Who Else Will Find Value in Your Data?




“When someone steals another’s clothes, we call them a thief.
Should we not give the same name to one who could clothe the naked and does not?
The bread in your cupboard belongs to the hungry;
the coat unused in your closet belongs to the one who needs it;
the shoes rotting in your closet belong to the one who has no shoes;
the money you hoard up belongs to the poor.”
– Basil the Great

Mark Stempeck’s latest Harvard Business Review (HBR) Blog Sharing Data Is a Form of Corporate Philanthropy got me thinking about data in yet another dimension.

For the past year or so, Guy Churchward, Stephen Manley and I have been focused on helping businesses change the way they think about data — the value they assign to it; the processes they use to better manage, access and protect it; the way they leverage it to support and develop lines of business, etc.

And I think we’ve done a pretty good job, painting the business and technology picture today as well as 10 years out. But one thing we haven’t talked much about is sharing data – that is, in the altruistic sense of the word. Continue reading

Heidi Biggar

Heidi Biggar

Marketing and IT Consultant, Data Protection and Availability Division at EMC Corporation
I’m often asked how a political science major at Tufts wound up in the IT world, covering backup, storage, virtualization and cloud of all things. Truth is, it’s really a love for learning, a need to understand the “bigger picture” and a desire to share that view with others that’s steered my path over the past 20 years, from campaign manager to editor, analyst and marketer. After hours, you’ll find me hanging with family, running 10ks through Peachtree City’s 90 miles of cart paths, watching football or reading. I’m a New England transplant enjoying life in the South. In my previous life, I also blogged for ComputerWorld, Enterprise Strategy Group and Hitachi Data Systems, but The Backup Window is my baby. It's been great watching it evolve.

Whether You Know It Or Not, You Are In The Data Business

Our daily jaunt on the Internet has become second nature and our mobile devices have become our BFFs. We may not give it a second thought, but through this technology we are producing a steady stream of digital exhaust, resulting in a “Big Bang” on the data universe.

This very large data footprint we’re producing has created a new responsibility for every IT department; they are tasked with protecting any and all data for their company. Not only do they need to protect that data, they might also need to recover that data at a moments notice. IT professionals are challenged with increasingly stringent regulatory requirements and business initiatives that demand higher service levels, longer online retention times, and higher levels of data protection. No matter how savvy you are…it can be a daunting task to address these needs.

During my conversations with customers, I have found there are many companies that still struggle to optimize IT functions and arm employees with technology that drives productivity and innovation across the organization.

I recently read an IDC report titled ‘Worldwide CIO Agenda 2014 Top 10 Predictions’, this report paints a picture of the challenges CIOs will face in the next two to four years. It also discusses the opportunities that CIOs have to evolve in their primary role. One prediction caught my eye — “80% of the IT budget will be based on providing service integration for a broad portfolio of internally and externally sourced IT and business services”.

Organizations are looking outside the walls of their data center and embracing the cloud and external service providers.

Our next customer in the data protection podcast series, Cincinnati Bell Technology Solutions (CBTS) provides a complete suite of end-to-end IT solutions, offering a wide range of information technology systems and services.

Bill Ehrman from CBTS discusses how CBTS got into the business of offering Infrastructure as a Service, Backup as a Service, Storage as a Service and many other services and how they built-out their infrastructure.

Listen to the podcast.

Lisa Matzdorff

Lisa Matzdorff

Voice of Customer, Data Protection and Availability Division
I have a passion for listening, more specifically, listening to customers share their IT stories, their experiences, their successes! Over the past 7 years in the role of customer reference manager and customer advocacy manager, I’ve had the pleasure of listen to amazing stories and meeting some very interesting people. The one thing that makes my job even better…I get to share those stories. When I’m not working, I’m volunteering with foster children, running 5K fun runs, playing fashion consultant “What Not To Wear” style, traveling, and watching reality t.v

No More Fishing For Data Protection In The Isilon Data Lake


It’s been almost 2 weeks since our announcement about the latest OneFS release and our support of the new capabilities for data protection with Isilon.  The response from new prospects and existing customers has been tremendous.  I wanted to recap what was announced and the improvements you can expect with these exciting new platforms and integration features.

