THE CASE FOR END-USER DATA PROTECTION THROUGH MANAGED SERVICES CONTRACTS

www.cibecs.com

1/3 Negative impact on it infrastructure

1/4 Failure to enforce corporate governance compliance

WHAT IS THE SOLUTION FOR END USER DATA

PROTECTION?

1 OPERATIONAL BENEFITS OF SUCH A SOLUTION

1/1 Full control with central management 1/2 Simple and reliable data recoverability

2 INCREASED DELIVERY ON MANAGED SERVICES

CONTRACT

2/1 Faster data migration during hardware refresh 2/2 Reduced need for end user support

3 REDUCED IMPACT ON IT INFRASTRUCTURE

3/1 Better bandwidth 3/2 Smarter storage

4 AN INTELLIGENT APPROACH TO GOVERNANCE

AND COMPLIANCE

4/1 Gaining operational value from compliance 4/2 Addressing risk of access to confidential data

VALUE TO MANAGED SERVICES CLIENTS

VALUE TO MANAGED SERVICES PROVIDERS

ABOUT CIBECS

04

EXECUTIVE SUMMARY

Gartner predicts that data flow into businesses and enterprises will

grow

by 650% over the next five years. Add to that the ever increasing mobility

of vast amounts of data by way of much improved laptop storage, and

companies have a potential disaster on their hands should smart data

management not be the order of the day.

Tighter budgetary control also demands that a company’s IT function ups its service delivery, while simultaneously contributing effectively towards the meeting of larger company goals.

• With this change in mind-set, where IT Infrastructure is moving from “reliable and expensive” to “flexible and cost-effective”, company CIOs and IT Managers have to find ways to maximize operational value from the resources and technologies available to them.

• This also means that companies that are making use of Managed Services Providers (MSPs) to manage its IT Infrastructure will be looking to get more tangible value from their Managed Services Contracts.

}

Historically end-user data protection has been one area neglected by Managed Services Providers. • It is exactly in THIS KEY AREA that MSPs can differentiate their product offering, whilst providing their clients with a better Managed Services Solution that, first and foremost, takes care of their most valuable operational asset – their business critical data.

a hard drive, as per the company data backup policy (which we will discuss below).

Apart from the massive obvious flaw of entrusting users with the security of company data, IT (internal and Managed Services) faces an uphill battle in all aspects of user data management, such as:

IT resource required to try and find data once lost IT resource required to migrate user data from old to new or upgraded laptops and desktops

WHY IS THERE A PROBLEM IN THE

FIRST PLACE?

As already mentioned: In order to protect its business critical data, most companies

rely on an internal data backup policy that instructs users to backup their data to a

central location (such as the company server or to an external hard drive).

BACKUP POLICIES DO NOT

WORK. . .

WHY?

i. Users do not know how/where to backup their data or simply forget

ii. It is a time consuming exercise

iii. Users do not want to save sensitive data to the server where it could be accessed by

someone else.

Inevitably users will lose data through software or hardware failure and theft, natural disasters, user negligence and several other common occurrences. Equally inevitable the fact that users will then blame IT if their data cannot be retrieved.

EFFECTS OF DATA LOSS ON A BUSINESS

INCLUDE:

i. High cost involved with finding or reproducing lost data

ii. Loss of critical data could lead to loss of business and opportunities

iii. Productivity is negatively affected by prolonged or unnecessary PC downtime and user interruption

iv. Reputational risk of losing critical data. v. Data archival regulations are not adhered to vi. Significant time and IT resource required to assist the user to recover lost data from whatever source is available.

All this translates to a real business cost, affecting a company’s bottom line and leaving the company exposed to unnecessary risk.

}

02/

INEFFECTIVE END USER SUPPORT

IT Service delivery is negatively affected when unnecessary time is spent in trying to restore data. As there is no reliable backup of user data, the IT technician is usually not able to assist users in retrieving lost information, should a file be corrupted or lost.

More importantly, the technician then spends a significant amount of time trying to assist a user while a simple, fast, automated data recovery could have resulted in both a shortened support call and faster resolution for the user. (Great news for the MSP and

its client)

Similarly, users tend to blame IT should data be lost during a data migration. A wholly unfair accusation, of course, as IT has no way of knowing exactly where on a computer users choose to store their data.

