale in particular, right? Cause you get some people that say, I have these massive. Databases or these massive NAS servers or are big VM farms, and so to them it’s can you handle the biggest thing I’ve got. For other people it’s I’ve got lots of these things, right? I have tens of thousands of VMs. Can you scale to that for other people? It’s actually, I’ve got lots of locations, right? So enterprise scale actually means, can you handle all these different locations?

Stephen Manley: And then of course my favorite ones are the ones that have all of those.

W. Curtis Preston: There are three different things. So we’ll talk about the first challenge, which is a really big server. When we go to design a backup system to back up a really big server. How would we do that if we were designing an on-premises backup system?

W. Curtis Preston: It’s interesting because in my experience, customers always feel the tension between two things. The ideal world is you’d like to break it up into smaller chunks. And back them up in parallel. So you’ve reduced the backup window. Maybe it even optimizes recovery, but that’s always balanced by, but I only get a certain number of streams and it’s more things to manage.

Stephen Manley: And do I really want to try to pull all these together? So you get that push and pull. And so a lot of times the answer is are you need to buy the biggest baddest box that we’ve got and get the biggest network you can between them, and just unleash whatever you can unleash for as long as you can unleash it.

Stephen Manley: And every three years you need to buy the new, bigger, badder box. And it just, it always feels like you’re not really doing it the right way, but it’s, it seems to be the way we always did it.

W. Curtis Preston: Well, when I think about That’s how many of our competitors have continued to address that problem. We still have very large servers and there’s really no way you can back up a really large server without multiple streams. If you’re something measured in. Hundreds of terabytes or petabytes, or God forbid an exabyte.

W. Curtis Preston: I have met customers who have exabytes sized systems. There is no way you’re going to back that up without doing multiple streams. And then you go to the point of when you go to restore that. The challenge is that bringing back all of those multiple streams, they may not always have been placed in a way on the storage that optimizes bringing the data back in the same way that it optimized putting the data there in the first place.

W. Curtis Preston: Would you agree?

Stephen Manley: A hundred percent agree. Again, cause we’re doing everything we can to optimize and reduce the storage costs. Optimize those backups cause they happen every day. And again, everybody’s on edge. And can I get this done in the backup window? And, you mentioned exabyte sized systems.

Stephen Manley: I had customers that said my backup window at this point is a month and they were struggling to get a system backed up in a month. That doesn’t mean it was running 24 7 but you get the idea that the, like lowered expectations and even then they were barely able to meet those lowered expectations.

Stephen Manley: At some point you gotta look at in a different way. You can’t keep just trying to brute force this stuff.

W. Curtis Preston: And so when I look at the ways that we have redesigned backup, the first of which is that we’re one of very few vendors that are using source-side deduplication. And what that does is it assists. It means that when you’re backing up a very large server, that you are only backing up once you get that initial backup done. Which we should talk about that. You’re only backing up the changed blocks that are new and unique to that server each day. So you’re reducing the amount of data that has to be transported across the network. And that’s probably more important for our customers than it is to say an on-prem, data protection box. But what it does is it makes it more feasible to back up across the internet.

W. Curtis Preston: But I’ll challenge you and say but doesn’t that create the problem that you mentioned before, where we create a scenario where a customer gets that first big backup, and then they’re able to back up this really large system, because we don’t need to back up much each day. And now they have this one big monolithic while, although it’s not a single monolithic image. As we described in a previous podcast, we actually store it as many millions of little pieces. How does that not then create a problem? When we go to restore that single large image.

Stephen Manley: Let’s face it restore of a large system has always been the untold darkness because whether it’s a large database, a large NAS server. Even if I have a high power deduplication appliance, with a hundred gig network tied to whatever I’m trying to restore to.

Stephen Manley: There’s only so fast that thing you’re writing to can even lay that new data down. And so so a lot of times I think people look and go the network’s going to be the bottleneck. A lot of times the bottleneck is the thing that’s just trying to recover all that data. And so one of the things that we try to guide our customers through is a couple of things.

