Tag Archives: Featured 1

Let’s Be Honest—Retention Minimums Are Delete Penalties

Post Syndicated from Jeremy Milk original https://www.backblaze.com/blog/lets-be-honest-retention-minimums-are-delete-penalties/

People often think of “retention” as a good thing when it comes to cloud and object storage—after all, the point of storing data is to retain it. But retention’s only a good thing when you actually want to retain data—that nuance is sometimes hidden from people, and yes, I say hidden intentionally.

A number of cloud storage providers from big to small are doing their best to hide the darker side of retention—retention minimums. They loudly promote attractive storage tier rates while making little mention of their data retention minimums that allow them to charge those rates for as many as 90 or 180 days after bytes uploaded have been deleted.

We don’t believe in charging you for data you deleted. Today, we’re explaining more about what that means for you, and highlighting some real-world stories of discovering these hidden fees.

Our Stance on Retention Minimums aka Delete Penalties

First, let’s call retention minimums what they really are: delete penalties. We stand against delete penalties. We don’t charge them. We see them as the enemy of every use case in which data is intentionally replaced or deprecated in hours, days, or weeks instead of months. Delete penalties go against agility and flexibility. We also think it’s despicable when a vendor shouts about how they don’t charge fees for things like data egress, while quietly padding their topline with hidden retention penalties.

At Backblaze, our pricing has nothing to hide. When you delete data, you stop paying for it within the hour. End of story.

Retention Minimums: The Fine Print or the Finer Print

Obviously, cloud providers aren’t going to advertise that they charge you for deleted data, but some are more transparent than others. AWS with its S3 Glacier services, for example, at least acknowledges these products are meant primarily for longer term storage. They disclose minimum retention details in the footnotes on their pricing page—the information is less prominent, but to their credit, it’s disclosed on the page. It may seem unusual for us to praise AWS, but by comparison, they’re actually a lesser evil in this regard.

Others? Let’s just say you really need a magnifying glass to dig through the fine print. Their minimum retention requirements are buried deep in their terms of service or FAQs. Unless you have an eagle eye and/or click through many pages of their website, you’re left to find out just how much you’re paying for deleted data when you get your bill. What’s more, the disappointment and disillusionment from budget surprises like that can turn people off from the many gains they can derive from leveraging cloud storage.

Delete Penalties in the Wild: Testimonials

Here’s what we’ve heard from folks who experienced delete penalties for themselves…

“Initially, I was worried about egress, so I went with [name redacted]. But I was misled. My egress was nominal. Meanwhile, I found that one-third or more of my bill was for backup I had deleted. That’s not how I want to do business.”
—MSP Leader

“I looked at an up-and-coming provider called [name redacted] because their whole thing is they’ve got great prices. I soured on them when I realized that they don’t really tell you that they bill you for a minimum of 90 days of object duration. There’s little I need to store for 90 days for my application. All of my cursory research seemed okay, and the pricing calculator on the pricing page made no mention of any of this. I’m not a fan of using a vendor that buries something that important.”
—Brian, Software Developer

“We got burned by [name redacted] with regard to their deletion and how we do our backups. I deleted data off their system, and they’re billing me for data they’re not storing? And what’s more, they’re irritated by the fact that their hard drives had to delete data? I don’t understand that level of…I’m not even going to say the word, but it’s just stupid.”
—Joe Valentine, Software Engineer II, Webjogger

Delete the Delete Penalties

To be sure, compared to the high costs of on-premises infrastructure, cloud storage delete penalties may go unnoticed or be characterized as a cost of saving money. But that’s exactly what companies who levy these penalties want you to think. Don’t let them misrepresent their true costs or mislead you. It’s not right. It’s not aligned with their messaging. It’s not what you deserve. And it’s not going to support your business growth especially when fees add up fast for many terabytes and petabytes.

It’s time to delete the delete penalties. Full stop.

If you’ve been hit with unexpected penalties after deleting data, share your experience below with the broader community or reach out to us to learn more about how you can eliminate them.

The post Let’s Be Honest—Retention Minimums Are Delete Penalties appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Announcing Kubernetes Backup and Ransomware Protection via Kasten and Backblaze

Post Syndicated from Natasha Rabinov original https://www.backblaze.com/blog/announcing-kubernetes-backup-and-ransomware-protection-via-kasten-and-backblaze/

According to the Cloud Native Computing Foundation’s annual survey, Kubernetes use in production has increased 300% since 2016 to 83% of respondents. There’s no doubt that a fundamental shift has taken place over the past few years—applications are being deployed in container environments and those deployments are being managed by Kubernetes.

But customers that are deploying Kubernetes environments need a new tool to protect all of that data. Purpose-built for Kubernetes, Kasten by Veeam is that tool.

Now, through a new partnership, joint Kasten and Backblaze customers will be able to name Backblaze B2 Cloud Storage as a storage destination where they can store and protect copies of their applications affordably.

This partnership enables developers to:

  • Back up and restore production stateful Kubernetes applications.
  • Safeguard application data from ransomware encryption with Object Lock for immutability.
  • Support regulatory compliance and corporate disaster recovery mandates.

“Kubernetes containers are the standard for many organizations building, deploying, and scaling applications with portability and efficiency. Backblaze and Kasten together offer a compelling solution to support these organizations’ business continuity needs with set-and-forget-it ease and cost effectiveness.”
—Nilay Patel, VP of Sales and Partnerships, Backblaze

The joint solution is fully scalable at enterprise grade. What’s more, organizations only pay for storage used, with no data retention penalties for deleting past backups.

About Kasten

Owned by Veeam, Kasten is an award-winning market leader in Kubernetes backup. Their product was built natively for containers, and the software-only solution runs directly on your cluster within its own namespace.

Together, Kasten and Backblaze provide a simple, seamless integration for shared customers, focusing on ease of use.

“Backup and protection are paramount in a world in which data is everything and cyberattacks continue to rise. The Backblaze-Kasten partnership offers the application protection and disaster recovery support companies seek, with flexibility and freedom to choose their preferred storage partner.”
—Gaurav Rishi, VP of Product, Kasten by Veeam

How to Get Started With Backblaze B2 + Kasten

After creating your Backblaze B2 account, check out our Quickstart Guide for Kasten K10 and Backblaze B2 to create a Kasten namespace in your cluster and configure Backblaze B2 as a storage destination.

Customers can test the Kasten solution for free with clusters made up of 10 nodes or less. And Backblaze covers the first 10GB stored.

Data Protection That Scales With You

Kubernetes was built to provide scalability, giving businesses the flexibility to manage and optimize resources. Through this partnership, customers now have storage that matches that flexibility in Backblaze B2. With Backblaze, customers are able to scale their application backups as their applications scale.

Interested in learning more? Join us for a webinar on February 2, 2022 at 10 a.m. PST to discover how to add seamless ransomware protection to your Kubernetes environments—stay tuned for more details and a link to register. Or, if you are ready to future-proof your application, click here to get started today.

The post Announcing Kubernetes Backup and Ransomware Protection via Kasten and Backblaze appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Five Ways to Use Object Lock Immutability

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/five-ways-to-use-object-lock-immutability/

If you want to understand how Object Lock immutability works, think of a valuable necklace sitting behind a window. If someone really wants that necklace, they will find a way to break that window. Reinforce the glass, add a silent alarm, none of it will change the fact that thieves can find a way.

With Object Lock immutability, there is no window. Instead, picture a fully realistic holographic representation of the necklace. You can still see your necklace, you can still enjoy its sparkle, but nothing anyone does to that hologram can alter the actual physical necklace.

Object Lock immutability works in a similar fashion, at least metaphorically speaking. (Object Lock doesn’t create a facsimile, per se, but it does protect objects from being manipulated, copied, encrypted, changed, or deleted for as long as the lock is set.) And it protects something far more valuable than some trinket: It protects your data.

In this post, learn about five different ways you can use Object Lock as well as some tips for using Object Lock effectively.

What Is Object Lock Immutability?

In functional programming, immutability is a characteristic of an object whose state cannot be changed after it has been created. Conversely, mutable objects are variable. But what does all that mean when it comes to Object Lock? By creating a model in which an individual object (i.e., a unit of data that contains all of the bytes that constitute what you would typically think of as a “file”) remains static and unchangeable, Object Lock immutability prevents important files from being deleted, corrupted, or otherwise damaged. Your files can, however, be freely accessed, giving you free rein to view important documents. This Write Once, Read Many (WORM) model is the cornerstone of Object Lock immutability.

Those of us above a certain age may recall the days when data was regularly transferred via floppy disc. Back in those dark days of dial-up, there was a simple plastic switch on each floppy disc that marked the disc as read-only or read-and-write. If the switch was flipped, the data on the disc could be read or transferred at will, but it was a one-way street. You were unable to alter the original data stored on the disc.

Object Lock Immutability serves the same function as that plastic switch, only it operates entirely within the code of your storage software. You can view, share, and open files at will. But the contents of that file cannot be changed.

Object Lock Immutability Use Cases

With the right approach, Object Lock immutability can be used to solve a few problems, including:

  • Aiding recovery from ransomware attacks.
  • Migrating from an LTO tape system.
  • Supporting records retention requirements.
  • Protecting your company during lawsuits.
  • Enhancing version control during software development.

Aid Recovery From Ransomware Attacks

Ransomware attacks are a major challenge for many businesses. In our research on the true cost of ransomware, we found that the cost of these incidents can exceed $1 million! That’s the bad news.

The good news is advanced planning can make it easier to recover from attacks. Specifically, preserving data backups with Object Lock is a helpful way to speed up your recovery from ransomware attacks. For example, you might decide to make daily backups of your most critical files and retain those backups for three months. In this case, you would have plenty of options for how to recover from an attack.

To achieve consistent security protection, we recommend integrating Object Lock into your IT security policy. For further guidance on how to do this, see our post, “How to Add Object Lock to Your IT Security Policy.”

Migrating From an LTO Tape System

Until recently, the most common way to protect data from being overwritten, corrupted, or deleted was by creating an “air gap” by way of LTO tapes. Under this system, sensitive files would be backed up to a tape and then physically removed from the drive. This created an effective shield of literal, physical air around the data by removing it entirely from your network, but it came at a cost.

Tape systems require an up-front investment and require ongoing maintenance, management, and eventual replacement. With Object Lock immutability as part of your cloud backup solution, the entire process of creating an air gap happens virtually, saving time and money while accomplishing the same goal. You can calculate the savings between cloud storage and tape yourself.

Support Records Retention Requirements

Your company probably has a variety of records retention requirements to fulfill. For example, the finance department likely has to retain records in case you are audited by tax authorities. In addition, your contracts with customers may expect you to retain records for a specific project for a set period. Once you determine which records need to be retained, Object Lock can preserve the records so they cannot be modified or deleted for the required duration. Object Lock means accidental deletion of records is much less likely.

Protect the Company’s Interests During Lawsuits

Lawsuits and disputes are a fact of life in today’s environment, but there are steps you can take to reduce the impact and expense associated with them.

By applying Object Lock, your company will be better able to navigate the challenges of a lawsuit. You can focus on the substance of the dispute rather than spending endless hours answering questions about your data integrity.

Enhance Version Control During Software Development

New versions of files are created on a nearly constant basis during software development projects. Some software projects release new versions every day or every week. With many different software versions on your plate, there is a risk your team might get disorganized. Now, imagine if a new release of your software ends up having a serious security or performance flaw. In that case, rolling back to the previous version may save a tremendous amount of time and energy.

By using Object Lock on previous versions of your software, you can have confidence in your ability to access previous versions. For companies that produce custom software for clients, enhancing version control through Object Lock may be helpful for other reasons. In the event of a problem, a client might ask for access to earlier versions of the software. Preserving earlier versions of your software development with Object Lock makes it easier to respond to such requests.

Tips for Using Object Lock Immutability Effectively

As with any technology, achieving optimal results from Object Lock requires a thoughtful, guided approach. From a technical standpoint, there is no limit to how much data you can protect with Object Lock. However, excessive use of Object Lock may consume a significant amount of your data storage resources, negating any time and cost savings you’ve achieved.

Altering the amount of time an object is placed in Object Lock is just one way to ensure you’re getting the most out of this technology. Others include:

  • Reviewing Older Object Lock Files: You might find that you rarely need to access Object Lock-protected data that is older than six months. Obviously, this amount of time will vary greatly depending on your needs, but it’s important to make sure you’re not spending resources protecting files that don’t need the extra protection. Depending on what you find, you may want to adjust guidance to employees accordingly.
  • Ensuring Consistency: To achieve more consistent usage of Object Lock immutability, start by clarifying your expectations in a company policy. This could be as simple as a checklist document explaining when and how to use Object Lock or an appendix to your IT security policy. In addition, ask managers to periodically review (e.g., every six months) how Object Lock is used in their departments and provide feedback to employees as needed.

As a concept, Object Lock immutability is fairly easy to understand and even easier to use in protecting your vital data from incursion, corruption or deletion. Beyond simply protecting valuable data from cyber threats, it can create a clear timeline in case of litigation or simplify complicated development projects. By understanding how this tool works and how best to use it, you can secure your data, increase your efficiency, and improve the operation of your cloud storage.

The post Five Ways to Use Object Lock Immutability appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

What Is the Public Cloud?

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/what-is-the-public-cloud/

The wonderful thing about technology is that it’s always changing. This, of course, is also the frustrating thing about technology. We think we understand it, or at least have a basic grasp of it, and then the rules get completely rewritten. What seemed simple and straightforward is suddenly a morass of technical terms and jargon. Such is the case with cloud concepts.

