Skip to content

為什麼 Pandora FMS 開源存在?

My name is Sancho and I am the person who started developing Pandora FMS in 2004. I want to tell you why Pandora FMS Open Source exists and why the community is so important to me.

We tell you why Pandora FMS Open Source exists

I always liked computers, I started with a ZX Spectrum and my first game was a hacked one. 

I had to teach myself how to peel a cable to plug the RCA video output into my father’s little TV. In fact, I think I’ve spent more time learning how to solder cables, copy games, and trick them than playing them themselves. 

In the 80s, technical knowledge was what someone could teach you, there was no Internet. And, as a child, I also didn’t have the resources to talk to expert adults. 

When the BBS (Bulletin Board Systems) arrived in Europe I was 14 years old. I still remember, with pristine clarity, the article from a computer magazine that filled my head with wonders: 

“Thousands of apps and games, access to information around the globe, messaging with users around the world…” 

I could learn anything!

And there were even many softwares that I could use without having to hack them!

When I connected to Fidonet in 1990 a world of possibilities opened up. 

I started talking to university students, set up a Fidonet node at home and had the need to do my first programs for my own BBS. It used RemoteAccess and FrontDoor, applications to give access to users and to connect to Fidonet through a modem over the telephone line.

I learned TurboPascal by reading documentation online and with photocopied books in English that other users lent me. 

A student at the University of Zaragoza lent me his credentials and I accessed the Internet for the first time through a RAS built on an HP-UX. 

I didn’t know what Unix was, but I had some commands written down to download things through FTP and then through Kermit to my computer. 

Along the way I had to stick with the AT commands and run head-on with the problem of being a 15-year-old boy who hires two phone lines for a BBS in a room of five square meters.

Antes de Pandora FMS Open Source

Thanks to other users I learned how to connect with the pair of tests in the phonebox of my house to call the US for free and download the McAfee antivirus updates, which I made available to everyone. 

I later learned how to connect to the internet through Compuserve using trial accounts that lasted 15 days. 

In short, I had an insatiable craving for knowledge

I loved to try, combine and dig

I used a lot of software that is now forgotten, such as Desqview or OS/2 Warp, to try to make my PC, made with second-hand parts, have the power to work in what became one of the largest BBS in Madrid (Edison BBS).  

All the software I developed (online games, time banks and things like that) I shared with other BBS Sysop, although my code was terrible. 

*Although no one cared much about the code because everything was to be done and the important thing was that it worked. 

Most of the programs I used had to be compiled by other people with more powerful PCs, my machine took days to compile and link the binaries.

Video Player

Open Source Software Time

When I was in college, the Internet and ADSL came, as well as stacks of photocopied books. 

I tried programming video games and then my first job came. 

There I discovered that the Internet was a much, much bigger world than I had thought. Where there were servers and networks full of computers that people plugged into the web without notifying anyone, and lots of other stuff that appeared little by little… 

That’s when I discovered that it was necessary to bring order to so much chaos

I needed to know what was happening around me and monitor it. 

In each new work, that sense of chaos and lack of control grew. 

There did not seem to be a universal system to collect information and unify it, each had its applications, incompatible with the rest. Unlike the world of Star Trek where everything was compatible and universal.

That craving for knowledge and that habit of sharing at that time was not circumscribed to a philosophy, it did not have a name. It was a pure necessity: to share, learn, test, copy and modify.  

Some years later I discovered what the term Open Source meant. 

But it was just a name, the habit has been in me since I copied my first Game of Spectrum. 

*I once met in an interview an English developer older than me who had programmed one of those games, but that’s another story.

I spent many years learning thanks to others

Now I have to give back everything I have learned since my childhood. 

For me Open Source is not a license, it is not a political doctrine, it is not a fashion, it is a way of understanding life.

Sharing knowledge makes us better as individuals, as a society, and as professionals.

That is why Pandora FMS Open Source is not a “limited” version of the Enterprise version, no, the Open Source version has infinite documentation, in several languages, a changing documentation that includes everything, without secrets. 

The Open Source version not only has code, it has people who answer questions, guides and tutorials and has no limitations. 

It is made for that purpose, to bring order to chaos and allow anyone, programmer or not, to expand and improve it. Without having to share what you do, just let them use it however they want and for whatever they see fit.

There are many users, and companies, that like me when I was younger, cannot afford what an Enterprise license costs. 

I encourage them to use the Open Source version of Pandora FMS, not because it is free, but because you can learn without limit and can make Pandora FMS go far beyond what you think. 