Stephen Manley: The first is, look, let’s be honest. If you’ve got a large NAS system, especially. You should be using snapshots and replication for your disaster recovery. You just should, because, having that data, in a near ready state, that’s just a win. For other types of systems you should think about, where could I restore fastest?

Stephen Manley: And that’s one thing I think we educate people on is I’ve got all your data in the cloud. I’ve got enormous ability to stream that data back to your account in the cloud. So have you thought about maybe for that rapid restore, you restore into the cloud and then at your leisure, you can pull that back on premises or maybe decide never to move back on premises again. So I think it’s, it’s really important to take a holistic view on it. But you’re right. If you only tuned for backup, when the restore comes, you’ll find yourself with a bottleneck on the network or you find yourself on a bottleneck of the restoring system. So let’s think through an entire plan on how you’re actually going to pull that to.

W. Curtis Preston: That’s a really good point because the only way around any kind of bottleneck for a large system restore or a large disaster recovery, maybe it’s not just one system, but you’re restoring an entire data center. The only way around physics is to not use physics. And what do I mean by that, that you mentioned about the fact that we can restore in the cloud?

W. Curtis Preston: What’s really important to understand is that we can pre restore in the cloud for systems that you are concerned about. You specify the systems that you want to do cloud-based DR and we actually pre restore those systems and have them ready in your AWS account. You create your own AWS VPC and we restore your image in there.

W. Curtis Preston: And that’s why, regardless of the size of the system, we can support a 15 to 20 minute RTO. There are some instant restore features that can do this, but that doesn’t work for a really big monolithic system. You’re not going to do an instant restore

Stephen Manley: At scale.

W. Curtis Preston: We can do it at scale, regardless of the size of the image, regardless of how many images we’re talking about. We can restore all of them in about 15 to 20 minutes. Why? Because we already restored them before you ask us to that does require prior planning that does require you understanding about your environment and understanding the systems that you want to do this for.

W. Curtis Preston: And then a little bit of setup upfront, but that is the best way to do a restore of a large system or a large data center. I would say a little bit less than that in terms of not as good as that. We also offer cloud cache at no extra cost. So if a customer just wants a quicker restore of certain systems, they can have an on premises system load our cloud cache offering on there and then back up to that system, which then that system then copies to the cloud. They can do that. We even offer a solution for customers that didn’t do any of that prior thinking. We offer the, the. sneaker-net version where we can ship data to them on an AWS appliance. It’s nowhere near as fast as it should be because it’s, again, physics, we, you can’t get a system from a to B that quickly it’s the best system you have if you did no prior planning. But the point is that we do have that option, even for customers that did zero planning and they’ve got this really big system and they go and do the math and they say, it’s going to take me two weeks to do a restore while we’re like we have something faster than two weeks.

W. Curtis Preston: And that’s the using the snowball edge to have the data sent back to you. So we have three very different. Options from two of them requiring prior planning, one of them requiring no prior planning to do that large restore. So let’s talk about the second one that you talked about, which is many systems that may be a various sizes.

W. Curtis Preston: I think everybody has one system that to them is very large. And then they have many other systems. What sort of challenges do we have with it with an on-prem data protection system when we’re dealing with those kinds of systems?

Stephen Manley: The biggest thing I always saw in the on-prem environment for those tons and tons of little things it was really two. One is the management. Right. It’s just, it can be difficult to keep track of all those. Are they all getting backed up? Is there anything unusual happening with any of those backups?

Stephen Manley: Because there’s just so many little things going on. It’s really hard to track and monitor. I think the second thing that we would also see people struggle with at times was. The performance of those, because a lot of times those smaller systems, you’d have a limited number of connections, a limited number of streams, whatever the term you want to use is, And while all of them are small, you just couldn’t run them all at the same time.

Stephen Manley: And so you would miss your backup window, not because you’re at a deluge of data, but just because it took so long to set up and go through all of that.

