Condusiv Technologies Blog

Condusiv Technologies Blog

Blogging @Condusiv

The Condusiv blog shares insight into the issues surrounding system and application performance—and how I/O optimization software is breaking new ground in solving those issues.

How to Recover Lost or Deleted Files BEFORE Resorting to Outsourced Data Recovery

by Gary Quan 1. November 2017 05:46

Here’s a nightmare scenario…a user accidentally deletes irreplaceable or valued files from a network share, and there is no way to recover the data because:

>The file was created or modified then deleted AFTER the last valid backup/snapshot was taken.

>There is NO valid backup or snapshot to recover the data.

>There was NO real-time recovery software like Condusiv’s Undelete® already installed on the file server

>Sending the disk to a professional data recovery center is COSTLY and TIME-CONSUMING.

What do you do? Well, you may be in luck with a little known feature in Condusiv’s Undelete software product known as “Emergency Undelete.” On NTFS (New Technology File system) formatted volumes, which is the default file system used by Windows, there is an unfamiliar characteristic that can be leveraged to recover your lost data.

When a file gets deleted from a Windows volume, the data has not yet been physically removed from the drive. The space where that file data was residing is merely marked as “deleted” or available for use. The original data is there and will remain there until that space is overwritten by new data. That may or may not happen for quite a while. By taking the correct steps, there is an extremely good chance that this ‘deleted’ file can still be recovered. This is where Emergency Undelete comes in.

Emergency Undelete can find deleted files that have not yet been over-written by other files and allow you to recover them. To increase your chances of recovering lost data, here are some best practices to follow as soon as the files have been accidentally deleted.

1. Immediately, reduce or do away with any write activity on the volume(s) you are trying to recover the deleted files from. This will improve your chances of recovering the deleted files.

2. Get Condusiv’s Undelete to leverage its Emergency Undelete feature.  Emergency Undelete is part of the Undelete product package.

3. REMEMBER: You want to prevent any write activity on the volume(s) you are trying to recover the deleted files from, so if you are trying to recover lost files from your system volume, then do one of the following:

a. Copy the Undelete product package to that system, but to a different volume than the one you are recovering lost files from. Run the Undelete install package and it will allow you to run Emergency Undelete directly to recover the lost files.

  

b. If you do not have an extra volume on that system, then place the Undelete product package on a different system, run it and Emergency Undelete will allow you to place the Emergency Undelete package onto a CD or a USB memory stick. You can then place the CD/Memory stick on the system you need to recover from and run it to recover the lost files.

 

 

Now if the lost files do not reside on the system volume, you can just place the Undelete product package on the system volume, run it and select to run Emergency Undelete directly to recover the lost files.

4. When recovering the lost files, recover them to a different volume.

These same steps will also work on FAT (File Allocation Table) formatted storage that is used in many of the memory cards in cameras and phones. So, if some irreplaceable photos or videos were accidentally deleted, you can use these same steps to recover these too. Insert the memory card onto your Windows system, then use Emergency Undelete to recover the lost photos. 

Emergency Undelete has saved highly valuable Microsoft Office documents and priceless photos for thousands of users. It can help in your next emergency, too.

 

Tags:

Data Protection | Data Recovery | Undelete

Recently Discovered SSD Vulnerabilities Could Cripple Global Markets with Data Corruption if Exploited by Attackers

by Brian Morin 15. June 2017 10:38

Recently discovered multi-level cell (MLC) solid-state drive (SSD) vulnerabilities by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, reveal the first-ever security weakness of its kind against MLC SSDs that store much of the world’s data. Two different types of malicious attacks are reported to corrupt data, leaving much of the world’s data currently exposed while organizations search for answers.

If security experts and data protection experts didn’t have enough to worry about already, the latest discovery from Carnegie Mellon University has set off brand new alarms that could be far more crippling than the recent WannaCry virus or any ransomware attack. In this case, data is not infected or held hostage, but is lost entirely - not even the host SSD hardware can be salvaged after such an attack. This is not simply alarming to organizations that stand the most to lose like financial institutions, but we’re talking about real lives here if patient care is compromised as we saw earlier this month at hospitals across the UK.

In a recently published report by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, there are two types of malicious attacks that can corrupt data and shorten the lifespan of MLC SSDs – a write attack (“program interference”) and a read attack (“read disturb”). Both attacks inundate the SSD with a large number of operations over a short period of time, which can corrupt data, shorten lifespan, and render an SSD useless to store data in a reliable manner into the future. However, both attacks rely upon native read and write operations from the operating system to the solid-state drive, which is circumvented by Condusiv® I/O reduction software on Windows systems (V-locity®, SSDkeeper®, Diskeeper® 16).