Today’s enterprise customers demand storage infrastructures that provide the scale, performance, and ease-of-use Isilon products are known for.  Whether the need is a Data Lake for Big Data applications or simply providing the most cost-effective NAS platform for storing files, Isilon delivers new capabilities to extend its lead in the new mobile, agile world.  Release 7.1.1 of OneFS adds more capabilities to enhance Data Protection of Isilon as well.

EMC Avamar and NetWorker exploit these new features to deliver faster, more manageable backups.

Watch Alex Almeida discuss the benefits of these new Isilon features coupled with the Data Protection backup products

NDMP Acceleration

Provides the industry’s only NDMP multi-streaming backup with deduplicated daily level-1 backups built into daily full backups in a fraction of the time compared to traditional solutions. With OneFS release 7.1.1 integration, Avamar leverages OneFS’ ability to identify daily changes faster than walking the file system. This provides up to a 3x faster backup.  You can read more about this in this blog post.

Centralized snapshot management and recovery

Management of snapshots and related policies is simple with NetWorker Snapshot Management. The NetWorker Management Console (NMC) provides a single pane of glass for data protection administration of snapshots and backup including snapshot creation and replication, policy-based retention, rollover to protection storage, monitoring and reporting for both file and block-based storage. NetWorker uniquely discovers snapshots already created by the storage administrator and adds them to the centralized catalog along with those created using NetWorker, enabling a universal view of snapshots in the environment. These snapshots can be rolled over to protection storage, used for recovery, and are included in reporting.  A wizard simplifies configuration of snapshots and backups, alleviating the backup administrator from compulsory in-depth knowledge of the storage device.

Recovering from a snapshot is also quite simple using the Recovery UI within the NMC.  Data recovery can also be granular, enabling storage administrators to recover entire volumes or individual files.

Performance and Scalability

Data Domain systems offer the performance and scalability necessary to handle big data workloads.  Isilon scale-out NAS storage allows for massive data growth and offers industry-leading performance.  Big datasets stored on Isilon require fast, efficient, and scalable data protection.  Data Domain systems are highly scalable protection storage with deduplication technology that reduces storage requirements by 10 to 30x.  With throughput of up to 31 TB/hr, Data Domain enables more backups to complete sooner reducing pressure on limited backup windows. In addition, the Data Domain Data Invulnerability Architecture provides the industry’s best defense against data integrity issues ensuring data is recoverable and accessible.

As you can see, the Data Protection products are delivering real value for our customers leveraging Isilon and the rest of the EMC platforms.  Read about just one example, Trek Bicycles, and how they transformed their Data Protection and business intelligence with Avamar, Data Domain, and Isilon.

J. P. Corriveau
As a software and technology geek, I enjoy discussing and debating the current and future plans for enterprise and personal computing. I have had lots of different roles in customers large and small. Since moving to the vendor side, I have had roles in Sales, PreSales, Marketing, Professional Services, and Product Development. In my current role, I will continue to share my views on the enterprise computing and data protection market.

Data protection for VMAX3: High Performance Data Protection for Your High Performance Storage

1EMC has once again as raised the bar on storage leadership with the announcement of the new VMAX3.  Much more than primary storage, VMAX3 is an Enterprise storage services platform, designed to enable I/T to control where to best run specific workloads, whether in the data center or the cloud. With VMAX3, IT can manage Storage-as-a Service through predictable service levels at hybrid cloud scale. Continue reading

Paul Scheuer
I like to be known as "Mr. Enterprise Storage Protector" writing, blogging and presenting to the world an ever-changing, always improving product story for enterprise storage (Mainframe) data protection and archiving. You won't ever hear or see me use the words "sexy" when describing our products (that's another story), but you will see that I am passionate about the ability to protect the crown jewels of corporate data. I consider enterprise (aka mainframe) data protection the guardian of insuring that the world doesn't "grind to a halt" as mainframes make airline transactions, stock trades, ATM transactions and many other things critical to our daily existence on the planet. I come to EMC via IBM where I spent more the two decades in storage as a developer and marketer of storage, even competing head-to-head with the products I now grow (yet another story). I call the Tucson Arizona desert home, where I like to sun & swim outside my office door. When I'm not outdoors, in front of customers or sales teams, you'll find me playing and listening to Jazz piano or guitar.