W. Curtis Preston: We’ll go back to something we said in that previous podcast. And that is that when you’re backing up many systems, if you have a backend that is divvied up, so you don’t have a single backup system that can handle all of your servers, you have this. And I, when I say backup system, literally at least in the on-prem world, it’s a single host, because if it’s another host it’s going to be another dedupe database. And that’s the way we do backups these days. So if you don’t have a single backup storage device that can handle your entire environment, when you have. these Many many systems, the problem that you refer to of where you’ve got them all waiting in line, that’s absolutely true.

W. Curtis Preston: And one of the ways to deal with that. Is so if you’ve got several systems to send backups to you have two choices, you can either say, I’ve got a thousand systems and I’ve got 10 servers. I’m going to send 10 systems or I’m sorry, my math is bad. I’m going to send a hundred systems to each of my 10 backup servers.

W. Curtis Preston: That’s the best way from a dedupe perspective, because then you won’t get duplicate data across your different dedupe systems. But it’s not the best way from a get all your backups done perspective. Because the problem you mentioned is you’ll have a bunch of servers waiting in line because they happened to be on a box that is busy, whereas there may be other appliances.

W. Curtis Preston: that have plenty of resources, but they’re not available. And so what you end up doing is you end up, doing the spray and pray method is it’s you said, you say, I’ve got these 10 servers, I’ve got these thousand backups just divvy it up and that makes them work better. But as we mentioned in the previous podcast, it makes your dedupe poor you end up with increased costs. You mentioned about how do I get a view into all of this, and this is why I’m so hard on some of these other systems where they end up with so many little systems. I want a single place to go to create my policies, look at all my clients. I don’t want to have to log into many backup servers and having a large enterprise scale system Druva gives me that regardless of the number of systems that we’re backing up, we can go to a single place and look at all of our backups and restores without having to do all the challenges that we talked about before.

Stephen Manley: The value of the dynamic nature of the cloud is I can also do all sorts of more interesting analysis of what’s going on in your backup patterns. Because again, I’m only consuming resources when I’m doing that calculation.

Stephen Manley: Whereas if I were trying to build that into my box I’ve got to persistently allocate extra compute, extra storage, extra everything. And you’re going to look and say, I’m not sure that value add is enough because I’m not willing to pay more for the backup. Whereas with Druva, it just basically comes bundled in.

W. Curtis Preston: Yeah, that’s a really good point. We’re not the only data protection vendor that has started adding features onto the backup system, but with most of our competitors that are based on a box, you need to buy extra compute in order to get that job done. And that job quite often, again, going to something we said in the previous podcast, the cyclical nature that, that is something that isn’t happening all the time.

W. Curtis Preston: And so you pay for that extra compute, whether you’re using it or not. So that’s another challenge. So let’s talk about the third challenge, which is this idea of having many servers all over the place. This has always been a challenge for any large company. And it’s now become a challenge for many smaller companies because of the remote work world.

W. Curtis Preston: I think that the the need to back up laptops right now versus. A couple of years ago. I think it’s greater right now. And there’s no greater example of the third problem than to have thousands of laptops all over the place. And at list point in many parts of the world, nowhere near a data center.

W. Curtis Preston: I work for Druva. I have, for four years, I haven’t been to the corporate headquarters in a while. And yet all my data is still backed up. So let’s talk about the challenge of the way that particular enterprise challenge would be met by a typical enterprise backup system.

W. Curtis Preston: How would you do that?

Stephen Manley: Just to even double down and triple down, Right, cause some people say a laptop, I’m now looking at, say Microsoft 365. You still have to back that up. Or yeah, I’ve got that, but but we’re also doing a lot of M&A, so I have remote offices, I have to worry about.

Stephen Manley: Okay. That’s a good point. We’re looking at doing more things distributed at the edge. Okay. That’s gotta be protected. So even if you look and say I’m not as worried about the end points. You’re going to have something that is wildly distributed and right now a lot of vendors, the answer starts with you need to install an appliance, a virtual or a physical appliance in some location.

