In this episode, we examine the StorageCraft outage that erased customer backup data during a botched cloud migration. We compare StorageCraft's response to Carbonite's in a similar incident and discuss the critical lessons for backup vendors and customers. Learn the importance of meticulous migration processes, potential backup resiliency strategies, and what to do if your cloud backups disappear. Don't miss these vital insights to avoid cloud backup disasters and ensure your data is always recoverable.Stories covering this outage:https://www.crn.com/slide-shows/storage/arcserve-ceo-storagecraft-backup-data-loss-not-acceptablehttps://www.techtarget.com/searchdisasterrecovery/news/252515647/StorageCraft-DRaaS-outage-highlights-layered-protection-needhttps://www.reddit.com/r/msp/comments/tgggey/just_got_a_call_from_storagecraft_cloud_data_is/https://blocksandfiles.com/2022/03/22/arcserve-storagecraft-operation-has-lost-customer-data/https://www.channele2e.com/news/arcserve-storagecraft-draas-suffers-cloud-data-protection-issues

In this episode, we examine the Rackspace ransomware attack that crippled the company's hosted exchange environment, affecting thousands of customers. We discuss the timeline of events, the importance of timely patching, and the challenges Rackspace faced in restoring customer data. Learn about the value of comprehensive disaster recovery plans and third-party backups in protecting your organization from similar attacks. Don't miss this opportunity to gain valuable insights from one of the most significant ransomware incidents in recent years.

In this episode, we uncover the troubled history of Carbonite, a once prominent cloud backup provider plagued by lawsuits. In one Carbonite lawsuit they were the plaintiff, in another they were the defendant. From using inadequate storage arrays to failing to protect customer data, Carbonite's story serves as a warning for backup customers. Learn the importance of thoroughly vetting backup vendors and the risks of blindly trusting marketing claims. Don't miss this deep dive into Carbonite's multi-million dollar legal battles and valuable lessons for anyone relying on cloud backup services.Stories discussed in this episode:https://backupcentral.com/carbonite-liar/https://archive.nytimes.com/pogue.blogs.nytimes.com/2009/01/27/carbonite-stacks-the-deck-on-amazon/https://www.theregister.com/2009/03/23/carbonite_sues_promise/https://www.backblaze.com/blog/carbonite-data-loss-reports-miss-the-point/https://www.datacenterknowledge.com/archives/2009/03/23/carbonite-lawsuit-reveals-data-losshttps://www.datacenterknowledge.com/archives/2009/03/25/more-on-carbonites-data-losshttps://archive.nytimes.com/pogue.blogs.nytimes.com/2009/01/27/carbonite-stacks-the-deck-on-amazon/https://www.computerworld.com/article/2481289/carbonite-loses-7-500-customers--files--ouch-.htmlhttps://techcrunch.com/2009/01/03/journalspace-drama-all-data-lost-without-backup-company-deadpooled/https://archive.nytimes.com/bits.blogs.nytimes.com/2008/09/11/carbonite-steps-up-the-competition-in-online-back-up/?scp=1&sq=mozy&st=cse&apage=2#commentshttps://www.cnet.com/tech/tech-industry/carbonite-sues-hardware-maker-reseller/​​https://fingfx.thomsonreuters.com/gfx/legaldocs/byprkkkozve/01312024carbonite.pdf

In this episode of The Backup Wrap-Up, Curtis and his co-host dive into the chaos caused by Salesforce's accidental "modify all" permission change in 2019. They explore the fallout from this real-world SaaS disaster, including how Salesforce scrambled to restore proper permissions and the frustration felt by impacted customers.Curtis and his co-host discuss the crucial role third-party backups could have played in mitigating the impact of this incident, and why relying solely on a SaaS vendor's recovery capabilities can leave organizations vulnerable. They also share practical advice on how listeners can avoid similar cloud disasters by implementing a comprehensive backup strategy for their SaaS applications.Whether you're a Salesforce user, a SaaS enthusiast, or simply interested in the world of data protection, this episode offers valuable insights and entertaining anecdotes that will help you become a Cyber Recovery Hero. Tune in to learn, laugh, and discover how to safeguard your organization's critical data in the cloud.LinksOriginal SF post: https://issues.salesforce.com/issue/a028c00000qQ53kAAC/user-profiles-and-permission-sets-related-to-pardot-licensed-orgs-were-modified-by-salesforceSecond post: https://salesforce.stackexchange.com/questions/262830/salesforce-bug-enabled-modify-allBig deal: https://appomni.com/blog_post/2019-blog-modify-all/SF follow up: https://help.salesforce.com/s/articleView?id=000384056&type=1