The Right Ingredients For Staying Ahead of The Bad Guys


One of the common threads you hear about in major data breaches these days is that the victim’s security team had alerts or events that should have clued them into the fact an attack was underway. In today’s complex security infrastructures it’s not unusual to have security operators/analysts receiving tens of thousands of alerts per day! Security monitoring and incident response need to transition from a basic rules-driven eyes-on-glass SIEM capability to a big data and data science solution. I frequently speak with customers about how IT Security needs to be able to handle a lot more information than current SIEM tools can support, and one question that always comes up is “what information needs to be collected and why?”, so here we go.

To start with you still need to collect all of those alerts and events from your existing security tools. While maintaining eyes-on-glass analysis of each individual alert from every tool isn’t feasible, a security analytics tool can analyze and correlate those events into a group of related activities that can help an analyst understand the potential impact of a sequence of related events instead of having to slice and dice the events manually.

The second type of information is infrastructure context – what’s in the environment, how’s it’s configured, how it’s all related and what is its impact? The analytics system needs to understand what applications are running on what servers connected to which network and what storage. By having access to these relationships the analytics tool can identify the broad-based impact of an attack on a file server by understanding all of the applications that access that file server and weight the alert accordingly. Which brings up another critical point – assets need to be classified based on their potential impact to the organization (aka security classification). If the tool identifies suspicious sequences of activity on both a SharePoint site used to exchange recipes and an Oracle database containing credit card numbers but doesn’t understand the relative value of each impacted asset it can only present both alerts as being of equal impact and let the operator decide which one to handle first. So a consolidated, accurate, up-to-date and classified system of record view your environment is critical.

Events event logs from all of those infrastructure components are the 3rd type of information; not just security events but ‘normal’ activities events as well. This means all possible event logs from operating systems, databases, applications, storage arrays, etc. Given that targeted attacks today can almost always succeed in getting into your infrastructure, these logs can help the analytics tool identify suspicious types of activities that may be occurring inside your infrastructure, even if the events don’t fall into the traditional bucket of security events. Here’s an example – a storage administrator makes an unscheduled snapshot of a LUN containing a database with sensitive data on a storage array, then mounts it on an unsecured server and proceeds to dump the contents of the LUN onto a USB device. The storage array logs show that someone made an unauthorized complete copy of all of your sensitive data, but if you weren’t collecting and analyzing the logs from that storage array you would never know it happened.

The fourth type of information a security analytics tool needs is threat intelligence – what are the bad guys doing in the world outside of your environment. A comprehensive threat intelligence feed into the security analytics tool will allow it to identify attempted communications with known command and control systems or drop sites, new attack tools and techniques, recently identified zero-day vulnerabilities, compromised identities and a host of other information that is potentially relevant. A subscription-based solution is a great solution to this.

The final type of information an analytics tool needs are network packets. Being able to identify a sequence of events that points to an infected server is only the first step – the analyst then needs to determine when the infection occurred and go back and replay the network session that initiated the infection to identify exactly what happened. Think in terms of a crime investigation – with a lot of effort and time the CSIs may be able to partially piece together what occurred based on individual clues, but being able to view a detailed replay of the network activities that led up to the infection is like having a complete video recording of the crime while it happened. Again the goal is to provide the analyst and incident responder with complete information when the alert is raised instead of the having to spend hours manually digging for individual bits.

The volume of information and amount of effort necessary to quickly identify and respond to security incidents in today’s environment is huge, which is why big-data and data science-based tools are absolutely critical to staying ahead of the bad guys.


John McDonald
John McDonald is a Senior Architect in EMC's Trust Solutions Group, where he is responsible for developing and communicating trust-based solutions that encompass all of EMC's, RSA's and VMware's products. He has over 30 years of experience in the IT industry in general and IT Security in particular, and has worked extensively as a consultant, developer and evangelist across all industries and virtually all major areas of IT and security technology. He has spoken at dozens of industry and vendor IT and Security events, and has written over 20 whitepapers for EMC and RSA. John is also a CISSP and has held certifications in several other areas, including disaster recovery, Microsoft technology and project management.