Condusiv Technologies Blog

Condusiv Technologies Blog

Blogging @Condusiv

The Condusiv blog shares insight into the issues surrounding system and application performance—and how I/O optimization software is breaking new ground in solving those issues.

Recently Discovered SSD Vulnerabilities Could Cripple Global Markets with Data Corruption if Exploited by Attackers

by Brian Morin 15. June 2017 10:38

Recently discovered multi-level cell (MLC) solid-state drive (SSD) vulnerabilities by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, reveal the first-ever security weakness of its kind against MLC SSDs that store much of the world’s data. Two different types of malicious attacks are reported to corrupt data, leaving much of the world’s data currently exposed while organizations search for answers.

If security experts and data protection experts didn’t have enough to worry about already, the latest discovery from Carnegie Mellon University has set off brand new alarms that could be far more crippling than the recent WannaCry virus or any ransomware attack. In this case, data is not infected or held hostage, but is lost entirely - not even the host SSD hardware can be salvaged after such an attack. This is not simply alarming to organizations that stand the most to lose like financial institutions, but we’re talking about real lives here if patient care is compromised as we saw earlier this month at hospitals across the UK.

In a recently published report by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, there are two types of malicious attacks that can corrupt data and shorten the lifespan of MLC SSDs – a write attack (“program interference”) and a read attack (“read disturb”). Both attacks inundate the SSD with a large number of operations over a short period of time, which can corrupt data, shorten lifespan, and render an SSD useless to store data in a reliable manner into the future. However, both attacks rely upon native read and write operations from the operating system to the solid-state drive, which is circumvented by Condusiv® I/O reduction software on Windows systems (V-locity®, SSDkeeper®, Diskeeper® 16).

The only reason this story has been covered lightly by the media and not sensationalized across headlines is because no one has died yet or lost a billion dollars. This is a new and very different kind of vulnerability. Protection from this kind of an attack is not something that can be addressed by traditional lines of defense like anti-virus software, firmware upgrades, or OS patches. Since it is cost prohibitive for organizations to “rip-and-replace” multi-cell SSDs with single-cell SSDs, they are forced to rely on data sets that have been “backed-up.” However, what good is restoring data to hardware that can no longer reliably store data?

By acting as the “gatekeeper” between the Windows OS and the underlying SSD device, Condusiv I/O reduction software solutions perform inline optimizations at the OS-level before data is physically written or read from the solid-state drive. As a result, Condusiv’s patented technology is the only known solution that can disrupt “program interference” write operation attacks as well as “read disturb” read operation attacks that would attempt to exploit SSD vulnerabilities and corrupt data. While most known for boosting performance of applications running on Windows systems while extending the longevity of SSDs, Condusiv solutions go a step further as the only line of defense against these malicious attacks.

Condusiv’s patented write optimization engine (IntelliWrite®) mitigates the first vulnerability, “program interference,” by disrupting the write pattern that would otherwise generate errors and corrupt data. IntelliWrite eliminates excessively small writes and subsequent reads by ensuring large, clean contiguous writes from Windows so write operations to solid-state devices are performed in the most efficient manner possible on Windows servers and PCs. An attack could only be successful in the rare instance of limited free space or zero free space on a volume that results in writes occurring natively, circumventing the benefit of IntelliWrite.

Condusiv’s second patented engine (IntelliMemory®) disrupts the second vulnerability, “read disturb,” by establishing a tier-0 caching strategy that leverages idle, available memory to serve hot reads. This renders the “read disturb” attack useless since the storage target for hot reads becomes memory instead of the SSD device. A “read disturb” attack could only be successful in the rare instance that a Windows system is memory constrained and has no idle, available memory to be leveraged for cache.

While organizations use Condusiv software on Windows systems to maintain peak performance and extend the longevity of their SSDs, they can trust Condusiv to protect against malicious attacks that would otherwise corrupt user data and bring great harm to their business and service to customers.

Help! I deleted a file off the network drive!!

by Robin Izsak 31. October 2013 08:01

What if the recycle bin on your clients could be expanded to include file servers? And what if you could enable your users to recover their own files with self-service recovery? You would never have to dig through backups to restore files again, or schedule incessant snapshots to protect data.

One of the most persistent—and annoying—help desk calls is to help users recover files accidentally deleted off network drives, or support users who ‘saved over’ a PowerPoint they need for a meeting—in 15 minutes.

There are some pretty serious holes in true continuous data protection: First, any data that was created between backups might not be recoverable. Second, who wants to dig through backups anyway? Third, you’d have to schedule an insane amount of snapshots to protect every version of every file. Fourth, the Windows recycle bin doesn’t catch files deleted off a network drive, which is how most of us work in the real world—networks, clouds—not local drives.

Check out our latest guide that explains the gap between backup and the Windows recycle bin, and how to bridge that gap with Undelete® to ensure continuous data protection and self-service file recovery.

Meet the recycle bin for file servers. You’re welcome.

The Next Generation of Real-time Protection and Instant Recovery Software

by Alex Klein 4. September 2012 04:00

Today we announce the worldwide release of Undelete 10 – our real-time data protection and instant data recovery product. With just a touch of a button, Undelete instantly recovers files from Windows servers and workstations – even files that were deleted before Undelete was installed.

Enterprise IT and data have grown immensely since Condusiv first introduced Undelete over 14 years ago. Regardless of the Windows OS you’re running, whether it be a physical or virtual environment – Undelete is the one piece of software your company can’t afford to be without and can truly turn your IT department into a team of heroes.