Stephen Manley: That’s got proximity. And again, you look at the distribution of workers with the laptops. That’s tricky. You think about trying to install a virtual appliance inside of Microsoft 365. I’d be curious to see how that works

Stephen Manley: Or on your edge devices. So to some extent the answer is largely, what we’re going to need you to do is back that up over the network to our appliance, even though that appliance and its communication mechanism are built for data centers. So it’s not good at low bandwidth connections. It’s not good at lossy connections. It’s not good at high latency connections. So you’re just going to have to brute force it or alternately cross your fingers and hope nothing goes wrong.

W. Curtis Preston: Yeah, that’s a really good point because, and the reason that they are that way is that the bulk of them do target deduplication. I’m pretty sure. I mentioned that earlier in this podcast that we do source-side deduplication, meaning that we deduplicate the data before it’s ever sent. And target deduplication is where you dedupe the data at the storage target.

W. Curtis Preston: If you do the de-dupe at your appliance, that’s why you have to have an appliance, even a virtual appliance at every location that you’re backing up, because otherwise there simply won’t be enough bandwidth to do the backup, and we are very different than. Because we do source-side deduplication, meaning we don’t need a local appliance everywhere in order to do the backup. We talk a lot about how much we scale up, right? We spent the last podcast talking a lot about how well we can scale up better than a box based vendor, but. I don’t think we talk enough about how well we can scale down, maybe because it doesn’t sound sexy enough, but this is this third challenge of many systems all over the place, whether it’s many remote offices and there are many industries where that is a situation. I think about a Realty company, right? They have all these remote offices. I think about retail. I think about food service. Each one of those sites has a computer on it that has some data that is important to that site, but it’s also important to the corporation. And if you use most of our competitors, you would then need to put an appliance next to your cash register. It doesn’t make any sense at all, but with us, you can just put an agent on that system and we will do source-side deduplication and back that up without needing any local appliance. And so to me, that’s why I say that we scale down, meaning that we don’t care how small something is.

W. Curtis Preston: You just have to put an agent on it and magic will happen.

Stephen Manley: Yeah. I often think of a scale down, some would scale out though. Obviously, that means different things to different people, it’s such a critical thing, I think. And again, I think data is getting more and more distributed and that’s that trends going to continue because I want to move data closer to again, if I’m doing AI/ML, I want data closer to what’s making the decision.

Stephen Manley: I want data closer to my users. I want data closer to my employees. Pulling it all into the data center just doesn’t work anymore. Going back to physics. because I just, I can’t get that back and forth across the network fast enough. So it’s gotta be distributed, which means your protection has to be the thing that centralizes it because nothing else will.

Stephen Manley: And that means you need protection that can do that scaling down into those locations. But also again, protection that is just incredibly network efficient, but also network resilient. And I think that’s the thing that, that sometimes we forget about is you need to be network resilient because a lot of these locations, you’re not going to get the kind of performance you need.

Stephen Manley: You’re not going to get the kind of networking stability that you need. And so you need a system and that is designed for that. And, and if we go back to what Druva’s origins were, which were these end points we bring that ethos to everything else that’s happening. As opposed to starting from the, I assume I have a really big, fast, reliable pipe.

Stephen Manley: We assume we’ve got a really small unreliable, slow pipe and we make the best of it.

W. Curtis Preston: Right. I like that a lot because some people, would ding us, oh, they’re a laptop backup company. First off. We’re not, we were, that was our original product, but we’ve added multiple products to it along the way. And we designed them with that viewpoint. Whereas a typical data center protection product was designed with a very different viewpoint.

W. Curtis Preston: And I would argue that our viewpoint is more appropriate. And I think that’s the argument that you were making. Our viewpoint is more, more apropos to today’s networking environment. As well as today’s compute environment, whereas because some of it’s going to be in the cloud. Some of them it’s going to be on somebody’s laptop.

W. Curtis Preston: Some of them it’s going to be in a big data center. Some of them it’s going to be in a lot of little data centers. And our way of looking at that from a we’re going to handle whatever network connection you throw at us is able to meet the needs of all of those environments. So that seem about right?.