If you’re looking for a data storage solution, it’s sometimes helpful to revisit the fundamentals to ensure you find the solution that works best for you. Today, we’re sharing a few helpful guidelines to cut through any confusion around the public cloud, including how it’s different from a private cloud, when it makes sense to use one or both, and how to go about choosing a cloud provider.

What Is the Public Cloud?

Essentially, public cloud storage operates like a self-storage unit, only one that holds your personal files instead of old lamps that you’re sure you’re going to donate or part with in a garage sale someday. The difference being (apart, obviously, from cloud storage being virtual) that cloud storage lets you pay as you go, so you only pay for the amount of storage you need.

In researching public cloud storage, you may come across other data storage terms such as “private cloud” and “on-premises.” We’ll briefly define these terms to help you navigate the options available to you.

  • Private cloud. As the name implies, a private cloud is similar to a public cloud, but specifically designed for a single user or business. Think of a private cloud like one of those restaurant booths that’s permanently reserved for a VIP—no other customer can use that space. As a result, private cloud services can be more expensive than public clouds. Private clouds are typically, but not always, on-premises. Some companies choose to outsource their private cloud infrastructure to a data center, but the key defining factor is that the servers and network are dedicated to one company or “tenant” rather than shared with other tenants as in a public cloud.
  • On-premises data storage. Before cloud services were created, many organizations stored their data in corporate data centers built on location or “on-premises.” Since these facilities are owned and controlled by the company that built them, they offer a very high level of security. On-premises data storage is also sometimes referred to as a private cloud, but private clouds don’t necessarily have to be on-premises anymore—they can be anywhere as long as they’re dedicated to one tenant.

There are several advantages to using a public cloud service for data storage. You generally only pay for the storage you use. Unlike an on-premises data center, there are usually no significant up-front costs to purchase hardware and plan for ongoing administration. In addition, a public cloud data storage solution does not take up physical space in your office.

Private Cloud vs. Public Cloud: When Does It Make Sense to Use Them?

To help you decide between public vs. private cloud data storage, let’s recap the critical differences first. A public cloud service is usually open to any customer, while a private cloud is dedicated to select users. In addition, a private cloud service is usually operated on-premises.

There are three significant differences between private cloud and public cloud.

  • Tenancy. A private cloud is dedicated to one tenant whereas a public cloud is open to many tenants. In a public cloud, tenants share the same physical hardware resources as other tenants, and their individual instances are virtually separated so that one tenant can’t access another’s data.
  • Approach to security. A private cloud is dedicated exclusively to your needs. You own and manage it. As such, you have more control over the physical security of your servers as well as your private networks. In a public cloud, you trust the provider to handle some of the security for you.
  • Affordability. A public cloud service is defined to achieve mass economies of scale in order to offer affordable prices. A private cloud requires up-front investment in hardware and networking equipment and ongoing maintenance and upgrade costs.

Ultimately, it comes down to the solution that best fits your company’s needs for privacy and security balanced against your budgetary constraints. The benefit of a private cloud is more important in some industries than others. For example, in instances where there might be national security concerns—like national defense or government contractors—or a greater need for privacy like healthcare or financial services, a firm may opt to use a private cloud service located on-site for certain sensitive data.

Sometimes, however, your needs will extend beyond simply using either a private or a public cloud service. When that happens, you need a hybrid cloud.

Hybrid Cloud: When Does It Make Sense to Use Both?

As we noted, depending on your data storage needs and industry, you may decide to use a mix of public cloud and private cloud providers, otherwise known as a hybrid cloud. For example, in data-heavy industries like media and entertainment, a hybrid cloud approach offers a powerful solution. Using a hybrid solution means staff have fast access to large files for day-to-day work on a private, on-premises cloud, combined with scalable, affordable storage in a public cloud for archives and remote collaboration. Similarly, in industries that handle sensitive data, a private cloud could be used to have more control over security, while less sensitive data could be stored in a more affordable public cloud.

Using a combination of public cloud and private cloud data storage gives you the best of both worlds. Private, on-premises storage provides greater ease of access to files and enhanced security, but with the financial trade-off of fixed costs for maintenance and IT assistance. Public storage is more affordable and makes sharing files with outside vendors, subcontractors, and clients simpler.

How to Compare Public Cloud Providers

If you’ve decided a public cloud or a hybrid cloud approach is right for you, your next step is choosing a cloud provider as your trusted partner. As you evaluate different cloud providers, it is helpful to use some standard criteria to measure each provider. Use the following points of comparison to inform your selection process.

  • Ease of use. As with most technology, the more customization you need, the less user-friendly your cloud storage is generally going to be. The end goal of cloud storage is to make your life easier, and if you’re having to stack new skill sets just to make it work, then you’ve officially moved beyond “easy.”
  • Customer support. The insufferable thing about tech headaches is that they have no respect for your schedule. As such, it’s important to check the support package offered by the provider. How easy is it to reach an actual person, not a bot or autoresponder? Will they be able to respond to issues that may arise from your particular setup? The wrong answer could be costly.
  • Data egress. Check the costs and speed of data egress if and when you need to pull all of your data out from the cloud provider. You don’t want to feel locked into a cloud provider because they charge high data transfer fees.
  • Pricing tiers. There is no one-size-fits-all solution when it comes to cloud storage, so make sure you’re not throwing money out the window. Or, into the cloud. Double check that you won’t get locked into a price structure that charges for storage you don’t need. Keep an eye out for things like minimum retention requirements where you’re essentially charged for deleted data for a period of time after you delete it.
  • Security. Lost or compromised data goes far beyond a mere inconvenience. In the worst-case scenario, it can represent a serious security breach and possible legal issue. Some cloud providers offer more security features than others. For example, check if the provider offers Object Lock, a feature that prevents data from being modified, copied, encrypted, changed, or deleted during a set period of time. If a bad actor somehow got access to your account, they wouldn’t be able to tamper with your data. (Even you can’t modify it before the lock period ends!)

Assess Public Cloud Storage for Your Organization

Cloud computing has had a transformative impact on the way we do business. Between the cost savings and the flexibility it gives us in handling our data, it can play a tremendous role in your company’s growth. Now that you’ve learned the basics of public cloud data storage and how it can potentially impact your business, you can make a more informed decision about how you set up your infrastructure and manage your company’s important data.

Are you using a private cloud, a public cloud, or some combination of the two? Let us know in the comments. We’d love to hear how it’s going.

The post What Is the Public Cloud? appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Getting the Most Out of Your NAS

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/getting-the-most-out-of-your-nas/

Who has the original copy of that report on their machine? Which hard drive has the footage from that shoot a few years ago? Are those photos from our vacation on the laptop, the external hard drive, or the sync service? If you’ve ever asked yourself a question like these, you have felt the pain of digital scatter. In today’s world, with as many devices as we use, it’s almost unavoidable.

Almost. When you start to feel the pain of digital scatter, either at work or at home, take it as a sign that it’s time to look into upgrading your data storage systems. One of the best ways to do that is investing in a NAS device.

As you start exploring more sophisticated data storage options than juggling external drives or managing sync services, understanding what you can do with a NAS system can help your decision making. This post explains what NAS is and all the different ways you can use NAS to supercharge your business or home office setup.

What Is NAS?

Network attached storage, or NAS, is a computer connected to a network that provides file-based data storage services to other devices on the network. It’s primarily used to expand storage capacity and enable file sharing across an organization or across devices in a home.

The primary strength of NAS is how simple it is to set up and deploy. NAS volumes appear to the user as network mounted volumes. The files to be served are typically contained on one or more hard drives in the system, often arranged in a RAID scheme. Generally, the more drive bays available within the NAS, the larger and more flexible storage options you have. The device itself is a network node—much like computers and other TCP/IP devices, all of which maintain their own IP address—and the NAS file service uses the Ethernet network to send and receive files.

NAS devices offer an easy way for multiple users in diverse locations to access data, which is valuable when users are collaborating on projects or sharing information. NAS provides good access controls and security to support collaboration, while also enabling someone who is not an IT professional to administer and manage access to the data via an onboard web server. It also offers good fundamental data resiliency through the use of redundant data structures—often RAID—making multiple drives appear like a single, large volume that can tolerate failure of a few of its individual drives.

How Does RAID Work?
A redundant array of independent disks, or RAID, combines multiple hard drives into one or more storage volumes. RAID distributes data and parity (drive recovery information) across the drives in different ways, and each layout provides different degrees of data protection.

Getting the Most Out of Your NAS: NAS Use Cases

The first two NAS use cases are fairly straightforward. They are exactly what NAS was built for:

  1. File storage and file sharing: NAS is ideal for centralizing data storage for your home or business and making files available to multiple users. The primary benefits of a NAS system are the added storage capacity and file sharing compared to relying on workstations and hard drives.
  2. Local backups and data protection: NAS can serve as a storage repository for local backups of machines on your network. Most NAS systems have built-in software where you can configure automatic backups, including what you back up and when. Furthermore, the RAID configuration in a NAS system ensures that the data you store can survive the failure of one or more of its hard drives. Hard drives fail. NAS helps to make that statement of fact less scary.

But that’s not all NAS can do. With large storage capacity and a whole host of add-ons, NAS offers a lot of versatility. Here are a few additional use cases that you can take advantage of.

Host Business Applications on NAS

Small to medium-sized businesses find NAS useful for running shared business applications like customer relationship management software, human resources management software, messaging, and even office suites. Compared to expensive, server-based versions of these applications, companies can install and run open-source versions quickly and easily on NAS. Some NAS devices may have these features built in or available on a proprietary app store.

Create a Private Cloud With NAS

Most NAS devices give you the ability to access your data over the public internet in addition to accessing it through your private network, essentially functioning as a cloud service. If a NAS device manufacturer doesn’t already have a cloud application built in, there are a number of open-source cloud applications like Nextcloud or ownCloud.

Use NAS to Run Virtual Machines

Virtualization software providers, like VMware, support running their products on NAS. With proper configuration, including potentially adding RAM to your device, you can easily spin up virtual machines using NAS.

Develop and Test Applications on NAS

Many NAS devices offer developer packages, including apps for different programming languages and tools like Docker and Git Server. With these add-ons, you can turn your NAS into your own private lab for developing and testing applications before moving them to a server for production.

Use NAS as a File Server

Although a NAS device is usually not designed to be a general-purpose server (it’s underpowered compared to a file server and comes with less robust access management capabilities), NAS vendors and third parties are increasingly offering other software to provide server-like functionality. For home use or for a small team, higher-end NAS devices can function as a file server.

Manage Security Cameras on NAS

Apps like Synology’s Surveillance Station allow you to set up a security camera system yourself using IP cameras rather than paying for a more expensive enterprise or home system. With a large storage capacity, NAS is perfect for storing large amounts of video footage.

Stream Media With NAS

NAS is a great place to store large media files, and apps like Plex allow you to stream directly to a device or smart TV in your home or business. You can consolidate video or audio files from your devices into one place and stream them anywhere.

Ready to Get Started With NAS?

Understanding the many use cases can help you see where NAS might fit into your business or make file sharing at home easier. There are many ways to make your NAS device work for you and ensure you get the most out of it in the process.

Do you have more questions about shopping for or buying a NAS? Check out our Complete NAS Guide. It provides comprehensive information on NAS and what it can do for your business, how to evaluate and purchase a NAS system, and how to deploy your NAS.

The post Getting the Most Out of Your NAS appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

2021 and Beyond: Backblaze’s Predictions for the Coming Year

Post Syndicated from Jeremy Milk original https://www.backblaze.com/blog/2021-and-beyond-backblazes-predictions-for-the-coming-year/

The cloud computing industry had a big year in 2021. But the past year also saw significant challenges—supply chain shortages, continued shifts in work life, continued natural disasters, and disruptive ransomware attacks, not to mention an ongoing global pandemic.

As we close out 2021 and look forward to the new year, we asked our team to weigh in on their predictions for trends we’ll see in 2022 in the cloud computing industry. Here are our collective thoughts.

The Trends That 2022 Will Bring

1. Security Will Never Be Easier to Justify

Ransomware threats soared in 2021, making big headlines throughout the year. As we finished the year with the internet-wide Log4j vulnerability becoming exposed, the argument for investing in data security has never been easier to make, and the whole C-suite is likely to be involved. Companies will invest more in stronger protections against ransomware including shoring up backup practices and implementing features like Object Lock to protect data. While companies may have relied upon cyber insurance in the past to cover ransom payments rather than investing in proactive data protection, we think added pressure from government agencies will make this option less of a fallback (while also helping IT leaders to justify more robust measures).

2. Enhanced Security May Not Be a Choice

The U.S. government has already started to signal that it’s expecting companies to do more to protect their data from ransomware exposure. In 2022, expect it to tighten the screws all the more with greater enforcement of Treasury, TSA, and other requirements. We predict that at least one U.S. company that makes a big ransomware payment will find itself squarely in the crosshairs of the U.S. government for not doing enough to protect itself and then going too far against the Treasury’s Office of Foreign Assets Control in facilitating payment to known bad actors outside the U.S.

3. Relying on One Cloud Provider Will No Longer Cut It

Companies that currently rely on a single diversified cloud provider will increasingly look to independent providers to achieve data redundancy. After recent AWS outages that exposed single points of failure, this has never been clearer. Backing up data that resides in the cloud will become more of a priority. The move to a more diversified cloud deployment will lead to more organizations considering flipping to an independent cloud provider as their primary data store with one of the traditional diversified providers serving as a backup destination. Of course, a multi-cloud deployment won’t solve everything and could create more complexity if your primary cloud isn’t dialed in before racing to add a second.