“I came by Undelete when we had a user delete a whole department worth of files”, says Eric Tremelling, who’s the IT Manager at The Legal Aid Society of Palm Beach County. “It did recover all the files for the whole department.  I was so impressed that I purchased the Undelete Server edition to avoid future problems.  In my opinion, Undelete is one of the best programs we have and saves me lots of potential headaches.” 

“We use a backup system that does nightly backups to tape.  If something is deleted from the file server by mistake I have to go back to the tapes then pull the correct tape then run a restore on the file, provided there was no corruption or problems with the backup tape.  Another issue was that the deleted file could be gone before anyone noticed it was missing and I may not still have a backup that old to recover from.  Furthermore, if the file was created during the day before the backup runs at night, it would be gone because it never got backed up yet. The software has gotten us out of many jams”

 

Have an Undelete story to share? Leave a comment below – we’d love to hear from you!

Undelete 10 features

  • New One-button Search for Recent Files, which allows the user to locate a file deleted within a 24-hour period or one week period with one click.
     
  • New Search Wizard, a single pane view that provides fast and easy way to find a lost file.
     
  • New Dynamic User Interface for ease of use, quality of experience.
     
  • Undelete 10 Server - Protects server files including those deleted by network clients from a centralized management console.
     
  • Undelete 10 Desktop Client – Allows connected laptops, workstations and VMs to recover their own files from remote Undelete 10 Server recovery bins.
     
  • Undelete 10 Professional – Protects locally stored files and allows files to be recovered from remote Undelete Server recovery bins.
     
  • Undelete 10 Home – Provides comprehensive protection of locally stored files.

When a file is deleted, it is automatically captured and stored in the Undelete Recovery Bin. Undelete 10 captures all the files the Windows Recycle Bin misses, such as those deleted from shared network folders, deleted from commonly used applications, deleted by the Windows command prompt, or replaced when newer versions of a file are saved. Also, if a file is modified several times between a backup or shadow copy, it will not be saved. With Undelete, these file versions will be saved and are recoverable.

The Server, Professional and Client editions of Undelete let you see the contents of Recovery Bins on remote computers like file servers, allowing IT or users to recover their deleted files in seconds anywhere across the network with a single click of a button. It’s no longer necessary to spend hours searching backup tapes or Windows Shadow copies when a user accidentally deletes a file from the server.

Undelete can also restore files previously purged from the Recycle Bin or the Undelete Recovery Bin – even if they were deleted before Undelete was installed

Condusiv Undelete 10 “Set it and Forget It”® file recovery system runs on all Windows platforms, including those on VMware and Microsoft Hyper-V environments. Undelete 10 also supports Exchange, SQL, or SharePoint. 

Undelete 10 Server edition supports Windows Server 2008/2008 R2, Windows Server 2003,  Windows XP, Windows Vista, and Windows 7.

Undelete 10 Client, Professional and Home Editions support Windows XP, Windows Vista, and Windows 7.

In compliance with corporate governance or governmental regulatory requirements for secure data deletion, Undelete provides an electronic data shedder: SecureDelete® 2.0. Using a bit pattern specified by the National Security Agency (NSA) for the Department of Defense, SecureDelete not only deletes a file but overwrites the disk space the file previously occupied making it virtually impossible for anyone to access.

Don’t Risk Leaving Your Data Protection Plan To Luck Of The Draw

by Alex Klein 2. July 2012 09:34
It’s been said that an ounce of prevention is worth a pound of cure. This proverb especially holds true when it comes to a company’s data protection strategy. Without the right tools in place, it can cost money, time – or even much more.

Circulating across the Internet lately have been many data loss horror stories, including one about a little film called Toy Story 2. With a production budget of $90 million, the film generated near $500 million dollars at the box office and is hailed as one of the most successful animated films of all time. In its early stages however, something went terribly wrong that almost stopped production in its tracks permanently.

According to Oren Jacob, former Chief Technical Officer for Pixar (Associate Technical Director for Toy Story 2 at the time), someone accidentally ran a command on the drive that contained all of the movie files – effectively DELETING most of them. On top of this, it was found that backups had failed for the past month or so – eliminating the possibility of using this data recovery method to put the pieces back together. The collective work of many people over a span of a year was deleted in a matter of seconds - can you imagine? Fortunately, in the end Pixar was able to restore the film’s data by a chance circumstance (watch the clip below to get the details), but the lesson learned here is obvious.

For example, let’s take a genuine moment to consider a current project at your company. Take into account the entire creative process, manpower and cost involved. Go ahead – I’ll wait. Okay, got it? Now picture all that work gone – documents, graphics, everything – truly GONE. What would you do? In one way or another, businesses today can’t risk the need to answer such questions. Instead, a solid data protection plan must be put in place to prevent these types of situations from happening in the first place.

This data protection plan starts with a proper backup solution, but definitely shouldn’t end there. With typical backup routines taking place once daily, huge gaps of time are left vulnerable during the workday where disaster can strike. Software such Condusiv’s Undelete® fills in those gaps and provides real time protection for servers and workstations across your network; allowing for instant data recovery regardless of how files were deleted – even in virtual environments.

"Our entire commissions’ database was saved by the Undelete program. We would have lost a week of commissions (over 2000 records easily). We are very grateful...” -Frank Broggi, Technical Manager, World Travel, Inc.

Hollywood blockbusters require a substantial monetary investment and can sometimes take years to complete production. For them, lack of complete data protection is not an option – is it for you?


Are there “holes” in your company’s data protection plan? Get Undelete and be the company hero – Woody would be proud.

Month List

Calendar

<<  October 2017  >>
MoTuWeThFrSaSu
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345

View posts in large calendar