Moreover, if they want, they can share their knowledge back and improve Pandora FMS. 

A code patch has the same value as a collection of icons or a Russian translation.

Where do we get the money?

Easy, not everyone has that craving for knowledge, to learn, to share. 

There are people who have their focus on managing problems, quickly and with professional help. 

They prefer an out-of-the-box tool that solves problems in hypercomplex and very specific environments. 

They still really want to learn and try, but they don’t have the time. Literally, their time is worth much more to their companies than Pandora FMS’s Enterprise license. 

Some Pandora FMS tools, such as policies, can be easily implemented using additional tools (or even your own scripts), but it takes time and knowledge. 

In the Enterprise version it is solved with a couple of mouse clicks.

The same goes for scalability. 

In the Enterprise version we support an active/passive HA system based on MySQL, any user can implement the same system as us, they can also build a Galley cluster to have almost infinite scalability, without the need to mount a Metaconsole (Enterprise). 

In fact we have some users who have been using Pandora FMS for many years with much larger environments than most of our Enterprise customers. 

I encourage you to see for yourself that the free spirit is still there! 

Call it OpenSource, free software, enter the license (GPL2), but above all: 

Learn, share and enjoy the process!

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

安全性 Deepfake 呈上升趨勢:這對企業 IT 安全意味著什麼

In early 2020, a Hong Kong bank manager received a call from a company director asking him to authorize transfers to the tune of $35 million. Recognizing the director’s voice and being convinced of the reason for the transfer (an upcoming acquisition), he began moving the money. However, this request was entirely fraudulent – the bank manager had never spoken to the director. Instead, he was duped by a worrying new technology dubbed “deep voice“, a subset of deepfake technology.

Cybercriminals are increasingly leveraging security deepfakes to facilitate business email compromise (BEC) fraud and bypass multi-factor authentication (MFA) protocols, and know your customer (KYC) ID verification. And as deepfake technology becomes increasingly more sophisticated and accessible, this trend will only continue. For example, only last year, the FBI warned that malicious actors would undoubtedly leverage “synthetic content,” like deepfakes, for cyber operations over the next 18 months.

But just how do bad actors leverage deepfakes? And what does this mean for corporate IT security? Let’s get into it. 

Security Deepfakes, Explained

Deepfakes use artificial intelligence and machine learning to create compelling images, videos, and audio hoaxes. They are a type of synthetic (computer-generated) media and can be so convincing at mimicking a real person that they can fool both people and algorithms. 

Here, the specific technologies at play are deep learning and general adversarial networks (GANs). In simple words, this means that two neural networks (computing systems inspired by how the human brain works) compete against each other to create increasingly convincing media. The goal of neural network A is to generate an image that neural network B cannot distinguish from its training data. And the goal of neural network B is not to be fooled in this way. The result? Scarily convincing generated images. 

The introduction of GANs has significantly advanced deepfakes, but other prominent technologies are also contributing to deepfakes’ rise – 5G and cloud computing. These technologies allow video streams to be manipulated in real-time, opening the doors for live-streaming and video conferencing fraud. 

How Security Deepfakes Bypass Cybersecurity Controls

Defending corporate networks in a world where high-profile data breaches are a daily occurrence is no easy task. Organizations today rely on robust IT security protocols and tools, including AI-driven network security, stringent network access controls, zero trust principles, and more. However, while companies work hard to strengthen their IT security, cybercriminals work hard to find a way around it. It’s a game of constant cat and mouse. 

Deepfakes are particularly concerning because they can dramatically increase the effectiveness of phishing and BEC attacks – something that organizations are already struggling to combat. For example, according to CISCO’s 2021 Cybersecurity Threat Trends report, around 90% of data breaches occur due to phishing

Deepfake Phishing Attacks

Much of the security threat around deepfake phishing revolves around their use in business email compromise attacks. Why? Because BEC attacks are the highest-grossing form of all phishing attacks for cybercriminals

In a business email compromise attack, cybercriminals send convincing-looking emails attempting to trick a targeted employee into releasing funds or revealing sensitive information. And unlike in traditional phishing attacks, these emails aren’t sent out indiscriminately – they are specifically crafted to appeal to specific individuals. 

These types of attacks rely on trust and urgency. For example, when you get a request from your boss asking you to transfer funds, you trust that it’s a legitimate request, and you feel compelled to act quickly to avoid disappointing them. Cybercriminals love when people act quickly because it leaves less room for doubt and critical thinking, and they use several tactics to try and ramp up the urgency in their messages. 