4. HAMR/MAMR Drops

Hard disk drive manufacturers have all made announcements about capacity increases for the coming year, getting ever closer to 30TB drives. At the 5th Annual Virtual Wells Fargo TMT Summit Conference, Western Digital CEO David Goeckeler indicated that 30TB hard drives are within reach with its ePMR and OptiNAND technology as well as a 10-platter HDD (up from the existing nine-platter 20TB drive). Goeckeler referred to the development as “That staircase to take you to 30TB and then get you on the HAMR [heat assisted magnetic recording] curve.”

Likewise, SDK announced the development of microwave assisted magnetic recording (MAMR) technology this year to support development of a 30TB drive. Seagate, too, continues to pursue development of HAMR technology, announcing development of a second-gen HAMR drive that could reach 30TB. The technology has been on the cusp of commercialization for a number of years—in fact, we wrongly predicted we would start seeing HAMR/MAMR drives in 2019. Let’s try again—2022 will be the year that HAMR and/or MAMR drives will hit the mainstream and will end up in our data centers as well. We do think 30TB drives built on any technology are at least a couple of years away, but it’s time for HAMR and MAMR to meet the data storage requirements of the future.

5. Supply Chain Traffic Jams Will Continue

Supply chains across all industries are experiencing massive limitations while demand continues to increase. Even when the kinks in the hose get worked out, transportation logistics will still choke supply at points. This is exacerbated by the pandemic, but we think it will be an ongoing issue as more organizations rely on supply for growth and business continuity.

In 2022, companies will accelerate the swing from what had been smart just-in-time supply chain management minimizing inventory to smart just-in-case supply chain management minimizing service and sales disruptions.

6. Microservices Will Kill Egress Fees

Better API-connected solutions will allow companies to avoid vendor lock-in and create flexible microservices-based applications while meeting their cloud-related needs (storage, compute, CDN, etc.). Companies will require lower egress fees to be able to move their data freely without breaking the bank. As independent cloud providers work together to minimize or completely eliminate egress fees, we predict that in 2022, smart companies will demand better from the likes of Amazon, Google, and Microsoft—lower egress, multi-cloud options, and vendor independence. Imagine the incremental innovation when companies need not sweat downloading and distributing their own data!

7. A Push for Interoperability

Unstructured data continues to grow unabated driven by our increasingly connected world. Some estimate it comprises 80% to 90% of the world’s data, and today it lives in multiple places—multiple clouds, on-premises data centers, and on the edge. Companies that want to extract the most value out of this data won’t stand for cloud providers who put up walls around their ecosystems. Data must easily flow between environments such that where the data lives becomes an afterthought. Savvy businesses will want to leverage providers interchangeably based on the best fit for their workloads, and those with open ecosystems will be favored for their flexibility.

What Do You Think the New Year Will Bring?

With another year upon us, we’re wondering… What are your predictions for 2022? Let us know in the comments.

Wishing you a happy and hopeful New Year!

The post 2021 and Beyond: Backblaze’s Predictions for the Coming Year appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Top Ten Blog Posts of 2021 & All Time

Post Syndicated from original https://www.backblaze.com/blog/top-ten-blog-posts-of-2021-all-time/

It’s that time of year again—our annual roundup of the best of our blog. As 2021 comes to a close and we all get ready to celebrate the start of a new year, we wanted to take a moment to look back at the posts that you, our readers, loved the most.

We looked at the data from this year and sorted out the top 10 blog posts we published in 2021 by unique views. If you’re an avid reader of our blog, you might not be surprised that these posts made it to the top ten, but you might enjoy the trip down memory lane. And if you’re curious about our top blog posts of all time, we’ve listed those, too. Read on to see which posts made it to the top of the Backblaze blog.

Top Blog Posts of 2021

  1. “Backblaze Drive Stats for Q1 2021.” You know them, you love them—it’s our quarterly Drive Stats data. The information from our first quarterly report of the year made it to the very top of the list with all the excitement of seeing how the drives in our data centers have been faring.
  2. “Backblaze Drive Stats for Q2 2021.” Following in a close second is our second Drive Stats report of 2021, with even more data on the lifetime hard drive failure rates of our HDD and SSD boot drives.
  3. “Are SSDs Really More Reliable Than Hard Drives?” Do SSDs really fail less often than HDDs? We took a look at this common question in response to our Drive Stats to see if the failure rate data could offer a definitive response. Turns out you were curious, too.
  4. “The Next Backblaze Storage Pod.” A lot has changed since we first open-sourced the designs for our Storage Pods, so we shared the steps for our thought process on building the next generation of our storage servers. Pod posts are a perennial powerhouse, and this year was no different.
  5. “Hold On, Back Up: This Is How to Save Your TikToks.” Here at Backblaze, we’re on the cutting edge of cloud storage and the latest social trends, plus we’re all about being proactive about protecting data, especially considering data loss can happen with social media apps at any moment. This guide walks you through downloading TikTok videos and making sure they’re backed up to the cloud.
  6. “Chia Analysis: To Farm, or Not to Farm?” With the arrival of Chia, and after we open-sourced software to store Chia plots, we wondered if farming Chia was right for our business. We shared the analysis and what we learned from proving out if it was right for us.
  7. HashiCorp Terraform and Backblaze logos

  8. “Easy Storage + Easy Provisioning: Backblaze Is Now a Terraform Provider.” In this post, we announced that Backblaze B2 Cloud Storage is a provider in the Terraform registry, which means that developers can provision and manage B2 Cloud Storage resources directly from a Terraform configuration file.
  9. “NAS 101: A Buyer’s Guide to the Features and Capacity You Need.” Network attached storage (NAS) allows you to easily store and manage data, but if it’s your first time buying a NAS device or you’re looking to upgrade your setup, the number of options can be overwhelming. This guide aims at making that process easier.
  10. “A Cloud Storage Experiment to Level Up Chia Farming.” As a precursor to our post sharing the analysis about whether Backblaze would choose to farm Chia, we open-sourced an experimental solution to store Chia plots on Backblaze B2. How’d it go? Read on!
  11. “Backblaze Drive Stats for Q3 2021.” It’s no surprise to see the Q3 Hard Drive Stats make it to this list, rounding out the top 10, and you can check out all of the data we’ve published over the years here.

Top Blog Posts of All Time

After looking at the top 10 blog posts of 2021, we felt like some of our most popular blog posts of all time deserved some end-of-year attention as well. You may know them well. They’re the posts you return to year after year. And if you don’t know them well, we’ve rounded them up here for you to bookmark for the next time you’re wondering how to wipe a hard drive or recover from a ransomware attack.

  1. “Guide to How to Wipe a Mac or Macbook Clean.” If you’re looking to upgrade your Mac or replace its drive, it’s important to make sure your data is backed up and securely erased before you toss out your old computer or pass it on to someone else. (Oh, and we have one for PCs as well.)
  2. “SSD 101: How to Upgrade Your Computer With an SSD.” An SSD can boost performance in a computer, especially if you’re replacing a hard drive with an SSD. This guide walks through the process of upgrading your computer with an SSD.
  3. “What’s the Diff: RAM vs. Storage.” People often use memory and storage interchangeably, but RAM and storage affect your computer’s performance in different ways. This post explains the difference.
  4. “SSD 101: How Reliable Are SSDs?” All drives fail, but how do we know if SSDs fail more often than HDDs? In this post we take a deep dive into SSD reliability factors.
  5. “What’s the Diff: Programs, Processes, and Threads.” If your computer is running slowly, knowing the difference between programs, processes, and threads can help you troubleshoot performance issues. We clarify the difference between the terms and describe the disadvantages and advantages of processes vs. threads.
  6. “Guide to How to Recover and Prevent a Ransomware Attack.” Ransomware attacks are on the rise, so it’s more important than ever to make sure you’re protected against a potential cyber security threat and know how to recover from one.
  7. “What’s the Diff: VMs vs. Containers.” Both VMs and containers can help get the most out of available hardware and software resources. We explain the differences between them and the best uses for both virtualization technologies.
  8. “Hard Disk Drive (HDD) vs. Solid-state Drive (SSD): What’s the Diff?” We spend a lot of time thinking about drives, so we put together this guide on the two drive types we receive the most questions about.
  9. “Hard Drive Cost Per Gigabyte.” This post from 2017 provides our own purchase data to explain the hard drive pricing curve from 2009 to 2017.
  10. “What’s the Diff: NAS vs. SAN.” A NAS device and a storage area network (SAN) are two different ways to store data—this guide helps clarify which is right for you and the pros and cons of either choice.

Thanks for Reading the Backblaze Blog in 2021

It’s been another great year of writing about cloud storage, entrepreneurship, how to back up data, and more. We want to thank you for joining us on the blog and sharing your thoughts in the comments. Did you have a favorite post that didn’t make it to either of these lists? We’d love to hear from you below!

The post Top Ten Blog Posts of 2021 & All Time appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

The Case for Backup Over Sync

Post Syndicated from Lora Maslenitsyna original https://www.backblaze.com/blog/the-case-for-backup-over-sync/

We hear it all the time: “I don’t need to back up my data, it’s already synced.” But backing up your data and syncing your data are two different animals—only a backup service actually protects all of your data while also making it accessible to you even when you’re away from your computer.

Are you using a sync service like Dropbox or OneDrive without a backup solution? If so, we’ll make the case for why you should use backup over sync, including the Backblaze features you won’t find from a sync service.

Read on for a refresher on the difference between backup and sync, and find out why choosing Backblaze over a sync service could be more beneficial to you.

Review: What’s the Difference Between Backup and Sync?

With the myriad of cloud services available, many people don’t understand the difference between sync and backup. You can read more about the difference between the two services here, but here’s a brief refresher:

  • Sync: These services allow you to access your files across different devices. You can also use sync services to share files with other users, where they can make changes from their computer that will be visible to you from your device.
  • Backup: These services usually work automatically in the background of your computer, backing up a copy of your new or changed data to another location (e.g., the cloud). Most backup services catalog and save the most recent version of your data, and some now offer features like Extended Version History, which you can use to recover files from even farther back in time than the standard 30 days.
Backup Pro Tip: Managing Your Devices

How many devices do you use to store and access your data on a given day? Between phones, tablets, laptops, and external hard drives, it can be a lot. We’ve created a few guides to help you make sure the data on your phone, computer, and hard drive is backed up or secured for whenever you plan to upgrade.

The Disadvantages of Sync Services

While sync tools are great for collaboration and 24/7 access to your data, they are not a viable backup solution and relying on them to protect your data can lead to trouble. If you or someone you shared a file with deletes that file, you are at risk of losing it forever unless the sync service you’re using has a version history feature. Sync services do not create a copy of your files for backup, and require additional setup to make sure you have some data protection enabled.

Data in sync services is also vulnerable to corruption by bad actors or malware as it does not provide a backup of your uncorrupted files. If your computer is hit with a ransomware attack and automatically synchronizes your data afterwards, all of your synced files will be corrupted.

Lastly, many people choose not to pay for a sync service, instead opting to use the free tier. For the most part, the free tiers of sync services have a cap on the amount of data you’re able to sync, meaning there will still be a portion of your data on your computer left unsynced, neither accessible by the service or protected in any capacity. Paying for more data in a sync service can become costly over time, and still does not offer protection against data loss.

The Backblaze Features You Won’t Get With a Sync Service

Sync and backup shouldn’t be thought of as opposing services—they’re better together. However, if your budget only allows for one, backup is the way to go.

Now, hear us out—as a backup provider, we may seem biased, but in reality, the benefits of using a backup service speak for themselves. Here are the Backblaze features you won’t get with a sync service:

  • Automatic, comprehensive data protection: Backblaze protects all of the data on your computer, not just the files in your synced folders. Think about all the things you save on your computer, but not in OneDrive or Dropbox. I imagine that might include important confidential documents like taxes, financial information, or legal documents, or just random stuff that doesn’t get saved to your sync service. With Backblaze, in case of potential data loss, you can find a copy of each of your files saved in the cloud. Also considering how much of our data is scattered across devices and platforms, having a backup of all of your data is valuable to keep it safe in case you can’t access a profile or device for any reason. (Check out our Backup Pro Tip below to learn more about how to back up your digital life.)
  • Fast and easy data restores: In the case that you lose your computer or it crashes and you need to restore all or some of your files, backup services like Backblaze allow you to download the important files you need via your internet connection and opt to have all of your files sent to you via USB hard drive. Meanwhile, downloading your data from a sync service depends on your internet bandwidth and can take days if not weeks. Also, with the Backblaze mobile apps for iOS and Android, all of your backed up data is with you, no matter where you are.
  • Extended Version History: Most backup providers offer version history for all of the data you are backing up. With this feature, you can restore your entire backup history, or just one file, from a specific point in time. Backblaze offers Extended Version History, so you can choose if you’d like to keep all versions of your data protected longer than the standard 30 days for a small additional fee. You can choose to keep versions for up to one year or forever. Not only does this feature provide better security for your data and the ability to restore files in the event of a potential cybersecurity breach, but it also gives you the ability to see changes to your edited files over time, much like with a sync service. Want to invite someone to collaborate on a file you’ve edited? You can even share files with other people by enabling Backblaze B2 Cloud Storage. Learn more about how to share files here, and more about B2 Cloud Storage here. (Note: Some sync services are catching on and starting to offer Extended Version History for customers on business or professional tiers or as add-ons. But, keep in mind, unless you’re on the highest tiers, chances are your storage is capped and you’re paying for extended versions of only some of your files.)
  • Ransomware protection: Another benefit of backup versus sync is protection against cybersecurity threats. In the case of a ransomware attack on your device, you will be able to completely restore your system from a backup that was created before the malware affected your files.
  • The ability to access your data from anywhere: While sync services are promoted as a way to access your files away from your computer, backup providers also allow you to download individual files or entire data backups from another device. Not only does this come in handy when transferring your data or restoring your old settings on an entirely new device, but also in the event that you need to access a file not covered by a sync service. Your data backup will have a copy of every single one of your files that you can access from another computer.
  • Location services: Additionally, some backup providers (Like us!) offer additional features or functionality—for example, location services like Backblaze’s Locate My Computer tool allow you to find a lost or stolen device. If you’re unable to get the device back, or you just need to access a file or folder when you’re away from your device, you can download or view data from a web browser or from the Backblaze mobile app.
Backup Pro Tip: Backing Up Your Digital Life

These days, our data is scattered across many different platforms—including social media, sync services, and more. We’ve gathered a handful of guides to help you protect your content. Read these guides to learn how to download your data and create a backup of it.

