CACTUS IT

News

Using Redstor Instant Data to recover your Windows 2012R2 Server after a disaster

by

Disaster recovery is critical for business continuity, we all know that. But, how often is your strategy tested? In the video below, I demonstrate the backup and recovery of a Windows Server 2012R2 virtual machine using Cactus IT infrastructure powered by Redstor Backup Pro ESE software.

Redstor Backup Pro ESE (enterprise server edition) includes the “Full System Backup” feature that allows the software to take a complete backup of the server and all of its contents. This backup is sent to our cloud infrastructure where it is encrypted and replicated to a second secure location.

The restore process is very flexible and can be at a file and folder level, application level or complete Server level. This is done using Redstor’s Instant Data feature that runs as a separate application and does not require the full backup software to recover your server. It is easy to use and optimised for Cloud Backup.

I demonstrate a full Server recovery to Microsoft Hyper-V infrastructure that quickly recovers the server as a virtual machine. The complete process from starting the restore to logging onto the recovered virtual machine takes around 30 minutes. The download of the virtual hard drive took me around 25 minutes over my fibre ADSL connection, the solution is very flexible and there are also options to recover your data from a high speed local (LAN based) backup.

Cactus IT are available to design, install, test and maintain your backups with our hosted infrastructure and centrally managed, automated, cloud backup software.

Please contact us if you would like any advice or assistance.

Hackers Threaten To Remote Wipe Millions Of iPhones- Cactus IT has some advice

by

statement after receiving a demand for ransom from a group calling itself “Turkish Crime Family”. The $75 000 cryptocurrency (like Bitcoin) needs to be paid by Apple before the groups deadline of the 7th of April. The group claims to have access to nearly 600 million Apple email and iCloud accounts. Having this information could not only give them access to data, but they are threatening to remote wipe millions of iPhone’s.

Apple have responded to say

The News/Media website “Motherboard” contacted Apple who responded in an email:

There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.
We’re actively monitoring to prevent unauthorised access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”

So no breach at Apple, but an admission that account information may have been obtained from other sources.

Cactus IT recommends you take the following action

Passwords: At the very least, you should review your current password for your Apple account to make sure it is secure and not used across multiple sites. Take a look at our previous Blog for help and advice with that.

Two-factor authentication: This is where you still use your secure Apple password, but have another layer of security to ensure that you are the only person with access to your account. Take a look at this article from Apple for instructions on setting that up.

Password policy “U-Turn” for 2017

by

What we know

If you are in business, you will have looked to your IT department for help and advice on passwords. After all, your password is the key to your digital life and with it comes all of the intellectual property, documentation and wealth that you have accumulated over the years.

It is true to say that long, complicated passwords like “jv[G&)A#V7Py” are the safest to use and take the longest amount of time to crack. That is why your IT team recommend that you use these types of passwords, they have covered themselves by passing on this advice.

Whats the problem?

How on earth are we supposed to remember these ridiculously long and complicated passwords?

This has resulted in a trend where we are using predictable, everyday words like “football” and making a few obvious changes to turn them into a “compliant” password like “F00tbal!”. It’s easy to remember this password and it meets the requirements set out by my IT department… so it must be safe?

WRONG! The reason why this is not secure is because it is predictable. Substituting numbers or characters for common letters is a common trend that hackers are well aware of.

How can I fix this problem?

As we wait for the mainstream arrival of Biometric methods of authentication along with the wider adoption of Multi-factor authentication or Single sign-on, there is an another way of creating secure passwords that we can actually remember.

We should be adopting passwords that are random, long and complicated… but easy for US to remember and adapt for multiple uses.
Sentences like this one that includes an emoji and punctuation “My first postcode was LS29 ABC, on 201 Fake Street :-)”
• or passphrases like “Rainbow shoes Computer marmite” with four or more words that are completely unrelated so as not to form a sentence

Try not to use the same passphrase or sentence multiple times, rather adapt it slightly to suite the use- “Rainbow shoes Computer marmite” for your PC, “Rainbow shoes Bank marmite” for your online account.

I would also suggest using a password manager like https://www.dashlane.com that can help maintain that ever increasing list of digital identities that more and more of us seem to be collecting. It has it’s limitations and while it can very easily create secure random passwords for you, they are almost impossible to remember and so not always practical.

As I work in IT….. and this is a document on advice for a secure password policy, I reserve the right to update this article at anytime and do another “U-Turn”!

