This document discusses different tape rotation schemes for backing up data to tape drives. It describes the Grandfather-Father-Son (GFS), Tower of Hanoi, and Round Robin rotation methods. GFS uses daily, weekly, and monthly tapes to provide backups for up to a year. Tower of Hanoi uses a mathematical approach to optimize retention periods. Round Robin is the simplest but does not support long-term retention. The document recommends GFS for medium organizations and notes any backup system requires maintenance and testing.
ControlCase discusses the following:
•About the cloud
•About PCI DSS
•PCI DSS in the cloud
•How to keep sensitive data secure as you move to the cloud
•Q&A
This document provides an overview of ISO 27001 and information security. It begins with defining what information is and its lifecycle. Next, it defines information security, risks, threats, and vulnerabilities. It then introduces ISO 27001 as the leading international standard for information security management systems and describes the components of an ISMS. Key aspects of ISO 27001 such as its requirements, annexes, and history are summarized. Finally, the document outlines user responsibilities for maintaining information security.
The latest Cybsersecurity Framework (Version 1) has been released by NIST(USA) and I have taken the key features of this critical Framework on Cybersecurity and converted into Mindmap for ease of readers.Please share your comments at my Email Id: Wajahat_Iqbal@Yahoo.com.Thank You
Note: The Source of Information are the Internet repositories and the Author does not take any responsibility for any Errors
Mission (Not) Impossible: Applying NIST 800-53 High Impact-Controls on AWS fo...Amazon Web Services
The document discusses applying the NIST 800-53 high impact controls on AWS for GDPR compliance. It describes how AWS and third-party security tools like Trend Micro can help customers automate compliance with these controls by leveraging AWS services for identity and access management, logging, networking, and security tools for intrusion prevention, firewalls, and more. An AWS CloudFormation template called the Enterprise Accelerator provides an automated reference deployment of Trend Micro with AWS to help customers meet key NIST controls and simplify GDPR compliance efforts.
ตัวอย่าง ISO 27001:2013 Project Master Plan
ใช้เป็นแนวทางในการจัดทำแผนงานจัดทำระบบ ISO 27001-2013
ข้อมูลเพิ่มเติมอื่นๆ www.club27001.com - Blog for IT Security Professional
The webinar covers:
1- Build a business case to implement ISO27001
- Who are stakeholders?
- Who is project executive sponsor?
- Incentives to implement? Is BOD in support? Industry /market pressures?
- History (previous attempts/audits/issues/implications if failed)
- Consultant selection
- Cost and budgetary constraints.
- Resources constraints
2- Costs of not implementing ISO 27001
3- Wrap-up
Presenter:
The webinar was presented from PECB Partner and Trainer Mr. Mohamad Khachab who has 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities.
Link of the recorded session published on YouTube: https://youtu.be/6kBp3SxKDP8
Cortex secures the future by reinventing security operations through its unique approach. Cortex breaks down data and product silos by gaining enterprise-scale visibility across network, endpoint, and cloud data using its Cortex XDR platform. Cortex XDR improves prevention, detection, and response capabilities. Demisto automates security processes and orchestrates responses through playbooks with its many product integrations.
Federal Risk and Authorization Management Program (FedRAMP)GovCloud Network
The document discusses the Federal Risk and Authorization Management Program (FedRAMP), which is a multi-agency initiative to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP aims to eliminate duplication of effort, establish consistent security standards, and improve security for shared IT systems across government agencies. The National Institute of Standards and Technology (NIST) provides technical guidance to help define the FedRAMP risk management processes and frameworks.
ControlCase discusses the following:
•About the cloud
•About PCI DSS
•PCI DSS in the cloud
•How to keep sensitive data secure as you move to the cloud
•Q&A
This document provides an overview of ISO 27001 and information security. It begins with defining what information is and its lifecycle. Next, it defines information security, risks, threats, and vulnerabilities. It then introduces ISO 27001 as the leading international standard for information security management systems and describes the components of an ISMS. Key aspects of ISO 27001 such as its requirements, annexes, and history are summarized. Finally, the document outlines user responsibilities for maintaining information security.
The latest Cybsersecurity Framework (Version 1) has been released by NIST(USA) and I have taken the key features of this critical Framework on Cybersecurity and converted into Mindmap for ease of readers.Please share your comments at my Email Id: Wajahat_Iqbal@Yahoo.com.Thank You
Note: The Source of Information are the Internet repositories and the Author does not take any responsibility for any Errors
Mission (Not) Impossible: Applying NIST 800-53 High Impact-Controls on AWS fo...Amazon Web Services
The document discusses applying the NIST 800-53 high impact controls on AWS for GDPR compliance. It describes how AWS and third-party security tools like Trend Micro can help customers automate compliance with these controls by leveraging AWS services for identity and access management, logging, networking, and security tools for intrusion prevention, firewalls, and more. An AWS CloudFormation template called the Enterprise Accelerator provides an automated reference deployment of Trend Micro with AWS to help customers meet key NIST controls and simplify GDPR compliance efforts.