Don’t Sync—Back Up Instead

If you’re going to choose one service over the other, a backup service gives you the best of both worlds—you can make sure all of your data stays safe, you can access it from anywhere, and you can restore previous versions of your data whenever you need it. Backblaze Computer Backup let’s you do all of that, for Macs or PCs—learn more about it and download a free 15-day trial.

Do you have a preference for syncing your data vs. backing it up? We’d love to hear what you think in the comments.

The post The Case for Backup Over Sync appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How Interns Can Help Your Business and the World

Post Syndicated from Jason Knight original https://www.backblaze.com/blog/how-interns-can-help-your-business-and-the-world/

My name is Jason Knight and I lead the Growth team here at Backblaze. There are certain annual events you experience working in tech: fiscal year budgeting, conferences, and when HR asks if you want summer interns, and you say “No.”

2020 was a different year, and as everyone knows, a lot of the difference wasn’t good. So when HR and the Diversity, Equity, and Inclusion Committee reached out asking who would take interns over the summer of 2021, the stakes seemed higher. Backblaze is the most diverse company I’ve ever worked for. For me, especially in the broader context of what is happening in society today, the importance of helping to create a more inclusive and diverse workplace felt more vital than ever.

And yet, when HR came knocking, it was hard to see how having interns was going to be additive to the team. I was the only member of a new team (Growth) being spun up within the Marketing department. We had ambitious goals, and a lot to do to achieve them. I was skeptical that taking on interns would be constructive for driving results.

I was also hearing from some of my peers that they didn’t believe having interns would or could be beneficial to the company. They had come to the same conclusion I had year after year, and that was the problem. We were the problem—the company was willing to provide the resources, but a bottom line mentality was preventing us from risking our short-term success.

The choice seemed to be whether or not to risk personal and team success for the opportunity to help young people gain access to exciting and potentially lucrative careers. I wish I could say the answer was clear, but it wasn’t. My peers and I were all considering this same question, and our collective response was going to have a meaningful impact on the nature of the society we live in.

Building Internships That Work…for Everyone

After a lot of thought, I acknowledged that the primary reason I didn’t want interns was my assumption that they couldn’t create value. But as any good marketer knows, assumptions and received wisdom are often wrong. I didn’t have any real evidence on hand that interns didn’t create value. It made me wonder: What if the real opportunity was to challenge received wisdom and create a compelling argument for my peers within and outside of Backblaze to take the risk and provide a bigger on-ramp for interns across the industry?

I took a step back and organized my thoughts: What do we really want in an internship program right now?

  1. A program that adds value and makes the company money.
  2. More importantly, a model that encourages others to bring on more interns.

The Growth-positive Internship

This was an intriguing proposition, so I started to think about the internships from a “Growth” perspective. I sketched out an approach:

  1. Source candidates who have the potential to be A players.
  2. Give interns goals that can deliver clear ROI.
  3. Don’t defocus team leads with the program.
  4. Publish learnings in the hopes that other firms and leaders will also be inspired to take the plunge.

I told HR we’d take three interns. Three because for some reason, three people can generally help each other out better than one or two. I also thought the success of a program was a lot of weight to put on one intern.

It was still the middle of the winter, and we weren’t expecting the interns to join us until summertime. So I went back to work and hoped that in six months we would be in position to deliver a useful program that would improve both our bottom line and people’s lives. Which—if you know Backblaze—is right in line with our company values.

Assembling an ROI-oriented Intern Team

And suddenly, the interns’ arrival was just a month away. As I considered how to achieve my goal of a growth-positive internship, I tried to zero in on the clearest way to link their effort to value. For my team, the most attributable ROI is closest to the transaction, so I decided to start with the fantastic Sales Development Representative (SDR) team led by SDR Manager, Adam.

My thought was for the interns to spend a full six weeks working as full-time SDRs. Then maybe three weeks on, they could work on paid user acquisition putting a campaign together, and then three weeks on SEO launching a campaign. I talked to Anna, Senior Manager of Data and Analytics, about helping the interns quantify the value they were creating for their resumes, and she enthusiastically agreed to pitch in. In my mind, I could see the bullet points and action verbs filling up their incipient resumes.

This was the plan. No ramp up, straight into the deep end of the pool. Everyone was fully on board. It was time to interview some candidates.

Adam joined me, and we very quickly identified that interns fell on a spectrum with two ends:

  1. Students from elite schools with a history of relevant internships.
  2. Students from non-elite schools with few internships on their resume.

Given that the whole point of our program was to help students access opportunities that otherwise would not be available to them, I made the choice to rule out candidates who already had experience or access to our field. My fantastic HR partner, our Marketing and Sales Recruiter, Desiree, explained that this was a fairly typical experience sourcing candidates. On the HR team, they have long been focused on expanding DEI efforts in our internship program, so they have plenty of experience encouraging hiring managers to look past the brand halo elite colleges confer to applicants.

As Adam, Desiree, and I synchronized our efforts and filters, we eventually identified three people we wanted to work with: Roland, Javier, and Katie. Offers were extended, start dates and pay agreed to, and they were on their way (virtually, for all the obvious reasons).

Turning Interns Into Teammates

We also reached out to senior leaders in the Marketing department who agreed to be mentors to our interns, so VP of Marketing, Nick, worked with Roland; Director of Marketing Operations, Shannon, worked with Katie; and Senior Director of Marketing, Yev, worked with Javier. The interns started work as junior SDRs and launched their outbound sequences within a week of starting. They joined all of the Growth team meetings, and I scheduled a weekly sync meeting with them. Other than that, they functioned exactly like a junior SDR team.

The interns understood that success for them was converting our leads into sales accepted leads (SALs). To do this, they used our Growth stack: ZoomInfo, Outreach, Salesforce, Calendly, and Slack. They learned from expert SDRs what it means to be creative, work with fortitude in a rejection-based environment, and to find a way to succeed.

It took about a month before the first SALs started rolling in, but it happened, and then it happened again, and again, and again. Six weeks into their work and the program was clearly a success in every dimension we could wish. They fit into the team, they helped us achieve our SAL goals, and the whole of the Growth team enjoyed sharing their knowledge and skills with our interns.

It is probably worth taking a moment to contextualize the historical moment they were working with us: The Delta variant was spreading throughout the U.S. and political and social divisions were on the nightly news. The ambient stress level, in other words, was high for everyone. Add to that the fact that we were a new team with big goals and high expectations. All this to say: The interns could easily have been perceived as an unnecessary distraction.

But it turned out the opposite was true: In the midst of stress and ambiguity, the ability to share and help others bonded our team. Our Slack channel was 💥 filled with jokes, encouragement, and laughter. The interns were a ray of sunshine for the team, and I will never forget how relieved I was halfway through the internship that we had made this commitment.

Where the Rubber Hit the Road With the Intern Team

As we reached the halfway point, I asked the interns to think about whether they wanted to continue to work as SDRs or if they were interested in exploring what the other team members were doing: paid user acquisition, customer journey marketing, and SEO. All three requested to continue to work as SDRs, and while it was a surprise on some levels, it also made sense: The interns were doing critical work, learning skills, having success, and clearly making a difference.

Oh yeah, and they also generated $1,500,000.00 in the SAL pipeline.

Ultimately, they worked as SDRs for the whole of their internship. We will have to wait and see how much of their pipeline ends up being closed with wins, but they generated enough leads that it is hard to imagine they didn’t pay for all the internships the company provided. In other words, the program exceeded our wildest expectations, and I’m happy to report back that internships, if structured properly, can in fact add enormous value to the companies that provide them.

Looking Forward, and Thanks

I’m already looking forward to meeting next year’s interns. As a team, we will do our very best to show them why we love marketing at Backblaze.

I’d like to end by thanking Roland, Javier, and Katie for spending their summer with us. We are incredibly proud of the SALs our colleagues generated, and happy to call them friends. I remember when I was interviewing Javier and I asked him why he wanted to work at a cloud storage company, and he said “I worked at a deli near the Salesforce headquarters, and every day, all the employees would come to order food, and I couldn’t imagine what they did for the company. This is my chance to find out what it is to work in a company like that.” Now Javier knows not only what they do, but that he can succeed at doing it as well.

The post How Interns Can Help Your Business and the World appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Testing Your Ransomware Readiness

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/testing-your-ransomware-readiness/

Every eleven seconds. That’s how frequently ransomware attacks were predicted to happen this year according to Cybersecurity Ventures. And if U.S. Treasury predictions are correct, the payouts from those attacks will exceed a billion dollars by the end of the year.

Despite taking steps to be better prepared, many companies still end up paying ransoms because the cost of extended downtime to restore from backups with limited resources exceeds the ransom demand. Even then, assuming the decryption key even works, there’s no reason to assume threat actors won’t make additional modifications, leave backdoors they can exploit again, or use exfiltrated data against you.

But, you don’t have to let that be your story. Today, we’re explaining the reasons for testing your security stance, different testing strategies and best practices including penetration testing and recovery testing, and steps you can take to develop a testing protocol.

Ransomware is on the rise. Level up your security practices along with it.

First, Implement a Strong Backup Practice

Backups are a critical piece of your ransomware defense strategy. Before thinking about testing, take the time to shore up your ransomware defenses by implementing at least a 3-2-1 backup strategy, if not a more comprehensive strategy like 3-2-1-1-0 or 4-3-2.

If you’re unfamiliar with these strategies, they advise keeping at least three copies of your data on two different media with at least one off-site. Strategies like 3-2-1-1-0 and 4-3-2 go a step further, advising you to keep a copy offline or protected by Object Lock, ensure your data has zero errors, and/or keeping additional backup copies for good measure.

Ransomware Readiness Resources

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), publishes a set of guidelines that support the development of secure information systems. These controls cover operational, technical, and management practices for information security teams, including:

What Is the National Cybersecurity Center of Excellence?

NCCoE is a collaboration between industry organizations, government agencies, and academic institutions that work together to address the most important cybersecurity challenges facing businesses today. NCCoE develops modular, adaptable example cybersecurity solutions that demonstrate how to apply standards and best practices using commercially available technology.

The Cybersecurity and Infrastructure Agency (CISA) also offers a module, the Cybersecurity Evaluation Tool, that guides network administrators through a process to evaluate the cybersecurity practices on their networks. When it comes to evaluating your cybersecurity defensive stance, these resources are a good place to start.

Why Test Your Ransomware Defenses?

Weathering a ransomware incident depends on how prepared you are before the attack. First, by establishing a solid backup strategy. Second, by analyzing your vulnerabilities in a penetration test. And third, by testing recovery procedures to prepare and familiarize your team with your defense systems and your recovery plans. While there are many, the biggest reasons for testing your ransomware defenses include:

  1. Shifting threats: Cybersecurity threats are always evolving and changing. Regularly evaluating potential vulnerabilities and testing your recovery practices prepares you for unforeseen situations.
  2. Compliance: Companies in certain industries are required to show proof of vulnerability assessments and recovery testing in order to comply with regulations.
  3. Creating a culture of preparedness: Familiarizing your staff with testing and recovery procedures better prepares them if the real thing happens. In the moment, they’ll know exactly what to do.
  4. Prioritizing budgets: Identifying threats and potential vulnerabilities helps your team prioritize spending around the most mission critical efforts to protect your company.

Maybe your backup system is functioning well, but the effort to test recovery scenarios or analyze your environment for vulnerabilities is lower priority than day-to-day demands. Or maybe you’ve looked into vulnerability testing or recovery planning, but it’s out of scope for your organization—you may not need enterprise-scale solutions.

Either way, if you need any more justification to implement a vulnerability testing program or recovery solution, look no further than the many companies scrambling to respond to the Log4j vulnerability. A security engineer from a major software company explained it well in a WIRED article, “Security-mature organizations will start trying to assess their exposure within hours of an exploit like this, but some organizations will take a few weeks, and some will never look at it.” Any amount of time you can spend on preparation brings you that much closer to security maturity.

Testing Your Cybersecurity Readiness

Two security practices that security-mature organizations regularly undertake include penetration testing and disaster recovery testing. When thinking about your overall cybersecurity readiness, it helps to have an understanding of these key practices.

What Is Penetration Testing?

Penetration testing or pen testing is a broad term that covers many different levels of testing from phishing assessments, to vulnerability identification, to full on adversarial hacking simulations. Most organizations will choose to work with an outside consultant to conduct penetration testing and will scope out the depth and breadth of the testing procedures. Ideally, you want to work with someone with little or no knowledge of your systems so they can uncover vulnerabilities you might not see.

Those vulnerabilities are the output of a pen test, and they help organizations identify and prioritize steps to address in order to implement security upgrades.

What Is Disaster Recovery Testing?

Disaster recovery testing involves going through a simulated recovery scenario to make sure you can recover quickly and completely from backups. In the event of a ransomware attack or identification of a breach, the last thing you want is chaos. Regularly testing your recovery protocols helps you and your team build familiarity with the procedures. If you ever are attacked by ransomware, you’ll be much more comfortable knowing exactly what to do to bring your systems safely back up.