The only reason this story has been covered lightly by the media and not sensationalized across headlines is because no one has died yet or lost a billion dollars. This is a new and very different kind of vulnerability. Protection from this kind of an attack is not something that can be addressed by traditional lines of defense like anti-virus software, firmware upgrades, or OS patches. Since it is cost prohibitive for organizations to “rip-and-replace” multi-cell SSDs with single-cell SSDs, they are forced to rely on data sets that have been “backed-up.” However, what good is restoring data to hardware that can no longer reliably store data?

By acting as the “gatekeeper” between the Windows OS and the underlying SSD device, Condusiv I/O reduction software solutions perform inline optimizations at the OS-level before data is physically written or read from the solid-state drive. As a result, Condusiv’s patented technology is the only known solution that can disrupt “program interference” write operation attacks as well as “read disturb” read operation attacks that would attempt to exploit SSD vulnerabilities and corrupt data. While most known for boosting performance of applications running on Windows systems while extending the longevity of SSDs, Condusiv solutions go a step further as the only line of defense against these malicious attacks.

Condusiv’s patented write optimization engine (IntelliWrite®) mitigates the first vulnerability, “program interference,” by disrupting the write pattern that would otherwise generate errors and corrupt data. IntelliWrite eliminates excessively small writes and subsequent reads by ensuring large, clean contiguous writes from Windows so write operations to solid-state devices are performed in the most efficient manner possible on Windows servers and PCs. An attack could only be successful in the rare instance of limited free space or zero free space on a volume that results in writes occurring natively, circumventing the benefit of IntelliWrite.

Condusiv’s second patented engine (IntelliMemory®) disrupts the second vulnerability, “read disturb,” by establishing a tier-0 caching strategy that leverages idle, available memory to serve hot reads. This renders the “read disturb” attack useless since the storage target for hot reads becomes memory instead of the SSD device. A “read disturb” attack could only be successful in the rare instance that a Windows system is memory constrained and has no idle, available memory to be leveraged for cache.

While organizations use Condusiv software on Windows systems to maintain peak performance and extend the longevity of their SSDs, they can trust Condusiv to protect against malicious attacks that would otherwise corrupt user data and bring great harm to their business and service to customers.

Help! I deleted a file off the network drive!!

by Robin Izsak 31. October 2013 08:01

What if the recycle bin on your clients could be expanded to include file servers? And what if you could enable your users to recover their own files with self-service recovery? You would never have to dig through backups to restore files again, or schedule incessant snapshots to protect data.

One of the most persistent—and annoying—help desk calls is to help users recover files accidentally deleted off network drives, or support users who ‘saved over’ a PowerPoint they need for a meeting—in 15 minutes.

There are some pretty serious holes in true continuous data protection: First, any data that was created between backups might not be recoverable. Second, who wants to dig through backups anyway? Third, you’d have to schedule an insane amount of snapshots to protect every version of every file. Fourth, the Windows recycle bin doesn’t catch files deleted off a network drive, which is how most of us work in the real world—networks, clouds—not local drives.

Check out our latest guide that explains the gap between backup and the Windows recycle bin, and how to bridge that gap with Undelete® to ensure continuous data protection and self-service file recovery.

Meet the recycle bin for file servers. You’re welcome.

The Next Generation of Real-time Protection and Instant Recovery Software

by Alex Klein 4. September 2012 04:00

Today we announce the worldwide release of Undelete 10 – our real-time data protection and instant data recovery product. With just a touch of a button, Undelete instantly recovers files from Windows servers and workstations – even files that were deleted before Undelete was installed.

Enterprise IT and data have grown immensely since Condusiv first introduced Undelete over 14 years ago. Regardless of the Windows OS you’re running, whether it be a physical or virtual environment – Undelete is the one piece of software your company can’t afford to be without and can truly turn your IT department into a team of heroes.

“I came by Undelete when we had a user delete a whole department worth of files”, says Eric Tremelling, who’s the IT Manager at The Legal Aid Society of Palm Beach County. “It did recover all the files for the whole department.  I was so impressed that I purchased the Undelete Server edition to avoid future problems.  In my opinion, Undelete is one of the best programs we have and saves me lots of potential headaches.” 

“We use a backup system that does nightly backups to tape.  If something is deleted from the file server by mistake I have to go back to the tapes then pull the correct tape then run a restore on the file, provided there was no corruption or problems with the backup tape.  Another issue was that the deleted file could be gone before anyone noticed it was missing and I may not still have a backup that old to recover from.  Furthermore, if the file was created during the day before the backup runs at night, it would be gone because it never got backed up yet. The software has gotten us out of many jams”

 

Have an Undelete story to share? Leave a comment below – we’d love to hear from you!

Undelete 10 features

  • New One-button Search for Recent Files, which allows the user to locate a file deleted within a 24-hour period or one week period with one click.
     
