Artwork

Player FM - Internet Radio Done Right
Checked 1d ago
اضافه شده در three سال پیش
محتوای ارائه شده توسط W. Curtis Preston (Mr. Backup). تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط W. Curtis Preston (Mr. Backup) یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !
icon Daily Deals

Can you apply least privilege to private data?

55:55
 
اشتراک گذاری
 

Manage episode 359795563 series 3332029
محتوای ارائه شده توسط W. Curtis Preston (Mr. Backup). تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط W. Curtis Preston (Mr. Backup) یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

You know how we tell you to limit the amount of privilege each admin gets, in order to limit the blast radius if their account is compromised? What if you could apply that concept to applications that use private data to accomplish their task? We blindly give everything we have on each person to just about any app that needs anything. But if you had an app that only needs first name and email address, why not just give it that? And if it asks for more than that, what if you had a way to give it masked data, since it doesn't really need it anyway? That's how I would describe Sky Flow, a privacy as a service company, after interviewing its Head of Marketing, Sean Falconer. Fascinating new approach to the problem of personal data sprawl.

  continue reading

308 قسمت

Artwork
iconاشتراک گذاری
 
Manage episode 359795563 series 3332029
محتوای ارائه شده توسط W. Curtis Preston (Mr. Backup). تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط W. Curtis Preston (Mr. Backup) یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

You know how we tell you to limit the amount of privilege each admin gets, in order to limit the blast radius if their account is compromised? What if you could apply that concept to applications that use private data to accomplish their task? We blindly give everything we have on each person to just about any app that needs anything. But if you had an app that only needs first name and email address, why not just give it that? And if it asks for more than that, what if you had a way to give it masked data, since it doesn't really need it anyway? That's how I would describe Sky Flow, a privacy as a service company, after interviewing its Head of Marketing, Sean Falconer. Fascinating new approach to the problem of personal data sprawl.

  continue reading

308 قسمت

همه قسمت ها

×
 
The EU cloud exit movement is reshaping how European organizations think about data storage and sovereignty. Companies across Europe are moving away from US-based cloud providers like Microsoft 365, AWS, and Google Workspace due to concerns about the Cloud Act and data privacy regulations. In this episode, Curtis and Prasanna explore the backup implications of this major shift. They discuss the challenges of replacing comprehensive platforms like Microsoft 365 with multiple EU-based providers, the complexities of bringing services back in-house, and why the 3-2-1 backup rule becomes even more critical during these transitions. Whether organizations choose local providers or decide to self-host their infrastructure, data protection remains paramount. The hosts share real-world examples of failed backup strategies, including the Rackspace Exchange disaster and OVH's data center fire, to illustrate why third-party backup solutions are necessary regardless of your hosting choice.…
 
Air gap has become one of the most overused and misunderstood terms in backup and recovery. In this episode, W. Curtis Preston and Prasanna explore what air gap really means, tracing its origins from the days when everyone used tape storage to modern virtual implementations. They discuss how true air gap required physical separation - tapes stored offsite at facilities like Iron Mountain - and why this gold standard is nearly impossible to achieve with today's connected backup systems. The conversation covers modern alternatives including immutable storage, IAM-based protection, and simulated air gaps that disconnect network connections when not actively replicating. Curtis and Prasanna explain why ransomware has made air gap more important than ever, and provide practical guidance for evaluating vendor claims about air gap capabilities in cloud and hybrid environments.…
 
The largest data breach in recent memory has exposed 16 billion login credentials across multiple databases, and we're here to help you understand what it means for your security. This massive exposure involves data stolen primarily through infostealer malware rather than a single company breach. Join W. Curtis Preston, Dr. Mike Saylor, and Prasanna Malaiyandi as they break down this complex security incident. Learn why this largest data breach is actually a compilation of stolen credentials from various sources, how infostealer malware works, and why your browsing habits might be putting you at risk. The team discusses practical security measures including proper browser hygiene, multi-factor authentication best practices, and password management strategies. Mike shares eye-opening insights about session security and why having multiple browser tabs open during sensitive activities could compromise your accounts. Get actionable advice on protecting yourself from the fallout of this massive credential exposure.…
 