03/1

OTHER EFFECTS OF POOR

USER DATA MANAGEMENT:

01/

COSTLY DATA MIGRATION AND HARDWARE

REFRESH PROJECTS

Hardware replacement and its accompanying user data migration is an expensive and time consuming process. The exercise is equally tedious when upgrading a laptop or desktop to a new version of Windows, also necessitating user data migration to the upgraded computer.

When laptop and desktop computers are replaced, IT is required to find users’ organizational data (stored in a variety of often mystifying locations) on their computers and then manually copy the data from the computer_to_a_central_location.

Once the new device has been configured, the data is manually copied from the central location back onto the new hardware.

This is an inefficient process that presents the following key problems:

i. It is time consuming and therefore costly to the business

ii. In most cases migration projects exceed their deadlines, resulting in more user downtime iii. Data is at risk of being lost due to IT not being sure of where all the user’s organizational data is stored

2. If users did follow the data backup policy, IT infrastructure would be severely affected Problems relating to users copying data to storage: i. Users copy the wrong kind of data (music, photos, movies) to the company’s servers while organizational data remains on their laptops and desktops – and at risk.

ii. Data is not compressed when copied to servers, which puts further (and considerable) strain on the company’s bandwidth and storage infrastructure – the impact of which is discussed in more detail below.

1. BANDWIDTH impact:

To avoid a slow or crashed network infrastructure, the transfer of data from end user devices to centralized storage must be done in an efficient manner, and should the impact on bandwidth for both the initial backup as well as subsequent, daily backups, be considered. A further consideration is the bandwidth that will be required when performing a data recovery.

2. STORAGE impact:

As users typically have both personal, as well as business critical, data on their devices it is important to decide what data to backup.

Data volumes grow significantly on an annual basis and must be managed to prevent runaway costs for centralized storage.

creates, collects and stores in its day-to-day activities. Legislation in various countries (such as SOX in the USA) recognizes the vital role IT plays in the continuity of a company:

In Europe and the USA, (along with most western countries) failure to comply with corporate governance legislature carries severe penalties to directors personally.

• An imperative area of risk assessment

is the business continuity and disaster recovery of a company. Information and communications are identified as two of the essential aspects to be controlled.

• At a minimum the board should disclose that there is a documented and tested process in place that will allow the company to continue its critical business processes in the event of a disaster.

WHAT IS THE SOLUTION FOR

END USER DATA PROTECTION?

A centrally managed software application is required to backup and recover

user data on the laptops and desktops in businesses and enterprises.

04/1

OPERATIONAL BENEFITS OF

SUCH A SOLUTION

An automated data backup and recovery solution that delivers the above mentioned features enables MSPs the ability to offer clients a simple, effective and reliable way to control all aspects of their business critical data, as well as a host of operational benefits, some of which are

discussed below.

01/

FULL CONTROL WITH CENTRAL

MANAGEMENT

In order to enforce the company’s data backup policy, IT needs to have a complete oversight of the End-User Data Backup environment, and do they require the following features:

The ability to centrally define policies over what data needs to be backed up, from which users, and when

The ability to pinpoint potential trouble areas quickly and act on it

The ability to manage backups centrally and report on protection ratings and areas of concern

Reporting functionality to prove compliance and the efficiency of ITs/MSPs Disaster Recovery Planning. Set schedules to automate the process

02/

SIMPLE & RELIABLE DATA RECOVERABILITY

01/

FASTER DATA MIGRATION DURING

HARDWARE REFRESH

Using a solution such as Cibecs, IT can simply replace an old laptop or desktop with the new model, ensure that the new Windows Operating System and applications are installed, and then use Cibecs to restore all the user’s data through the wizard-driven restore application. Data is recovered to the new device by simply selecting: What version of (encrypted) data is to be restored Which files to restore (all or specified files only) To which location the data must be restored to The automated restore is initiated and the data is restored in the same structure as it was in when it was backed up. In the instance where the restore is done to a newer version of the Microsoft Operating System, Cibecs will automatically configure the locations of the standard shortcuts. such as My Documents.

Having an automated, unattended restore process significantly increases efficiency and reduces the risk of data being lost during hardware refresh and operating system upgrade projects.

Central reporting on all restores enable management and monitoring of the deployment and recovery process, something that has not been manageable to date.

02/

REDUCED NEED FOR END USER SUPPORT

By utilizing Cibecs as part of the end user support process, IT / MSP resource will be able to reduce the impact of users requiring support (related to data) significantly.

As data will be recoverable at all times IT will be able to simply rebuild the data from a recovery, rather than having to attempt a fix.

• This applies to all types of data including email PSTs.