But security deepfakes work by targeting the other component – trust. A voicemail or video message from a senior ranking employee is even more convincing than a carefully crafted email. And deepfakes still seem in the realm of science fiction for many people. Most employees won’t stop to think that a cybercriminal has trained an algorithm on audio recordings of their boss freely available online.

The rise of hybrid and distributed workforces are also contributing to the success of this type of attack. It’s no longer unusual for employees to receive high-impact requests without speaking to someone face to face. 

Remote Identification Verification

Security deepfakes are becoming increasingly successful at bypassing remote identification verification checks. For example, recent academic research found that deepfakes are around five times better at spooring verification solutions than traditional methods like 3D masks and printed photos.  

Know-Your-Customer (KYC) verification checks, where companies often use video or images to check customers are who they claim to be, are also highly vulnerable to deepfakes. Unlike with a sophisticated BEC attack, cybercriminals only need minimal source material to conduct a face swap that can fool biometric identification systems. 

Combating Security Deepfakes

Unfortunately, deepfake technology is advancing faster than the systems we use to detect them. We currently use various factors to detect security deepfakes, mainly using algorithms to look for abnormalities in skin, eyes, hair, background discrepancies, and unusual pixel compositions. However, cybercriminals are also becoming increasingly adept at getting around these detections.

So what does this mean going forward? First, we could see AI utilized to combat deepfake threats. For example, sufficiently advanced AI systems could crunch existing video and audio files and compare them to new material to see if a video was created by splicing together existing clips. Additionally, blockchains could be used to verify whether content has been manipulated from its original version.

However, this technology isn’t likely to be available to the average organization any time soon. With this in mind, companies should focus their efforts on educating employees on the existence of deepfakes, so they are more likely to second-guess the authenticity of an unexpected video or voicemail request. At the same time, companies should encourage employees not to act quickly to unusual requests and instead take the time to verify the request’s legitimacy.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

SCADAfence 在 2022 年 RSA 會議期間榮獲三項著名的信息安全獎

SCADAfence Wins 3 Awards at RSA 2022 – 1. Most Innovative Governance, Risk and Compliance (GRC) 2. Next Gen ICS/SCADA Security  3. Most Innovative Internet of Things (IoT) Security  

San Francisco, California June 6, 2022 – SCADAfence, the global technology leader in OT & IoT cyber security, is proud to announce we have won the following awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine:

  • Most Innovative Governance, Risk and Compliance (GRC)
  • Next Gen ICS/SCADA Security
  • Most Innovative Internet of Things (IoT) Security

SCADAfence has won the award for Most Innovative Governance, Risk and Compliance (GRC) in recognition of the governance portal, which provides a multi-site regulatory and policy compliance framework. The portal provides companies with OT networks increased readiness and compliance for organizational policies and regulations. The SCADAfence governance portal is unique in the marketplace, that allows organizations to audit compliance based on real traffic data across multiple sites, and provides ready-to-use compliance dashboard and reports. SCADAfence is currently the only vendor who offers this technology.

Additionally, SCADAfence has won the award for Next Gen Next Gen ICS/SCADA Security since they have a unique Micro Granular Baseline technology. This technology learns every device granularly, per asset and per traffic characteristics. This unique technology provides the most accurate detection mechanism, and dramatically reduces false-positives without the need to reconfigure the baseline upon any changes. Customers get baselining results in hours vs weeks and it keeps getting smarter with advanced AI capabilities.

SCADAfence has also won the award for Most Innovative Internet of Things (IoT) Security, for their ability to provide comprehensive protection to complex industrial IIoT networks comprising thousands of devices from various manufacturers with multiple vulnerabilities.

“We’re thrilled to receive one of the most prestigious and coveted cybersecurity awards in the world from Cyber Defense Magazine” said Elad Ben-Meir, CEO of SCADAfence. “We knew the competition would be tough and fierce. We couldn’t be more pleased to be recognized as Innovators and leaders in the OT security industry.”

“SCADAfence embodies three major features the judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help stop the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.