This episode breaks down snapshot backup fundamentals, covering the key differences between traditional storage snapshots and cloud-based approaches. Curtis and Prasanna explain copy-on-write versus redirect-on-write methods, performance implications, and why some snapshot systems can degrade performance by up to 50%. Learn about NetApp's redirect-on-write innovation, VMware's unique approach, and how AWS "snapshots" are actually more like traditional backups. The hosts discuss critical concepts like read-only snapshot properties, storage space management, and the importance of copying snapshots to create true backups that follow the 3-2-1 rule. Whether you're managing traditional storage arrays or cloud infrastructure, this episode provides practical guidance on turning snapshots into effective backup strategies. Topics include performance optimization, immutable storage considerations, and real-world implementation challenges that every IT professional faces.…
 
Human error has replaced hardware failures as the primary driver of data loss and restore operations in modern IT environments. This episode explores real-world examples of how both end users and administrators create the need for backup and recovery operations through accidental deletions, configuration mistakes, and poor processes. W. Curtis Preston shares war stories from his decades in the industry, including incidents involving accidental directory deletions, source code stored in temporary folders, and tape library disasters. The discussion covers how technology improvements like RAID and solid-state drives have made hardware more reliable, shifting the focus to human-related incidents. The hosts also examine insider threats and the importance of implementing proper controls around privileged access. Learn why understanding human error patterns is critical for designing effective backup and recovery strategies that account for the reality of how data actually gets lost.…
 
Learn how to extract measurable ROI from your backups beyond traditional disaster recovery. Curtis and Prasanna explore proven strategies for extracting business value from backup infrastructure through test and development environments, security monitoring, compliance checking, and AI-powered analytics. Discover why the shift from tape to disk storage created new opportunities for ROI from backups, including instant restore capabilities and data mining applications. The hosts share real-world examples of organizations using backup data for threat detection, regulatory compliance, and business intelligence. From Veeam's AI integration to copy data management techniques, this episode reveals practical approaches to transform backup systems from cost centers into value generators. Whether you're struggling to justify backup expenses or seeking ways to leverage existing investments, these ROI from backups strategies can help extract maximum value from your stored data.…
 
World Backup Day falls on March 31st - the day before April Fool's Day because not backing up your data is no joke. In this episode, hosts W. Curtis Preston and Prasanna Malaiyandi discuss alarming statistics about data loss and why proper backup strategies are essential for business survival. The hosts break down the famous 3-2-1 backup rule and how it applies to both consumers and enterprises. They examine the growing threat of ransomware, including double extortion attacks where criminals not only encrypt your data but threaten to publish it. With 94% of companies that suffer major data loss failing to recover, and 70% of small businesses closing within a year of significant data loss, World Backup Day serves as a crucial reminder to implement robust backup strategies that include immutable storage and protection for often-overlooked SaaS applications. Stories from this episode: https://www.forbes.com/sites/tomcoughlin/2025/03/31/march-31-is-world-backup-day/ https://objectfirst.com/blog/world-backup-day-2025/ https://www.backupwrapup.com/peter-krogh-who-coined-the-3-2-1-rule-on-our-podcast/…
 
You've found The Backup Wrap-up, your go-to podcast for all things backup, recovery, and cyber-recovery. In this episode, we tackle one of the scariest threats out there - ransomware targeting VMware ESXi environments. I'm joined by Prasanna Malaiyandi and our special guest Melissa Palmer, also known as @vmiss, who's an independent technology analyst and ransomware resiliency architect. We get into why virtualization environments are such juicy targets for attackers, how they're specifically going after vCenter and ESXi hosts, and why your backup strategy is probably missing some critical components. If you've got a virtualized environment, you need to listen to this. Melissa brings her unique perspective from both the virtualization and security worlds to help you protect your most critical infrastructure. So buckle up - this is an episode you can't afford to miss if you want to keep your VMware environment safe from ransomware attacks.…
 
In this episode of The Backup Wrap-up, W. Curtis Preston breaks down the key VeeamON announcements from the VeeamON 2025 conference in San Diego. He highlights Veeam's focus on security and ransomware defense, including their new CrowdStrike integration and data resilience maturity model developed with McKinsey and MIT. Curtis shares his excitement about Veeam's long-awaited Linux-based software appliance, which addresses a critical security vulnerability in Windows-based backup systems. He also discusses other major VeeamON announcements like their Anthropic partnership for AI-powered backup content search, Microsoft Intra ID support, and the ability to recover backups to Azure in under five minutes. Whether you're a Veeam customer or just interested in backup technology trends, this episode provides valuable insights into these significant VeeamOn announcements.…
 
