Arraya Insights

by

Confidence around a cybersecurity topic is usually a good thing – but not in this case. More than six-out-of-10 (65%) organizations are confident they will suffer a data breach of some kind in the businessmen offer hand shake in a technology data centernext year, according to research by Okta. There’s no question that’s the kind of confidence businesses could do without.

Staying out of hot water requires modern, upgraded cybersecurity solutions. However, even today, when cybersecurity horror stories lurk around every corner, barriers to modernization remain.

Standing between businesses and their cybersecurity goals

Okta’s study featured a list of obstacles, each of which serves to delay upgrades and increase risk. As we reviewed this study, we noticed these obstacles tended to have at least one thing in common: they could be overcome with assistance from a best-of-breed cybersecurity partner.

Here are the top five barriers from the list – and how working with a cybersecurity partner can help:

  • Unclear ROI – Roughly 56% of survey respondents said their organization would be hesitant to move forward with a solution unless the ROI was crystal clear.

A cybersecurity partner can help by: performing health checks and assessments to enable a business to better understand its existing cybersecurity environment and how that can be impacted and improved by a proposed upgrade. This gives the business the assurance it needs to move a forward with a plan.

  • Access privilege complexity – This dovetails with ROI concerns as it shows businesses’ desire to have a full picture of a change. This is true in terms of ROI and it’s true in terms of access, according to 54% of respondents.

A cybersecurity partner can help by: gathering data on who has access to what within the network. Businesses can use this info to better prepare anyone who may be affected by a move, reducing the anxiety inherent in change.

  • Budgetary limits – Budgetary constraints are a familiar wall for IT to bump up against, and 54% of survey participants mentioned it as a key factor stalling upgrades.

A cybersecurity partner can help by: working with a solution vendor to ensure customers have access to flexible buying and leasing options, delivering solutions which are the right fit technically and financially.

  • Skills and talent shortages – Just over half (51%) of the businesses included in this study reported not having the skills on staff to manage modern security solutions. If expanding the onsite team isn’t an option, businesses can leverage a cybersecurity partner that also functions as a Managed Services provider.

A cybersecurity/Managed Services partner can help by: providing the customer with the additional hands it needs to manage its growing environment without physically increasing the size of its IT team.

  • Lack of scalability – Nearly four-out-of-10 (38%) businesses are concerned they’ll make a substantial investment in a security solution only to promptly outgrow it.

A cybersecurity partner can help by: working with the customer to fully articulate their goals for today, tomorrow, and beyond. With this info, the partner can help design a solution which is capable of growing along with the customer.

Let us help you build the environment you need

Arraya Solutions appreciates the important role cybersecurity plays in organizational success across all industries. We appreciate it, and we’re ready to help businesses reach their ideal cybersecurity environment. We have a long history of working with business to overcome challenges similar to those highlighted above – as well as anything else that comes up during the process of architecting and deploying upgrades.

Ready to talk more about your cybersecurity wish list? Visit www.arrayasolutions.com/contact-us/ to open up a dialogue. We can also be reached through our social media presence: Twitter, LinkedIn, and Facebook. While there, be sure to follow us to keep up with our latest blogs, special events, and industry insights.

Follow along with our National Cybersecurity Awareness Month blog series.

by

Relationships were a central theme of last week’s 6th annual Arraya Solutions Open House and Technology Day. The event, which was once again held at our corporate headquarters, by its very dan-dave-and-ron-open-housenature is a unique opportunity to build bridges. It brings technology professionals together in a relaxed setting to network with peers, Arraya team members, and representatives from leading IT vendors. However, there seemed to be added emphasis on that point last week, which was reflected in the speeches given by Arraya CEO Dan Lifshutz as well as by special guest, former Philadelphia Eagles quarterback, Ron Jaworski.

The day began with some opening remarks from Lifshutz on the importance of long-term customer relationships and how these have helped Arraya become the company it is today. He also shared his thoughts on the two main factors that must be present for business relationships to flourish across decades: success and trust.

“Obviously if you’re doing good work, it’s going to draw people back to you,” he explained. “The other part, trust, is a little harder. Trust isn’t earned by repeatedly nodding and agreeing. It’s earned through continued honesty, even in the face of difficult conversations.”

Lasting customer relationships have been critical to Arraya’s accomplishments over the years, but the same is true for finding consistency with strategic partners.