In this shocking episode of The Backup Wrap-up, we delve into the jaw-dropping data loss disaster that struck global consulting giant KPMG at the height of the 2020 pandemic. With one errant click, a Microsoft 365 admin accidentally wiped out months of critical Teams chat data for a staggering 145,000 employees.Join host W. Curtis Preston as he unravels this extraordinary tale of digital destruction and explores the crucial lessons it holds for organizations relying on Microsoft 365 and other SaaS platforms. Curtis breaks down the differences between retention policies and actual backups, exposes common misconceptions about cloud provider data protection responsibilities, and highlights the potential legal and compliance nightmares that can arise from such catastrophic data loss.If you're using Microsoft 365 or any SaaS application, you can't afford to miss this vital wake-up call. Tune in to discover why a robust third-party backup strategy is essential, no matter how big your company or how reliable your cloud provider seems. Learn from KPMG's misfortune and ensure your organization's critical data is always protected, in the cloud and beyond.Don't become the next cautionary tale – listen now and secure your SaaS data before it's too late!

In this important episode of the Backup Wrap-up, W. Curtis Preston, AKA Mr. Backup, takes you on a deep dive into the shocking story of the OVHCloud data center fire of 2021. This catastrophic event left hundreds of customers scrambling to recover their precious data (often without backups), exposing the startling truth about OVHCloud's data center and backup practices and the devastating consequences of misplaced trust in cloud providers.As usual, Curtis is joined by co-host Prasanna Malaiyandi as they unravel the complex web of controversial decisions, legal battles, and hard lessons learned from this disastrous incident. They explore the factors contributing to the fire's severity, the staggering extent of the data loss, and the eye-opening revelations about OVHCloud's backup infrastructure.But this episode is more than just a cautionary tale. Curtis and Prasanna delve into the crucial questions every organization must ask their cloud provider to ensure their data is truly secure. They share invaluable insights and actionable advice to help you avoid falling victim to a similar fate.Whether you're an IT professional responsible for safeguarding your company's data or an individual looking to protect your digital life, this episode is a must-listen. You'll come away with a deeper understanding of the risks associated with cloud storage, the importance of robust backup strategies, and the steps you can take to become a cyber-recovery hero.Don't miss this opportunity to learn from one of the most significant cloud disasters in recent history. Tune in now and discover how you can keep your data out of the fire and emerge as an unsung hero in the world of backup and recovery.Articles covering this story:https://www.datacenterdynamics.com/en/news/ovh-fire-octave-klaba-says-ups-systems-were-ablaze/https://www.datacenterdynamics.com/en/news/fire-could-cost-ovhcloud-105-million-ipo-filing-reveals/https://www.datacenterdynamics.com/en/news/ovhcloud-ordered-to-pay-250k-to-two-customers-who-lost-data-in-strasbourg-data-center-fire/https://www.datacenterdynamics.com/en/news/ovhcloud-fire-report-sbg2-data-center-had-wooden-ceilings-no-extinguisher-and-no-power-cut-out/Election worker episode:https://www.backupwrapup.com/election-poll-site-manager-explains-us-election-systems/

In this episode, we uncover the little-known but cautionary tale of Musey, a startup building an interior design app that catastrophically lost everything when an admin accidentally deleted their entire Google Workspace account.We dive deep into:How a single slip-up by an admin led to over $1.5 million of intellectual property stored in Google Drive getting instantly wiped outMusey's desperate attempts to get their data back by contacting Google and even filing a lawsuitHow not even the cloud giants like Google have an obligation to restore customer data lost due to error or malfeasanceWhy you absolutley need independent backups of cloud data instead of blindly trusting sync and retention policiesThe devastating story of Musey serves as a sobering reminder that human error can still trump even the most resilient cloud platforms. Don’t miss this rare peek behind the curtain at a colossal cloud failure that very few people know about.Story: https://www.theregister.com/2019/07/05/musey_v_google_lawsuit/Lawsuit filed: https://regmedia.co.uk/2019/07/05/musey_v_google.pdfLawsuit pulled: https://dockets.justia.com/docket/california/candce/4:2019cv03864/344456Museyapp.com 6/6/19 says “buy this domain”:https://web.archive.org/web/20190606022957/http://www.museyapp.com/