  • New Search Wizard, a single pane view that provides fast and easy way to find a lost file.
     
  • New Dynamic User Interface for ease of use, quality of experience.
     
  • Undelete 10 Server - Protects server files including those deleted by network clients from a centralized management console.
     
  • Undelete 10 Desktop Client – Allows connected laptops, workstations and VMs to recover their own files from remote Undelete 10 Server recovery bins.
     
  • Undelete 10 Professional – Protects locally stored files and allows files to be recovered from remote Undelete Server recovery bins.
     
  • Undelete 10 Home – Provides comprehensive protection of locally stored files.

When a file is deleted, it is automatically captured and stored in the Undelete Recovery Bin. Undelete 10 captures all the files the Windows Recycle Bin misses, such as those deleted from shared network folders, deleted from commonly used applications, deleted by the Windows command prompt, or replaced when newer versions of a file are saved. Also, if a file is modified several times between a backup or shadow copy, it will not be saved. With Undelete, these file versions will be saved and are recoverable.

The Server, Professional and Client editions of Undelete let you see the contents of Recovery Bins on remote computers like file servers, allowing IT or users to recover their deleted files in seconds anywhere across the network with a single click of a button. It’s no longer necessary to spend hours searching backup tapes or Windows Shadow copies when a user accidentally deletes a file from the server.

Undelete can also restore files previously purged from the Recycle Bin or the Undelete Recovery Bin – even if they were deleted before Undelete was installed

Condusiv Undelete 10 “Set it and Forget It”® file recovery system runs on all Windows platforms, including those on VMware and Microsoft Hyper-V environments. Undelete 10 also supports Exchange, SQL, or SharePoint. 

Undelete 10 Server edition supports Windows Server 2008/2008 R2, Windows Server 2003,  Windows XP, Windows Vista, and Windows 7.

Undelete 10 Client, Professional and Home Editions support Windows XP, Windows Vista, and Windows 7.

In compliance with corporate governance or governmental regulatory requirements for secure data deletion, Undelete provides an electronic data shedder: SecureDelete® 2.0. Using a bit pattern specified by the National Security Agency (NSA) for the Department of Defense, SecureDelete not only deletes a file but overwrites the disk space the file previously occupied making it virtually impossible for anyone to access.

Don’t Risk Leaving Your Data Protection Plan To Luck Of The Draw

by Alex Klein 2. July 2012 09:34
It’s been said that an ounce of prevention is worth a pound of cure. This proverb especially holds true when it comes to a company’s data protection strategy. Without the right tools in place, it can cost money, time – or even much more.

Circulating across the Internet lately have been many data loss horror stories, including one about a little film called Toy Story 2. With a production budget of $90 million, the film generated near $500 million dollars at the box office and is hailed as one of the most successful animated films of all time. In its early stages however, something went terribly wrong that almost stopped production in its tracks permanently.

According to Oren Jacob, former Chief Technical Officer for Pixar (Associate Technical Director for Toy Story 2 at the time), someone accidentally ran a command on the drive that contained all of the movie files – effectively DELETING most of them. On top of this, it was found that backups had failed for the past month or so – eliminating the possibility of using this data recovery method to put the pieces back together. The collective work of many people over a span of a year was deleted in a matter of seconds - can you imagine? Fortunately, in the end Pixar was able to restore the film’s data by a chance circumstance (watch the clip below to get the details), but the lesson learned here is obvious.

For example, let’s take a genuine moment to consider a current project at your company. Take into account the entire creative process, manpower and cost involved. Go ahead – I’ll wait. Okay, got it? Now picture all that work gone – documents, graphics, everything – truly GONE. What would you do? In one way or another, businesses today can’t risk the need to answer such questions. Instead, a solid data protection plan must be put in place to prevent these types of situations from happening in the first place.

This data protection plan starts with a proper backup solution, but definitely shouldn’t end there. With typical backup routines taking place once daily, huge gaps of time are left vulnerable during the workday where disaster can strike. Software such Condusiv’s Undelete® fills in those gaps and provides real time protection for servers and workstations across your network; allowing for instant data recovery regardless of how files were deleted – even in virtual environments.

"Our entire commissions’ database was saved by the Undelete program. We would have lost a week of commissions (over 2000 records easily). We are very grateful...” -Frank Broggi, Technical Manager, World Travel, Inc.

Hollywood blockbusters require a substantial monetary investment and can sometimes take years to complete production. For them, lack of complete data protection is not an option – is it for you?


Are there “holes” in your company’s data protection plan? Get Undelete and be the company hero – Woody would be proud.

Month List

Calendar

<<  November 2017  >>
MoTuWeThFrSaSu
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910

View posts in large calendar