ตัวอย่าง ISO 27001:2013 Project Master Plan
ใช้เป็นแนวทางในการจัดทำแผนงานจัดทำระบบ ISO 27001-2013
ข้อมูลเพิ่มเติมอื่นๆ www.club27001.com - Blog for IT Security Professional
The webinar covers:
1- Build a business case to implement ISO27001
- Who are stakeholders?
- Who is project executive sponsor?
- Incentives to implement? Is BOD in support? Industry /market pressures?
- History (previous attempts/audits/issues/implications if failed)
- Consultant selection
- Cost and budgetary constraints.
- Resources constraints
2- Costs of not implementing ISO 27001
3- Wrap-up
Presenter:
The webinar was presented from PECB Partner and Trainer Mr. Mohamad Khachab who has 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities.
Link of the recorded session published on YouTube: https://youtu.be/6kBp3SxKDP8
Cortex secures the future by reinventing security operations through its unique approach. Cortex breaks down data and product silos by gaining enterprise-scale visibility across network, endpoint, and cloud data using its Cortex XDR platform. Cortex XDR improves prevention, detection, and response capabilities. Demisto automates security processes and orchestrates responses through playbooks with its many product integrations.
Federal Risk and Authorization Management Program (FedRAMP)GovCloud Network
The document discusses the Federal Risk and Authorization Management Program (FedRAMP), which is a multi-agency initiative to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP aims to eliminate duplication of effort, establish consistent security standards, and improve security for shared IT systems across government agencies. The National Institute of Standards and Technology (NIST) provides technical guidance to help define the FedRAMP risk management processes and frameworks.
The document introduces Check Point's Quantum SD-WAN solution, which embeds an SD-WAN software blade into Check Point Quantum Gateways. This provides optimized and secure connectivity for branch offices while lowering costs compared to traditional MPLS networks. The SD-WAN blade offers capabilities like sub-second failover, steering of over 10,000 applications, and a complete SASE solution with consistent security policies across networks. Case studies demonstrate how the solution provided superior security and fulfilled requirements for resilient connectivity and a single converged security and SD-WAN appliance.
Security Management is very complex and does not limit itself to products and technologies. It is important to consider alternatives when setting up a Security Operation Center (SOC), from insight into the business plan requirements, ability and the skill set of people who will handle the SOC, the responsibilities for the team, budget and more.
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Denise Tawwab
Denise Tawwab's presentation on "Understanding the NIST Risk Management Framework" given at the Techno Security & Digital Forensics Conference on June 3, 2019 in Myrtle Beach, SC.
This document provides an overview of security fundamentals including the CIA triad of confidentiality, integrity and availability. It discusses common security threats and countermeasures for each component. Additional concepts covered include identification, authentication, authorization, auditing, accountability, non-repudiation, data classification, roles in security management, due care/diligence, security policies, standards/guidelines, threat modeling and prioritization. The document is intended as a high-level introduction to fundamental security concepts.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
The document discusses several IT audit methodologies: CobiT, BS 7799, BSI, ITSEC, and Common Criteria. It provides an overview of each methodology, including their main uses, structures, and summaries. CobiT is used for IT audits and governance and has 4 domains and 34 processes. BS 7799 focuses on information security management and lists 109 security controls. BSI is the German IT baseline protection manual with 34 security modules. ITSEC and Common Criteria are evaluation criteria used for security certification.
ISO 27001 is an international information security standard that provides specifications for implementing an effective Information Security Management System (ISMS) through risk management and compliance with regulations like GDPR. SOC 2 is an assessment for technology companies developed by AICPA to protect customer data stored in the cloud and apply to any company using cloud storage. Both standards aim to implement security controls, policies, and procedures to protect valuable assets, but ISO 27001 provides a more comprehensive framework while SOC 2 focuses on verifying data protection controls. Implementing one or both can strengthen security posture, simplify compliance, and improve customer confidence.
The document discusses security best practices for AWS. It outlines AWS's shared responsibility model where AWS is responsible for security of the cloud and customers are responsible for security in the cloud. It describes AWS security services, controls for physical security, IT operations, access management, policies and governance, and change management. It also discusses AWS audits, compliance with regulations, and logging and monitoring tools.
Security Information and Event Management (SIEM)k33a
This document provides an overview of security information and event management (SIEM). It defines SIEM as software and services that combine security information management (SIM) and security event management (SEM). The key objectives of SIEM are to identify threats and breaches, collect audit logs for security and compliance, and conduct investigations. SIEM solutions centralize log collection, correlate events in real-time, generate reports, and provide log retention, forensics and compliance reporting capabilities. The document discusses typical SIEM features, architecture, deployment options, and reasons for SIEM implementation failures.
The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field.
https://www.infosectrain.com/courses/certified-ethical-hacker-ceh-training/
ITIL v3 Foundation covers core concepts of ITIL including services, service management, processes, functions, roles, and the service lifecycle. Key concepts include service strategy, service design, service transition, service operation, and continual service improvement. The document summarizes several ITIL processes related to service transition including change management, service asset and configuration management, and release and deployment management.