“Representatives from Microsoft, Dell EMC, Cisco, and VMware are all here,” he said. “These are four companies we’ve worked with a long time. Even as the IT landscape has changed, these companies have stayed right near the top of the industry. That truly is a testament to their own innovative spirit and we’re excited to call them our partners.”

From there, Lifshutz introduced the day’s special guest, the ESPN commentator and championship-winning Eagles quarterback affectionately known as “Jaws.” His appearance fit in well with the relationship theme as it marked his second time at an Arraya Open House, making him the event’s first-ever two-time special guest.

Jaworski joked about adding that feat to his already-impressive resume before segueing into some behind-the-scenes stories from his days in the NFL. Later in his remarks, Jaworski talked about his experiences as a local businessman and what it takes to be a success. This included coming to work with the expectation of doing something each day to make the company better.

chickies-and-petes-truckThe day’s other big special guest has also become a fixture in the Philadelphia sports landscape. Chickie’s & Pete’s famous crabfries never fail to draw a crowd regardless of event, and the same was true at Arraya’s Open House. The franchise’s Crabfries Express truck was on hand, dispensing crabfries and chicken fingers to the usual high demand.

Among the other highlights from the Open House were the pair of highly-anticipated giveaways. Attendees who stopped by the Arraya Managed Services table were entered to win a signed Ron Jaworski Eagles jersey. Many entered, but the big winner was Dwight Bazemore, Network Engineer for The Pennsylvania Convention Center.

The other giveaway was designed to get people to take advantage of an Open House first – the official Arraya photo booth. All attendees had to do was stop by the photo booth, grab a prop or two – anything from giant sunglasses to fake moustaches to a few footballs – snap a picture and tweet it out using the #ArrayaOpenHouse hashtag. Doing so entered them into a drawing for a brand new Xbox One S from Microsoft. The prize encouraged a steady stream of tweets and creative pictures, but again, there could be only one winner and it was Ray Lauff, Executive Director for Information Technology for Temple University.

The event’s fall theme was complemented in no way by the record-high temperature. It reached 81 degrees in the Greater Philadelphia Area, which seems better suited for spring than fall. Still, complaints from attendees about having to enjoy some beautiful weather with their candy corn were few and far between.

“I’d like to say how proud I am of the company Arraya has become,” Lifshutz said near the end of his speech. “This year is shaping up to be a record one, and (Arraya CTO) David Bakker and I recognize we couldn’t have gotten to this point without each and every one of you. Whether you’re a customer, a partner or an employee, your support and inspiration has enabled us to do what we love, and for that, we thank you.”

by

Regardless of who you vote for on November 8th, one occurrence in the campaign has shaken every email administrator to their core, namely the WikiLeaks dump of John Podesta’s emails. While Envelope And Key Showing Safe And Secure Email the details of how the hack occurred are scarce, clearly Podesta’s entire mailbox was accessed and subsequently dumped. The only detail known is that hillaryclinton.com’s email is hosted at Google (it appears donaldjtrump.com is fronted by Microsoft services).

Now, we’re not going to get into political leanings here, just taking note.

While October is Cybersecurity Month, I noticed an unrelated trend this past week. There has been an uptick in the number of articles providing helpful information to secure your email, but there are two problems with many of them. First, they are all to highly generic and cover all email platforms. Second, they rely on the end user too much to take action. Most end users are like Hillary Clinton herself in that they can’t explain how their email is secured in the first place. How can you rely on your end users to know when or what security to leverage?

Microsoft’s security portfolio is massive. If you aren’t already thinking of Microsoft as a security company, you need to. Consider how the boundary has shifted towards the cloud for your data and mobile access. Perimeter and network protection are no longer remotely enough, as the Podesta hack shows. There are a number of tools built in to Office 365 to help any administrator provide non-intrusive security measures to their end users.

Two Factor, More Secure

For most of us, two factor authentication with a text message PIN is likely enough. For those that might be targets of attacks, like your financial or HR groups, that might not be enough. Did you know how easy it is for your text messages to be hijacked?

In August, 2016, someone hijacked FTC Lead Technologist Lorrie Cranor’s mobile accounts by simply taking some basic information into a store. This, in effect, allowed the person to gain access to her text messages. If they already knew her email address, that’s all they would need to gain access.

Microsoft has multi-factor authentication in Office 365 with voice calls and text messages, but another way, too. A third option to provide the second factor is through the Microsoft Authenticator app.