04/3

REDUCED IMPACT ON IT

INFRASTRUCTURE

Cibecs significantly reduces the impact of user data backup and recovery on company bandwidth and storage infrastructure.

• IT decides what data is backed up and when (removing wasteful use of infrastructure)

• Data is compressed during the backup procedure (reducing data backup size)

• After the initial backup, only changes in documents are subsequently backed up and compressed, further reducing daily backup size by up to 99%

01/

BETTER BANDWIDTH

After the initial backup, Cibecs only backs up the changes made within documents rather than the entire document, this process is known as Patch Backup. • The combination of Patch Backup and data compression reduces the amount of traffic across the WAN significantly and ensures that the impact on the network is kept to a minimum.

• Large scale backup of end user data would not be possible without the use of these technologies.

02/

SMARTER STORAGE

To further minimize the size of data that is transferred and stored, Cibecs allows the IT administrators to centrally define a data selection policy.

This policy will allow IT to select what data should be backed up and what should be excluded. An example of this would be to select all Office documents and exclude all Multimedia format documents for one department, while including Multimedia for the Marketing department. • Setting these policies will ensure that only business related data is backed up, decreasing the storage requirement.

Using data compression (at an average of 3:1) and patch technology, as discussed, the use of storage is optimized and a much higher storage ROI can be achieved. All data is archived and stored in an encrypted format (using 448 Blowfish encryption) to prevent unauthorized access.

In short, backing up data and making sure there is a security system in place to limit access to it, is imperative to the well-being of any business . . . The fact that doing so also means a company complies with legislation and good corporate governance is an added (and valuable) bonus.

Compliance need not be a burden, to the contrary – IT SHOULD BE AN ASSET.

01/

GAINING OPERATIONAL VALUE FROM

COMPLIANCE

Cibecs addresses Corporate Governance compliance by: • Ensuring end user data is protected

• Providing the company’s Board with the ability to demonstrate a policy-based, fully automated solution that ensures protection and archival of their business-essential user data.

• Encrypting data in the backup process, thereby controlling access to information and ticking another governance and compliance box

Cibecs enables a company to report on back-up activities, thereby demonstrating that the company is pro-actively addressing the risks associated with loss of data and critical business information.

02/

ADDRESSING RISK OF ACCESS TO

CONFIDENTIAL DATA

As mentioned above, this risk is eliminated through 448 Blowfish data encryption during the backup process.

• The only way to access the data is through authentication with a user specific encryption key. • The data is stored in this encrypted format and is not viewable on the server.

• A master key gives an authorized administrator access to the list of keys should he/she be required to retrieve a key.

• All restores are reported on, enabling the business to pinpoint when, why and by who a user’s data was restored.

}

VALUE TO MANAGED SERVICES

CUSTOMERS

Managed Services customers can look forward to having complete control over

their business critical data (and therefore the lifeblood of their companies) while

enjoying key benefits, such as:

Maximized uptime for their users, which means increased productivity and greater efficiency

Maximized use of their existing bandwidth and storage infrastructure

Elimination of data loss, including costs directly associated with its retrieval

Elimination of wasted resource required to recreate lost data

Frees up valuable Managed Services IT resource to focus on core contract objectives

Allows for simple and effective compliance with legislation and good corporate governance

requirements of its customers but that it also cares about the continued well-being of its client base. The CIBECS/MSP offering would be positioned as a solution that protects the MSPs clients against risk whilst guaranteeing greater operational efficiency.

• Adding CIBECS to its Managed Services Contract offers MSPs the following 3 key benefits.

01/

INNOVATIVE NEW PRODUCT

Adding an exciting new product to the MSPs existing product offering ensures customers enjoy continued innovation and proactive catering to all their requirements.

}

PRODUCT / SERVICES DIFFERENTIATOR

MSPs can differentiate their service offering by adding to its customer’s Data Continuity strategy through delivery of a complete End-user Data Backup Solution that increases IT Service Delivery and improves Operational Efficiency.

03/

SOLIDIFY LONG TERM CONTRACTS

ABOUT CIBECS

Cibecs is the simplest way to backup and recover user data residing on

business or enterprise laptops and desktops, and is trusted by thousands

of business users worldwide, including the National Prosecuting Authority

(NPA), Gijima, Ingram Micro, Wits University, Business Connexion and

several of South Africa’s leading financial institutions.

Visit www.cibecs.com for more information or

contact Cibecs on +27(11) 791 0073.