Introduction to NIST Cybersecurity FrameworkTuan Phan
This document provides an introduction to the NIST Cybersecurity Framework. It discusses the goals and key parts of the Framework, including the Framework Core with its functions, categories and subcategories. It also covers the Framework Profile and Implementation Tiers. The document then demonstrates how Trusted Integration's software maps to the Framework and can be used to assess an organization's cybersecurity activities.
This document provides an overview of information security management systems (ISMS) and the ISO/IEC 27001 standard. It discusses how ISMS establishes a top-down, risk-based approach to securely managing an organization's information assets. Key points covered include the business drivers for ISMS, the components of an effective ISMS based on ISO 27001, and the steps involved in implementing, certifying and maintaining an ISMS over time.
How to determine a proper scope selection based on ISO 27001?PECB
Meeting Clause 4 - Context of the Organization "generic" requirements of ISO 27001 in order to determine a proper Documented Scope statement that meets business requirements and gives value to products and/or services.
Main points that have been covered are:
• Interested Parties
• Interfaces & Dependencies
• Legal / Regulatory & Contractual Obligations (Risk of Non-Compliance)
• Documented Scope Statement (including locations within Scope)
Presenter:
Mr. David Anders has worked more than 20+ years in the risk management field managing a broad spectrum of consulting services and product solutions. David has worked in the consulting field for 16 years and is the founder / CEO of SecuraStar, LLC, a niche ISO 27001 consulting firm in the United States and founder / CEO of ISMS Manager Software, LLC.
Link of the recorded session published on YouTube: https://youtu.be/hSaAvKgAC2c
This document discusses cybersecurity threats such as malware, denial of service attacks, cybercrime, cyberterrorism, and cyberwarfare. It provides examples of cybercrime cases involving theft, data breaches, and attacks on banking systems. Cyberterrorism examples include France passing anti-terrorism laws and ISIS utilizing social media. Cyberwarfare case studies involve attacks on Iranian nuclear centers and websites. The document also discusses computer emergency response teams, cybersecurity legislation and policies, and Yemen's cyberwellness profile.
The document discusses the NIST Cybersecurity Framework. It defines key terms like information security, CIA triad, and cybersecurity. It explains that the NIST CSF provides guidance on cybersecurity risk management principles and best practices. It outlines the Framework Core, Implementation Tiers, and Profiles to help organizations manage cybersecurity risks in a cost-effective manner. The CSF can be used by organizations of any size or sector to understand and apply cybersecurity risk management.
1) OT cybersecurity requires taking a holistic view of plant risk that considers impacts beyond financials, such as safety, environmental and operational impacts. Assets should be classified according to risk so priorities can be set.
2) Knowing the assets in the OT environment is essential before strategies can be developed. New technologies can help with asset inventory.
3) OT cybersecurity responsibilities need to be clearly defined, which could include one or two CISO roles to oversee both IT and OT, with close collaboration.
Cloud computing and Cloud security fundamentalsViresh Suri
This document provides an overview of cloud computing fundamentals and cloud security. It defines cloud computing and describes the different cloud service models and deployment models. It discusses the benefits of cloud computing like elastic capacity and pay as you go models. It also covers some challenges of cloud like security, reliability and lack of standards. The document then focuses on cloud security, describing common security threats, key considerations like network security, access control and monitoring for public clouds. It provides examples of security services from AWS like CloudTrail, Config, Key Management and VPC.
This document discusses system backups and disaster recovery. It covers the importance of backups, different backup strategies and scheduling, and various backup devices. For strategies, it describes the volume/calendar method, grandfather/father/son method, and Tower of Hanoi method. For devices, it outlines tape-based options like cartridge tapes and optical disks, as well as newer technologies like linear tape-open and digital linear tape that provide high storage capacities.
8 considerations for evaluating disk based backup solutionsServium
This document discusses considerations for evaluating disk-based backup solutions and compares different approaches. It provides an example showing how data deduplication can significantly reduce disk storage needs for backups. The key points of evaluation are identified as backup performance, restore performance, deduplication approach, scalability, support for heterogeneous environments and backup application features, offsite data protection, and total cost of ownership. ExaGrid is presented as a disk-based backup solution that addresses these considerations through its use of post-process deduplication, which allows for the fastest backup performance and quick restores from the most recent full backup stored complete on disk.
The document introduces Check Point's Quantum SD-WAN solution, which embeds an SD-WAN software blade into Check Point Quantum Gateways. This provides optimized and secure connectivity for branch offices while lowering costs compared to traditional MPLS networks. The SD-WAN blade offers capabilities like sub-second failover, steering of over 10,000 applications, and a complete SASE solution with consistent security policies across networks. Case studies demonstrate how the solution provided superior security and fulfilled requirements for resilient connectivity and a single converged security and SD-WAN appliance.
Security Management is very complex and does not limit itself to products and technologies. It is important to consider alternatives when setting up a Security Operation Center (SOC), from insight into the business plan requirements, ability and the skill set of people who will handle the SOC, the responsibilities for the team, budget and more.