DOGE and GSA recently made headlines with a tweet claiming $1 million annual savings by converting 14,000 magnetic tapes to "permanent modern digital records." In this episode, W. Curtis Preston and Prasanna Malaiyandi analyze whether this claim is possible – although they cannot actually validate it due to lack of information. They discuss that DOGE and GSA's claim is possible given the significant costs of maintaining legacy systems, the migration process would also likely take months and involve substantial upfront expenses. Curtis also shares a humorous story about accidentally pressing an emergency power button during a critical mainframe recovery.…
 
Tape backup for small business might sound like old tech, but Mag Store's new Thunderbolt-compatible tape drive could change that perception. In this episode, we discuss how this new offering potentially opens tape technology to a wider market of SMBs and content creators looking for ransomware protection and cost-effective long-term storage. Curtis and Prasanna dive into the specifics of when tape backup makes financial sense for small business data protection, particularly for companies generating large amounts of data or concerned about cloud security. They explore the $6,000 upfront investment against the long-term benefits of $90 tape cartridges that hold 45TB compressed. Perfect for SMBs with on-premises data or YouTube creators needing affordable archive solutions that are truly air-gapped from ransomware threats.…
 
In this episode of The Backup Wrap-Up, Curtis and Prasanna explore how forever incremental backup technology revolutionized the data protection industry. They discuss the evolution from traditional backup methods to modern approaches that eliminate the need for regular full backups, dramatically reducing network traffic, storage requirements, and backup windows. The hosts examine the technical foundations of forever incremental backups, from block-level incremental tracking to backend storage innovations that make multiple recovery points possible without redundant data transfers. They compare older approaches like synthetic fulls with true forever incremental implementations, highlighting the critical differences and benefits. Whether you're still using legacy backup tools or evaluating modern solutions, this episode provides essential insights into why forever incremental has become the standard for efficient, reliable backup systems.…
 
In this episode of The Backup Wrap-Up, we look at the cloud vs tape debate for active archives. The conversation was sparked by a LinkedIn post claiming tape libraries are the only robots not making things easier in 2025, suggesting cloud is superior to tape for active archives. We challenge this premise by pointing out that cloud vs tape is a false dichotomy since many cloud storage vendors use tape for their lowest-cost tiers. We examine key considerations including cost (where tape wins by orders of magnitude), data integrity (where tape actually outperforms disk), and access times (where expectations should align with use cases). For organizations running on-premises infrastructure, we also highlight the often-overlooked egress costs and transfer times associated with cloud storage. Whether you're managing secondary storage or planning an archive strategy, this candid discussion cuts through the marketing hype. Here's the LinkedIn post that sparked the discussion: https://www.linkedin.com/feed/update/urn:li:activity:7300167312144322561/ Here's a recent episode about how tape is not dead: https://www.backupwrapup.com/is-tape-backup-dead-why-it-still-matters/…
 
In this eye-opening episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi unpack crucial disaster recovery lessons from major events like 9/11. They discuss how companies lost both primary and backup data centers when both World Trade Center towers fell, highlighting why geographic separation is non-negotiable. The hosts break down the technical aspects of disaster recovery, comparing hot sites versus cold sites, and the realities of synchronous versus asynchronous replication across distances. Beyond the technical, Curtis and Prasanna share often-overlooked disaster recovery lessons about human factors—where recovery teams will sleep, eat, and work during extended outages when infrastructure is destroyed. They examine a real case from a hurricane-stricken island where teams converted conference rooms to sleeping quarters and relied on satellite communications. Whether you're planning for natural disasters, power outages, or ransomware attacks, these disaster recovery lessons will help ensure your organization can recover when—not if—disaster strikes.…
 
In this episode of The Backup Wrap-up, Curtis and Prasanna discuss how to choose the best password manager in light of recent security breaches. They examine the LastPass hack that resulted in $150 million of stolen cryptocurrency and what that teaches us about password manager security. The hosts break down the critical security features to look for in the best password manager, including encryption strength, iteration counts, multi-factor authentication options, and passkey support. They emphasize that even with the LastPass breach, using a password manager is still far safer than not using one at all. This episode provides practical guidance on evaluating password manager security beyond the standard feature comparisons, with specific recommendations for cryptocurrency users and insights into the technical aspects of password vault protection. Here are some references for today's episode: https://www.rubrik.com/blog/company/25/rubrik-information-security-team-update https://www.bleepingcomputer.com/news/security/ransomware-gang-encrypted-network-from-a-webcam-to-bypass-edr/ https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/ https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/…
 
Loading …

به Player FM خوش آمدید!

Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.

 

icon Daily Deals
icon Daily Deals
icon Daily Deals

راهنمای مرجع سریع

در حین کاوش به این نمایش گوش دهید
پخش