You can’t easily bypass the authenticator application. You have to enroll your device through a QR Code. Once enrolled, you will receive a PIN via the app or you can use the devices biometrics to approve (I use the iPhone’s fingerprint scanner).

When your end users use multi-factor authentication, they will also take security further by using app passwords for all Outlook and ActiveSync access. As an administrator, you can then take the final step of locking down OWA access through this PowerShell command:

Set-CasMailbox UserName@DomainName -OWAEnabled $False

Even if someone’s Microsoft account information is stolen, they still can’t get into the mailbox because the app passwords are in place. Microsoft believes identity is the control plane for security in your organization because it is the one thing that is common when working anywhere, anytime, and on any device.

So we’ve bypassed the text messaging risk, two-factor risk and the risk of the end user accidentally leaking their passwords through phishing.

Speaking of Phishing

Stopping a phishing attack on the fly can be extremely difficult. End user education is always a key part to any strategy. Microsoft does some very common sense things already, including supporting DMARC and adding safety tips inside of Outlook on suspicious messages.

Phishing is one of the most complex attacks because of its simplicity. Basically, phishing involves a single message sent to another single user. It uses regular grammar and oftentimes has no spelling errors. This can make it difficult, if not impossible, to stop.

One of the things you can do is activate alerts for suspicious activity for your mailboxes. With Advanced Security Management in Office 365, you can receive alerts on several key scenarios that could be indicative of an attack and then take action, such as suspend the user account.

The governance is what makes this tool so powerful. For example, if a user attempts access from an IP belonging to a known Botnet or the Tor network, an alert can be sent and the user suspended. There is also the impossible login scenario. If a user logs in to an account in Washington, D.C. and then let’s say Russia within the same 5-minute period, you can take the same action.

This gets to the heart of one of the more fascinating trends with Microsoft regarding security. You can use the power of their cloud to watch security and take action when things happen, no scripting or heavy lifting required.

Securing it Right from the Start

There is a definite trend with recent Office 365 migrations that Arraya has done to favor security as part of the migration strategy. While transient organizations, like a presidential campaign, can easily spin up a cloud-based email solution, they should absolutely be using one with the power to mitigate threats and not just provide email as a commodity service.

In the past year, Microsoft has grown their security story, both in the Office 365 stack, but also with Enterprise Mobility + Security. Check out some of our other blogs posts on Cybersecurity this month and reach out to the Arraya team if you are interested in learning more.

by

Experts estimate that 2.4 million emails were sent every second last year. Take that figure and stretch it across an eight-hour workday and that comes to roughly 69 billion emails between the Missed Target Showing Failure Loss And Unsuccessful Aimhours of 9-5 each day. That is a lot of email. Each one of those 69 billion messages isn’t just an opportunity for workers to connect, it’s also a sizable risk for employers.

As employees are going through the day, sending off their share of those 69 billion messages, they’re not always the most careful. Sometimes this inattentiveness can manifest itself in something that, while not inherently dangerous, is extremely annoying. Example: Time, Inc.’s so-called “reply-all-pocalypse” from earlier this year. Other times, a mistake can result in extremely sensitive data being accessed by the absolute wrong parties.

So what can be done to prevent this? Staffers can be urged to follow the same old email best practices, such as double and triple checking everything. However, that does little to prevent email recipients from behaving incorrectly. A better, more comprehensive approach is to bolt a technological solution onto those best practices with the help of Microsoft tools you may already have in your IT environment.

Are you missing out on these Microsoft cybersecurity features?

If your business utilizes Office 365 E3 then you already have access to the following features which can better secure your business email. All you need is for someone to activate them and configure them to suit your needs.