In 2014, software-as-a-service company Code Spaces disappeared overnight after a devastating cyber attack. Thousands of coders lost access to their work when insufficient cloud backups failed under pressure. The company was forced to go out of business.Learn the tragic tale of how Code Spaces ignored standard data protection rules, putting their business and clients at risk. We’ll unpack what went wrong with their cloud architecture and backup systems, allowing a single hacker to destroy their SaaS company.Understand why you still need backup - even native cloud redundancy isn't enough. Our hosts explore the hard lessons from this cloud catastrophe and equip you with actionable advice around security, access controls, preparation, and backup policies. Safeguard your slice of the cloud and avoid the mistakes that ultimately shuttered Code Spaces.Articles covering this story:https://www.esecurityplanet.com/networks/code-spaces-destroyed-by-cyber-attack/https://www.itgovernance.co.uk/blog/the-attack-that-forced-code-spaces-out-of-business-what-went-wronghttps://www.breaches.cloud/incidents/codespaces/https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761/https://thehackernews.com/2014/06/cyber-attack-on-code-spaces-puts.htmlhttps://www.csoonline.com/article/547518/disaster-recovery-code-spaces-forced-to-close-its-doors-after-security-incident.htmlhttps://blogs.manageengine.com/it-security/passwordmanagerpro/2014/08/20/code-spaces-aws-security-breach-a-sad-reminder-of-the-importance-of-cloud-environment-password-management.html

In this information-packed episode, backup guru W. Curtis Preston and expert guest Prasanna Malaiyandi explore the elements of crafting an effective disaster recovery (DR) runbook. They discuss how a properly structured runbook eliminates confusion during crises by clearly outlining responsibilities and contacts. From making runbooks accessible and absorbed to keeping them actionable with constant updates and tests, they share the 8 critical factors for DR success. Tune in to transform your backup admins into confident cyber recovery heroes with battle-tested runbooks.

Disaster lurks around every corner - ransomware, natural disasters, human errors. Are you thinking about all the data and systems at risk. Is your organization prepared? In this episode, Curtis and Prasanna pull back the curtain on the disaster recovery decision - to build or to buy? They unpack the tradeoffs around cost, complexity, control, and even cybersecurity. Whether you're an anxious IT leader losing sleep over business continuity or just disaster recovery curious, you won't want to miss this episode.Will your DR strategy survive? Tune in now to find out!

Creating an effective DR strategy means understanding the critical differences between hot, warm, and cold recovery sites. Join backup guru W. Curtis Preston and his cohost Prasanna Malaiyandi for the latest Backup Wrap-Up as they outline real-world strategies to match your RTO, RPO, and budget. You’ll learn the unique benefits and challenges of using both primary for hot sites, and backup replication to cost-effectively create warm recovery sites.They also tackle the complexities of cloud DR for VMware environments. Can you do DR of VMware to AWS? What conversion hurdles do you need to plan for? Tune in to find out.Whether you're a scrappy SMB or an enterprise with serious SLAs, this tactical episode delivers actionable advice to advance your resilience game. Learn how to leverage the cloud's economies of scale and keep business running no matter what gets thrown your way.The backup wrap up turns unappreciated backup admins into cyber recovery heroes.

When disaster strikes, you better have a solid plan for where you’ll recover your operations. Join me, W. Curtis Preston, and Prasanna Malaiyandi, as we explore the nitty-gritty details of your three main options for a disaster recovery site.We’ll dig into the pros, cons, risks, and costs associated with rolling your own DR site, hiring a third-party service, or leveraging the public cloud. Each path has its twists and turns. How do you keep a secondary site in sync? What if a regional disaster takes down your DR provider? Can the cloud flex to meet your recovery needs? Tune in for straight-shooting answers.This episode tackles the tough questions so you can make informed, bulletproof decisions on housing your failover infrastructure. As always, I’m drawing from decades of experience as a recovering backup admin, and I've designed this podcast just for pros like yourself.Batten down the hatches and prepare to take notes - it’s time to build a life raft for your data! For those interested in The Gobox Studio, here you go! https://goboxstudio.com/