Stephen Manley: A hundred percent, a hundred percent.

W. Curtis Preston: Yeah. I think we’ve talked enough about this topic thanks. Thanks again for, know for chatting.

Stephen Manley: Love it love it. It’s all about the scale. man. We are enterprise scale.

W. Curtis Preston: It’s all about the scale. And we want to, once again, thank our listeners. We’d be nothing without you. And don’t forget to subscribe so that you don’t miss an episode. And remember here at Druva there’s no hardware required.

The post Three Challenges of Enterprise Data Protection appeared first on Druva.

]]>
https://www.druva.com/blog/three-challenges-%e2%94%80-enterprise-data-protection/feed/ 0
What is “Enterprise-Class” Data Protection? https://www.druva.com/blog/what-is-enterprise-class-data-protection/ https://www.druva.com/blog/what-is-enterprise-class-data-protection/#respond Tue, 15 Feb 2022 15:00:51 +0000 https://www.druva.com/?p=104267 This episode of Druva’s No Hardware Required explores the idea of an enterprise-class data resilience product, starting with how data protection is a little different than other parts of IT. To be enterprise-class in data protection, you really need a system that incorporates the entire environment. Stephen and Curtis discuss how some see SaaS products as unready for the enterprise, […]

The post What is “Enterprise-Class” Data Protection? appeared first on Druva.

]]>
This episode of Druva’s No Hardware Required explores the idea of an enterprise-class data resilience product, starting with how data protection is a little different than other parts of IT.

To be enterprise-class in data protection, you really need a system that incorporates the entire environment. Stephen and Curtis discuss how some see SaaS products as unready for the enterprise, and they explain why this simply isn’t the case. In fact, they make the claim that Druva is more ready for the typical enterprise client than many of our competitors. They talk about Druva’s infinitely scalable dedupe engine, and how restores get the unlimited power of the cloud. (Druva competitors’ products have limits on the size of their dedupe catalog, and can only restore as fast as the server they’re running on – typically not a very powerful one.)

The way Druva is designed gives you the infinite power of the cloud, with a bill smaller than you would pay for a much less powerful system on-premises.

The post What is “Enterprise-Class” Data Protection? appeared first on Druva.

]]>
https://www.druva.com/blog/what-is-enterprise-class-data-protection/feed/ 0
New and upcoming Druva security features https://www.druva.com/blog/new-and-upcoming-druva-security-features/ https://www.druva.com/blog/new-and-upcoming-druva-security-features/#respond Wed, 02 Feb 2022 21:33:51 +0000 https://www.druva.com/?p=103241 Jatin Thaker joins us on the podcast to talk about the new and upcoming security features of the Druva Data Resiliency Cloud. First, we talk about how Druva increased its support for multi-factor authentication (MFA). Jatin then explains things that MFA does not protect you from, such as a rogue admin, followed by an explanation of new and upcoming features […]

The post New and upcoming Druva security features appeared first on Druva.

]]>

Jatin Thaker joins us on the podcast to talk about the new and upcoming security features of the Druva Data Resiliency Cloud. First, we talk about how Druva increased its support for multi-factor authentication (MFA). Jatin then explains things that MFA does not protect you from, such as a rogue admin, followed by an explanation of new and upcoming features to address those risks.

We talk about forcing admins to specify why a deletion is happening and then delaying the actual deletion of any backups for a user-specified period of time. This will allow a customer to restore any backups that were either inadvertently or maliciously deleted. We then have an interesting conversation on advanced authorization, also called “four eyes” support, where two people are required to approve certain actions. Finally, we discuss upcoming immutability features along with audit logging.

This is a great episode for anyone concerned about the security of their backups.

The post New and upcoming Druva security features appeared first on Druva.