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Denise Tawwab
Denise Tawwab's presentation on "Understanding the NIST Risk Management Framework" given at the Techno Security & Digital Forensics Conference on June 3, 2019 in Myrtle Beach, SC.
This document provides an overview of security fundamentals including the CIA triad of confidentiality, integrity and availability. It discusses common security threats and countermeasures for each component. Additional concepts covered include identification, authentication, authorization, auditing, accountability, non-repudiation, data classification, roles in security management, due care/diligence, security policies, standards/guidelines, threat modeling and prioritization. The document is intended as a high-level introduction to fundamental security concepts.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
The document discusses several IT audit methodologies: CobiT, BS 7799, BSI, ITSEC, and Common Criteria. It provides an overview of each methodology, including their main uses, structures, and summaries. CobiT is used for IT audits and governance and has 4 domains and 34 processes. BS 7799 focuses on information security management and lists 109 security controls. BSI is the German IT baseline protection manual with 34 security modules. ITSEC and Common Criteria are evaluation criteria used for security certification.
ISO 27001 is an international information security standard that provides specifications for implementing an effective Information Security Management System (ISMS) through risk management and compliance with regulations like GDPR. SOC 2 is an assessment for technology companies developed by AICPA to protect customer data stored in the cloud and apply to any company using cloud storage. Both standards aim to implement security controls, policies, and procedures to protect valuable assets, but ISO 27001 provides a more comprehensive framework while SOC 2 focuses on verifying data protection controls. Implementing one or both can strengthen security posture, simplify compliance, and improve customer confidence.
The document discusses security best practices for AWS. It outlines AWS's shared responsibility model where AWS is responsible for security of the cloud and customers are responsible for security in the cloud. It describes AWS security services, controls for physical security, IT operations, access management, policies and governance, and change management. It also discusses AWS audits, compliance with regulations, and logging and monitoring tools.
Security Information and Event Management (SIEM)k33a
This document provides an overview of security information and event management (SIEM). It defines SIEM as software and services that combine security information management (SIM) and security event management (SEM). The key objectives of SIEM are to identify threats and breaches, collect audit logs for security and compliance, and conduct investigations. SIEM solutions centralize log collection, correlate events in real-time, generate reports, and provide log retention, forensics and compliance reporting capabilities. The document discusses typical SIEM features, architecture, deployment options, and reasons for SIEM implementation failures.
The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field.
https://www.infosectrain.com/courses/certified-ethical-hacker-ceh-training/
ITIL v3 Foundation covers core concepts of ITIL including services, service management, processes, functions, roles, and the service lifecycle. Key concepts include service strategy, service design, service transition, service operation, and continual service improvement. The document summarizes several ITIL processes related to service transition including change management, service asset and configuration management, and release and deployment management.
Introduction to NIST Cybersecurity FrameworkTuan Phan
This document provides an introduction to the NIST Cybersecurity Framework. It discusses the goals and key parts of the Framework, including the Framework Core with its functions, categories and subcategories. It also covers the Framework Profile and Implementation Tiers. The document then demonstrates how Trusted Integration's software maps to the Framework and can be used to assess an organization's cybersecurity activities.
This document provides an overview of information security management systems (ISMS) and the ISO/IEC 27001 standard. It discusses how ISMS establishes a top-down, risk-based approach to securely managing an organization's information assets. Key points covered include the business drivers for ISMS, the components of an effective ISMS based on ISO 27001, and the steps involved in implementing, certifying and maintaining an ISMS over time.
How to determine a proper scope selection based on ISO 27001?PECB
Meeting Clause 4 - Context of the Organization "generic" requirements of ISO 27001 in order to determine a proper Documented Scope statement that meets business requirements and gives value to products and/or services.
Main points that have been covered are:
• Interested Parties
• Interfaces & Dependencies
• Legal / Regulatory & Contractual Obligations (Risk of Non-Compliance)
• Documented Scope Statement (including locations within Scope)
Presenter:
Mr. David Anders has worked more than 20+ years in the risk management field managing a broad spectrum of consulting services and product solutions. David has worked in the consulting field for 16 years and is the founder / CEO of SecuraStar, LLC, a niche ISO 27001 consulting firm in the United States and founder / CEO of ISMS Manager Software, LLC.
Link of the recorded session published on YouTube: https://youtu.be/hSaAvKgAC2c
This document discusses cybersecurity threats such as malware, denial of service attacks, cybercrime, cyberterrorism, and cyberwarfare. It provides examples of cybercrime cases involving theft, data breaches, and attacks on banking systems. Cyberterrorism examples include France passing anti-terrorism laws and ISIS utilizing social media. Cyberwarfare case studies involve attacks on Iranian nuclear centers and websites. The document also discusses computer emergency response teams, cybersecurity legislation and policies, and Yemen's cyberwellness profile.