Disaster Recovery With a Single Command

If you’re using Veeam to manage backups, you can use Backblaze Instant Recovery in Any Cloud to quickly recover your systems without the overhead of an enterprise-scale solution. Instant Recovery in Any Cloud is an infrastructure as code package that makes ransomware recovery into a VMware/Hyper-V based cloud easy to plan and execute. Read more here.

The Testing Process

Whether you’re approaching a pen test or a recovery test, the overall steps in the process are generally similar:

  1. Design test objectives: Testing consumes time and resources, so it is essential to be thoughtful about what exactly you decide to test. If you are new to cybersecurity testing, you might find it helpful to start by running a simple small-scale test. At a minimum, define the business function you’re testing, the test duration, test method, the test objective, and any secondary objectives.
  2. Execute the test: Make early decisions about execution, including when you’ll conduct the test, if the test will interrupt production, and whether you’ll make employees aware of the test. There are pros and cons to most execution methods, so it really depends on your overall objectives.
  3. Analyze test results: When analyzing test results, identify both technical issues and business impacts. Did the process substantially disrupt production resulting in extensive downtime? How can you work to minimize that business impact?
  4. Implement continuous improvements: If you find gaps in your process during testing, celebrate that fact. You now know where you need to boost defenses or strengthen your recovery protocol before a real attack comes along. Generally speaking, focus your continuous improvement efforts on two principles: impact and likelihood. For example, a vulnerability capable of taking your payment system offline would have a high impact. If that vulnerability is also highly likely, addressing this issue may be a top priority.
  5. Schedule the next test: In IT security, there is no such thing as “done” because threats are constantly evolving. Tomorrow’s threats may require different safeguards. That’s why experts advise conducting annual testing of cybersecurity programs and recovery procedures as a starting point.

You Can Reduce Your Security Risk

By using regular testing and continuous improvement, you can reduce the likelihood of a severe IT security incident. Of course, there are other ways you can enhance your safeguards. If you’re looking for more detailed information on ransomware and how to protect data, identify threats, and recover from an attack, download our Complete Guide to Ransomware.

The post Testing Your Ransomware Readiness appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How Long Do Disk Drives Last?

Post Syndicated from original https://www.backblaze.com/blog/how-long-do-disk-drives-last/

Editor’s Note: This post has been updated since it was originally published in 2013 to provide the latest information and statistics.

How long do disk drives last? We asked that question several years ago, and at the time the answer was: We didn’t know yet. Nevertheless, we did present the data we had up to that point and we made a few of predictions. Since that time, we’ve gone to school on hard disk drive (HDD) and solid-state drive (SSD) failure rates. Let’s see what we’ve learned.

The initial drive life study was done with 25,000 disk drives and about four years of data. Today’s study includes data from over 200,000 disk drives, many of which have survived six years and longer. This gives us more data to review and lets us extend our projections. For example, in our original report we reported that 78% of the drives we purchased were living longer than four years. Today, about 90% of the drives we own have lasted four years and 65% are living longer than six years. So how long do drives last? Keep reading.

How Drives Are Used at Backblaze

Backblaze currently uses over 200,000 hard drives to store our customers’ data. Drives range in size from 4TB to 18TB in size. When added together, we have over two exabytes of hard drive space under management. Most of these drives are mounted in a storage server which accommodates 60 drives, plus a boot drive. There are also a handful of storage servers which use only 45 hard drives. The storage servers consist of Storage Pods (our own homegrown storage servers) and storage servers from external manufacturers. Twenty storage servers are grouped into a Backblaze Vault, which utilizes our own Reed-Solomon erasure coding algorithm to replicate and store customer data across the 20 servers in a Backblaze Vault.

Types of Hard Drives in the Analysis

The hard drives we use to store customer data are standard 3.5 inch drives you can buy online or in stores. The redundancy provided by the Backblave Vault software ensures the data is safe, while allowing us to use off-the-shelf drives from the three primary disk drive manufacturers: Seagate, Western Digital, and Toshiba. The following chart breaks down our current drive count by manufacturer. Note that HGST is now part of Western Digital, but the drives themselves report as HGST drives so they are listed separately in the chart.

Each of the storage servers also uses a boot drive. Besides the obvious function of booting the server, we also use these drives to store log files recording system access and activities which are used for analytics and compliance purposes. A boot drive can be either an HDD or an SSD. If you’re interested, we’ve compared the reliability of HDDs versus SSDs as it relates to these boot drives.

Number of Hard Drives

As stated earlier, we currently have over 200,000 disk drives we manage and use for customer data storage. We use several different disk drive sizes as the table below shows, with over 60% of those drives being 12TB or 14TB in size.

Drive Failure Rates

Before diving into the data on failure rates, it’s worth spending a little time clarifying what exactly a failure rate means. The term failure rate alone is not very useful as it is missing the notion of time. For example, if you bought a hard drive, what is the failure rate of a hard drive that failed one week after you purchased it? What about one year after you purchased it? Five years? They can’t all be the same failure rate. What’s missing is time. When we produce our quarterly and annual Drive Stats reports, we calculate and publish the annualized failure rate (AFR). By using the AFR, all failure rates are translated to be annual so that regardless of the timeframe (e.g., one month, one year, three years) we can compare different cohorts of drives. Along with the reports, we include links to the drive data we use to calculate the stated failures rates.

The Bathtub Curve

Reliability engineers use something called the bathtub curve to describe expected failure rates. The idea is that defects come from three factors: (1) factory defects, resulting in “infant mortality,” (2) random failures, and (3) parts that wear out, resulting in failures after much use. The chart below (from Wikimedia Commons) shows how these three factors can be expected to produce a bathtub-shaped failure rate curve.

When our initial drive life study was done, the Backblaze experience matched the bathtub curve theory. When we recently revisited the bathtub curve, we found the bathtub to be leaking, as the left side of the Backblaze bathtub curve (decreasing failure rate) was much lower and more consistent with the constant failure rate. This can be seen in the chart below which covers the most recent six years worth of disk drive failure data.

The failure rate (the red line) is below 2% for the first three and a half years and then increases rapidly through year six. When we plot a trendline of the data (the blue dotted line, a second order polynomial) a parabolic curve emerges, but it is significantly lower on the left hand side, looking less like a bathtub and more like a shallow ladle or perhaps a hockey stick.

Calculating Life Expectancy

What’s the life expectancy of a hard disk drive? To answer that question, we first need to decide what we mean by “life expectancy.”

When measuring the life expectancy of people, the usual measure is the average number of years remaining at a given age. For example, the World Health Organization estimates that the life expectancy of all newborns in the world is currently 73 years. This means if we wait until all of those new people have lived out their lives in 120 or 130 years, the average of their lifespans will be 73.0.

For disk drives, it may be that all of them will wear out before they are 10 years old. Or it may be that some of them last 20 or 30 years. If some of them live a long, long time, it makes it hard to compute the average. Also, a few outliers can throw off the average and make it less useful.

The number that should be able to compute is the median lifespan of a new drive. That is the age at which half of the drives fail. Let’s see how close we can get to predicting the median lifespan of a new drive given all the data we’ve collected over the years.

Disk Drive Survival Rates

To this day it is surprisingly hard to get an answer to the question “How long will a hard drive last?” As noted, we regularly publish our Drive Stats reports, which lists the AFRs for the drive models we use. While these reports answer the question at what rate disk drives will fail, they don’t tell us how long they will last. Interestly, the same data we collect and use to predict drive failure can be used to figure out the life expectancy of the hard drive models we use. It is all a matter of how you look at the data.

When we apply life expectancy forecasting techniques to the drive data we have collected, we get the following chart:

The life expectancy decreases at a fairly stable rate of 2% to 2.5% a year for the first four years, then the decrease begins to accelerate. Looking back at the AFR by quarter chart above, this makes sense as the failure rate increases beginning in year four. After six years we end up with a life expectancy of 65%. Stated another way, if we bought a hard drive six years ago, there is a 65% chance it is still alive today.

How Long WILL the Hard Drives Last?

What happens to drives when they’re older than six years? We do have drives that are older than six years, so why did we stop there? We didn’t have enough data to be confident beyond six years as the number of drives drops off at that point and becomes composed almost entirely of one or two drive models versus a diverse selection. Instead, we used the data we had through six years and extrapolated from the life expectancy line to estimate the point at which half the drives will have died.

How long do drives last? It would appear a reasonable estimate of the median life expectancy is six years and nine months. That aligns with the minimal amount of data we have collected to date, but as noted, we don’t have quite enough data to be certain. Still, we know it is longer than six years for all the different drive models we use. We will continue to build up data over the coming months and years and see if anything changes.

In the meantime, how long should you assume a hard drive you are going to buy will last? The correct answer is to always have at least one backup and preferably two, keep them separate, and check them often一the 3-2-1 backup strategy. Every hard drive you buy will fail at some point—it could be in one day or 10 years—be prepared.

The post How Long Do Disk Drives Last? appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

NAS and the Hybrid Cloud

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/nas-and-the-hybrid-cloud/

illustration of a NAS device and cloud storage

Upgrading to network attached storage (NAS) can be a game changer for your business. When you invest in NAS, you get easier collaboration, faster restores, 24/7 file availability, and added redundancy. But you can get an even bigger return on your investment by pairing it with cloud storage. When you combine NAS with a trusted cloud storage provider in a hybrid cloud strategy, you gain access to features that complement the security of your data and your ability to share files both locally and remotely.

In this post, we’ll look at how you can achieve a hybrid cloud strategy with NAS and cloud storage.

What Is Hybrid Cloud?

A hybrid cloud strategy uses a private cloud and public cloud in combination. To expand on that a bit, we can say that the hybrid cloud refers to a cloud environment made up of a mixture of typically on-premises, private cloud resources combined with third-party public cloud resources that use some kind of orchestration between them. A private cloud doesn’t necessarily need to live on-premises—some companies rent space in a data center to host the infrastructure for their private cloud—the important defining factor is that a private cloud is dedicated to only one “tenant” or organization.

illustration of hybrid cloud - private cloud sending data to public cloud
A hybrid cloud strategy combines a private cloud with a public cloud.

In this case, your NAS device serves as the on-premises private cloud, as it’s dedicated to only you or your organization, and then you connect it to the public cloud.

What Are the Benefits of Hybrid Cloud?

A hybrid cloud model offers a number of benefits, including:

  • Off-site backup protection.
  • Added security features.
  • Remote sync capabilities.
  • Flexibility and cost savings.

Hybrid Cloud Benefit 1: Off-site Backup Protection

To start with, cloud storage provides off-site backup protection. This aligns your NAS setup with the industry standard for data protection: a 3-2-1 backup strategy—which ensures that you have three copies of your data on two different media (read: devices) with one stored off-site. When using NAS and the cloud in a hybrid strategy, you have three copies of your data—the source data and two backups. One of those backups lives on your NAS and one is stored off-site in the cloud. In the event of data loss, you can restore your systems directly from the cloud even if all the systems in your office are knocked out or destroyed.

Hybrid Cloud Benefit 2: Added Security Features

Data sent to the cloud is encrypted in-flight via SSL, and you can also encrypt your backups so that they are only openable with your team’s encryption key. The cloud can also give you advanced storage options for your backup files, like Object Lock. Object Lock allows you to store data using a Write Once, Read Many (WORM) model. Once you set Object Lock and the retention timeframe, your data stored with Object Lock is unchangeable for a defined period of time. You can also set custom data lifecycle rules at the bucket level to help match your ideal backup workflow.

Hybrid Cloud Benefit 3: Remote Sync Capabilities

Cloud storage provides valuable access to your data and documents from your NAS through sync capabilities. In case anyone on your team needs to access a file when they are away from the office, or as is more common now, when your entire team is working from home, they’ll be able to access the files that have been synced to the cloud through your NAS’s secure sync program. You can even sync across multiple locations using the cloud as a two-way sync to quickly replicate data across locations. For employees collaborating remotely, this helps to ensure they’re not waiting on the internet to deliver critical files: They’re already on-site.

What’s the Difference Between Cloud Sync, Cloud Backup, and Cloud Storage?

Sync services allow multiple users across multiple devices to access the same file. Backup stores a copy of those files somewhere remote from your work environment, usually in an off-site server—like cloud storage. It’s important to know that a “sync” is not a backup, but they can work well together when properly coordinated.

Hybrid Cloud Benefit 4: Flexibility and Cost Savings

Additionally, two of the biggest advantages of the hybrid cloud are flexibility and cost savings. Provisioning an additional device to store backups and physically separating it from your production data is time consuming and costly. The cloud eliminates the need to provision and maintain additional hardware while keeping your data protected with a 3-2-1 strategy, and it can be scaled up or down flexibly as needed.

With NAS on-site for fast, local access combined with the cloud for off-site backups and storage of less frequently used files, you get the best of both worlds.

How to Set Up a Hybrid Cloud With NAS

Some cloud providers are already integrated with NAS systems. (Backblaze B2 Cloud Storage is integrated with NAS systems from Synology and QNAP, for example.) Check if your preferred NAS system is already integrated with a cloud storage provider to ensure setting up cloud backup, storage, and sync is as easy as possible.

Your NAS should come with a built-in backup manager, like Hyper Backup from Synology or Hybrid Backup Sync from QNAP. Once you download and install the appropriate backup manager app, you can configure it to send backups to your preferred cloud provider. You can also fine-tune the behavior of the backup jobs, including what gets backed up and how often.

Now, you can send backups to the cloud as a third, off-site backup and use your cloud instance to access files anywhere in the world with an internet connection.

Wondering If NAS Is Right for You?

Our Complete NAS Guide provides comprehensive information on NAS and what it can do for your business, how to evaluate and purchase a NAS system, and how to deploy your NAS. Download the guide today for more on all things NAS.