  • Information Rights Management (IRM) – Finally gain some control over what happens to interoffice email after you click “Send” with IRM. This feature lets the sender of an email set permissions as to what a recipient can and can’t do with a message. This includes:
    • Setting permissions concerning whether users can forward an email, reply all to it, copy and paste text from it, or take a screen grab of it
    • Extending restrictions beyond the email itself to any attachments which have their origins in Microsoft Office
    • Designating an expiration date so an email (and its attachments) will be unavailable once a specified period of time has elapsed
  • Office 365 Message Encryption (OME) – Build an additional layer of security around your business’ emails with OME. Once activated, OME will automatically encrypt emails based on organizational policies to ensure the content is only accessible by those you intended.
    • In order to access these encrypted emails, recipients will need to log in using their Microsoft account or a onetime passcode
    • When a recipient opens a restricted message, he or she will be greeted with a portal requiring them to log-in to view the content. This portal can be personalized to reflect your business’ unique branding
    • Encryption rules will apply to either internal or external recipients, protecting your data wherever it travels
  • Data Loss Prevention (DLP) – Regulate the kinds of information users can include in their internal or external emails with DLP. This feature scans messages for the sensitive info IT tells it to look for and automatically applies policies and restrictions to that data based on organizational settings.
    • Utilize DLP templates to red flag anything from SSNs and credit card information to data protected under HIPAA
    • Determine the sensitivity of triggers, for example, you may be OK with financial information being emailed internally, but not externally
    • Set hands-free actions that will be launched when sensitive data is located – such as email the attempted sender or pass word along to your organization’s compliance manager

Better secure your business communications

These features and others may already be available to you, it could just be a case of turning them on and optimizing them to meet your needs. Arraya’s award-winning Microsoft team can do that and more. What do we mean by more? October is National Cybersecurity Awareness Month and in honor of that, our Microsoft team has been hard at work on a series of blogs detailing how they can help today’s businesses achieve their cybersecurity goals. Topics so far include how the cloud has revolutionized security and how to get a better read on your business’ cloud apps.

Office 365 E3’s list of cybersecurity capabilities is impressive, but Office 365 E5 contains even more. Stay tuned to this space for an upcoming post detailing them more fully. In the meantime, message our Microsoft team at mssales@arrayasolutions.com to start a conversation about cybersecurity today.

Or, reach out to us through social media: Twitter, LinkedIn, and Facebook. While you’re there, follow us to stay updated on all of our upcoming special events and IT insights.

by

As a technology professional, security has always been at the forefront of my thought process. I’ve been interested in security since I started in the industry in 2007. Back then, security was Road in fogpresent, but much less complex than it is today. Most companies had the majority of their IP and other resources locked in an internal network with technologies like NTFS, on-premises applications and team sites in SharePoint.

Thanks to the iPhone’s release in 2007, data accessibility took the business world by storm. Everyone either had one or was getting one. The ease of use opened up new opportunities and ways to work. The world as we knew it was connecting like we could never have imagined just a few years earlier. Laptops were being phased in as the choice of workstation and VPN’s were being opened to all employees. Work from home schedules began to be a perk a company would offer to attract top talent.

With this proliferation of remote and ubiquitous data access, corporate IT security was quickly getting a lot more complex.

Today, everyone has a smartphone and can access data from anywhere. They do this through both IT sanctioned and their own personal applications. This is because employee and employer expectations about how and when work gets done have shifted. As a business competing in today’s world, you can either get on board or get left behind.

This new way of working presents many challenges when it comes to IT security, but one of the biggest is what to do about the incredible amount of cloud applications and services that employees are using. There are thousands of applications out there that just require a credit card to get going (or worse, are free) and IT has no insight into what is happening.

This is Shadow IT at its finest. IT doesn’t move fast enough or an end user feels empowered and the next thing you know, your business’ data is out there, unmanaged.

There are thousands of cloud-based applications out there and so many places corporate data could end up, many IT organizations have just thrown their hands up and are hoping for the best. How can you corral your end users and get them using IT sanctioned apps, while weeding out the risky apps?

The first step to finding out what your employees are using isn’t as difficult as you think.

Microsoft’s Cloud App Security allows IT to get these answers and do something about it. By checking your network egress traffic and using analytics up in Azure, you can easily identify which cloud-based applications your employees are using.

jason-k-blog-post

Microsoft takes this a step beyond simple identification though. By layering on intelligence about specific cloud-based applications, you can assess your company’s risk instantly and build control around high-risk applications. For those you want to allow to manage and have APIs, you can set a policy and even gain certain insights into what employees are doing.

In order to maintain corporate IT security, you know exactly what applications your employees are using and exactly how many. And with this information, your able to effectively sort through the fog that the cloud creates and take the steps necessary to protect your organization.

Celebrate Cybersecurity Awareness Month with Arraya

October is National Cybersecurity Awareness Month. All month long, Arraya’s award-winning Microsoft team members will celebrate by sharing their insights into some of the latest security solutions from Microsoft and how these tools – along with a partnership with Arraya – can help businesses reach their cybersecurity goals.

