Who would want to start<\/em> a goods and services tax, after all? In the case of NetWorker, GST didn’t stand for a tax on purchases, but the master control software for NMC.<\/p>\n It’s amusing then to be back in the realm of using an overloaded three letter acronym which for many (in this case) US citizens refers to the tax-man \u2013 IRS. In this case though, IRS stands for I<\/strong><\/span>solated R<\/strong><\/span>ecovery S<\/strong><\/span>ite.<\/p>\n Our view of ‘disaster recovery’ situations by and large hasn’t changed much over the two decades I’ve been working in IT. While we’ve moved from active\/passive datacentres to active\/active datacentres as being the norm, the types of situations that might lead to invoking disaster recovery and transitioning services from one location to another have remained largely the same, such as:<\/p>\n In fact, they’re pretty much the key four reasons why we need to invoke DR \u2013 either granularly or for an entire datacentre.<\/p>\n The concept of an IRS is not to provide assistance in any of the above four situations. (In theory it could be utilised partly for any of the above, in practice that’s what your normal disaster recovery datacentre is about, regardless of whether it’s in an active\/active or active\/passive configuration with your primary.)<\/p>\n Deploying an IRS solution within your environment is about protecting you from modern threat vectors. It represents a business maturity that accepts any, many or all of the following scenarios:<\/p>\n Before I explain some of those situations, it would be helpful to provide a high level overview of what one kind of IRS layout might look like:<\/p>\n The key things to understand in an IRS configuration such as the above are:<\/p>\n IRS is not for traditional Business As Usual (BAU) or disaster recovery. You will still run those standard recovery operations out of your primary and\/or disaster recovery sites in the same way as you would normally.<\/p>\n So what are some of the examples where you might resort to an IRS copy?<\/p>\n These aren’t ‘example’ use cases, they’ve happened. In the first two if you’re using off-platform protection, you’re probably safe \u2013 but if you’re not, you’ve lost data. In the third example, there have been several examples over the last few years where this penetration has successfully been carried out by hactivists.<\/p>\n Maybe you feel your environment is not of interest from hactivists. If you work in the finance industry, you’re wrong. If you work in government, you’re wrong. OK, maybe you don’t work in either of those areas.<\/p>\n With the increasing availability of tools and broader surface area for malicious individuals or groups to strike with, hactivism isn’t limited to just the ‘conventional’ high profile industry verticals. Maybe you’re a pharmaceutical company that purchased the patent on a cheap drug then enraged communities by increasing prices by 400 times. Maybe you’re a theatre chain showing a movie a certain group has taken significant offence at. Maybe you’re a retail company selling products containing palm oil, or toilet paper not sourced from environmentally sustainable forests. Maybe you’re an energy company. Maybe you’re a company doing a really good job but have a few ex-employees with an axe to grind. If you’ve ever read an online forum thread, you’ll probably recognise that some people are trollish enough to do it just for the fun of it<\/em>.<\/p>\n Gone are the days where you worried about hactivism if you happened to be running a nuclear enrichment programme.<\/p>\n IRS is about protecting you from those<\/em> sorts of scenarios. By keeping at least a core of your critical data on a tertiary, locked down Data Domain that’s not accessible via the network, you’re not only leveraging the industry leading Data Invulnerability Architecture (DIA) to ensure what’s written is what’s read, you’re also ensuring that tertiary copy is off platform<\/em> to the rest of your environment.<\/p>\n And the great thing is, products like NetWorker are basically designed from the ground up to be used in an IRS configuration. NetWorker’s long and rich history of command automation means you can build into that Control & Verification service area whatever you need to take read-write snapshots of replicated data, DR an isolated NetWorker server and perform automated test recoveries.<\/p>\n One last point \u2013 something I’ve discussed with a few customers recently \u2013 you might be having an ahah!<\/em> moment and point to a box of tapes somewhere and say “There’s my IRS solution!” I can answer that with one simple question: If you went to your business and said you could scrap a disaster recovery site and instead rely on tape to perform all the required recoveries, what would they say? Tape isn’t<\/em> an IRS option except perhaps for the most lackadaisical data protection environments. (I’d suggest it’d even be an Icarus IRS solution \u2013 trusting that wax won’t melt when you fly your business too close to the sun.)<\/p>\n There’s some coverage of IRS in my upcoming book, Data Protection: Ensuring Data Availability<\/a>, and of course, you can read up on Dell EMC’s IRS offerings too. A good starting point is this solution overview<\/a>. If you’re in IT \u2013 Infrastructure or Security \u2013 have a chat to your risk officers and ask them what they think about those sorts of challenges outlined above. Chances are they’re already worried about them, and you could very well be bringing them the solution that’ll let everyone sleep easily at night. You might one day find yourself saying “I love the IRS”.<\/p>\n","protected":false},"excerpt":{"rendered":" Years ago when NetWorker Management Console was first introduced, Australians (and no doubt people in other countries with a similarly…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,5,1181],"tags":[1329,422,1328,1326,1327,566,836],"class_list":["post-6025","post","type-post","status-publish","format-standard","hentry","category-architecture","category-backup-theory","category-data-domain-2","tag-cryptoware","tag-hacking","tag-hactivism","tag-irs","tag-isolated-recovery-site","tag-malware","tag-risk"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pKpIN-1zb","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/6025","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/comments?post=6025"}],"version-history":[{"count":8,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/6025\/revisions"}],"predecessor-version":[{"id":7404,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/6025\/revisions\/7404"}],"wp:attachment":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/media?parent=6025"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/categories?post=6025"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/tags?post=6025"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
![\"Hactivism\"](\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2016\/11\/bigStock-Hacktivist.jpg\")
<\/a><\/p>\n\n
![\"Basic](\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2016\/11\/IRS-Basic.png\")
<\/a><\/p>\n\n
\n