The post NAS and the Hybrid Cloud appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Will Containers Replace Virtual Machines?

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/will-containers-replace-virtual-machines/

Virtualization fundamentally changed the way the data center operates, and it wasn’t all that long ago. VMware released the ESX Server 1.5, its first hypervisor and arguably launched mainstream adoption of VMs in the enterprise, in 2002. To this elder millennial, it feels like just yesterday(ish).

The technology revolutionized infrastructure utilization—you could run multiple operating systems on the same hardware, maximizing your hardware resources. Then, containers—VMs’ younger, sleeker Gen Z cousin—came on the scene in a big way with Docker’s release in 2013, arguably the product that spurred mainstream adoption of containers. Containers allow multiple, isolated applications to share the same operating system kernel.

While they work differently, the two technologies share enough similarities that it begs the question—will containers replace virtual machines?

Today, we’re weighing in on the debate.

VMs vs. Containers: A Recap

VMs are software-defined computers. They run atop hypervisor software that allows multiple operating systems to share the same underlying physical hardware and operate in isolation from each other. The hypervisor virtualizes the underlying hardware, and each VM runs its own operating system (OS).

Before VMs, a single server could only support a single OS. If you wanted to run business applications with different OS requirements on the same server, or you wanted to run those applications without them interfering with each other, well, you couldn’t. Each business application you wanted to run—say, email or your CRM—had to have its own (usually over-provisioned, underutilized) set of hardware. After VMs, a single server could host multiple operating systems and run multiple applications. They drastically reduced the amount companies had to spend on hardware and hardware management.

Containers are also software-defined computing instances, but they run atop a shared, host OS. They package software into portable, executable units with all of the necessary dependencies to run anywhere—on a laptop, on a server, in the cloud, etc. The table below outlines the differences between VMs and containers.

VMs Containers
Heavyweight. Lightweight.
Limited performance. Native performance.
Each VM runs in its own OS. All containers share the host OS.
Hardware-level virtualization. OS virtualization.
Startup time in minutes. Startup time in milliseconds.
Allocates required memory. Requires less memory space.
Fully isolated and hence more secure. Process-level isolation, possibly less secure.

Without having to lug around all that OS code, containers are lighter weight (megabytes vs. VMs’ gigabytes) and start up faster than VMs. You can run two to three times as many applications on a single server with containers than you can with VMs.

Based on that alone, one could make the case that containers are the future and VMs are old news.

So, Will Containers Replace VMs?

The case seemed too easy, and we weren’t satisfied with basing a prediction on that alone. It’s just not that simple. To present a structured debate, we’ll look at the arguments for and against. In one corner: the case for VMs. In the other corner: the case for containers.

The Case for VMs

Even though containers are smaller and faster, it still might be a bridge too far to predict they’ll kill VMs forever. Here’s why:

  1. Familiarity and Maturity: While the tech industry is often fast to adopt the next, new thing, VMs are well-established in many organizations. Most businesses have entrenched processes, procedures, and teams in place to manage VM deployments, including backups and monitoring. “The way we’ve always done it” isn’t always the best reason to keep doing something, but there’s the “if it ain’t broke, don’t fix it” argument to contend with as well. If a monolithic application works well in a VM environment, there has to be a good reason to go through the effort of refactoring it to work in a container environment and sometimes, the effort isn’t worth the reward.
  2. Need for Full OS Capabilities: Using a VM with all OS services working together as one machine is sometimes preferable to a more orchestrated “Docker compose” or Kubernetes cluster with unnecessary complexity, especially for some complex applications.
  3. Heterogenous Environments: Need to run more than one OS? That’s what VMs are made for. Containers share the same OS kernel, and thus require a homogenous environment. There’s an argument to be made that enterprise data centers are moving toward more homogenous environments to standardize for more operational efficiency, but it hasn’t happened yet, broadly speaking. Many organizations still need to run more than one OS and will for the foreseeable future.
  4. Security: Container security is a flag that VM loyalists like to fly. The argument is that containers are more vulnerable because they share host OS resources whereas VMs include the OS within their virtual walls. If a container is attacked, it could infect other containers that share the host OS. If a VM is attacked, there’s an additional barrier between the VM, the host server, and other VMs on it.
  5. It’s Not an Either/or, But a Both/and: You can run containers on VMs, thus allowing companies with established VM procedures to adopt containers. They can take advantage of containers’ speed and agility without abandoning VMs wholesale.

The Case for Containers

But, containers have a lot of advantages in their favor. What makes them contenders to replace VMs? Here are a few counterpoints:

  1. Speed and Portability: Containers start up in just seconds compared to minutes for VMs, but the speed advantages containers bring go beyond start-up time. Because they solve the problem of environment consistency, developers spend far less time configuring environments and dealing with bugs. Container engines like Docker also have libraries of container images developers can use to speed up their work. And projects like the Open Container Initiative have been established to standards for containers, streamlining deployment.
  2. Scalability: With container orchestrators like Kubernetes or Cycle.io, containers scale automatically based on traffic demands. They can replicate container images when needed and spin them down when not. Containers’ small size and startup speed means they can scale faster than VMs.
  3. Modularity: Containers revolutionized application development such that applications could be developed as individual microservices loosely coupled together. This development approach enabled DevOps and Ci/CD practices, substantially speeding up application delivery. As one of our senior software engineers put it, the ability to lego-stack an entire environment is really powerful. Containers’ small size and portability mean applications can be built in small component parts and those parts can be stacked together to build a complete application.
  4. Ease of Updates: Updating and redeploying one small part of your application built as a microservice in a container is much easier to manage than a full-featured OS with update and downtime needs.
  5. OS Abstraction: Because containers abstract the operating system, they solve some virtualization problems more easily than VMs. Virtualization can be tricky in MacOS and M1 operating systems, and containers get virtual environments running easily on those operating systems.

The Last Word

Will containers replace VMs in development environments? They already have. But will containers replace VMs wholesale? We’d argue no.

Developers aren’t going back to building monolithic applications any time soon. Containers enable them to leave environment inconsistencies in the past and focus more on building code, creating better software, and creating it faster. With more pressure than ever to do just that, containers are firmly cemented as the dominant virtualization technology for developers.

But, it’s important to differentiate between containers as an application delivery mechanism versus an infrastructure mechanism. VMs are slower, less portable, and heavy, but they are still the go-to technology when it comes to provisioning infrastructure in an enterprise and running legacy, monolithic applications. For example, while containers have become the technology of choice in app development, it’s less likely that IT teams in other industries, say education, will be as interested in spending the time to refactor their custom-made student information system into a microservices architecture. Nor could they feasibly substitute containers for the thousands of VMs they assign to students.

Final answer? Both containers and VMs have a place in the modern data center.

Do you disagree? Have at it in the comments.

The post Will Containers Replace Virtual Machines? appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

A Guide for the Family IT Manager

Post Syndicated from Juan Lopez-Nava original https://www.backblaze.com/blog/a-guide-for-the-family-it-manager/

Does everyone in your family turn to you to help them fix some tech issue or another? Your uncle ever come to your house in the middle of the day to help him set up his iCloud account on his new iPhone? If the Wi-Fi goes down in the house, are you the first person your family calls before they call their internet provider? If you answered yes to any of these questions, congratulations! You are the family IT department.

Being the family IT admin is a job that you never formally applied for. It just happened over time as you continued to fix all the tech issues that accumulated around the house. If you’re looking for ways to best help your family manage their data and backups, this post will share some tips and advice so you can avoid those panicked requests from your parents or grandparents when they can’t find that favorite family photo or have trouble getting online.

Getting Started as the Head of the Family IT Department

Although it might feel like you’re always on-call to help your family with tech issues, there are a few ways you can set up your family with simple tech solutions even your grandfather will be able to figure out.

How to Back Up Your Digital Life
To start, check out our series of guides to help you protect content across many different platforms—including social media, sync services, and more. This list is always a work in progress—please comment below if you’d like to see another platform covered.
 

Best Practices for Managing Family IT

As the family IT admin, I’ve been asked to fix many issues, like devices that won’t start up or work properly, slow or interrupted internet connections, and even data loss. There are a few best practices you can follow to help encourage your family members to handle these problems independently, or even set up automated solutions. These best practices include:

  • Using the 3-2-1 backup strategy.
  • Keeping systems updated.
  • Troubleshooting network connectivity issues.
  • Setting up automated backups and a Group to centralize your family’s data backups.

The 3-2-1 Backup Method

While I have fixed a lot of issues, there are some issues that I have not been able to resolve, like retrieving a file on a damaged computer without a backup. Data loss can happen at any moment, from accidentally spilling something on your computer to system upgrades or even just accidental deletion. It’s always best to practice backup etiquette with the 3-2-1 method. Using this method, you will have the document saved in three different places—two copies of your data on-site but on different devices, for example, on your computer and an external hard drive, and one copy off-site, for example, in the cloud. In case you lose one, you have two as backup. There is no such thing as a perfect backup system, but the 3-2-1 approach is a great start for the majority of people and businesses, so it’s definitely good enough for your great aunt.

Keeping Systems Up-to-date

As the family IT admin, one of the most common issues you’ll probably face is a malfunctioning device, or a device that needs to be updated. A straightforward way to get started is by resetting the system—yes, just turn it off and turn it back on again. But the best way to ensure your devices are working properly is to ensure that all system updates have been properly installed. By making sure that all of your family’s devices are running on the most recent versions of their software, you can avoid running into problems with apps not working or other issues.

For many devices, running a software update or checking for a new software version is a pretty straightforward process. Apple has made it easy for iOS users—you can set software updates to automatically run in the background while you charge your phone at night. For a PC, you select the Start button, then select Settings > Update & security > Windows Update. Select Advanced Options, and then under “Choose how updates are installed,” select Automatic. You can even think about walking your family members through a check for updates so they can handle any issues on their own in the future.

Nowadays, we all use many devices to store and access our data every day. We’ve created a few guides to help you make sure the data on your phone, computer, and hard drive is backed up or secured for whenever you plan to upgrade.
 

Troubleshooting Network Connectivity Issues

When you’re dealing with a network issue, it can be frustrating because they often feel like they happen at the most inconvenient times. You can be on a call for work and bam! Lost connection. You want to play your PS5 games with friends after a long day at work? Think again, your internet was disconnected. Well, let me walk you through some of my thought process when I want to fix the internet connection.

  • Check if other devices that are connected to your Wi-Fi are having the same issues.
    • If not, then you will need to go to your network settings for that device. You can disconnect and reconnect to the Wi-Fi there.
  • If you are using an Ethernet cable, make sure that it’s properly connected.
  • Most internet providers have a service where you can check if the servers are down in your area. Double check that your home was not hit with an internet outage.
  • Go directly to the router and hit the reset button. Sometimes restarting helps solve the problem.

Setting Up Automated Data Backups

Typically, our data is scattered across many platforms and many devices. Take that, and multiply it by each member of your family—that’s a lot of data that needs to be backed up and secured. I can’t just sit and back up my family’s files and photos on a daily or weekly basis. Personally, I needed something I could install onto my family’s computers and forget about it, all while still knowing that it would back up their data without me constantly monitoring it. And remember, syncing your data is not the same as backing it up.

Backup tools are great for keeping your family’s data protected and ensuring your work as the family IT admin is made easier. Look for a simple app that can automate data backups and make them accessible from anywhere via the web or mobile apps.

(Shameless plug) Backblaze Computer Backup does just that. I set it up in minutes on all of my family’s computers, and now it just runs in the background of all of our devices.

How to Set Up Groups to Manage Your Family’s Backups

One feature that’s particularly helpful with using backup tools for protecting your family’s device data is centralizing your backups into a group. Groups are the best way to manage your family’s backups in one place. With Computer Backup, it’s easy to create a Group and add members to your Group.

  1. First, go to your Backblaze account. If you don’t have Groups enabled, simply go to your Settings tab and check the box to enable Groups.
  2. Now you can start your first Group. Name it whatever you want—I’m a very simple person so I call mine “Family,” but be as creative as you want.
  3. After creating your Group, you can start inviting your family members. You can choose to share a direct link to the group or email them an invitation. Once they get the link, your family members can create an account and install the client on their own computer to start backing up their data.

How to Back Up Your Family’s Data

Once your family has the Backblaze client installed on their computer, you are set! The scheduling is automatically set to back up continuously, so you don’t have to worry if your family’s computers are getting backed up. You can sleep in peace now!

You’re not alone in being the family IT admin—even though it might not be an official job, we all take the responsibilities seriously because we care about our families. What are some of the technical problems that you have had to solve as the family IT admin? Let us know in the comments.

The post A Guide for the Family IT Manager appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Why the World Needs Lower Egress Fees

Post Syndicated from original https://www.backblaze.com/blog/why-the-world-needs-lower-egress-fees/

Imagine a world where you can move data freely wherever you want, a world where you can use best-of-breed cloud providers to get the ideal service, optimize cost for your overall infrastructure, and build redundancy into your cloud platform—all without fear of lock-in.

In short, a world with lower egress fees.

Are lower egress fees a cure-all for the world’s problems? No, but it sure would make life easier for millions of companies. We believe in a multi-cloud world powered by low or zero egress fees. Today, we’re digging into what that means.

The Need for Multi-cloud

As companies seek to avoid vendor lock-in, get the best from different clouds, and provide redundancy for mission critical data, multi-cloud deployments are becoming more commonplace. According to Frost & Sullivan’s 2020 Global Cloud User Survey, respondents indicated growing from 43% adoption of multi-cloud in 2020 to 84% planned adoption of multi-cloud in 2022.

Multi-cloud deployments represent the future of cloud computing, and unlocking that potential means low or no egress fees.