Staying resilient in the face of disaster is crucial for any organization today. In this episode, we dive deep into crafting robust disaster recovery plans that help you outmaneuver outages.We discuss critical groundwork like taking inventory across environments and analyzing risk to determine what to prioritize recovering when the worst happens. Whether it's ransomware, natural disasters, or other threats taking systems down, smart preparation makes all the difference.Key highlights include:Figuring out what scenarios are most likely to impact your business based on risk profilesMaking sure you have visibility into all areas – whether data centers, cloud, SaaS, or endpointsTackling basic protections first before advanced optionsUnderstanding regional risks that may be unique to your geographyThinking through tests that validate your ability to recover when neededThe right disaster recovery means being able to get back to business rapidly. By learning from unfortunate events others have endured, you can architect resilience that lets you bounce back better no matter the scenario.

Are your backups collecting virtual dust rather than readying you for the next unavoidable disaster? Get back to basics on crafting an ironclad disaster recovery plan. We outline the essential infrastructure, applications, staffing, and execution steps often glossed over by the check-the-box enterprise crowd.Going beyond mere data recovery, we detail considerations around standing up replacement infrastructure, understanding system interdependencies, and restoring functionality faster with increased automation. Cloud's scaling and affordability make DR exercises less daunting these days if configured properly on the front-end.With major outages increasingly likely, the principles detailed could dictate whether your business emerges unscathed or shutters for good. We share tips for pragmatic preparation reflecting our scar tissue from failures past when lackadaisical DR rigor proved painful. Ever try troubleshooting recovery steps in the midst of a raging hurricane...or gotten that dreaded 2AM offline alert while welcoming your newborn? We have!Major takeaways:Start recovery documentation with manual steps, increase automation laterTest often - the cloud enables cost-effective exercising at scaleAvailability outshines recovery - build resilient systems and staff cross-trainingKnow precise RTOs and RPOs aligned to business priority and appetiteStay tuned as we separate the mavens from the mayhem when adverse events strike. Get your data DR ducks in order now before things migrate south!News articles from this episode:https://www.bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin/https://jorgedelacruz.uk/2023/12/06/veeam-whats-new-in-veeam-backup-and-replication-v12-1-major-new-features/

In this episode, Curtis and Prasanna do a deep dive on the differences between data backup and data archiving. They thoroughly explain that while backup focuses on restoring systems and files to a prior point in time, archiving is all about being able to search and retrieve specific information for legal or regulatory purposes.Key reasons you'll want to tune in:Learn exactly why companies archive data and how regulatory compliance and legal eDiscovery requests require specialized archive capabilities.Understand the dangers of using your backup system as an archive for eDiscovery - lacking full search and exposing too much irrelevant data risks your legal case.Hear multiple real-world horror stories of companies failing legal cases due to lacking proper archives - to the tune of billions of dollars lost.Get clear examples of how continuous, comprehensive archiving captures all versions of files, emails, and data - including deleted and intermediate items.Get a life-line for those of you who are still using your backup system as an archiveIf you need to implement archiving or fix broken archive approaches that risk legal noncompliance, this episode delivers an excellent primer on how archive differs from backup and what genuine archive systems can do.https://support.google.com/drive/thread/245861992?sjid=15540859157109248518-NChttps://support.google.com/drive/answer/14286582?sjid=8199341837463411967-NAhttps://blog.23andme.com/articles/addressing-data-security-concernshttps://www.backupwrapup.com/what-is-archive-and-retrieve-backup-to-basics/https://www.sullivanstrickler.com

We’re going back to basics in 2024! Our hosts revisit their smash hit episode from last year all about protecting those traditional data sources like physical servers, VMs, laptops, desktops, and mobile devices. From on-prem to mobile, should it all get backed up? How and why? Tune in as Curtis and Prasanna rehash their spirited debate over backup best practices across your infrastructure and walk through real-world examples of what can go wrong. It’s chock full of fundamental wisdom for data protection pros getting started and veterans alike. Whether you’re making big cloud migrations or maintaining legacy systems, don’t miss this special re-release dedicated to the building blocks of backup as we start the year on a backup to basics kick.