The document discusses the NIST Cybersecurity Framework. It defines key terms like information security, CIA triad, and cybersecurity. It explains that the NIST CSF provides guidance on cybersecurity risk management principles and best practices. It outlines the Framework Core, Implementation Tiers, and Profiles to help organizations manage cybersecurity risks in a cost-effective manner. The CSF can be used by organizations of any size or sector to understand and apply cybersecurity risk management.
1) OT cybersecurity requires taking a holistic view of plant risk that considers impacts beyond financials, such as safety, environmental and operational impacts. Assets should be classified according to risk so priorities can be set.
2) Knowing the assets in the OT environment is essential before strategies can be developed. New technologies can help with asset inventory.
3) OT cybersecurity responsibilities need to be clearly defined, which could include one or two CISO roles to oversee both IT and OT, with close collaboration.
Cloud computing and Cloud security fundamentalsViresh Suri
This document provides an overview of cloud computing fundamentals and cloud security. It defines cloud computing and describes the different cloud service models and deployment models. It discusses the benefits of cloud computing like elastic capacity and pay as you go models. It also covers some challenges of cloud like security, reliability and lack of standards. The document then focuses on cloud security, describing common security threats, key considerations like network security, access control and monitoring for public clouds. It provides examples of security services from AWS like CloudTrail, Config, Key Management and VPC.
This document discusses system backups and disaster recovery. It covers the importance of backups, different backup strategies and scheduling, and various backup devices. For strategies, it describes the volume/calendar method, grandfather/father/son method, and Tower of Hanoi method. For devices, it outlines tape-based options like cartridge tapes and optical disks, as well as newer technologies like linear tape-open and digital linear tape that provide high storage capacities.
8 considerations for evaluating disk based backup solutionsServium
This document discusses considerations for evaluating disk-based backup solutions and compares different approaches. It provides an example showing how data deduplication can significantly reduce disk storage needs for backups. The key points of evaluation are identified as backup performance, restore performance, deduplication approach, scalability, support for heterogeneous environments and backup application features, offsite data protection, and total cost of ownership. ExaGrid is presented as a disk-based backup solution that addresses these considerations through its use of post-process deduplication, which allows for the fastest backup performance and quick restores from the most recent full backup stored complete on disk.
Session form series of conferences during Data Relay (formerly SQL Relay) 2018 in Newcastle, Leeds, Birmingham, Reading, Bristol. The session contains only slides form the talk (no videos included).
Disaster Recovery & Data Backup StrategiesSpiceworks
This document discusses data backup strategies and planning. It emphasizes that backups are critical for businesses to protect their data and recover from data loss. The document outlines planning considerations like identifying critical systems and data, recovery objectives, and capacity needs. It then covers various backup methods and factors to consider when developing a backup plan such as repository type, media type, and testing procedures. Regularly monitoring and testing backups is key to ensuring the plan is effective.
What is Backup, Archive & Cloning and why should you care?Archiware GmbH
Saving production files sounds easier than it is. Files get lost easily. How to best protect them? What actually is Backup, what is Archive? What do I need? Is there a solution for (almost) all cases? Quick introduction to basic terms and decisions. Overview of Archiware P5 for Backup, Archive and Cloning.
On one side, they’re arguably the most important task of every
IT professional. Protecting your company’s most critical data
really means protecting your company itself, and therefore your
own livelihood. But on the other side, backups are so often
accomplished using technology that hasn’t evolved much past
the reel-to-reel days. In 2010, most IT organizations still find
themselves clinging desperately to ancient tape-based technologies;
technologies that indeed back up data, but do so slowly,
painfully, and sometimes with catastrophic failure.
When designing, building, and maintaining a computer system, one can ask the following questions: "Is my data safe from being accidentally deleted or corrupted? How do I ensure data integrity in the long term?"
The main goal of the presentation is to analyze several data integrity pitfalls and review recommended solutions, so that you can construct a data integrity strategy appropriate for your service and your DevOps team.