The Case Against High Egress Fees

Cloud companies charge egress fees when customers want to move their data out of the provider’s platform. Existing diversified cloud providers such as Amazon charge egregiously high egress fees that make it expensive for customers to use multi-cloud infrastructures and therefore lock customers in to their services. These walled gardens hamper innovation and long-term growth.

The bottom line: high egress fees are a direct impediment to a multi-cloud future.

The Benefits of a Multi-cloud Future

The demand for multi-cloud infrastructure is rising and the case against high egress fees is gaining traction because a robust, multi-cloud system offers clear benefits:

  • Best-of-breed providers: Specialized cloud providers are focusing on key parts of the tech stack and offering the best services. Multi-cloud deployments enable customers to pick the best parts for their environment.
  • Disaster recovery: One of the biggest advantages of operating a multi-cloud environment is to achieve redundancy and plan for disaster recovery in a cloud-native deployment. If one public cloud suffers an outage, customers have mechanisms in place to direct their applications to failover to a second public cloud.
  • Cost optimization: Challenger companies (Shameless plug: that’s us!) can offer better pricing through innovation and a focus on specialized use cases than the traditional diversified clouds—Amazon, Google, and Microsoft.
  • Freedom from vendor lock-in: Many companies initially adopted one of the existing diversified cloud providers like Amazon or Google because they were the only game in town, but later felt restricted by their closed systems. Companies like Amazon seek to lock customers in with proprietary services. Adopting a multi-cloud infrastructure with interoperable providers gives these customers more negotiating power and control over their cloud deployments.
  • Unconflicted partners: Some customers find themselves in direct competition with companies like Amazon. Shifting their cloud usage to independent, unconflicted partners in a multi-cloud deployment means they don’t have to worry about how their data might be used against them, and they’re not spending money to support a direct competitor.

One Small Step in the Right Direction

After a recent AWS announcement, we’re one small, incremental step closer to that future where egress fees don’t hold you back. Last week, AWS announced an expansion of their free tier for data transfer to the internet from 1GB per month to 100GB per month. Fees above the free tier will remain the same, starting at $0.09/GB for 100GB to 9.999TB of data transfer out per month.

To understand this change in action, here’s a quick example. Previously, a customer egressing 100GB per month was paying $9 per month in egress fees. Now, they’ll pay nothing, and customers egressing above 100GB per month will get a $9 per month discount. (It’s worth noting that egress begins to be discounted beyond 9.999TB per month, but you’d be paying $900/month before that discount would take effect.)

Groundbreaking, it is not. But it’s a move that indicates AWS is bowing to industry pressure that calls their egress fees exactly what they are—exorbitant and egregious.

While it’s not going to be a payday for most customers, we still believe this is a good thing. Even a small reduction in fees could enable a customer to consider a multi-cloud solution when they hadn’t before. For example, let’s say a customer stores 1TB of data in Amazon S3, and they egress out 100GB per month. Egress used to cost them $9, now it’s free. That $9 per month savings could be used to store a backup copy of their 1TB of data (And then some!) in Backblaze B2 Cloud Storage, allowing them to achieve double the redundancy without changing their overall cloud spend. They get the peace of mind of knowing they’re better protected against data loss for the same cost.

Lower Egress = A Better, Multi-cloud World

At Backblaze, we’ve always believed it’s good and right to enable customers to readily use their data. Our egress fees stand at just $0.01/GB, and we’re proud to be a founding member of Cloudflare’s Bandwidth Alliance. Backblaze also waives egress fees to Fastly, Vultr, and other forward-thinking cloud companies, and we cover the cost of data migrations above 10TB through our Cloud to Cloud Migration service.

Lower egress fees support a flexible, open ecosystem on which customers are free to build multi-cloud deployments that level up their businesses. As a leading independent cloud storage platform, it’s part of our commitment to simplify the process of storing and using data. We’re just happy to see companies like Amazon starting to follow suit.

The post Why the World Needs Lower Egress Fees appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

What Are Microservices?

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/what-are-microservices/

Back in 2008, Netflix was facing scaling challenges: service outages, database corruption, a three-day lapse in DVD shipments. (Remember when Netflix still shipped DVDs?) Netflix solved these problems by refactoring their monolithic application to avoid the single points of failure that caused these issues. They implemented a microservices architecture before the term “microservices” even existed, making them pioneers in the field.

Today, almost all of the most popular applications—Uber, Amazon, Etsy—run in a microservices environment. If you’ve ever wondered what that means, you’re not alone. In this post, we’re digging into this popular method for developing web applications: the benefits, drawbacks, and considerations for choosing a cloud provider to support your microservices approach.

First, Some History: Monolithic Software Development

How would you develop a large, complex software system before the age of microservices? For developers who learned their craft in the dot com boom, it meant a large and complex development process, with tightly interlocking subsystems, a waterfall development model, and an extensive QA phase. Most of the code was built from scratch. There was a lot of focus on developing extremely reliable code, since it was very difficult and expensive to update products in the field. This is how software was developed for many years. The approach works, but it has some major issues. It’s slower, and it tends to produce complex software monoliths that are tough to maintain and upgrade.

What Are Microservices?

Current software engineering practices encourage a DevOps model using small, reusable units of functionality, or microservices. Microservices run essentially as a standalone process, carrying whatever information or intelligence they need to do their job. Their interfaces are limited and standardized to encourage reuse. This restricted access to internal logic very effectively implements the information-hiding practices that prevent other code from “peeking inside” your modules and making internal tweaks that destabilize your code. The result is (hopefully) an assortment of tools (databases, web servers, etc.) that can be snapped together like Legos™ to greatly reduce the development effort.

Microservices: Pros and Cons

This newer approach has many advantages:

  • It encourages and supports code reuse. Developers usually have access to an extensive library of microservices that can easily be plugged into their application.
  • It enforces logical module isolation to simplify the architecture and improve reliability. This makes initial design, implementation, product updates, enhancements, and bug fixes much easier and less error-prone.
  • It enables much more nimble development and delivery techniques, like DevOps and Agile. It’s much easier to add new functionality when you can just tweak a small piece of code (not worrying about potential invisible linkages to other modules), and then instantly push out an update to your users. You can improve your time to market by getting a “good enough” solution out there, and improve it to “ultimate” through ongoing updates.
  • It’s inherently scalable. By implementing microservices with containers, you can use an orchestration tool like Kubernetes or Cycle.io to handle scaling, failover, and load balancing. Each microservice component is independently scalable—if one part of your application experiences high load, it can respond to that demand without impacting other components.

However, like anything else, there are drawbacks. For one, moving from a monolithic architecture to a microservices architecture requires not just a change to the way your software is built but also the way your software team functions. And while a microservices architecture is more nimble, it also introduces complexity where none may have existed before in a monolithic deployment.

Microservices Use Cases

Microservices, and especially the containers and orchestration used to structure them, enable a number of different use cases that could benefit your organization, including:

  • Making a legacy application cloud-ready. If you want to modernize a legacy application and move it to the cloud, taking a microservices approach to your architecture is helpful. Refactoring a monolithic application and moving it to the cloud allows you to achieve the cost savings associated with the cloud’s pay-as-you-go model.
  • Cloud-native development. Similarly, if you want to take a cloud-first approach, it can help to start with a microservices architecture as it will serve you well later as your application scales.
  • Moving to DevOps. Microservices as an architectural model lend themselves to, and in many cases require, a change to a DevOps or Agile operational model. If you’re interested in moving from Waterfall to Agile development, microservices go hand in hand.
  • Running big data applications. Applications that ingest and process large amounts of data benefit from being broken down into microservices where each step in the data processing pipeline is handled independently.

When NOT to Use Microservices

The microservices model can introduce unnecessary complexity into an otherwise simple solution. If you have a simple or monolithic implementation and it’s meeting your needs just fine, then there is no need to throw it away and microservice-ize it. But if (when) it becomes difficult to update or maintain it, or when you’re planning new development, consider a more modular architecture for the new implementation.

Microservices + Cloud Storage: Considerations for Choosing a Cloud Provider

One impact of moving to a containerized, microservices model is the need for persistent storage. The state of a container can be lost at any time due to situations like hardware/software crashes or spinning down excess containers when load drops. The application running in the container should store its state in external (usually cloud) storage, and read the current state when it starts up.

Thus, administrators should carefully consider different providers before selecting one to trust with their data. Consider the following factors in an evaluation of any cloud provider:

  • Integrations/partner network: One of the risks of moving to the cloud is vendor lock-in. Avoid getting stuck in one cloud ecosystem by researching the providers’ partner network and integrations. Does the provider already work with software you have in place? Will it be easy to change vendors should you need to? Consider the provider’s egress fees both in general and between partners, especially if you have a high-bandwidth use case.
  • Interoperability and API compatibility: Similarly, make sure the cloud provider you’re considering favors an open ecosystem and offers APIs that are compatible with your architecture.
  • Security: What protections does the provider have against ransomware and other data corruption? Does the provider include features like Object Lock to make data immutable? Protection like this is recommended considering the rising threat of ransomware attacks.
  • Infrastructure as Code capability: Does the provider enable you to use infrastructure as code (IaC) to provision storage automatically? Using IaC to provision storage enables you to scale your storage without manually managing the process.
  • Pricing transparency: With varying data retention requirements, transparent pricing tiers will help you budget more easily. Understand how the provider prices their service including fees for things like egress, retention minimums, and other fine print. Look for backup providers that offer pricing compatible with your organization’s needs.

Are You Using Microservices?

Are you using microservices to build your applications? According to a TechRepublic survey, 73% of organizations have integrated microservices into their application architectures. If you’re one of them, we’d love to know how it’s going. Let us know in the comments.

The post What Are Microservices? appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Backblaze Holiday Gift Guide 2021

Post Syndicated from original https://www.backblaze.com/blog/backblaze-holiday-gift-guide-2021/

The holiday season is upon us, and here at Backblaze, we always love to see what cool, new things are out there for us to give to our friends and family. Every year, we ask our team members what gifts they’ll be giving (or treating themselves to) and share their ideas on our blog.

This year, our team’s gift ideas range from the latest in fitness trackers for the person who’s always on the go, to weighted blankets that keep you cozy, and helpful plant-rearing guides for blossoming green thumbs. Read on for some gift ideas that are sure to bring some holiday joy!

For Those Who Love Spending Time Outdoors

WHOOP

WHOOP is a fitness and health membership that offers a fitness tracker and an app that analyzes fitness, health, and sleep data as well as a way to connect with other WHOOP members. Their adjustable device can be worn with a range of garments or on their handy wristbands. And they’re stylish!

YETI Trailhead Camp Chair

Save yourself a seat wherever you are—the beach, the backyard, or the backcountry—with this lightweight camp chair.

ENO DoubleNest Printed Hammock

Don’t want to sit down after your hike? Lay down in this packable hammock instead!

Hidrate Spark 3 Smart Water Bottle

If you’re the type of person who needs to be reminded to drink water (me), this water bottle will glow when it’s time to hydrate. Luckily, it will not play obnoxious music.

And Those Who’d Rather Stay Home

Gravity Weighted Flannel Sherpa Blanket

Holiday season is also cozy season, and weighted blankets are arguably one of the best ways to enjoy it.

The New Plant Parent

If you or someone you know spent the early months of the pandemic transforming their home into a greenhouse (that also smelled of sourdough), this book provides all the houseplant tips and tricks they might need to keep their indoor garden thriving.

RENPHO Eye Massager

As many of us spend our days staring at screens that can strain our eyes over time, this eye massager is a great way to reduce tension and headaches. It even connects to your phone via Bluetooth so you can choose music to play as it works. Not to be confused with an
Oculus Quest 2.

TP-Link Kasa Smart Light Strip

Every kid will want one of these to decorate their room. You can light up your house with this multicolor light strip, which you can control from your phone.

For Your Foodie Friend

Anova Precision Cooker Pro

Treat the home chef in your life to this super precise and powerful sous vide tool that’s a fan favorite with over 100 million cooks.

Hot Ones 10 Pack Sauce Kit

Everything tastes better with hot sauce, and this kit includes the full lineup from season 16 of “Hot Ones.”

Koffie Inja

This small batch coffee roaster uses sustainable and ethically-sourced coffee beans and donates 20% of their proceeds to Muttville, a San Francisco-based senior dog rescue shelter.

Games and Game-related Accessories

Nintendo Game and Watch: The Legend of Zelda

Retro game fans will enjoy this collectible game and watch that includes three Legend of Zelda games.

Legendary Edition of Curse of Strahd

Strahd is a TTRPG favorite and this edition comes with bonus encounters, finger puppets, and lots more!

Glorious Modular Mechanical Keyboard

This is the world’s first RGB, modular mechanical keyboard. It’s easily customizable and needs no setup. For when you need your clanky keys to light up!

For the Practical Person

Wemo WiFi Smart Plug

This smart plug uses your home Wi-Fi connection to let you control plugged-in devices from your phone or tablet. Neat!

Tile Combo Pack

Have a friend or family member who’s constantly losing their keys or phone (or themselves)? Help them keep track of their items with this combo pack that works with Android or Apple devices.

Fuzzy Lined Crocs

Are they the most fashionable? Maybe not. But they might be the most comfortable, especially with the warm and fuzzy liner!

Give the Gift of Backblaze

Help your friends and family back up their data with Backblaze Computer Backup. They’ll thank you for helping make sure they never lose a file again.

Happy Gift-giving From Backblaze

We hope this gift guide has helped spark some ideas for your own holiday gift-giving! Comment below to tell us what gifts you’ll be giving your friends and family this year.

The post Backblaze Holiday Gift Guide 2021 appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

What Is Kubernetes?