Visit www.arrayasolutions.com/contact-us/ to open up a dialogue on cybersecurity (or any other IT topic) with a member of our team. We can also be reached by emailing mssales@arrayasolutions.com or through social media: Twitter, LinkedIn, or Facebook.

by

A new study from NIST suggests that security fatigue could be putting businesses at risk. There is something futile in an end user’s attempt to keep your computing environment safe. After all, worn out business manwhat could a non-technical knowledge worker possibly do to protect themselves and the company’s data against a hacker?

The fatigue and frustration comes in when users are confronted with the ways that IT has attempted to control the environment. Granted, it isn’t IT’s fault either, these are just the tools we’ve been given – passwords, security groups, firewalls, web proxies and other systems. What have we done?

The challenge for IT is clear. Hackers have gotten more intelligent and moved past just technical flaws and use social engineering to gain access and data. User education is a key strategy, but even that only goes so far and can contribute to fatigue.

There is another factor that compounds this problem. For a company, email and other business systems, which are the typical attack vectors, do not often directly impact the bottom line. These systems simply support the business. When you factor in the cost, many companies look the other way when it comes to security. In some cases, ‘good enough’ wins out over best practices because ‘it will never happen to me.’ Fatigue is not only a symptom of the individual, but entire companies.

While IT fights the good fight, end users are critical to security. Europol just announced recently that ransomware is the current largest threat to businesses. In case you haven’t heard of it, ransomware is where cybercriminals encrypt data and ransom off the keys to unencrypt the data for a fee. This can be devastating for a company depending on the ransom’s size or the amount of data affected.

Over the course of my IT career, I have seen fatigue creep into business processes in various ways. Consider shared accounts and passwords and the risk that they pose over the ease of use for the end user. How about the ease of NTFS permission sets and how quickly a file’s permissions can be nullified just by emailing that file around? Even the best laid security structure can be overthrown by a careless user looking to bypass the security system.

So, how do you reduce security fatigue while empowering end users to protect your company data in a non-intrusive way?

As Microsoft’s focus has shifted to a cloud first, mobile first world, they have invested in non-intrusive end user security platforms and analytics to give IT and end users a fighting chance. There is no silver bullet for security, but there is also no longer an excuse for not doing anything. With security tools that are easy to manage and built on Azure, IT doesn’t necessarily even have to worry about fronting the bill for physical infrastructure.

During the month of October (aka Cybersecurity Month), the Microsoft Practice at Arraya will be writing blog articles about the security innovations that Microsoft has built over the past year to help companies address security fatigue, protect sensitive data, and give IT insight into what risks might be happening on the network. The cloud removes all excuses against building a security posture.

For a starting perspective, I recommend watching Satya Nadella’s Enterprise Security speech from 2015. End user security fatigue and complacent attitudes can cost your business financially and potentially harm your reputation.

by

Our Arraya Town Halls aren’t a new topic for this blog, but we did something at our most recent get-together that I think is worth mentioning. Normally at these events I look back at the previous arraya-timelinequarter, updating employees on our individual practice areas and the company as a whole. However, I decided to go much further back this time. I went back 17 years, back to when Arraya wasn’t even called Arraya, and compiled all of our biggest milestones into a company highlight reel.

The motivation behind the history lesson was simple. We’ve grown so much and many of our newest employees may not be familiar with our humble origins as a two-man consulting outfit known as D&D Consulting. It’s impossible to appreciate where we are today without this historical context.

As I dug in to our history, gathering critical dates and events, a pattern became clear. I noticed how far back many of our customer and partner relationships stretch. It’s a fact I’ve always been cognizant of, but there was something striking about seeing it laid out in front of me. It got me thinking about how important long-term relationships are to Arraya – and about what goes into forming bonds that last decades.

Obviously doing consistently good work is a huge part of it. A proven track record of success helps bring customers back and allows our strategic partners to recommend us to their own customers with confidence. But that’s not all it takes.

It also requires honesty – even if that means telling someone something they don’t want to hear. Trust isn’t built on nodding and agreeing. It takes having those difficult conversations about why, based on our own experiences, a customer’s plan might not work. These interactions aren’t easy, however they’re why customers don’t see us merely as a technology solution-provider, but rather as a business partner.

That honesty must extend to when something goes wrong. No matter how hard our team strives for perfection in every engagement, there’s always the chance something unforeseeable occurs. Adversity is going to happen on occasion and, when it does, we don’t run from it or try to hide it. Instead, we own it. We’re upfront with the customer and work with them to come up with a plan on how to turn a tough situation into a win for everyone.

Finding stability in a changing industry

Change is commonplace in this industry. Technologies and businesses can go from “hot new trend” to the subject of “remember when” online articles in the blink of an eye. With all of that volatility, we’re honored by the fact that so many customers have trusted us with their IT environments for so long.

This stability has benefited customers in a number of ways. By maintaining equally-strong bonds with leading IT vendors like Microsoft, Cisco, EMC, and VMware, we’ve been able to ensure our customers have access to the right solutions for the right price. Additionally, the longer we spend working with a customer, the better we learn their IT environment and their business. This knowledge can prove invaluable in our roles as advisor and partner.

As I went back through Arraya’s history, I was proud of how much we’ve grown. I also recognized that growth wouldn’t have been possible without the great group of partners and customers we’ve assembled. Without fail, the members of that group share our commitment to continuous innovation and have motivated us to keep pushing our limits as a company.

by

Cloud vendors typically have your back when they make a mistake that puts your data in jeopardy, but what if that mistake comes from inside your company? According to Dell EMC, error_gkpx6rpuhuman error is responsible for 64% of data loss. That’s a lot of damage being chalked up to employee carelessness or them just plain not knowing any better. Worse: Depending on the cloud vendor, data recovery may not be included with its services or, if it is, the price could prove almost as painful as the prospect of lost data.

If you’d rather not choose between saying goodbye to your data forever and breaking the bank to get it back – and who could blame you? – there is another option. There’s a solution which plugs the gaps in organizational backup and disaster recovery plans. Those gaps, by the way, are something which many organizations don’t even know are there – until it’s too late.

That solution is Spanning from Dell EMC. Spanning provides enterprise-grade protection for your SaaS applications. With Spanning, backups can be automated or initiated manually and restores can be launched with ease by end users, allowing them to focus their efforts and recover as much or as little data as needed.

Recovering from user-inflicted wounds

You can’t stop all user errors all the time. What you can do with Spanning is minimize the fallout from those mistakes. Let’s step through four all-too-common user slip-ups and see how Spanning could make a difference.

  • Scenario #1: Accidentally-deleted files. Countless IT headaches have started with someone thinking to themselves “I don’t need this anymore” and clicking delete. Then, a few weeks or so later, that file or email – which was deleted because it had sat gathering dust for so long – is all of a sudden in high demand. Even if that file seems long gone, it’s not with Spanning, which allows a user or an IT admin to access historical snapshots of data and restore to any of those versions with total accuracy.
  • Scenario #2: Poor password practices. No matter how many times you tell them not to, some users are going to use “password” as their password. Poor quality or recycled passwords might as well be a welcome mat for hackers and cybercriminals to come in and do their worst. Not only can Spanning help undo their worst, it provides intrusion protection services as well. Spanning uses log analysis, policy monitoring, real-time alerting, and more to ensure the integrity of your IT environment.
  • Scenario #3: Careless online habits. Speaking of things end users have heard a thousand times but many keep doing, what about careless clicking? Just because a website or an email attachment seems legit, it doesn’t make it so. Tech headlines are packed with instances of ransomware, malware, and other malicious tools and the damage they can do. Just as with the cybercrime mentioned in Scenario #2, Spanning can help catch and repair these situations, allowing businesses to get back to work without having to pay off their attackers first.
  • Scenario #4: On-the-way-out accidents. Picture an employee’s last day at your company. Long after their desk is packed up and they’re out the door, you realize you need a file from them and, lo and behold, it’s been deleted. With that person gone and their account wiped, any hope of recovery is shot, right? Not with Spanning. Dell EMC’s solution allows files to be recovered to any account. This means a manager could recover that file right to his or her own account, bypassing the no-longer-there employee entirely.

How can Dell EMC’s Spanning help you?

The full value of Spanning isn’t limited to those four use cases. Far from it. If you’d like to learn more about how Spanning from Dell EMC can ensure the security and availability of your SaaS environment, reach out to us at www.arrayasolutions.com/contact-us/. Our award-winning Dell EMC team stands ready to answer any questions you might have.

We can also be contacted through social media – Twitter, LinkedIn, and Facebook. Message us to start a conversation today. While you’re there, be sure to follow us to keep up with our latest industry insights, blog posts, and special events.

by

A recent study sought to gauge the level of confidence organizations have in their approach to data protection – and the results were not pretty. The Dell EMC study 0o1a2346-557revealed less-than-overwhelming confidence in here-and-now recovery abilities and painted an even bleaker picture of future prospects. Considering this study pinned the average cost of data loss at more than $760,000 and the average cost of unplanned downtime at $570,000, it’s certainly in companies’ best interest to do what it takes to feel better about data protection.

When asked to assess their efforts in Dell EMC’s Global Data Protection Index, organizations had the following to say:

  • 63% are less than “very confident” in their ability to meet service level agreements around fully recovering systems and data – both onsite and off
  • 81% believe their current data protection solutions won’t be able to handle all future business challenges

Putting together the data protection puzzle

Speed, reliability, and scalability are three essential components of any data protection strategy – and can all be found in Dell EMC’s Avamar/Data Domain solutions. These formerly separate solutions have become more tightly integrated in recent years, forming a pairing that can help solve data protection challenges for organizations of all sizes.

Avamar’s role in backup and recovery has changed quite a bit in the last three years or so. This solution used to be a network storage and data protection RAIN device. However, lately it’s progressed from this role as a landing spot up to the brains of the operation. Avamar, in most scenarios, is used solely as the backup DMA and no longer is leveraged as the target for the backups themselves.

Meanwhile Data Domain, which started its life in the data center as a purpose-built NAS device capable of high rates of data ingestion and inline deduplication, has stepped into the role of backup target in an integrated solution with Avamar. This is due in part to its deduplication algorithm’s effectiveness with common data types, higher ingest bandwidth, and smaller, denser footprint.

Together, these products combine for a dynamic backup and recovery solution providing new features such as instant recovery for virtual machines and low bandwidth replication. In the market for a new backup and disaster recovery option? Looking for a partner to help you through the process? Here’s what a typical Arraya-deployed Avamar/Data Domain solution looks like – as well as why our approach might be exactly what you need.

Arraya’s approach to Avamar/Data Domain deployments

Right off the bat, while this may be a “typical” Arraya deployment, it’s not the only option available. We always work with customers to come up with backup and disaster recovery strategies and architectures that address their needs – now and down the road.

Arraya recommends deploying Avamar either as a virtual appliance or as a single Avamar node with minimal storage (2TB) capacity on the device itself. Traditionally, in an integrated solution, the Avamar node capacity is reserved for meta data only. In fact, we recommend configuring the integrated solution to force all backup data be sent to Data Domain.

In addition to the single Avamar node, our sizing usually includes a midrange Data Domain model with sufficient capacity to encompass a three or five-year growth cycle based on data analysis done by the assigned Solutions Architect. The Data Domain 2500 model is the most common unit used which comes with (6) 1Gbe NICs onboard. Our implementation engineer will recommend configuring two of these NICs into a failover (active/passive) bond and then binding the Data Domain host name to the bond’s assigned IP. The result provides a redundant network path to the Data Domain over this interface. This is used for command/control and replication and requires no external network configuration to support. The functionality is supported by the Data Domain itself.

What about the other four NICs on the 2500 you say? Arraya’s engineer will configure individual IPs on each of them and then roll all four into an interface group which can be accessed by all clients. When backup is initiated, the client will reach out to Data Domain to gain access to an IP it can use during the process. Data Domain will consider the workloads each IP is running at that moment and assign the appropriate IP to maintain network load balance. This functionality also provides fault tolerance. In the event a link goes down, the hand shake between client and Data Domain will occur again (over the command/control path) and Data Domain will assign a new IP link to use to continue the backup uninterrupted. Like PowerPath for backup!

Building your ideal data protection environment

This deployment methodology allows for the marrying of two seemingly disparate technologies to work in tandem to provide a robust BRS solution. From cache files used by the Avamar binaries to build lists of unmodified files that don’t need to be processed, to Distributed Segment Processing done by Data Domain binaries (commonly known as DDboost), the solution reduces necessary network bandwidth significantly. Unique data that does need to be sent is processed by a varying length segment algorithm that identifies patterns in the data stream that are not unique and only stores them once. Summary vectors are created from these segments and built in memory so the Data Domain can quickly determine whether it’s seen a pattern before.

An oversimplified example would be if you were to back up a library the word “the” would occur possibly millions of times. As those books are read and sent to Data Domain, the pattern of 1’s and 0’s for the word “the” will only be stored once. Each subsequent appearance after that isn’t stored or sent across the network. Instead a reference to the original instance is made.

The same technology that speeds up the backup and reduces network bandwidth is used in reverse to speed up the restoration process for a great deal of data types. Both Avamar and Data Domain employ methodologies to ensure that the data sent to them remains reliable and is protected against corruption. So you can sleep easy at night knowing your backups are safe and sound and there to be restored should the need arise.

Arraya’s BRS solution doesn’t just provide fast, efficiently-stored, and reliable backups, it can scale to meet almost any need. Potentially addressing the 81% of companies who don’t see their current data protection solutions as a long-term answer. IPs, connections, bandwidth – they can all be added without the business incurring true, costly disruption.

The next steps

Partnering with Arraya for your backup and disaster recovery refresh means the above deployment type and features are exactly what you’ll get – if they’re what your business wants. Our award-winning data management practice has no interest in shoe-horning a business into an approach that isn’t the right fit. Instead, the strategy and equipment we propose can be adjusted depending on need.

Ready to get started? Visit: www.arrayasolutions.com/contact-us/ to begin your conversation with our team today. We’re also reachable via social media, including Twitter, LinkedIn, and Facebook. Remember to follow us on each to keep up with our latest blogs, industry insights, and special events.

by

Mergers and acquisitions can be tough for a variety of reasons – not the least of which is all of the moving pieces on the IT side. At Arraya, we’ve steered many companies and IT teams through Business hand working businessthese engagements. Over the years, we’ve learned plenty about making the process run more smoothly – including the tactics described below.

Problem

We began to notice a problem after end user identities and passwords were migrated from one Active Directory domain to another by way of the Windows Server Active Directory Migration Tool (ADMT). Once that migration was complete, users would be prompted to reset their passwords the next time they logged in to their account. This requirement is a default setting for ADMT.

For onsite users, this wasn’t much of an issue. They’d see the prompt, follow the steps and that was that. However, remote users connecting via VPN, or some other channel or portal, may not receive that prompt. Instead, their password would continue to be flagged as incorrect until they made a call to the Help Desk. From there, the password could be reset, letting the user get back to work.

Considering the hectic nature of the M&A process, a flood of calls about passwords is the last thing anyone needs. However, there is a workaround that can prevent this situation.

Solution

There are two ways for those handling the AD migration to solve this problem. Which path they take can depend on whether the accounts are all going to one location or if they’ll be dispersed across several – although one of these methods will work for either use case. Regardless of which is chosen, it should be executed before the newly-moved accounts are released to end users.

One option is to run a PowerShell script. The script can be programmed to toggle off the setting in AD which mandates password resets for recently-migrated end users. Admins give the script a list or domain of users to target and then the script handles the rest automatically.

This approach works best in situations where admins are migrating a large number of end users to a variety of different locations. It can also be used to migrate smaller groups of users into one location, as well. It’s up to the admin performing the migration to determine whether this method would be best in a given situation.

In order to execute this PowerShell command, from a domain controller, admins must:

  • Launch PowerShell
  • Import AD module to tell PowerShell which users to target
  • Run PowerShell command containing instructions to turn off password resets for all included users

Another solution available to admins? They can correct things directly in AD. This is typically effective only if they’re migrating smaller groups of users into one central location. To solve the problem in AD, the admin must:

  • Select the targeted group of end users
  • Right click on it
  • Click on the Properties option
  • Under the Account section, click on the empty check box to the far left of the option which reads “User must change password before next log-in”
  • Click “Apply”

By doing this, the admin will undo ADMT’s default option, ensuring remote users will be able to log-in without the help of the Help Desk.

Result

By their very nature, M&A engagements are complex – and even frustrating. While it won’t eliminate either of those issues, the above method can at least ease the burden. Instead of dealing with a barrage password issues, this will keep the Help Desk free to handle the other concerns that are bound to crop up.

There is another way to reduce the frustration inherent in M&A scenarios: partnering with Arraya Solutions. Our team understands the challenges presented by M&A and we’ve compiled volumes of experience in the area. That knowledge has been distilled into our award-winning M&A in a Box service. This offering is built to assist organizations with the strategy, management, and execution of M&A projects.

To learn more about M&A in a Box, or to speak with a member of our Microsoft team to discuss the solution presented above, please visit: www.arrayasolutions.com/contact-us/. We’re also reachable through social media: Twitter, LinkedIn, and Facebook.