Credit to XKCD for the image

What is ransomware and how can I protect my data?

by

Ransomware is malicious computer code that has been written in order to illegally elicit money from unsuspecting victims. The code is normally delivered by one of the following methods and infects the computer, network or data:

  • Misleading and well disguised SPAM emails lead you to click on a link or open an attachment that infects your computer
  • Infected removable USB drives or USB pens automatically install the virus when they are connected to a PC
  • By other malicious software that delivers the ransomware attache, this is also referred to as an attack by Trojan Horse
  • Compromised websites that may be unknowingly infected with code that distributed the ransomware

What steps can you take to mitigate an infection:

  • Prevention: network firewall and internet traffic filters can prevent access to malicious websites
  • Protection: endpoint security software configured to block PC attacks and suspicious program activities
  • Backup: automated daily off-site backups are the only way to guarantee recovery

At Cactus IT, we are aligned with the right technology partners to help you prevent, protect and recover from ransomware attacks. We are here to give advice and recommend any action required to protect your business in this new era of cyber crime.

There are a growing number of free resources available now to help combat and recover data from infections, most notably is the website NoMoreRansom that is run by the National High Tech Crime Unit of the Netherlands’ police in collaboration with Europol’s European Cybercrime Centre.

For more information, please call us on 01943 666 711 or contact us via the support utility on our home page.

What is Server Virtualisation……. and why should I care?

by

Definition: A Virtual Server is an instance of a Computer Operating System running within a container on Simulated Hardware.

Server virtualisation hides direct physical access to the host computers hardware and instead, makes available an abstract layer that shares the hardware access amongst all of the guest Operating Systems. This allows you to install multiple, isolated “guest” operating systems on a single physical “host” server with the host server’s resources (like CPU, Memory, Networking, Disk, etc.) allocated out to the guest servers as Simulated Hardware.

Server virtualisation

Although this technology has been around for many decades, is has not been until relatively recently that it has been adopted for mainstream use in business. Gartner has reported that around 80% of x86 Server workloads are now virtualised (ref: Gartner), with both Microsoft’s Hyper-V and VMware being in the “Magic Quadrant” (ref: Gartner) of technology that are leading in both vision and execution.

My 5 top reasons to implement server virtualisation:

  1. Cost savings
    • Lower energy consumption of a single server compared to multiple servers
    • Fewer physical servers means less hardware maintenance and support costs
    • Less downtime with virtualisation unlocking high availability and failover technologies
  2. More efficient hardware utilisation
    • Allocate resources to each individual virtual server as required
    • Over allocate resources like memory to allow servers to access more resource during peak usage
    • Dynamically expand or shrink virtual hard drive sizes as needed without re-booting the server
  3. Hardware independent (no vendor lock-in), flexible provisioning
    • Virtual servers are not dependant on specific hardware drivers, so upgrades and server migrations are easier to implement
    • Server can be provisioned very quickly without having to install a complex list of hardware and software drivers
    • P2V (physical to virtual) migrations make hardware upgrades easier, faster and less risky
    • Host server upgrades can be done with zero downtime using live migration
  4. Easier to backup and for DR (disaster recovery)
    • Backups (and restores) run more efficiently with fast server resources
    • An identical set of hardware is not required for Disaster Recovery
    • Restore and DR testing is easier
  5. Faster server provisioning
    • Server virtualisation allows for elastic capacity, making it much easier to allocate additional resources to a server when needed
    • You can quickly clone a golden image or master template to get a server up and running in minutes
    • Easily create and add an isolated virtual network for DR testing or virtual machine isolation

If you haven’t been introduced to virtualisation yet, then you should start taking advantage of the benefits that aren’t possible or available in the physical server world.

If you would like to find out more:

Please contact us on 01943 666 711 or email bevan@cactus-it.co.uk and find out what makes us different.

Ransom-ware virus outbreak

by

Ransom-ware virus outbreak

With the recent wave of ransom-ware virus infections, mainly in the form of the “Locky” virus, I wanted to offer some helpful advice on how to avoid becoming the next victim!

It’s a nasty piece of work and causes massive disruption to businesses every day in the UK and around the world.

What does it look like?

  • This virus is normally delivered by email
  • The email looks legitimate
  • There is an attachment in word or excel format

If you open the attachment, you may already be infected, or you may be prompted to “enable macros”!

ransom-ware

Credit to @NakedSecurity for the image above

How to protect yourself?

  • Backup your data regularly and keep a copy off-site
    • USB backups left attached to your PC or Server can easily be infected with the Locky virus
  • Don’t enable macros in documents received by email
  • Ensure you regularly run Windows and Virus Protection updates
  • Be suspicious of email attachments