Post Syndicated from Molly Clancy original https://www.backblaze.com/blog/what-is-kubernetes/

Do you remember when “Pokémon Go” came out in 2016? Suddenly it was everywhere. It was a world-wide obsession, with over 10 million downloads in its first week and 500 million downloads in six months. System load rapidly escalated to 50 times the anticipated demand. How could the game architecture support such out-of-control hypergrowth?

The answer: At release time, Pokémon Go was “The largest Kubernetes deployment on Google Container Engine.” Kubernetes is a container orchestration tool that manages resources for dynamic web-scale applications, like “Pokémon Go.”

In this post, we’ll take a look at what Kubernetes does, how it works, and how it could be applicable in your environment.

What Is Kubernetes?

You may be familiar with containers. They’re conceptually similar to lightweight virtual machines. Instead of simulating computer hardware and running an entire operating system (OS) on that simulated computer, the container runs applications under a parent OS with almost no overhead. Containers allow developers and system administrators to develop, test, and deploy software and applications much faster than VMs, and most applications today are built with them.

But what happens if one of your containers goes down, or your ecommerce store experiences high demand, or if you release a viral sensation like “Pokémon Go”? You don’t want your application to crash, and you definitely don’t want your store to go down during the Christmas crush. Unfortunately, containers don’t solve those problems. You could implement intelligence in your application to scale as needed, but that would make your application a lot more complex and expensive to implement. It would be simpler and faster if you could use a drop-in layer of management—a “fleet manager” of sorts—to coordinate your swarm of containers. That’s Kubernetes.

Kubernetes Architecture: How Does Kubernetes Work?

Kubernetes implements a fairly straightforward hierarchy of components and concepts:

  • Containers: Virtualized environments where the application code runs.
  • Pods: “Logical hosts” that contain and manage containers, and potentially local storage.
  • Nodes: The physical or virtual compute resources that run the container code.
  • Cluster: A grouping of one or more nodes.
  • Control Plane: Manages the worker nodes and Pods in the cluster.

You have a few options to run Kubernetes. The minikube utility launches and runs a small single-node cluster locally for testing purposes. And you can control Kubernetes with any of several control interfaces: the kubectl command provides a command-line interface, and library APIs and REST endpoints provide programmable interfaces.

What Does Kubernetes Do?

Modern web-based applications are commonly implemented with “microservices,” each of which embodies one part of the desired application behavior. Kubernetes distributes the microservices across Pods. Pods can be used two ways—to run a single container (the most common use case) or to run multiple containers (like a pod of peas or a pod of whales—a more advanced use case). Kubernetes operates on the Pods, which act as a sort of wrapper around the container(s) rather than the containers themselves. As the microservices run, Kubernetes is responsible for managing the application’s execution. Kubernetes “orchestrates” the Pods, including:

  • Autoscaling: As more users connect to the application’s website, Kubernetes can start up additional Pods to handle the load.
  • Self-healing: If the code in a Pod crashes, or if there is a hardware failure, Kubernetes will detect it and restart the code in a new Pod.
  • Parallel worker processes: Kubernetes distributes the Pods across multiple nodes to benefit from parallelism.
  • Load balancing: If one server gets overloaded, Kubernetes can balance the load by migrating Pods to other nodes.
  • Storage orchestration: Kubernetes lets you automatically mount persistent storage, say a local device or cloud-based object storage.

The beauty of this model is that the applications don’t have to know about the Kubernetes management. You don’t have to write load-balancing functionality into every application, or autoscaling, or other orchestration logic. The applications just run simplified microservices in a simple environment, and Kubernetes handles all the management complexity.

As an example: You write a small reusable application (say, a simple database) on a Debian Linux system. Then you could transfer that code to an Ubuntu system and run it, without any changes, in a Debian container. (Or, maybe you just download a database container from the Docker library.) Then you create a new application that calls the database application. When you wrote the original database on Debian, you might not have anticipated it would be used on an Ubuntu system. You might not have known that the database would be interacting with other application components. Fortunately, you didn’t have to anticipate the new usage paradigm. Kubernetes and containers isolate your code from the messy details.

Keep in mind, Kubernetes is not the only orchestration solution—there’s Docker Swarm, Hashicorp’s Nomad, and others. Cycle.io, for example, offers a simple container orchestration solution that focuses on ease for the most common container use cases.

Implementing Kubernetes: External Storage Required

Kubernetes spins up and spins down Pods as needed. Each Pod can host its own internal storage (as shown in the diagram above), but that’s not often used. A Pod might get discarded because the load has dropped, or the process crashed, or for other reasons. The Pods (and their enclosed containers and volumes) are ephemeral, meaning that their state is lost when they are destroyed. But most applications are stateful. They couldn’t function in a transitory environment like this. In order to work in a Kubernetes environment, the application must store its state information externally, outside the Pod. A new instance (a new Pod) must fetch the current state from the external storage when it starts up, and update the external storage as it executes.

You can specify the external storage when you create the Pod, essentially mounting the external volume in the container. The container running in the Pod accesses the external storage transparently, like any other local storage. Unlike local storage, though, cloud-based object storage is designed to scale almost infinitely right alongside your Kubernetes deployment. That’s what makes object storage an ideal match for applications running Kubernetes.

When you start up a Pod, you can specify the location of the external storage. Any container in the Pod can then access the external storage like any other mounted file system.

Kubernetes in Your Environment

While there’s no doubt a learning curve involved (Kubernetes has sometimes been described as “not for normal humans”), container orchestrators like Kubernetes, Cycle.io, and others can greatly simplify the management of your applications. If you use a microservice model, or if you work with similar cloud-based architectures, a container orchestrator can help you prepare for success from day one by setting your application up to scale seamlessly.

The post What Is Kubernetes? appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Backblaze Is Now a Public Company

Post Syndicated from original https://www.backblaze.com/blog/backblaze-is-now-a-public-company/

Today is a big day for Backblaze—we became a public company listed on the Nasdaq Stock Exchange under the ticker symbol BLZE!

Before I explain what this means for us and for you, I want to give my thanks. Going public is an important milestone and one we couldn’t have accomplished without your support. Thank you.

Whether you have believed in us from the beginning and have been a customer for over a decade, or joined us yesterday; whether you entrust us to back up a single computer or to run your entire company’s infrastructure on the Backblaze Storage Cloud; whether you’ve partnered with us to bring our services to one individual or thousands of companies, whether you’re a first-time visitor to our site or you’ve been a reader all along: Thank you. We really appreciate you working with us and supporting us.

What Does Becoming a Public Company Mean for Backblaze?

It means we have more resources with IPO proceeds to increase investment in the development of our Storage Cloud platform and the B2 Cloud Storage and Computer Backup services that run on it.

The future is being built on independent cloud platforms, and ours has been 14 years in the making. Today, we take the next big step in being the leading independent cloud for data storage.

Additionally, while we help about 500,000 customers already, we plan to expand our sales and marketing efforts to bring Backblaze to more businesses, developers, and individuals that would benefit from easy and affordable data storage that they can trust.

Finally, we have built Backblaze with not only a focus on the products we provide, but with a deep care for what it is like to work here. With these proceeds, we plan to continue to significantly grow our team, and are looking for many more kind, smart, talented people to join us. (Is that you? We’re hiring!)

And Most Importantly, What Does It Mean for You?

My short answer is: It means more of the good things you’ve come to expect from us at Backblaze.

I want to emphasize that while we’ll be doing “more” for you, today’s events don’t mean that we’re “different” on any fundamental level. We’re still guided by the same principles and the same team. As a reminder, here’s the core of the values that we’ve been committed to since our founding (as written by Brian Wilson, Co-founder and CTO):

“At Backblaze, we want to provide a quality product for a fair price. We want to be honest and up front with our customers as to what we can and cannot do, and we want to be paid only the money honestly owed to us, and never engage in sleazy or misleading business practices where customers are misled in any way or pay for a service they do not receive. We are the ‘good guys,’ and we act like it.”

The only thing that’s changing today is we now have a more robust structure and additional funding to deliver on these values for more customers and partners.

If you’d like to share your thoughts, we’d love to hear from you in the comments section below. In the coming weeks, I’ll share more about where we started, why we decided to go public, how we did it, and more. Stay tuned and for now…

It’s Time to Blaze On!

The post Backblaze Is Now a Public Company appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Ransomware Takeaways: Q3 2021

Post Syndicated from Jeremy Milk original https://www.backblaze.com/blog/ransomware-takeaways-q3-2021/

While the first half of 2021 saw disruptive, high-profile attacks, Q3 saw attention and intervention at the highest levels. Last quarter, cybercriminals found themselves in the sights of government and law enforcement agencies as they responded to the vulnerabilities the earlier attacks revealed. Despite these increased efforts, the ransomware threat remains, simply because the rewards continue to outweigh the risks for bad actors.

If you’re responsible for protecting company data, ransomware news is certainly on your radar. In this series of posts, we aim to keep you updated on evolving trends as we see them to help inform your IT decision-making. Here are five key takeaways from our monitoring over Q3 2021.

This post is a part of our ongoing series on ransomware. Take a look at our other posts for more information on how businesses can defend themselves against a ransomware attack, and more.

1. Ransomware Attacks Keep Coming

No surprises here. Ransomware operators continued to carry out attacks—against Howard University, Accenture, and the fashion brand Guess, to name a few. In August, the FBI’s Cyber Division and the Cybersecurity and Infrastructure Security Agency (CISA) reported an increase in attacks on holidays and weekends and alerted businesses to be more vigilant as we approach major holidays. Then, in early September, the FBI also noticed an uptick in attacks on the food and agriculture sector. The warnings proved out, and in late September, we saw a number of attacks against farming cooperatives in Iowa and Minnesota. While the attacks were smaller in scale compared to those earlier in the year, the reporting speaks to the fact that ransomware is definitely not a fad that’s on a downswing.

2. More Top-down Government Intervention

Heads of state and government agencies took action in response to the ransomware threat last quarter. In September, the U.S. Treasury Department updated an Advisory that discourages private companies from making ransomware payments, and outlines mitigating factors it would consider when determining a response to sanctions violations. The Advisory makes clear that the Treasury will expect companies to do more to proactively protect themselves, and may be less forgiving to those who pay ransoms without doing so.

Earlier in July, the TSA also issued a Security Directive that requires pipeline owners and operators to implement specific security measures against ransomware, develop recovery plans, and conduct a cybersecurity architecture review. The moves demonstrate all the more that the government doesn’t take the ransomware threat lightly, and may continue to escalate actions.

3. Increased Scrutiny on Key Players Within the Ransomware Economy

Two major ransomware syndicates, REvil and Darkside, went dark days after President Joe Biden’s July warning to Russian President Vladimir Putin to rein in ransomware operations. We now see this was but a pause. However, the rapid shuttering does suggest executive branch action can make a difference, in one country or another.

Keep in mind, though, that the ransomware operators themselves are just one part of the larger ransomware economy (detailed in the infographic at the bottom of the post). Two other players within the ransomware economy faced increased pressure this past quarter—currency exchanges and cyber insurance carriers.

  • Currency Exchanges: In addition to guidance for private businesses, the Treasury Department’s September Advisory specifically added the virtual currency exchange, SUEX, to the Specially Designated Nationals and Blocked Persons List, after it found that more than 40% of the exchange’s transactions were likely related to ransomware payments. The Advisory imposed sanctions that prohibit any U.S. individual or entity from engaging in transactions with SUEX.
  • Cyber Insurance Carriers: It makes sense the cyber insurance industry is booming—the economics of risk make it lucrative for certain providers. Interestingly, though, we’re starting to see more discussion of how cyber insurance providers and the victim-side vendors they engage with—brokers, negotiators, and currency platforms like SUEX—are complicit in perpetuating the ransomware cycle. Further, the Treasury Department’s September Advisory also included a recommendation to these victim-side vendors to implement sanctions compliance programs that account for the risk that payments may be made to sanctioned entities.

4. An Emerging Moral Compass?

In messages with Bloomberg News, the BlackMatter syndicate pointed out its rules of engagement, saying hospitals, defense, and governments are off limits. But, sectors that are off limits to some are targets for others. While some syndicates work to define a code of conduct for criminality, victims continue to suffer. According to a Ponemon survey of 597 health care organizations, ransomware attacks have a significant impact on patient care. Respondents reported longer length of stay (71%), delays in procedures and tests (70%), increase in patient transfers or facility diversions (65%), and an increase in complications from medical procedures (36%) and mortality rates (22%).

5. Karma Is a Boomerang

It’s not surprising that ransomware operators would steal from their own, but that doesn’t make it any less comical to hear low-level ransomware affiliates complaining of “lousy partner programs” hawked by ransomware gangs “you cannot trust.” ZDNet reports that the REvil group has been accused of coding a “backdoor” into their affiliate product that allows the group to barge into negotiations and take the keep all for themselves. It’s a dog-eat-dog world out there.

The Good News

This quarter, the good news is that ransomware has caught the attention of the people who can take steps to curb it. Government recommendations to strengthen ransomware protection make investing the time and effort easier to justify, especially when it comes to your cloud strategy. If there’s anything this quarter taught us, it’s that ransomware protection should be priority number one.

If you want to share this infographic on your site, copy the code below and paste into a Custom HTML block. 

<div><div><strong>The Ransomware Economy</strong></div><a href="https://www.backblaze.com/blog/ransomware-takeaways-q3-2021/"><img src="https://www.backblaze.com/blog/wp-content/uploads/2021/11/The-Ransomware-Economy-Q3-2021-scaled.jpg" border="0" alt="diagram of the players and elements involved in spreading ransomware" title="diagram of the players and elements involved in spreading ransomware" /></a></div>

The post Ransomware Takeaways: Q3 2021 appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.