2021. What an interesting year. With the world turned upside down by a pandemic that seemingly had its sights set on...
ETI-NET encourages elevated priorities; delivers enterprise resilience
ETI-NET
AdrianIt has always paid to be resilient. Providing resilience simply means that adjustments can be made whatever the situation. It implies that an expectation of normalcy continuing unabated is unrealistic. In business, there can be no second-guessing about where the competition comes from or when it will arise just as there is no known formula that accurately forecasts imminent disasters, natural or particularly, man-made. Bending and not breaking has always been a fundamental premise underlying the successful execution of any business, as it is hiding the “keys to the kingdom” and negating any one individual’s access to actions detrimental to the smooth operations within their data center.
When it comes to IT and to major Global 1,000 enterprises, the rise of bad actors and state-sponsored disruptions, not forgetting the occasional poorly disciplined actions of IT personnel, being watchful is top and center of these companies’ priorities. Resilience demands protection and planning and as such, is only effective following practice. There’s a reason why so many IT organizations have a “red team” capable of quick responses to unusual situations – expertise only gained through regular drills where resolution following intrusions of all kinds are dealt with before catastrophe arises.
Recent outages, including the AZURE compromise as a result of a more traditional DDoS attack as well as the CloudStrike erroneous deployment that brought down much of the Windows world are just the latest example of what is possible today. A mix of accidental together with deliberate only further highlights that the need to elevate levels of resilience and to do so, requires a review of the hardware and software upon which solutions are dependent. No IT department is beyond the reach of an attack, no matter the systems that are present in the cloud, data center or periphery.
For members of the NonStop community, there has been a rapid awakening that they are unlikely to be immune from such intrusions. Long thought of as enjoying safety through obscurity – who could possibly understand how to penetrate the architecture of NonStop and its highly integrated software stack – and yet, nothing is off the table in this regard. As recent data highlights, more often than not, the risks come from within IT itself where the simplest of organizational change can trigger unthinkable levels of chaos. System intrusion was now top-of-the-list with regards to how today’s IT can suffer serious compromise.
For ETI-NET, working back from practice to planning and then to protection, it has become a recognizable fact that separation of duties plays a big role in helping reduce, even eliminate, system intrusion from within IT. “We are all familiar with the new and emerging options presented to us started by financial institutions to implement two-step authentication, and now common place for one-drive access,” said Mike Mitsch, ETI-NET Director, Business Development. “And for good cause. So, when it comes to NonStop systems and the daily interaction by the systems and operational teams, validation and separation of functions is paramount in order to ensure no one party has the keys to the kingdom.”
One of the key observations of ETI-NET today is how NonStop has become an intermediary processor cast in a role that maybe closer to the edge than the cloud. The history of NonStop has been closely associated with the role of intelligent front-end but of late, NonStop has taken on greater workloads, formerly the task of central systems including traditional mainframes. As such and with the compute power available today, there are those patiently watching for any opportunity to compromise the machine or the software that controls it. However, distance hasn’t meant any reduction in system or operational management responsibilities. One important consideration? Separation of responsibilities is no longer a nice-to-have but should be considered at every level of interaction with NonStop!
Clearly separation of duty can be seen present in ETI-NET products such as BackBox / QoreStor where the backup and protection of data is the objective and where ensuring these backups remain uncontaminated is a priority. However, separation of duties with associated responsibilities with BackBox / QoreStor is just one example of the steps taken by ETI-NET where ultimately there comes a need to be able to restore system state together with data as rapidly as it is possible.
“The ETI-NET product portfolio has and will continue to provides a number of solutions aimed at helping management realize digital resilience through “security and restoration”. With BackBox and QoreStor, NonStop customers can secure data before it leaves the VTC, support multiple levels of separation of duty, as well as achieve compliance standards through independent 3rd Party Data Immutability Compliance Assessment.” said Mike Mitsch. “With MultiBatch the ability to enhance nonstop job dependencies while providing a controlled environment for NonStop admin to ensure operators are presented an operational environment that ensures role-based security.”
“Government regulators, legislatures and insurers are taking a much more active role in understanding IT security operations within organizations.” said Mike Mitsch in the latest ETI-NET article published in The Connection. “This is creating an environment where ETI-NET can assist. The need to validate the protection of their backup data and to do so cost effectively may not be the first thing that comes to mind and yet, without an effective strategy in place, companies and governments can be left vulnerable to the actions of an increasingly sophisticated group of bad actors.” Compliance reporting is no longer a check-box item but rather has become central to how enterprise executives together with key shareholders ensure that their enterprise has taken all necessary measures to ensure reliability in the face of hostile advances.
With the latest release of Sentinel, the new Data Storage Service, serves as a record for forensics experts to analyze NonStop behavior as well as the ability to monitor and drill down into the rest of the ETI-NET product suite such as BackBox and QoreStor. Through this integration as well as the ability to add other applications, Sentinel provides the critical information required to resolve problems more quickly.
ETI-NET is a Platinum Sponsor at NonStop TBC 2024 in Monterey. As the major annual event for the global NonStop community, it is the place to hear from the NonStop eco-system updates to product roadmaps, customer use cases and deep dives into feature sets. For 2024, there is a growing sense of urgency to know more about the protection that can be provided by these vendors and ETI-NET is offering a suite of products dedicated to providing such protection, and will be presented as follows:
- Technical: Protecting and Modernizing HPE NonStop Backup Data and Applications
This session will delve into the latest ransomware attack vectors and strategies to bolster the security of HPE NonStop backup data against these threats. We’ll provide an overview of backup storage types, define levels of data immutability, and explore how immutability aligns with specific compliance standards like the European Union’s DORA. Additionally, we’ll discuss best practices for implementing immutability on NonStop, including a reference architecture, roles and responsibilities (including separation of duties), and an implementation timeline.
- Vendor: NonStop Product Family and Alliance Update with latest customer success stories
This session will delve into ETI-NET’s NonStop product family roadmap, key new alliances, and latest use cases. The session will provide a feature update on each product (BackBox/QoreStor, MultiBatch, Sentinel, C-Deep and MQ), will talk how new key alliances are making it easier for NonStop customers to modernize while implementing digital resilience and utilizing the ETI-NET’s products in various new use cases.
Protection. Planning. Practice. Perhaps most of all, being cognizant of the Patience of those determined to penetrate even the strongest of defenses. Establishing immutable storage silos; ever watchful of internal as well as resources including staff and services providers. Implementing mandates and establishing dedicated test and QA sites disconnected from production systems. It’s all part of a persistent and repeatable approach to ensuring there’s no compromising of data and processes and if you would like to learn more about the ETI-NET product portfolio and would like to reach out to ETI-NET prior to the NonStop TBC 2024 Conference, you can always reach us through the use of the contact information, below.
Web – http://etinet.com
Phone – (514) 395 1200