The Cloud, Not Deduplication Alone, Will Lead To The Demise Of Tape

Stephanie Balaouras

Stephaniebalaouras Friday, Iron Mountain and Microsoft announced a new partnership. Customers of Microsoft's backup offering, Data Protection Manager (DPM) 2007 service pack 1, can electronically vault redundant copies of their data to Iron Mountain's CloudRecovery service. This is welcomed news for DPM customers. Customers will continue to backup locally to disk for instant restore but rather than vault data to tape and physically transport tape to an offsite storage service provider, customers will vault data over the Internet to Iron Mountain. For disaster recovery purposes and long-term retention services, you need this redundant copy of your data offsite. By eliminating the physical tape transport you eliminate the risk of lost or stolen tapes or the need to deploy some kind of tape encryption solution. Microsoft DPM hasn't taken the backup world by storm since its introduction in 2005, but each subsequent release has added critical features and application support. Additionally, because it is often bundled in with Microsoft System Center, I expect adoption will increase among small and medium businesses (SMBs) and small and medium enterprises (SMEs).

Read more

Big News for Check Point Firewall Customers

John Kindervag

John Kindervag

Today, Check Point Software Technologies, one of the old guard in the world of information security, announced they are purchasing Nokia's security appliance business. This is welcome, if late, news to Check Point's customers who use Nokia hardware.  For many years, Nokia was the de facto hardware platform for deploying Check Point firewall software.  Check Point/Nokia shops have been struggling for months to decide how to respond to Nokia's announcement that they would rid themselves of this troublesome (think non cell phone) business.  For customers with sometimes hundreds of Nokia appliances, the fear of potentially unsupported hardware, or of a big firewall replacement project, were equally disturbing.

This new agreement spawns a couple of interesting questions: 

Read more

The Numerous Meanings Of "Data Protection"

Stephanie Balaouras

Stephanie Balaouras

In my coverage of business continuity and disaster recovery, I talk to both IT infrastructure and operations professionals as well as IT security professionals and I've found that the term "data protection" means something different to each. This comes as no surprise and I think for a long time it didn't really matter because IT operations and security professionals operated in independent silos. But as silos break down and "data protection" is a shared responsibility across the organization, it's important to be specific and to understand who is responsible for what.

Read more

Thomson Reuters Gets A Jump On Holiday Shopping, Acquires Paisley

Chris McClean

Chris McClean

Keep an eye out in the next week for Forrester’s GRC Trends 2009 report, which will take a look at how a decidedly rocky end of 2008 will impact those responsible for various aspects of corporate governance, risk management, compliance, audit, and finance... as well as the product and service firms that serve them.

One trend that we call out in the report is the impending consolidation of the GRC technology landscape, which is a top-of mind issue for many leading vendors in the space.

Wednesday, Thomson Reuters got an early start on this trend with a definitive agreement to purchase Paisley. A leader in the GRC platform and audit management markets, Paisley will be a strong addition to the company's Tax and Accounting group.

Read more

Categories:

New Options For Business Continuity Management Software

Stephanie Balaouras

Stephanie Balaouras

With SunGard's acquisition of Strohl Systems, it would seem that the options for business continuity management software have dwindled. While SunGard will continue to support both Paragon and LDRPS, LDRPS will be its go forward platform. This leaves the main challengers, COOP Systems, eBRP, and OfficeShadow and lesser known vendors such as Business Protection Systems International (BPSI), CPACS, KingsBridge (formerly Binomial), and a few others. COOP Systems has gained a lot of momentum in recent months, in September, IBM Business Continuity and Resiliency Services (BCRS) selected COOP Systems as its strategic partner for BCM software.

But there are new options emerging from governance, risk, and compliance (GRC) vendors. For example, Archer Technologies has added a business continuity management module to its GRC SmartSuite Framework. I recently saw a demo of the offering and I found it to be intuitive and comprehensive. It's also closely aligned with the British Standard for Business Continuity Management, BS 25999. I also recently met with MetricStream, they have also added a BCM module to their GRC platform. Provided that you've already purchased the core GRC platform from one of these vendors, buying the BCM module is significantly less expensive that buying or subscribing to a tier 1 stand-alone BCM offering. Tier 1 offerings start at US$100K and average sales prices can be in the hundreds of thousands of dollars. The add-on modules to these GRC platforms will start between $30K-$50K.

Read more

Categories:

This week in history - volcanos, hurricanes, and the risk of Black Swans

Chris McClean

Chris McClean

Pouring over endless details of risks, regulations, taxonomies, and technologies can sometimes give us a narrow view of the world, so it seems worthwhile to take a minute to mark the 125th anniversary of the cataclysmic eruption of Krakatoa this week. For those of us that want to think big but can’t remember that far back, this week is also the 3rd anniversary of Hurricane Katrina’s devastating sweep across a wide stretch of the US Gulf Coast.

Read more

IBM Raises The Stakes In Business and IT Continuity Services

Stephanie Balaouras

Stephanie Balaouras

IBM announced today that it was spending US$300 million to build out 13 data centers in 10 countries in 2008 - IBM refers to these sites as "Business Resilience service delivery centers". These centers will certainly help IBM deliver more of its traditional IT recovery services but they will also support the next generation of IT continuity services - repeatable, scalable, productize services such as online backup and virtual recovery.  These types of services don't require massive capital investment in an inventory of heterogeneous server and storage platforms, instead the service provider can focus its efforts on building a scalable pool of virtualized servers and shared storage built with industry standard components.

Read more

Microsoft and BearingPoint see space to play in the Enterprise GRC market

Chris McClean

Chris McClean

Earlier this week in a joint press release, Microsoft and BearingPoint announced the new BearingPoint Enterprise Governance, Risk, and Compliance product offering. Ok... it will be a while before the more veteran enterprise GRC vendors start really losing sleep over this deal. But BearingPoint continues to be a top risk consulting firm, and Microsoft’s reach through the business user community will be an attractive benefit for compliance and risk professionals trying to get hundreds or thousands of staff members to contribute to the GRC program. There’s potential here for sure.

Read more

Categories:

Traditional Disaster Recovery Services Are Dead

Stephanie Balaouras

Stephanie Balaouras

If you still subscribe to fixed site recovery services using shared IT infrastructure from the likes of HP, IBM BCRS, or SunGard, among others, you will quickly become a dinosaur in the next 1 to 2 years.

These types of shared infrastructure services involve lengthy restores from tape and a recovery time objective of 72 hours, at best. Plus, you'll be lucky if you recover at all because chances are, you've had trouble scheduling a test with your service provider and it's been a LONG time since the last one, if indeed you’ve ever tested.

72 hours recovery just doesn't cut it anymore. And frankly, understanding your provider's oversubscription ratio to shared infrastructure to determine the risk of multiple invocations, or attempting to negotiate exclusions zones and availability guarantees is a time suck. Most companies are either taking DR back in-house or, if they still rely on a DR service provider, they are using dedicated infrastructure.

Read more

Categories:

Upping The IPS Ante

John Kindervag

My colleague at Forrester, Chris Silva, recently commented upon the recent Air Defense acquisition by Motorola.  Looking at the deal through the security lens, I completely agree with Chris that this will help ease integration of wireless security into wireless infrastructure.  It's good to see one of the major wireless brands step up and take wireless security seriously.  Perhaps that other major wireless vendor will get the hint...

Upping The IPS Ante


Motorola announced this week its intentions to acquires Wireless IDS/IPS vendor AirDefense.
The acquisition may provide a bit of deja vu to readers who recall the
acquisition of Network Chemistry's wireless IDS/IPS assets by Aruba
Networks in 2007.

Read more

Categories: