Skip to content

GREYCORTEX Mendel 3.9 Now Available

June 20, 2022 – We have released a new version of GREYCORTEX Mendel. Version 3.9 is more interactive, safer and allows even deeper data analysis than ever before. We have increased the interoperability of Mendel with other tools and extended the hardware support.

More about GREYCORTEX Mendel 3.9

Surely nobody would write a web service in C++

A while back, one of my colleagues was hanging out in an online developer forum and some people there were starting up a good old-fashioned language war (the type of exchange where one person familiar with language A will announce its superiority over language B, with which the other person isn’t familiar – not really a productive use of time when you think about it, but a popular pastime nonetheless).

During this debate, one developer confidently proclaims that ‘surely nobody would ever write a web service in C++,’ to which my colleague responds, ‘well that’s exactly what we did here at Keepit.’ This prompted some questions, and this piece is an attempt to explain why we did what we did and to explain how this choice has been working out for us, given that this code base started life about 10 years ago.

To put things into perspective, it will be necessary to start with some minimal background information about this service we set out to build.

What is Keepit?

Keepit is a backup service in the cloud. We will store backup copies of your (cloud) data so that if—or when—your primary data is compromised for one reason or another (but most likely because of ransomware or account takeover via phishing), then you will still have complete daily copies of your data going back as many years as you want.

Years of data. This should make you think.

Several years ago, Microsoft claimed having 350 million seats on their 365 platform, which is one of the cloud platforms that we protect. Let’s say we get just 10% of that market (we should get much more because we are by far the best solution out there, but let’s be conservative for the sake of argument), that means we need to store all data for 35 million people (and that’s just on one of these platforms – we protect several other platforms as well).

It doesn’t end there: being backup, we copy all your changes, and we hold your old data, and that means when you clean up your primary storage and delete old documents, we keep the copy. Many customers want a year or three of retention, but we have customers who pay for 100 years of retention.

One hundred years. That means our great grandchildren will be fixing the bugs we put in our code today. This should make you think too.

Knowing the very high-level goals of our service, let’s talk about requirements for such a thing.

Core system: storage

We knew from the get-go that we would be implementing a storage solution which would need to store a very large amount of data (as everything is moving to the cloud, let’s say a few percent of all the world’s data) for a very long period of time (say a hundred years).

Now everyone in the storage business will talk about SSDs, NVMe, and other high-performance data storage technologies. None of this is relevant for large scale, affordable storage, however. Spinning disks is the name of the game and probably will be for at least another decade.

SSDs are getting the density, sure, but they are still not close to viable from a cost perspective. This means we will be writing all data to rotating magnetic media. When you write data to magnetic media, over the years, your media will demagnetize. That means, if we store a backup on a hard drive today, we probably can’t read it back just ten years from now.

That means we need to regularly move all this data from system to system to keep the data ‘fresh.’ Talking about performance, large capacity hard drives today rotate at 7200rpm, exactly the same speed as back in 1992. Access time is dominated by the rotational latency, which means that this is really an aspect of computers that has been almost at a standstill for 30 years while everything else has become faster in every way. We knew we had to deal with this.

I should probably note here that yes, we are talking about running our software on actual physical computers – no public cloud for us. If you want to go big, don’t do what the big players say you should do, do what the big players do. If public cloud was so great, Microsoft wouldn’t have built their own to run 365 – they would have run it on AWS which was very well established long before Microsoft thought about building 365. This doesn’t mean you can’t prototype on public cloud of course.

To solve our core storage need, we designed a filesystem—basically, an object storage system optimized for storing very large-scale backup data. Clearly, we expect the implementation of this storage system to have a significant lifespan.

We may want to create a better implementation one day in the future when hardware has evolved far beyond what we can imagine today, but it is worth pointing out that the storage systems we use today are very similar in architecture to what they would look like 30 years ago, and I would assume in 30 years from today. Clearly, the core code that manages all of your data is not something you want to re-write every few weeks.

So, to implement this system, we went out looking for which new experimental languages had been invented in the six months leading up to implementation start. No wait, we didn’t.

What we need from a language

There are really two types of languages:

1: Systems programming languages – those that have practically no runtime, where you can look at the code and have a high degree of confidence in understanding exactly what that leads to on your processor, the type of language you would write an operating system kernel in. This would be languages like C, C++, and who knows – maybe Rust or something else.

2: The higher-level languages, which often have significant runtimes. The good ones of these offer benefits that you cannot get in a language without a significant runtime. This would be a language like Common Lisp, but people more commonly talk about C# and Java even though I will argue they only do so because nobody taught them Lisp.

And then you have the other languages that fit various niche use cases. This could be Python, Haskell, JavaScript, and so forth. I don’t mean to talk them down, but they are not reasonable languages for software development of the type we are talking about here; and since what we’re talking about here isn’t actually so special, you could take my argument to mean that they are just not very reasonable languages for software development outside of niche uses, and that would be a fair interpretation of my opinion.

So, to be a little more concrete, what it is that we really need from a language is:

1: It must support the efficient implementation of algorithms and data structures; meaning we must have tight control over memory when we need it, our language must support the actual hardware data types like 64-bit integers on modern processors, etc. So, this rules out Python (not compiled), Ruby (not compiled) and JavaScript (JIT but doesn’t have integers or arrays).

2: When we write code today, the tool chain in 20 years’ time must still support our code with little or no changes. Because we simply can’t rewrite our code every few years. We will get nowhere if that’s what we do. That’s why large, important software systems today are still often written in C – because they started out life in the 80s or 90s and they are still the most significant operating system kernels or database management systems that exist to this day.

Steady evolution is the recipe, not rewrite from scratch every three years. This basically rules out any language that hasn’t been standardized and widely used for at least 10 years before we start the project. Meaning, since we started in 2012, that rules out any language that came out after 2002, so Go, Rust, and many other languages would have been out of the picture. C and C++ would work though.

3: We run on Linux. If you do anything significant with computers on a network, you probably run on Linux, too. We don’t want a language that is ‘ported’ to Linux as a curiosity – like C#. We need a language that is native on Linux with a significant and mature toolchain that is certain to receive significant investment for decades to come. Again, that’s really C and C++.

4: You need to design for failure. Everything from writing to a disk, to allocating the smallest piece of memory, can and will eventually fail. Relying on the developer to check error codes or return values at every single call to a nontrivial function (and too many trivial functions too) is rough. Yes, it can be done and there are impressive examples of this.

I am humbled by software such as the Postgres database or the Linux kernel which are very reliable pieces of software written in C which require such tedious checking. C++, in my experience, with RAII and exceptions, offers a much safer alternative. It is not free, of course – it avoids one set of problems and introduces another. In my experience however, it is less difficult to write reliable software using RAII and exceptions than to rely on developers not missing a single potential error return and correct recovery and cleanup. For this reason, I will prefer C++ over C and over both Rust and Go.

5: Obviously the language must offer sufficiently powerful functionality to make the implementation of a larger application bearable and maybe even enjoyable. In reality, however, if your language has functions, you can accomplish a lot; Fortran got functions in 1958 and since then most languages have had them.

Yes, generic programming is nice in C++. A real programmable language like Common Lisp would be preferable of course. Any other modern programming language will surely have some other feature which was added because it is potentially nice and potentially justifies the existence of the language.

But in reality, the hard part is getting your data structures right. Getting your algorithms right. Knowing what you’re trying to build and then building exactly that, nothing more and nothing less.

If we are honest, most languages would work. However, C++ is a nice compromise: it has some generic programming, the STL is incredibly useful, it offers basic OO concepts, and RAII (and structured error handling).

If we look at the criteria here, there really aren’t that many candidate languages to choose from, even if we compromise a bit here and there. Therefore, the question really isn’t ‘why’ we would write a web service in C++, the question really is ‘why wouldn’t we’ write a web service in C++. Realistically, what else would you use, given the scope of what we’re solving here?

Versatility

Performance matters. Don’t let anyone tell you otherwise. Anyone who says that ‘memory is cheap’ and uses that as an excuse should not be building your large-scale storage systems (or application servers or anything else that does interesting work on large amounts of data).

Donald Knuth said, ‘Premature optimization is the root of all evil’ and I absolutely believe that. However, ‘no optimization and elastic scaling is the root of all public cloud revenue’ is probably also true. Don’t go to extremes – don’t put yourself in a situation where you cannot, at the appropriate time, optimize your solution to be frugal with its resource use. When your solution is ‘elastically scaling’ for you in some public cloud on a credit card subscription, it is very hard to go back and fix your unit economics. Chances are you never will.

The typical computer configuration for a storage server in Keepit is 168 18 TB hard drives attached to a single-socket 32-core 3.4GHz 64-bit processor and 1TiB of RAM. It’s really important to note here that we use only one TiB of RAM for three PiB of raw disk: this is a 3000:1 ratio – it is not uncommon to see general purpose storage systems recommend a 30:1 ratio of disk to RAM (which would require us to run with 100TiB of RAM at which point memory most certainly isn’t cheap anymore). Through the magic of our storage software, this gives us about 2PiB of customer-usable storage in only 11U of rack space. This means we can provide a total of 8PiB of usable storage in a single 44U rack of systems, consuming less than 10kW of power. This matters.

If you run a business, you want to be able to make a profit. Your customers will want you to make a profit, especially if they bet on you having their data 100 years from now. If you want to grow your business with investments, your investors will think this matters. In Keepit, we have amazing unit economics – we got the largest series A round of investment for an IT company in the history of Denmark ever – and part of the reason for that was because of our unit economics. Basically, our storage technology, not least the implementation of it, enabled this.

The choice of C++ has allowed us to implement a CPU- and memory-efficient storage system reliably that uses the available hardware resources to their fullest extent. This ranges from careful layout of data structures in memory to an efficient HTTP stack that exposes the functionality and moves more than a GiB of data per second per server over a friendly RESTful HTTP API on the network. C++ enables and supports every layer of this software, and that is quite a feat.

Let me briefly digress with another note on versatility. I have this personal hobby project where I am developing a lab power supply for my basement lab (because every basement needs a lab). In order to adjust current and voltage limits, I want to use rotary encoders rather than potentiometers.

A rotary encoder is basically an axle that activates two small switches in a specific sequence and by looking at the sequence you can detect if the user is turning the axle in one direction or the other. The encoder signal gets fed to a 1MHz 8-bit processor with 1 kB of RAM and 8 kB of flash for my code.

To implement the code that detects the turning of these encoders, it makes sense to use a textbook, object-oriented approach. Create a class for an encoder. Define a couple of methods for reading the switches and for reading out the final turn data. Declare a bit of local state. Beautifully encapsulated in pure OO style. The main logic can then instantiate the two encoders and call the methods on these objects. I am implementing the software for this project in C++ as well – try to think about that for a moment: The same language that allows us to efficiently and fully utilize a 32-core 3.4GHz 64-bit processor with 1TiB of RAM and 3PiB of raw disk works ‘just as well’ on a 1-core 1MHz 8-bit processor with 1kiB of RAM and 8kiB of flash storage – and the code looks basically the same.

There are not many languages that can stretch this wide and not show the slightest sign of being close to its limit. This is truly something to behold.

The rest of the stack

The storage service exposes a simple RESTful API over HTTP using an HTTP stack we implemented from scratch in C++. Instantiating a web server in C++ is a single line of code – processing requests is as trivial as one could wish for.

I’ve heard plenty of arguments that doing HTTP or XML or other ‘web’ technology work would be simpler in Java or C# or other newer languages, but really, if you write your code well, why would this be difficult? Why would you spend more than a line of code to instantiate a web server? Why would parsing an XML document be difficult?

For XML, we implemented a validating parser using C++ metaprogramming; I have to be honest and say this was not fun all the way through and I couldn’t sit down and write another today without reading up on this significantly first. C++ metaprogramming is nothing like a proper macro system – but it can absolutely solve a lot of problems, including giving us an RNC-like schema syntax for declaring a validating XML parser and generating efficient code for exactly that parser.

This also means when we parse an XML document and we declare that one of the elements is an integer, then either it parses an integer successfully or it throws. If we declare a string, we get the string properly decoded so that we always work on the native data – we cannot ever forget to validate a value and we cannot ever forget to escape or un-escape data. By creating a proper XML parser using the language well, we have not only made our life simpler, we have also made it safer.

The entire software ecosystem at Keepit may revolve around our storage systems, but we have several other supporting systems that use our shared components for the HTTP and XML stack.

One other notable C++ system is our search engine. Like so many other companies, we found ourselves needing a search engine to assist us with providing an amazing end user experience when browsing their datasets. And like so many others we fired up a cluster of Elasticsearch servers and went to work.

Very quickly we got hit by this basic fact that Elastic is great at queries and not very good at updates – and we have many more updates than we have queries. We simply couldn’t get this to scale like we’re used to. What to do?

While struggling with Elastic, we started the ‘Plan-B’ project to create a simple search engine from scratch – this engine has been our only search engine for years now and to this day, the process is still called ‘bsearch.’

Our search engine offers a google-like matching so that you can find your documents even if you misspell them, and it is a piece of technology that we are quite actively developing both to improve matching capabilities across languages and to allow for more efficient processing of much larger datasets, which will open up for other uses in the future.

Of our backend code base, about 81% of our code is C++. Another 16% is Common Lisp. The remaining 3% is Java.

We use Common Lisp in two major areas: For ‘general purpose’ business functions such as messaging, resource accounting, billing, statistical data processing, etc. And we use it for backup dataset processing. These are two very different uses.

The first is a more classical application of the language where performance is maybe less of a concern but where the unparalleled power of the language allows for beautiful implementations of otherwise tedious programs.

The second use is a less traditional use case where enormous datasets are processed and where the majority of the memory is actually allocated and managed outside of the garbage collector – it is truly a high-performance Lisp system where we benefit from the power of the language to do interesting and efficient extractions of certain key data from the hundreds of petabytes of customer data that pass through our systems.

Many people don’t know Common Lisp and may propose that ‘Surely nobody would write a web service in Common Lisp.’ Well, as with all other languages you need to understand the language to offer useful criticism; and the really groundbreaking feature of Common Lisp is its macro system. It is what makes Common Lisp by far the most powerful language in existence by a large margin.

This is nothing like C pre-processor macros; the Common Lisp macro system allows you to use the full power of the language to generate code for the compiler. Effectively, this means the language is fully programmable. This is not something that is simple to understand since there is no meaningful way to do this using C-like language syntax, which is also why the Lisp dialects have a syntax that is fundamentally different from other languages.

In other words, if you do not understand the Lisp syntax, you are not equipped to comprehend what the macro system allows. This is not simple to wrap your head around, but, for example, I can mention that Common Lisp was the first general purpose programming language to get Object Orientation added to it, and this was done not with a change to the language and the compiler, but with a library that contained some macros. Imagine that.

Fortran allows you to implicitly declare the type of variables by using certain letters in the first character of the variable name – just for fun, I implemented that with a macro for Common Lisp. If I wanted to do that with C or C++ or any other language, I would need to extend the compiler.

The idea of using the first character in the name of the variable to implicitly declare its type is of course ridiculous, but there are many little syntactical shortcuts or constructs that can help you in daily life that you may wish was present in your language of choice which you can only hope the language steering committee may one day add to the standard.

With Common Lisp, this is everyday stuff – no need to wait. If you want a new type of control structure or declaration mechanism, just go ahead and build it. The power of this cannot be overstated. C++ metaprogramming (and go generics and everything else) pales in comparison, useful as it is.

Lessons learned

First of all, it really sucks to have multiple languages; you can’t expect everyone to be an expert in all, so by having more than one language, you decimate the effective size of your team. However, we picked Common Lisp to replace a sprawling forest of little scripts done in more languages than I could shake a stick at—meaning we are fortunate to have only two languages on our backend.

C++ and Common Lisp are so different that they complement each other well. Yes, we could have done everything in C++, but there are problems we solve in Common Lisp which would have been much less enjoyable to solve in C++. Now on the downside, we have two HTTP stacks, two XML stacks, two database libraries, two connection pools, and so on and so forth. There is no simple perfect solution here; the compromise we have arrived at is indeed working out very well for us.

We’ve been told many times that recruiting for C++ is hard because recruiting for ‘web technologies’ is so much simpler. Well guess what, finding good JavaScript developers is just as hard as finding good C++ developers in my experience. With Common Lisp it’s different again: it’s harder to find people, but the percentage of the candidates that are actually qualified is higher, so all in all, it’s actually fine. Recruitment is difficult across languages, period.

The best you can do is go to a conference, talk about your tech, and hope that some developers show up at your booth to talk about employment.

Old grumpy man’s advice for youngsters considering a career in software engineering

First of all, seriously consider a computer science education. There exist amazingly qualified people who do not have this and some of them work for us, but in my experience most really good developers have this. It certainly helps to get a foundation of mathematics, logic, and basic computer science. Knowing why things work will make learning new things infinitely simpler.

Learn multiple, properly different programming languages and write actual code in them. You need to experience (by failing) how functions are useful as abstractions and how terrible it is to work with ill-designed abstractions. You need to fail and spend serious time failing.

Make sure one of those languages is a compiled language with little or no runtime: C, C++, Rust, or even Fortran for that matter (not sure Fortran has much long-term perspective left in it though – it’s probably time to say goodbye). Now challenge yourself to write the most efficient implementation of some simple problem – maybe a matrix multiplication for example.

Disassemble the code and look at it. At least get some understanding of the processor instructions and why they are generated from the code you wrote. Learn how cache lines matter. Time your code and find out why your solution isn’t faster than it is. Then make it faster until you can prove to yourself that your instructions pipeline as much as they can, your cache misses are minimal, you don’t wait on register write delays and so on and so forth.

Also, make sure that one of those languages is Common Lisp. It should be a criminal offence for a university to not teach Common Lisp in their computer science curriculum. Read ‘The Structure and Interpretation of Computer Programs – SICP’ too. Even if you will never use Lisp again, knowing it will make you a better developer in any other language.

And finally, as much as I dislike JavaScript, you should learn that, too. The most beautiful backend code will too easily be ignored if you cannot beautifully present its results – and today this means doing something with JavaScript.

Aside from my previous criticisms, you can make working with JavaScript more bearable, for example, by creating your own framework rather than relying on the constantly changing megabyte sized atrocities that your common web projects rely on. However, this is probably a topic for future discussion.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Is Litigation Hold a Reasonable Replacement for Backup in Microsoft 365?

We get asked this question often, and at face value, it’s easy to see how one could equate litigation hold with backup – both have something to do with ‘preserving’ data. However, the reality is that backup and litigation hold differ on many points, and any company that fails to understand the differences between them (and the utility of each) will eventually learn the repercussions the hard way. Let’s explore the key differences between litigation hold and backup.

What Is Litigation Hold?

The term ‘litigation hold’ comes from US case law (2003, Zubulake v. UBS Warburg) where the judge ruled: ‘once a party reasonably anticipates litigation, it must suspend its routine document retention/destruction policy and put in place a ‘litigation hold’ to ensure the preservation of relevant documents.’

In 2010, Microsoft introduced a litigation hold (sometimes referred to as legal hold) retention feature for Microsoft Exchange to support eDiscovery. The feature was intended primarily as a way of preserving data should there be a legal need to preserve it for access and viewing during a litigation. Think of it as being for documentation purposes, not as a way to restore data back in place to operating platforms like Microsoft 365.

Microsoft later added the ability to create what they call in-place holds, which are holds based on a query (such as “find all messages containing the phrase ‘Project Starburst’). The back-end implementation of litigation and in-place holds are slightly different; you can see more details in Microsoft’s documentation

Let me say it again, slightly differently: Litigation hold wasn’t designed with the intention of serving as a backup service. Yet, some still try to rely on it as a backup solution, particularly to make ends meet when not having a designated data security plan (including a third-party backup solution), with the reasoning that “some sort of data preservation is better than none, right?” 

However, there are many drawbacks and substantial risks associated with these types of setups that lead to a risky, false sense of data security. Some of the shortcomings and risks of relying on litigation hold as a backup are: 

  • Data storage quotas capped at only 110 GB 
  • Some eDiscovery features require additional-cost licenses; if you don’t buy the licenses, you can’t use the features 
  • User mailbox data is only kept while an Exchange Online license is assigned to the user. When a user leaves or becomes inactive, removing the license will eventually remove the data.   
  • Recovering data needs an administrator and is a time-consuming process 
  • The held data is not physically separate from the original copy  

The bottom line is that you can’t depend on litigation hold or in-place holds as mechanisms for general-purpose recovery from mistakes or disasters. That’s not what they’re meant for, and you run the risk of losing data if you try to use them for that purpose.

What Is Backup?

Backup, by definition, provides one or more additional copies of your data, stored in a location physically separate from that of your primary dataset. Physical separation is a fundamental facet of backup, since storing your backup data in the same location as the primary data represents a single point of failure.  Effectively, there is no data redundancy in these types of setups. 

With traditional on-premises backup, the physical separation rule meant having an off-premises backup stored in another building – so that in the event of a disaster, e.g. a fire in one building, would not destroy all your data. For cloud backup, it’s fair to ask ‘what cloud does my backup data go to?’ The answer is usually either ‘Microsoft Azure’ or ‘Amazon Web Services.’ Ideally, you want that data going to a cloud not operated by your SaaS application vendor (so, it wouldn’t be fair to put your Microsoft 365 data into Azure); otherwise, you’re violating the physical-separation rule.  

Any service that is not providing this separation of copies is not—and should not be—considered a true backup. 

At Keepit, we talk a lot about the ‘3 Ms’ that can cause data loss: mistakes made by people; mishaps at the SaaS application vendor; and malicious actions from inside or outside the organization.  

Following data protection best practices, a properly executed backup scheme provides against all three of the Ms if anything should happen to the primary (original) dataset: malicious action in the form of a ransomware attack or a disgruntled employee; mistakes where someone with legitimate access accidentally deletes important data (or needs to back out changes they didn’t want to keep); and mishaps, where the service provider has an outage or data loss. Litigation holds can’t protect you against all 3 of the Ms: there’s no physical separation, limited ability to do large-scale restores, and no real concept of version control.  

What to Look for In a Cloud SaaS Backup Solution

Besides the must-have features of data redundancy and availability, a worthy backup solution will offer a multitude of convenience and productivity-boosting tools and services, further distancing it from litigation hold. The first thing to look for is a solution that’s purpose-built for the cloud, not a refurbished or reskinned on-premises solution. Rather, a good, dedicated third-party backup solution.  

Here are some of the key benefits to look for in a dedicated third-party backup solution: 

  • Simple, quick restoration of the data you need, when and where you need it, in the format you need it 
  • Direct restore from live storage, with no waiting for offline or near-line storage 
  • An intuitive interface for quickly and easily finding and previewing specific files or messages before storing them 
  • Secure, immutable storage in an independent cloud 
  • Flexible geographic storage options to cover your data sovereignty requirements 
  • A predictable and transparent cost model, with no hidden surprise charges for data ingress, egress, or storage 

For more insight into data protection in the cloud era, get an in-depth look via the e-guide on Leading SaaS Data Security. Or, if you’d like to learn more about Keepit backup and recovery services for Microsoft 365, Salesforce, Google Workspace, and others, visit this page. 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

The Cybersecurity Skills Gap Is Widening: The Reasons Why May Surprise You

We live in a world where cybercriminals can penetrate an alarming 93% of company networks. In fact, this trend looks set to continue as we move further into 2022 and beyond. 

Simply put, the cyber threat landscape is becoming increasingly dangerous for organizations and individuals today. For example, cybercriminals are becoming more sophisticated in their methods, shadow IT is widening the corporate attack surface, and network administration errors and misconfigurations are common. At the same time, Crime-as-a-Service (CaaS), where experienced cybercriminals sell access to tools and knowledge needed to execute an attack, is skyrocketing in popularity. The result? More hackers and more successful cyber-attacks. 

We need to strengthen our cybersecurity arsenal if we want to turn this situation around and effectively safeguard corporate systems. And that starts with people – the cybersecurity professionals who find unique solutions to keeping bad actors out. But unfortunately, the widening cybersecurity skills gap is making this extremely difficult. With this in mind, let’s look at the current state of the cybersecurity skills gap and what’s driving it. 

The Current State of the Cybersecurity Skills Gap

According to Fortinet’s 2022 Cybersecurity Skills Gap Report, the cybersecurity skills gap contributed to a whopping 80% of data breaches last year. And these breaches had dire consequences, with 64% of organizations saying they lost revenue or faced fines and 38% reporting that breaches cost them more than a million dollars. 

Companies need skilled cybersecurity professionals now more than ever, but finding and keeping this talent is becoming increasingly difficult. For example, the same report found that 60% of organizations struggle to recruit cybersecurity talent and 52% struggle to retain qualified people, despite 76% of organizations indicating their board of directors now recommends increasing cybersecurity headcount. 

In simple words, organizations urgently need to close the cybersecurity skills gap to tighten their network security and keep pace with nefarious actors, but the gap continues to widen. For example, according to another report, the global cybersecurity workforce will need to grow by 65% to defend organizations’ critical assets effectively. 

At the same time, we continue to make immense strides in technological innovation across industries. Technologies that once seemed like science fiction, such as artificial intelligence (AI), machine learning, and Internet of Things (IoT) devices, are now becoming commonplace. But while these technologies undoubtedly add enormous value, we’re not hiring and training the talent to ensure their security.

Perhaps the most puzzling aspect of this situation is why precisely the cybersecurity industry is struggling to attract and retain talent. On paper, cybersecurity appears to be an attractive job prospect for fledgling tech enthusiasts or even IT workers who might want to transition roles into areas like network engineering, cyber intelligence, or security analysis. 

The appeal for people entering the field should be strong job security, a wide variety of opportunities, the ability to make a real impact, and decent pay (the average salary for a cybersecurity engineer in the US is $101,5481). And IT workers looking to transition into the role get much the same benefits but with a lower barrier to entry. For example, a coder is unlikely to struggle to wrap their heads around firewall types, network access control, and authentication security protocols like 802.1X. 

And yet people aren’t jumping at the chance to work in cybersecurity. Moreover, nearly one-third of the cybersecurity workforce plans to leave the field in the near future. But why? 

Factors Driving the Cybersecurity Skills Gap

Various factors are at play in why the cybersecurity industry faces talent shortages and a widening skills gap. So, let’s get into them. 

An Increasingly Demanding Skill Set and Entry Requirements

Due to the severity of today’s cyber threat landscape, cybersecurity professionals need a massive range of skills, and the list is growing yearly. Organizations increasingly want workers to have strong computer science, network engineering, and other technical skills in addition to computer forensics skills, problem-solving skills, and more. 

And more often than not, one of the key prerequisites to enter the field is a formal degree and an advanced professional certification like CISSP (Certified Information Systems Security Professional).

But despite these requirements, getting cybersecurity skills while still in education is often challenging. For example, only 43% of the US’s top 50 computer science programs include security courses for undergraduates. In other words, we might be failing to attract budding IT professionals into cybersecurity before they choose their career paths. And when this next generation of IT workers opts for a different discipline, they find themselves without the needed certifications to transition into cybersecurity. 

Cybersecurity is Too Stressful

Sadly, stress is an industry epidemic in cybersecurity. Defending against advanced threats daily or even hourly can take a toll on mental health, which is reflected in the statistics. For example, according to Deep Instinct’s Voice of SecOps Report, 45% of C-suite and senior cybersecurity professionals have considered quitting the industry due to stress. And another study from the UK found that 42% of security leaders say they would be unlikely to recommend a job in cybersecurity due to the stress of the job.

A Thankless Job

Cybersecurity teams typically attract the most attention when something goes wrong (a successful breach). But, when they successfully defend the network, there’s silence. As a result, morale is often low in cybersecurity teams. If you’re going to be stressed, you should at least have your successes championed, right? Unfortunately, too many companies are failing to do this right now. 

Attitudes Toward Cybersecurity

Most companies recognize that network security and cybersecurity are essential in the modern world, but that doesn’t mean they have positive feelings toward them. Many high-ranking employees believe that cybersecurity stifles innovation or that cybersecurity teams are too heavy-handed regarding network access control. They don’t see all the attacks that cybersecurity teams prevent, so they assume the team is needlessly restricting their access to files and apps to exert power. 

Choosing a career in cybersecurity can seem unappealing if you’re anticipating being undervalued by your employer. 

Where Do We Go From Here?

Unfortunately, it’s never been easier to become a black hat hacker. Advanced hacking tools are easy to come by, and knowledge sharing for things like phishing attacks, whaling attacks, and corporate account takeovers is rife. But the barrier to entry for the other side – the good guys who want to protect corporate networks is far higher. So companies that want to strengthen their network security need to take steps to overcome the cybersecurity skills gap and deploy advanced tools to help bridge the gap. 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

CISAnalysis – June 20, 2022

It’s Monday and time to take a gander at CISA’s Known Exploited Vulnerabilities Catalog.

Continue reading

Corel acquires Awingu, creating next-level remote access and workspace capabilities

I’m thrilled to announce that Canadian-based Corel has acquired Awingu. Awingu has experienced rapid growth over the last year as the global workforce embraces permanent remote and hybrid business models and this is a great time for the next chapter in our story. Awingu is known for its powerful simplicity, and is recognized as a Unified Workspace and Zero Trust solution by analysts such as Gartner and Forrester.

Corel is a leading provider of solutions that promote workplace creativity, productivity, and collaboration. It’s the home of Parallels, an award-winning virtualization and VDI solution that includes Parallels Remote Application Server (RAS) and Parallels Desktop. The acquisition of Awingu strengthens Corel’s ability to deliver a secure, productive remote workspace for its millions of users.

This is good news for our customers and partners! Joining forces with Corel doesn’t replace Awingu, but rather enhances its capabilities. We truly believe that Parallels and Awingu are complementary technologies that build on each other and are stronger together. The combination results in a unified product that leverages the unique strengths of both solutions and meets an urgent market need for remote access and workspace technology. It also gives Awingu technologists more access to R&D resources to further expand and enhance the Awingu offering in ways that may not have been possible before.

While the Awingu technology isn’t going anywhere, the Awingu brand will be replaced by the Parallels brand over time. As much as we loved and are proud of the Awingu brand, no longer will our Awingurus need to explain that Wingu is the Swahili word for cloud. The Awingu teams will stay in place and will gradually be combined with the Corel and Parallels teams. I am also pleased to announce that I’ll be joining the Corel team moving forward, and I’m excited about what the future holds for our combined companies.

This acquisition means that Awingu will be part of a larger organization with more scale in customer success, sales, marketing, product development and support. Our commercial leverage will grow significantly. Awingu has strong and growing coverage in EMEA, which will be extended by Parallels’ global channels and vice versa. This opens the door for even stronger proximity to customers and partners.

On behalf of the Awingu team, I want to say that I’m really looking forward to this new chapter. I wish to thank all Awingu partners and customers who have supported and trusted us. Our journey is only getting started!

We will continue to communicate to our partners and customers, as plans take more shape and operational realities start to change.

Warm Regards,

Walter Van Uytven, CEO Awingu

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

ICS / OT Security News Update | SCADAfence – June 20

Our research team compiled the latest updates on newly announced CVEs, recent ransomware attacks and IoT security news. They also offer analysis of the potential impacts and their expert recommendations:

Continue reading

You don’t know anything about Google Cloud monitoring

The fact that data centers have evolved a lot is undeniable. This has enabled storage evolution and the execution of online applications.

Now we often talk about hybrid clouds

*Yes, we don’t even take the time to explain what digital clouds are anymore and we even assume that everyone has their own, small but they have them.But when it comes to doing things big, it’s unavoidable to mention the giant Google Cloud®!

Pandora FMS and the famous Google Cloud monitoring

Pandora FMS® (PFMS) during the year 2020, in the midst of the pandemic, walked slowly but without any pause, their team did not stop at all

And there were great improvements in quality of use in 2020!

As it happens, that’s when we introduced Google Cloud monitoring. 

Let’s look at everything in that term!

Google Cloud Platform

Known simply as Google Cloud, this platform encompasses more than one hundred components (digital products). 

It is obvious that I will name only a few, since Pandora FMS does not monitor them all

yet.

We will classify them in several main sections:

  1. Compute Engine: To run applications and virtual machines, Kubernetes, functions as services, among others.
  2. Storage & Databases: For file storage and execution of database engines, all this integrated with the previous point.
  3. Networking: For server load balancing (CDN, DNS, etc.).
  4. Big Data: Overly speaking, analysis of large, gigantic volumes of data that are then converted into usable information.
  5. Identity & Security: Everything related to online identification for own or third parties.
  6. IoT: For the Internet of Things.
  7. API Platform: Everything necessary for third party companies to communicate with all the paraphernalia of Google services and applications. *If you don’t know what an API is, here’s what you need to know.
  8. Cloud AI: The artificial intelligence cloud with lots of resources, limited only by your wallet.

*The latter is important, your wallet, not artificial intelligence. Because it is necessary to direct debit a bank account,  or a good credit card, the payments of all these services.

**At the time of writing, I do not know if the new Google Pay (formerly called Google Wallet ) is accepted as a means of payment (most likely, because it is from the same company).

In the case of Pandora FMS monitoring of Google Cloud it is only available for the Enterprise version.

But erase those sad faces because you can request a 30-day free trial by accessing this link!

Again the change

If there’s one thing that characterizes Google since I saw it born, it’s the constant change.

As well as the number of products and services they have is immense, no  less small is the number of them that have been discontinued or withdrawn from the catalog. 

While I still keep my Hotmail email account (not available to new users), Google at most has come to offer some product similar to the one they withdraw, accompanied by a package of instructions for us to do the data migrations. 

When they say it’s over, it’s over.

Therefore, dear readers of the future, if this has happened again, please write it down in the comments below.

 *We read them all.

Monitoring Google Cloud

Pandora FMS is able to monitor Amazon Web Services (AWS) and Microsoft Azure, so Google Cloud monitoring shares certain similarities.

Broadly speaking, the procedure is as follows:

  1. We activated the encryption of PFMS database.
  2. If the cloud component is not installed, you may download it from PFMS Enterprise library.
  3. Now you have to manage the credentials at Google level.
  4. Generate a service user in Google Cloud, and download a file in JSON format.
  5. With this JSON file you will create the authentication account in Pandora FMS.
  6. Once this is done, go back to Discovery Cloud and use the new credentials to access Google.
  7. Select the monitoring you need and click accept and wait for all connections to be made. This link contains the metrics available from Compute Engine.
  8. You will then have the main Google Cloud agent, one for each zone in which you have machines, and another agent for each virtual machine.

*Our official documentation provides more detail of the entire procedure.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

Crowdsourcing: Utilizing Humanity’s Greatest Asset

As the old yarn goes, one Francis Galton ran an experiment at the West of England Fat Stock and Poultry Exhibition in Plymouth back in 1906. Around eight hundred people purchased tickets to guess at the weight of an ox. Surprisingly, the median guess of 1,207 pounds was only 9 pounds over the ox’s actual weight of 1,198.1 This study, told often to American middle schoolers before they guess at the number of jelly beans in a large jar, has plenty of meat to it. It’s also an example of the wisdom that comes from crowdsourcing way before “crowdsourcing” became a common term to pass the lips of many an exec.

So, what does a 1,200-pound ox have to do with crowdsourcing in cybersecurity? Very little except to set the stage for this article and illustrate that crowd wisdom can be effective under certain conditions. What are these conditions? Paraphrasing James Surowiecki in The Wisdom of Crowds, there are three requirements: independence of individuals within the crowd, diversity of experience, and some way for the information and analysis to be effectively organized.2

Given the chaotic nature of the current security environment, it’s nigh impossible for a small cybersecurity team to uncover all of the potential vulnerabilities of constantly evolving software. It’s like trying to play Whac-a-Mole with an infinitely expanding play area with the occasional mole that whacks back. But what if you had access to a thousand players that specialized in specific sections of the play area and specific moles and shared ideas? You’d get a dated metaphor for cybersecurity crowdsourcing.

Crowd Sourcing Solutions

There are a number of issues that crowdsourced cybersecurity seems naturally capable of mitigating3:

Scale: even in small organizations, keeping a close eye on the dynamic attack surface that hundreds of applications create is a daunting task. For a single security task force within a company that utilizes thousands of endpoints, third-party software, proprietary software while trying to follow compliance regs, maintaining a secure security landscape is impossible. It’s common knowledge that even critical vulnerabilities can take months to patch effectively while less severe, yet still potentially disruptive vulnerabilities are left to simmer for longer. Crowdsourcing specific aspects of a sec team’s workload allows for a more methodical and less fraught approach to organizational security.

Subject Matter: it might be possible to repeat the phrase that “cybersecurity is a complex and diverse field” too many times in a twelve-hundred-some word article, but it’s the crux of the matter when it comes to crowdsourcing. Any given application is a web (perhaps a cobweb) of different components. Each component along with their myriad interconnections is prone to vulnerabilities. The manager that’s been working IT for 20+ years might specialize in one aspect of this web, but there is zero chance that they’re an expert in each piece of tech. Open up this application to a crowd of white hats within a controlled operation, and you’d be wise to bet that each aspect of your application has at least one expert poking around.

Time: there’s never enough of it. A security team working with time constraints will only be able to cover a portion of an application and not with any major depth. Crowdsourcing this engagement can allow more ground to be covered with a much finer comb within the same timeframe. Also, crowdsourced bug searches generally don’t have time requirements and can be ongoing through the implementation of bug-bounty programs that incentivize deep-dives into the nuances of a given application.

Cybersecurity Crowdsourcing Has a History

Per an article by TechRepublic back in 2019, a little over half of 200 surveyed cybersec decision makers have instituted some form of crowdsourcing. The CISO’s that did use crowdsourced cybersecurity programs have noticed benefits like “paying for valid results rather than effort or time, the varied expertise of hackers, and continuous coverage of applications.” 4 You can also add high scalability to the list. These crowdsource programs can range from bug bounties to responsible disclosures to hiring a company that sources its own ethical hackers to assist the in-house team’s own vulnerability assessment. It’s also no secret that massive companies like Johnson & Johnson, Apple, Microsoft, Facebook, Mozilla have been using crowdsourcing programs to bolster the security of their digital landscape for years.5

Another powerful attribute of crowdsourced security is the sharing of relevant intelligence. We see the benefits of this in organizations like First, which began in 1990 and created the Common Vulnerability Scoring System in a highly successful attempt to systematize and standardize vulnerability reporting and risk. There’s also the CVE program and MITRE ATT&CK. None of these cornerstones would be able to exist without the time and effort from thousands of cybersecurity professionals and their diverse areas of expertise. You could think of intelligence sharing as a kind of herd immunity. As information spreads between organizations and professionals, the overall, massively interconnected sphere of tech inoculates itself against known vulnerabilities and 0-day threats.

Conclusion

Crowdsourced security testing, information gathering, and cybersecurity awareness are all extremely effective tools used by small to large organizations, governments, and other institutions. SaaS cybersecurity organizations, like Vicarius, offer vulnerability management solutions that curate a number of crowdsourced resources alongside the top-notch expertise of their teams. To maintain a secure digital landscape, it takes a multitude of independent and collaborative experts to ensure that even the smallest hole is detected and filled. Unless you’re keen on bailing water instead of fixing the leak.

Sauce:

1 Bernstein, W. J. (2021). Prelude. In The delusion of crowds: Why people go mad in groups (p. 11). essay, Grove Press.

2 Surowiecki, J. (2005). In The Wisdom of Crowds. essay, Anchor Books.

3 Stephens, L. (2021, November 4). Crowdsourced security is now a need, not a nice to have. Detectify Blog. Retrieved June 3, 2022, from https://blog.detectify.com/2021/11/04/crowdsourced-security-is-now-a-need-not-a-nice-to-have/

4 Rayome, A. D. N. (2019, March 28). Is crowdsourcing cybersecurity the answer to Cisos’ problems? TechRepublic. Retrieved June 3, 2022, from https://www.techrepublic.com/article/is-crowdsourcing-cybersecurity-the-answer-to-cisos-problems/

5 Dimov, D. (2015, September 22). Crowdsourcing cybersecurity: How to raise security awareness through crowdsourcing. Infosec Resources. Retrieved June 3, 2022, from https://resources.infosecinstitute.com/topic/crowdsourcing-cybersecurity-how-to-raise-security-awareness-through-crowdsourcing/

image by Camylla Battani from unsplash

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Topia
TOPIA is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

Why You Need Backup for Google Workspace

The top 3 misconceptions made by Google Workspace admins

If you’re wondering, “is my data truly protected by relying only Google Workspace’s default backup and recovery solution,” then you’re in the right place. Cloud applications, like Google Workspace, are an integral part of our daily life – we push data to the cloud constantly. I do it when I send an email on Gmail, share a document with coworkers via Drive, or add my mother-in-law’s birthday to my Google Calendar (better not forget it again!).

But is relying on Google’s default data protection enough? What are the main misconceptions when it comes to Google Workspace data backup and recovery?

Misconception #1: Relying on Google Workspace’s default data protection is enough

If you think Google apps is a secure platform, you’re right: Google platform is a secure, resilient, and reliable solution, and protecting data is their top priority.

As much as Google will likely never lose the data you are storing on their platform, they do not cover you if the data loss happens from your side. Google’s default data protection does not protect you against human error, malicious actions, ransomware and hackers, and synchronization errors. You are responsible for ensuring the necessary protection of your data.

Based on an Enterprise Strategy Group (ESG) survey, only 13% of the businesses surveyed understood that protecting their SaaS data is their responsibility, not the responsibility of the SaaS vendor.

According to ESG SaaS data protection research, 45% of organizations using SaaS attribute data losses they’ve experienced to deletion, whether accidental or malicious. When this happens with Google Workspace, Google is not able to identify if the deletion was intentional or not. The data will be deleted and totally unrecoverable once past Google Workspace trash bin’s retention time, a mere 30-days later.

You need a solid backup and recovery solution for your Google Workspace.

Misconception #2: I don’t need a third-party backup and recovery solution, I have Google Vault

As a subscribed user to certain editions of Google Workspace, you have access to Google’s retention and eDiscovery tool: Google Vault. With Vault, you can retain, hold, search, and export some users’ Google Workspace data.

Yet, Google Vault is not a backup tool. To this frequently asked question, “Is Vault a data backup or archive tool?” Google itself answers, “No. Vault isn’t designed to be a backup or archive tool.”

Based on Google’s own support website, here are reasons why you shouldn’t use Google Vault for backups:

  • Vault exports aren’t designed for large-scale or high-volume data backups. You can export data for a limited number of accounts and only for one Google service at a time. Vault also doesn’t allow many parallel exports or scheduling automatic exports.
  • Vault exports are prepared for legal discovery purposes, not efficient data processing. Vault can’t create differential backups or deduplicate data. For example, a Drive export includes all items the searched account has access to. When many accounts have access to the same items, they’re exported for each account, resulting in lots of duplicated data.
  • Vault doesn’t support all Google services. Vault can export data only from supported Google services. Vault doesn’t support services such as Calendar for instance.
  • Restoring data from Vault export files is hard. Vault doesn’t have any automated recovery tools.

Google Vault is not designed to recover lost or corrupted data and it cannot perform a which is a critical feature of any third-party backup and recovery tool.

Additionally, Google Vault does not keep ex-users’ data. For example, if an employee departs from your company and, as the admin, you delete his user Google Workspace account, all his data saved within their Vault will be also deleted. To save those data, it would require you to transfer all the employee’s data out of the Vault before deleting the account.

Misconception #3: A third-party tool can only help with backup data

By now, you know that backing up your Google Workspace data is your responsibility, not Google’s. It’s a common misconception that third-party backup solutions are a cost center purely performing secure backup and allowing for data recovery. These are the fundamentals, but there’s much more to it:

Benefit #1 – Cost savings

Budget constraints are making it harder than ever to implement new IT initiatives for IT Managers – They need to do more with less and maximize available resources.

Of course, deploying a backup and recovery solution for your SaaS applications comes with a cost, yet there are important (and substantial) cost-savings opportunities.

The first is through reduced SaaS licensing fees. Based on a recent Total Economic Impact report done by Forrester, companies save on months of SaaS licensing fees for employees who leave the organization – or around 10% of the work force per year. This number can be much higher if organizations use a lot of temporary staff or contractors. Having all historical data available simplifies data management and employee onboarding and offboarding.

The second is reduced auditing and legal costs. In the same TEI report, one of the organizations surveyed shared that seven days of auditor and lawyer costs are avoided each year by having SaaS data availability.

Benefit #2 – Regulatory compliance

Handling sensitive data is subject to stringent record retention and data reproduction requirements for all public records. With a proper backup and recovery solution, you can expect to:

  • Gain access to fast information discovery
  • Easy retention policy management
  • Additional rights to ensure compliance with applicable outsourcing regulatory requirements (e.g., extended audit rights, chain-sourcing approval rights).

In addition, data center facilities leveraged to store the data have high physical security standards and certifications (ISO 27001, SOC-2, ISAE 3402, PCI/DSS, HIPAA). It is important that you ask your vendor what they offer regarding regulatory compliance and data center certifications when investigating which tool to deploy.

Benefit #3 – Real disaster recovery

Third-party backup and recovery solutions must (not should) allow you to perform disaster recovery. The shortlist of important points to look for when selecting your solution:

  • Data availability: Get access to all your data, at any time, from anywhere. A proper backup solution provides you with unlimited storage, is cloud-based so you can always access your data, and it should reside on its own cloud for enhanced security and control.
  • Hot storage of data: Get your data on demand
  • Quick restore options for data: Restore fast, regardless of if it’s a single email or an entire point-in-time backup for your organization
  • On-the-go backup status monitor: Get updated with a mobile admin app

Keepit Backup and Recovery for Google Workspace

Keepit for Google Workspace is the world’s only independent cloud dedicated to backup and recovery. It is easy to use and keeps your Google Workspace data highly secure, always available, and instantly restorable.

Keep your data available 24/7 with automatic backup and unlimited storage
Quickly find and restore data, whether you want to restore one single email or an entire snapshot for your organization.

Easy to set up, easy to use, easy to scale
Keepit is a set-and-forget installation that is easy to use: No training needed. You can integrate it with your existing system thanks to our API-first approach. No hidden fees, no surprises, and 24/7 support.

Choose the World’s only independent cloud for immutable data
Security is in our DNA. Once your data is backed up with Keepit, it is made immutable and undeletable thanks to blockchain-verified technology. It is a priority for us to provide you with excellent reliability, great backup and restore performance, instant access to individual files, multi-factor authentication, and data encryption at rest and in transit.

Learn more on our Google Workspace backup and recovery

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.