Sheet1 OS Migration in Avantel 4 months100 days395 hours51179.docxbagotjesusa
Sheet1 OS Migration in Avantel : 4 months100 days395 hours5/1/179/14/17Over look estimation7 days15 hours5/1/175/9/17 Contract for the Linux provider3 days5 hours5/1/175/3/17Review materials to be used in the installation1 day2 hours5/4/175/4/17Develop a budget plan2 days6 hours5/5/175/8/17Deliver materials or required softwares to be used1 day2 hours5/9/175/9/17Assessing the computers7 days20 hours5/10/175/18/17Identify Computers using Windows1 day2 hours5/10/175/10/17Identify 32-bit computers1 day3 hours5/11/175/11/17Identify 64-bit computers1 day2 hours5/12/175/12/17Identify RAM used by the computers1 day4 hours5/15/175/15/17Assess workability of the external drive2 days1 hour5/16/175/17/17Identify the computers' data back-up system1 day8 hours5/18/175/18/17Figure out required tools4 days28 hours5/19/175/24/17 Identify the tools used daily in Windows1 day8 hours5/19/175/19/17Finding Alternative tools in Linux2 days12 hours5/22/175/23/17If no alternatives found find the thirdpaty tools1 day8 hours5/24/175/24/17Identify conversion tools11 days50 hours5/25/176/8/17Identify supporting tools2 days10 hours5/25/175/26/17Identify converting tools2 days10 hours5/29/175/30/17Identify the thirdpaty tools are paid or open sourse1 day4 hours 5/31/175/31/17Identify the budget if the tools are not opensourse1 day6 hours6/1/176/1/17Identify alternate busines Communicator3 days10 hours6/2/176/6/17 IDE2 days 10 hours6/7/176/8/17Data migration7 days48 hours6/9/176/19/17Copying data from windows machine to linux2 days10 hours6/9/176/12/17Copyind data from shared to central server1 day6 hours6/13/176/13/17Copying all pst files (outlook) and convert to thunderbird3 days24 hours6/14/176/16/17Task: File sharing [NFS to SAMBA]1 day8 hours6/19/176/19/17Install Linux and essential softwares8 days23 hours6/20/176/29/17Install 32-Bit Linux OS3 days 7 hours6/20/176/22/17Install 64-Bit Linux OS3 days 2 hours6/23/176/27/17Install any missing essential software2 days 14 hours6/28/176/29/17Linux Installation and Configuration for first floor computers11 days 39 hours6/30/177/14/17Install linux in first floor computers2 days8 hours6/30/177/3/17Install the essential softwares2 days10 hours7/4/177/5/17Configure the computers' firewall1 day5 hours7/6/177/6/17Configure the internet connection1 day4 hours7/7/177/7/17Review the usability outcomes4 days5 hours7/10/177/13/17Document the usability outcomes1 day7 hours7/14/177/14/17Linux Installation and Configuration for second floor computers12 days 49 hours7/17/177/31/17Install Linux in second floor computers2 days10 hours7/17/177/18/17Install the essential softwares2 days13 hours7/19/177/20/17Configure the computers' firewall1 day7 hours7/21/177/21/17Configure the internet connection1 day6 hours7/24/177/24/17Review the usability outcomes5 days5 hours7/25/177/30/17Document the usability outcomes1 day8 hours7/31/177/31/17Linux Installation and Configuration using external drives4 days25 hours8/1/178/4/17Install Linux in computers.
2AM. We sleeping well. And our mobile ringing and ringing. Message: DISASTER! In this session (on slides) we are NOT talk about potential disaster (such BCM); we talk about: What happened NOW? Which tasks should have been finished BEFORE. Is virtual or physical SQL matter? We talk about systems, databases, peoples, encryption, passwords, certificates and users. In this session (on few demos) I'll show which part of our SQL Server Environment are critical and how to be prepared to disaster. In some documents I'll show You how to be BEST prepared.
This document provides a guide for implementing a tape backup strategy for small businesses. It discusses the benefits of tape backups, different tape formats, types of backups, and tape rotation systems including daily, weekly, and monthly backups. It recommends purchasing a tape drive and tapes, using backup software to automate the rotation system, and performing regular backups to protect business data from loss or disaster.
The document proposes using MapReduce as a general framework to support research in mining software repositories (MSR). It describes how MapReduce can provide efficiency, scalability, adaptability and flexibility for common MSR tasks like analyzing large code repositories. A case study of applying MapReduce to the J-REX MSR tool shows significant reductions in running time for large datasets. Minimal programming effort was required and MapReduce could run on various computing environments.
MySQL to Neo4j: A DBA Perspective - David Stern @ GraphConnect NY 2013Neo4j
This session is a walk through and best practices from installation and initial set up, through maintenance and performance tuning, all the way to production use for a series of Neo4j learning opportunities for administrators.
Back it up or pack it up! Did you know that 60% of all small businesses that lose their data are out of business within 6 months? Don’t be one of them! Your New Year’s Resolution for your business should be to setup a backup solution, or evaluate the one you have. Come to TechComm this month to learn more about proper backup solutions.
Back it up or pack it up! Did you know that 60% of all small businesses that lose their data are out of business within 6 months? Don’t be one of them! Your New Year’s Resolution for your business should be to setup a backup solution, or evaluate the one you have. Come to TechComm this month to learn more about proper backup solutions.
Data is the lifeblood of every organization and business. Data theft and data loss through negligence or hardware failure can cause irreparable damage if the data is not easily retrievable. That is why making regular backups of an organization’s data are so important.
Backing up data involves taking copies of data so it can be recovered if the original is lost. Archiving moves less frequently used data to backup storage to free up space. An effective backup strategy includes choosing backup media, determining backup methods and frequency, storing and rotating backups, and being able to recover data from backups. Common media are tapes and external drives, while full, differential, and incremental backups are frequent methods. Rotation schemes like grandfather-father-son improve cost-efficiency and ensure all files are protected. Verification and recovery processes are also important parts of the strategy.
The document discusses various backup procedures and storage options for backing up data. It explains the different types of backups including full, incremental, and differential backups. It also discusses appropriate backup frequencies for different types of organizations depending on how critical the data is and how often it changes. Additionally, the document examines different storage media that can be used for backups including magnetic tapes, hard disks, optical disks, and remote backup services.