]]>
https://www.druva.com/blog/new-and-upcoming-druva-security-features/feed/ 0
Honoring Data Privacy Day 2022 https://www.druva.com/blog/honoring-data-privacy-day-2022/ https://www.druva.com/blog/honoring-data-privacy-day-2022/#respond Mon, 17 Jan 2022 19:29:22 +0000 https://www.druva.com/?p=102315 W. Curtis Preston and Stephen Manley discuss Data Privacy Day, and what that means for everyone, and especially Druva’s customers. They start with a discussion of how much more important privacy is to today’s consumers, and opinions as to why that might be the case. They then give an overview of large privacy regulations, such as GDPR and CCPA, as […]

The post Honoring Data Privacy Day 2022 appeared first on Druva.

]]>
W. Curtis Preston and Stephen Manley discuss Data Privacy Day, and what that means for everyone, and especially Druva’s customers. They start with a discussion of how much more important privacy is to today’s consumers, and opinions as to why that might be the case. They then give an overview of large privacy regulations, such as GDPR and CCPA, as well as the upcoming implementation of CPRA, the update to CCPA. Finally, they discuss how all of this impacts an organization’s data resiliency efforts, or how data protection can help positively impact an organization’s attempts to be compliant with these various regulations. Finally, Stephen discusses a very valid point about how you should attempt to comply with these regulations even if you’re not subject to them.

The post Honoring Data Privacy Day 2022 appeared first on Druva.

]]>
https://www.druva.com/blog/honoring-data-privacy-day-2022/feed/ 0
Benefits of AWS as your infrastructure provider https://www.druva.com/blog/benefits-of-aws-as-your-infrastructure-provider/ https://www.druva.com/blog/benefits-of-aws-as-your-infrastructure-provider/#respond Mon, 29 Nov 2021 12:00:14 +0000 https://www.druva.com/?p=100551 Welcome to our re:Invent episode! This week, Stephen and Curtis discuss what Druva and its customers get from the fact that Druva runs its infrastructure on AWS, and programs specifically to its APIs. We first talk about the things you don’t have to worry about at all, like physical problems with your servers (fire, flood, etc.). Then, we talk about […]

The post Benefits of AWS as your infrastructure provider appeared first on Druva.

]]>
Welcome to our re:Invent episode! This week, Stephen and Curtis discuss what Druva and its customers get from the fact that Druva runs its infrastructure on AWS, and programs specifically to its APIs. We first talk about the things you don’t have to worry about at all, like physical problems with your servers (fire, flood, etc.). Then, we talk about the benefits that Druva customers get as a result of our partnership with AWS, and how we’re able to take advantage of hundreds of features as they’re released. Finally, we talk about the wonderful benefits a Druva customer gets because they’re using a SaaS provider, rather than having to maintain their own backup infrastructure. We hope you stop by our booth this week at AWS re:Invent!

The post Benefits of AWS as your infrastructure provider appeared first on Druva.

]]>
https://www.druva.com/blog/benefits-of-aws-as-your-infrastructure-provider/feed/ 0
What is data resiliency and why does it matter? https://www.druva.com/blog/what-is-data-resiliency-and-why-does-it-matter/ https://www.druva.com/blog/what-is-data-resiliency-and-why-does-it-matter/#respond Wed, 17 Nov 2021 16:00:57 +0000 https://www.druva.com/?p=100134 Druva is now using the term Data Resiliency to describe what we do, and some have asked how it’s different from data protection. This podcast should help, as two folks who have been in the industry for a few decades, W. Curtis Preston and Stephen Manley, discuss recent evolution in the industry. They then talk about how many of these […]

The post What is data resiliency and why does it matter? appeared first on Druva.

]]>
Druva is now using the term Data Resiliency to describe what we do, and some have asked how it’s different from data protection. This podcast should help, as two folks who have been in the industry for a few decades, W. Curtis Preston and Stephen Manley, discuss recent evolution in the industry. They then talk about how many of these changes have driven companies like Druva to be more than just backup or data protection; they must provide data resiliency.

The post What is data resiliency and why does it matter? appeared first on Druva.

]]>
https://www.druva.com/blog/what-is-data-resiliency-and-why-does-it-matter/feed/ 0