Create a physical air-gap without using tape using portable disk (Restore it All Podcast #97)

Darren McBride, CEO of Highly Reliable Systems (http://high-rely.com/ ) joins us on this podcast to talk about their product, which he says is designed for SMBs to get reliable offsite backup without using tape or an Internet connection. They have purpose-built appliances that support mirroring, but with removable disks. This product has been on the market for almost twenty years, but is having a surge in demand due to the desire by many companies to have an air-gapped backup for ransomware protection purposes.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

Ransomware Victim Tells HIs Story (Restore it All Podcast #96)

In May of 2020, Tony Mendoza of Spectra Logic found out his company had been attacked by ransomware. Hear his harrowing tale of how long it took just to get the data center ready for a restore, and then the various tools they used to bring things back online. He did not want to pay that ransom! Spectra Logic is actually a tape vendor, so Tony has a unique viewpoint. We thank him so much for being so candid about his experience. You will learn a lot.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

Bacula: Sucking the Vital Essence from your computers (Restore it All Podcast #95)

Rob Morrison joins us from Bacula Systems, the commercial arm of the open-source backup product, Bacula. It’s tagline is that it roams the datacenter at night and sucks the vital essence from your computers. Bacula Systems has come a long way since I first saw them years ago. Check out what they’re been up to.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

Back in my day, backups were really hard (Restore it All Podcast #94)

This week’s episode is dedicated to my friend Jim Bougor, who passed on this week. Jim, this week’s guest (Darryl Baker), and I all worked at Collective Technologies back in the day. Darryl comes with over 30 years of backup and IT experience, and he and I walk down memory lane about the way things used to be with backups.

Apropos for women’s history month, we also talk about Grace Hopper and Ada Lovelace a little bit. The Grace Hopper speech Darryl references can be seen here: https://www.youtube.com/watch?v=9eyFDBPk4Yw&ab_channel=funbury

We talk about all sorts of tape drives from the old days including: 9-track, VHS, QIC-180, 8mm, AIT, 4mm, TK-70s, DLTs, and LTOs. We discuss the concept of coercivity and how that relates to magnetic media. We also discuss the difference between helical scan and linear tape drives, and Darryl’s theory as to why helical scan disappeared.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

Is your data safe with cheap “prosumer” backup services?

I read a blog post yesterday written by Chris Colotti that described a scenario that sounds horrible:  a backup service deleting a customer’s data with little to no notice.

A few disclaimers: Chris makes it perfectly clear he is speaking on behalf of himself & his wife’s business – not his employer, Cohesity. Cohesity and Spanning (the company who deleted his data) are competitors (in certain markets) of my employer, Druva.  Druva does not compete with Spanning in the “prosumer” space.

The following is a summary of what Chris described in his blog post:

He was using Spanning to back up his personal data and the data from his wife’s small business.  Unbeknownst to him, he crossed over into what Spanning referred to as “excessive usage.” According to their EULA, “it is Excessive Use if at any time the cost of Licensee’s Users’ storage consumption far exceeds the Fees for the Services as calculated by Spanning.”

He didn’t see the single email they sent him in October about this problem, mainly because it looked like all the user messages he got from them about backup success, etc. There was no scary subject line or anything else to make it stand out.  So he never saw it. In November they cancelled his account and deleted (“reaped” was the word they used) 36TB of his backups with no additional notification other than that one email.  This is despite him renewing his contract in between the notice (that he didn’t see) and when the data was deleted.  He didn’t even realize this had happened until he went to try to use the service to restore something – in February.  That’s when he found out his account had been cancelled in November.

A few observations

There aren’t any limits, but there is a limit.  The limit is when we deem you are no longer profitable to us.  You, of course, won’t have any idea what that limit is, but we reserve the right to delete your data when that happens.  That’s the weirdest limit I’ve ever heard of. Completely arbitrary and not trackable by the customer.

One email before complete deletion?  With no scary subject line?  Really? I would think that if you were going to fire a customer for being non-profitable, you would send them many, many emails – even a phone call or two – before you decide to deactivate their account and delete their data. There wasn’t even an email that says “Account deactivated/Deleted/Reaped/whatever? ” I think if he had found out when this actually happened in November, he might have been able to get his data back.  But he didn’t actually find out until February. As Chris mentions in his post, have you ever had a GoDaddy domain and see what happens if it’s about to expire?  Man, do they email you.

They took his renewal money after he was put in the penalty box, and still said nothing.  To me, that’s the worst part of the story.  It reminds me of something that happened to me years ago, but more on that later.

Even though this isn’t the point of the post, I will say that my employer, Druva, offers both per-user pricing and per-GB pricing.  Any capacity limits on a per-user account are clearly spelled out in the contract.  A customer that goes over those limits would receive far more notification than a single email, which would include phone calls, etc.  Our long-term hope would be that we would rectify the situation and keep them as a customer.  The idea of simply deleting a customer’s backup data after a single email – regardless how egregious the violation – is simply unconscionable.

Spanning still advertises services at $4/mth for “unlimited storage of all your G-Suite data.” It then again says “Unlimited storage” and “Unlimited versions.”  There is no asterisk w/a disclaimer.  Clearly it is not unlimited, but they say it is.  It sure looks like false advertising to me.

Are cheap prosumer backup services safe?

Most of the services like this that I’ve tried are gone.  Mozy, Carbonite, & Crashplan have all abandoned their cheap offerings like this, sometimes with as little notice as Chris got. Ten years ago Mozy significantly hiked their pricing to make their service unattractive to data-hungry guys like Chris.  And they gave you 30 days to get out.  I gave them a ration for that back in the day.  It was the same kind of nonsense that happened to Chris.  30 days is simply not enough time to move any significant amount of data to a new service over consumer-grade Internet.

I also remember when Mozy didn’t run for an entire year on my laptop, while they continued to charge my CC.  No error messages, no nothing.  Just bills. How much customer service do you think you’re going to get for $4/mth?  Talk bout a small fish in a small pond.

ibackup is still around, but they’re charging enough money to make money.  They would have charged Chris ~$700/mth for 36 TB.  I don’t see anything wrong with that kind of service.  What I’m wondering about are these $4-5/mth “unlimited” services.

Chris was grandfathered in on that $4 pricing. Are there still services out there that still offer this kind of pricing?  Are they unlimited or “unlimited?”  Do you feel safe keeping your important data there?

My personal opinion is that it’d be a fine place to put a backup.  But I would not want it to be the only backup. That’s my opinion and I’m sticking to it.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.

Distributed Ledger (e.g. BlockChain) expert explains how to use it for security (Restore it All Podcast #93)

Chainkit Founder & CEO Val Bercovici returns to the podcast to build on what we learned last week. This week we talk about how distributed ledger technology (such as the one in BlockChain, but there are others), can be used to increase security. We talk about the SolarWinds hack and how that could have been prevented using such technology.

----- Signature and Disclaimer -----

Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technical Evangelist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.