Changing daylight saving time slowing down the time- with picturestikkana
The document discusses Daylight Saving Time (DST), which is the practice of advancing clocks during summer months so that evenings have more daylight. It causes issues for software like SAP around the time change in fall, as the clock repeats the same hour. The document describes three methods to address this "double hour" in SAP: 1) Shut down SAP for the full two hours, 2) Shut down for one hour, or 3) Slow the time in SAP so it sees the double hour as a single continuous hour. The zero downtime method of slowing time is the preferred approach.
This document discusses implementing disk-based data protection and recovery. It recommends taking a tiered approach with five layers - application, production, recovery, protection, and archive tiers. The recovery tier is where disk systems would replace tape to provide faster restore times and more frequent backups. For best results, the document advises selecting a single vendor that can provide tightly integrated, modular solutions for each tier built on a common software platform. This comprehensive approach maximizes reliability while minimizing complexity.
2. TAPES
A tape is a storage device where information is stored on.
It’s an arguably better option to disk.
Why?
Life cycle
Durability
Ease of Use
Reliability
Disadvantage
Speed !!!
Uncertainty of data integrity
Shoe-Shinning Effect
8. Tape Management
Tapes have a long life cycle and durability
nonetheless, they should still be managed
appropriately for the sake of its contents-
Hence, an effective management policy
How?
By rotating the tapes
9. Tape Rotation Strategy
Things to consider
R.P.O (Recovery point Objective)
Number of Tapes Available
Off-site Storage
Retention
11. G.F.S Tape Rotation Scheme
This is an explanation of the industry-
standard Grandfather-Father-Son tape
rotation schedule.
This backup schedule is appropriate for
most small businesses.
It is a compromise of protection,
convenience and performance
12. The total number of tapes you will require is based
on your desired "restore window". A typical business
with a 5-day work week will use a 20-tape rotation that
will give them a one-year restore window.
Many, if not most businesses will also keep yearly tapes
which can come in handy for tax reporting purposes.
For a 6-day work week ,you will need 22 tapes.
This will allow you to restore files as recent as yesterday
and as old as one year.
A 6-month restore window requires 14 tapes
Number of Tapes Required
13. Tape Labels
Daily Tapes
4 tapes will be used every Monday through Thursday.
These tapes will be used every week and will experience the
most wear and tear.
It is recommended the daily tapes be shifted to the
monthly group once in a while so they don't wear out
prematurely...like rotating the tires on your car.
Monday
Tuesday
Wednesday
Thursday
14. Tape Labels
Weekly Tapes
4 more of your tapes will be used once a month on
Fridays. (or Saturdays, depending on whether or not you
are backing up a six-day workweek).
Whenever it appears you need a Friday Week 5 tape,
you should just use the EOM (End of Month) tape.
Friday Week 1
Friday Week 2
Friday Week 3
Friday Week 4
15. Tape Labels
Monthly Tapes
Twelve of your tapes will be used
on the last business day of each
month.
January EOM
February EOM
March EOM etc
16. Quantity of Tapes
Daily Tapes + Weekly Tapes + Monthly Tapes
4 + 4 + 12
Total = 20 Tapes
A 5-day work week = 20 Tapes
A 6-day work week = 22 Tapes
Daily Tapes + Weekly Tapes + Monthly Tapes
5 + 5 + 12
Total = 22 Tapes
18. The Tower of Hanoi rotation schedule is widely used.
This schedule can be used in either a daily or weekly
rotation scheme. The decision regarding the frequency of
rotation should be based on the volume of data traffic. To
maintain the required history of file versions, a minimum
of 5 tape sets should be used in the weekly rotation
schedule, or 8 for a daily rotation scheme.
. As with the G.F.S rotation scheme, tapes should be
periodically removed from the rotation for archive
purposes.
Tower of Hanoi
19. Tower of Hanoi
The Tower of Hanoi rotation method is more
complex.
It is based on the mathematics of the Tower
of Hanoi , using a recursive method to optimize
the back-up cycle.
So the 1st tape is used every other day
(1, 3, 5, 7, 9,...),
the 2nd tape is used every 4th day (2, 6, 10, ...),
the 3rd tape is used every 8th day (4, 12, 20, ...).
20. Tower of Hanoi
A set of n tapes (or other media) will allow
backups for 2 ^n-1 days before the last set
is recycled. So, 3 tapes will give 4 days'
worth of backups and on the 5th day it will
be overwritten; 4 tapes will give 8 days, and
it is overwritten on the 9th day; 5 tapes will
give 16 days, etc. Files can be restored
from 1, 2, 4, 8, 16, ..., 2 ^n-1 days ago.