This timely episode features an in-depth discussion between cybersecurity expert Melissa Palmer (@vmiss) and hosts W. Curtis Preston and Prasanna Malaiyandi on the crucial role preparation and planning play in effectively responding to and recovering from the inevitable ransomware attack.They stress that flying by the seat of your pants without an incident response plan when ransomware hits leads to chaotic, inefficient efforts and substantially higher costs. Melissa outlines pragmatic steps organizations should take before an attack to develop and test response playbooks, have partnerships in place with response firms, coordinate across internal teams, bolster detection capabilities, and harden backup/recovery mechanisms. Curtis and Prasanna dive into real-world ransomware response scenarios to highlight the complexity organizations face in assessing the scope of damage from attacks and recalibrating restoration priorities. Melissa offers tips on creating robust processes to rebuild compromised environments quickly. They discuss table-top exercises as cost-efficient ways to uncover plan gaps and get stakeholders aligned on roles and timeline expectations.With Melissa's depth of experience assisting ransomware victims, she provides unique insights into preparation best practices often neglected until the worst happens. For IT/security leaders looking to build organizational resilience against ransomware threats, this engaging episode delivers actionable advice on architecting defense-in-depth capabilities tailored to your business requirements.Join us for a great episode!

Changing your organization's backup system is no easy task - it requires careful evaluation of requirements, risks, and capabilities. Many admins get stuck with backup environments they've outgrown or that lag on modern demands.On this episode, backup guru W. Curtis Preston and his cohost Prasanna Malaiyandi lend their expertise to help you determine if and when migrating your backup solution makes sense. You'll learn:Key indicators that your current system is no longer fitting your needsHow to clearly define backup requirements and alignment to recovery objectivesWays to evaluate ease of use, security, and other qualitative factorsGuidance on integrating specialized systems only when necessaryThe importance of prioritizing immutable storage and rapid recoveryChange management best practices that curb instabilityWith ransomware threats growing, the bar for backup keeps rising. Tune in as our two hosts cover everything you need to make backup system change decisions that balance innovation, budget, and risk - avoiding needless switches while still meeting evolving data protection demands. You'll gain real-world clarity that turns unappreciated backup admins into cyber recovery heroes.

After diving into the details of the recent Okta breach enabled by password manager vulnerabilities, Curtis and Prasanna tackle the growing issue of copy data sprawl. They define copy data management – the practice of tracking and governing all duplicated production data for backup, DR, development, analytics etc. What problems result from copy proliferation? How feasible is a single consolidated platform? What regulatory and cost implications exist? Tune in as our hosts break down best practices for cataloging, securing, reducing, and better leveraging your organization’s data copies. Specific topics covered include:Password manager risks exposed in Okta hackCopy data management 101Storage cost, compliance, security issuesTools and solutions landscapeBackup reuse considerations and cautionsCloud vs. data center copy managementJoin Curtis and Prasanna for another engaging combination of news commentary, frameworks, debates, warnings, and recommendations – this week with a data protection slant. Whether you’re a backup admin or IT leader grappling with copy sprawl, this insightful episode has something for you!Articles discussed in this week's episode:https://sec.okta.com/harfileshttps://arstechnica.com/information-technology/2023/11/no-okta-senior-management-not-an-errant-employee-caused-you-to-get-hacked/https://finance.yahoo.com/news/druva-expands-multi-cloud-protection-140000597.htmlhttps://finance.yahoo.com/news/druva-expands-multi-cloud-protection-140000597.html

Tired of backup windows and 24-hour recovery point objectives? Then it's time to learn about how snapshots and replication work together to create near-continuous data protection, or near-CDP.In this episode, backup experts W. Curtis Preston and Prasanna Malaiyandi dive into leveraging snapshots for instant point-in-time recovery and replication for an offsite copy. By combining these technologies, you can achieve recovery point objectives measured in minutes rather than hours or days.Listen in to understand what near CDP is, how it differs from backup and true CDP, and the key capabilities it enables. Discover when to take crash-consistent vs application-consistent snapshots. Learn how near CDP integrates with backup software and how you can use replicated snapshots for automated recovery testing.If you need tighter RPOs and near-instant RTOs for your mission-critical systems, you can’t afford to miss this explanation of how snap and replicate delivers a high-frequency, budget-friendly data protection option. Tune in to become a hero by enabling your organization to recover quickly from data corruption, ransomware, and other threats!