22. Tower of Hanoi
N= NUMBER
OF TAPES
WORTH OF
BACKUP IN
DAYS
2** (N-1)
N=3 4 DAYS
N = 4 8 DAYS
N = 5 16 DAYS
N = 6 32 DAYS
N= NUMBER
OF TAPES
WORTH OF
RETENTION
IN DAYS
(2**N) -1
N=3 7 DAYS
N = 4 15 DAYS
N = 5 31 DAYS
N = 6 63 DAYS
23. Tower of Hanoi
In this method, a set of numbered media is
used until the end of the cycle. Then the
cycle is repeated using media numbered the
same as the previous cycle, but incremented
by one. The lowest numbered tape from the
previous cycle is retired and kept
permanently. Thus, one has access to every
backup for one cycle, and one backup per
cycle before that.
25. Observation
As you can see, the lower numbered
tapes get used far more frequently than
higher numbered tapes. This means that
the Tower of Hanoi scheme won't retain
daily backups for a week like the other
tape rotation schemes, but it does give you
exponential retention periods.
26. Observation
For example, in the 5 tape rotation scheme,
Tape 1 is used 16 times (every other day).
Tape 2 is used 8 times (every 4 days).
Tape 3 is used 4 times (with 7 days in between).
Tapes 4 and Tapes 5 are each used 2 times.
In essence, this gives you daily and monthly
backups like the other tape rotation schemes do,
but you use far fewer tapes in the long run.
27. Disadvantages of Tower of Hanoi
The downside to this rotation scheme is its
complexity and the fact that not all backup
applications support it.
This method also has a tendency to wear out lower
numbered tapes because they are used so much
more frequently than higher numbered tapes.
Another disadvantage of the method is that
(short retention period)
half the backups are overwritten after only
2 days.
28. Round Robin
Round-Robin is the simplest of tape rotations to
understand. This type of cycle uses a single tape
set for a set period of time, but only keeps the
information for the length of that time period.
However, it forces the Administrator to frequently
re-use the tapes over and over again.
Due to wear and tear, these tapes would be
replace frequently. Another con to this type of
rotation is that there is no long-term storage
solution.
29. Round Robin
Example: A weekly Round-Robin tape rotation
would mean that there are tapes marked
"Monday", "Tuesday", "Wednesday", etc.
Each day’s tapes are used on that specified day
of the week, and then re-used 7 days later
30. Round Robin
One other simple scheme is to have 5 backup tapes
(one for each day of the work week) and to use each
one in succession. This way, you use the same tape
every day of the week. For extra protection, you can
use more than one tape for one day of the week, say
Friday, and rotate the Friday tape offsite every week.
This system pretty much requires that you do a
full backup every day. This may be fine for a small
business without a lot of data to preserve, but it can
mean a good-sized backup window every day.
31. Limitations of Round Robin
The biggest problem with the Round Robin variations
is that it doesn’t support long-term data retention,
which is very important to have in a data backup plan.
To see why this is important, imagine that an
organization uses a 4-week tape rotation scheme.
Now suppose that an organization finds that a critical file
has been corrupted. If the corruption occurred more
than four weeks ago, then there are no good copies of
the file that can be retrieved from backup.
For this reason, most of the organizations that use
Round Robin also use data archiving.
32. Recommendations: Small organizations
There are many small organizations who can fit all of
their data files onto a single tape. Since backing up this
small amount of data does not take much time, many
small organizations prefer to do full backups on a daily
basis, and to rotate their tapes in a round-robin strategy.
Assuming there are no actual IT personnel staffed by
the company, this method of daily full backups puts
everyone’s mind at ease and does not require a large
collection of tapes. However, keep a couple of spare
tapes on-hand in the event one of them breaks.
33. Recommendations: Medium organizations
Companies of this size usually prefer to implement a G.F.S
rotation method. Since this size of organization probably
has a small IT staff, they should all be made aware of how
the backup jobs and tape rotations are implemented. To
prevent confusion, the dates of the backups and their
associated tapes should be documented for future
reference. The actual backup methods depends on your
needs, but a minimum of the following is recommend…
Monthly Full backups, Weekly Incremental backups, and
Daily Differential backups.
34. Recommendations: Large organizations
It is assumed that large organizations will have a large
IT staff. Backup Administrators will be responsible for
managing to a large amount of data which will no doubt
be changing very fast. To that end, they will most likely
prefer to tighten up the backup jobs to require
Differential backups to be performed every couple of
hours, Incremental backups every evening, and Full
backups a minimum of once per week. The tape rotation
would also be at the Backup Administrators discretion.
35. Note that any backup system absolutely depends on
daily attention and periodic maintenance.
Every backup system requires a "backup
administrator" to change the tapes every day, to store
them in the proper location and to monitor the backup
logs for any errors.
Periodically, every backup system needs to be tested
in order to be sure data is actually being backed up and
can be restored when needed. Tape drives also need to
be periodically cleaned. With most tape drives, this
generally means occasionally inserting a cleaning tape.
Reliability
36. In the end, there is no one single backup tape
rotation scheme that is clearly superior.
Each tape data backup scheme has inherent
advantages and disadvantages. It is ultimately
up to you to choose the scheme that is the best
fit for your organization's needs.
Conclusion