We’re thrilled to be a part of  this coveted group of winners, located here: www.cyberdefenseawards.com/

About SCADAfence

SCADAfence is the global technology leader in OT & IoT cyber security. The SCADAfence platform enables organizations with complex OT networks to embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. The non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and governance with minimal false-positives. SCADAfence delivers proactive security and visibility to some of the world’s most complex OT networks, including the largest manufacturing facility in Europe. SCADAfence enables organizations in manufacturing, building management and critical infrastructure industries to operate securely, reliably and efficiently. To learn more, go to http://www.scadafence.com

About CDM InfoSec Awards

This is Cyber Defense Magazine’s eighth year of honoring InfoSec innovators. Our submission requirements are for any startup, early stage, later stage or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at http://www.cyberdefenseawards.com

About the Judging

The judges are CISSP, FMDHS, CEH, certified security professionals who voted based on their independent review of the company submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking “What’s Next?” so we are looking for Next Generation InfoSec Solutions.

About Cyber Defense Magazine

With over 5 Million monthly readers and growing, and over 17,000 pages of searchable online infosec content, Cyber Defense Magazine and our sister magazine being announced after the show is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and special editions exclusively for the RSA Conference. CDM is a proud member of the Cyber Defense Media Group, a division of Ingersoll Lockwood. Learn more about us at http://www.cyberdefensemagazine.com and visit http://www.cyberdefensetv.com and http://www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives.

As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques.

Ripple20 are 19 vulnerabilities revealed by Israeli firm JSOF that affect millions of OT and IOT devices. The vulnerabilities reside in a TCP/IP stack developed by Treck, Inc. The TCP/IP stack is widely used by manufacturers in the OT and IoT industries and thus affects a tremendous amount of devices.

Among the affected devices are Cisco Routers, HP Printers, Digi IoT devices, PLCs by Rockwell Automation and many more. Official advisories by companies who confirmed having affected devices can be found here, in the “More Information” section.

The most critical vulnerabilities are three that can cause a stable Remote Code Execution (CVE-2020-11896, CVE-2020-11897, CVE-2020-11901) and another that can cause the target device’s memory heap to be leaked (CVE-2020-11898).

On behalf of our customers, we set out to explore the real impact of these vulnerabilities, which we’re now sharing with the public.

The research has been conducted by researchers Maayan Fishelov and Dan Haim, and has been managed by SCADAfence’s Co-Founder and CTO, Ofer Shaked.

Exploitability Research
We set out to check the exploitability of these vulnerabilities, starting with CVE-2020-11898 (the heap memory leak vulnerability), one of the 19 published vulnerabilities.

We created a Python POC script that is based on JSOF official whitepaper for this vulnerability. According to JSOF, the implementation is very similar to CVE-2020-11896, which is an RCE vulnerability that is described in the whitepaper. Also mentioned about the RCE vulnerability: “Variants of this Issue can be triggered to cause a Denial of Service or a persistent Denial of Service, requiring a hard reset.”

Trial Results:
Test 1 target: Samsung ProXpress printer model SL-M4070FR firmware version V4.00.02.18 MAY-08-2017. This device is vulnerable according to the HP Advisory.

Test 1 result: The printer’s network crashed and required a hard reset to recover. We were unable to reproduce the heap memory leak as described, and this vulnerability would have been tagged as unauthenticated remote DoS instead, on this specific printer.

Test 2 target: HP printer model M130fw. This device is vulnerable according to the HP Advisory.

Test 2 result: Although reported as vulnerable by the manufacturer, we were unable to reproduce the vulnerability, and we believe that this device isn’t affected by this vulnerability. We believe that’s because the IPinIP feature isn’t enabled on this printer, which we’ve verified with a specially crafted packet.

Test 3 target: Undisclosed at this stage due to disclosure guidelines. We will reveal this finding in the near future.

Test 3 result: We found an unreported vendor and device, on which we can use CVE-2020-11898 to remotely leak 368 bytes from the device’s heap, disclosing sensitive information. No patch is available for this device. Due to our strict policy of using Google’s Responsible Disclosure, we’ve reported this to the manufacturer, to allow them to make a patch available prior to the publication date.

Key Takeaways
We’ve confirmed the exploitability vulnerabilities on our IoT lab devices.

On the negative side: The vulnerabilities exist on additional products that are unknown to the public. Attackers are likely to use this information gap to attack networks.
On the positive side: Some devices that are reported as affected by the manufacturers are actually not affected, or are affected by other vulnerabilities. It might require attackers to tailor their exploits to specific products, increasing the cost of exploitation, and prevent them from using the vulnerability on products that are reported as vulnerable.

SCADAfence Research Recommendations
Check your asset inventory and vulnerability assessment solutions for unpatched products affected by Ripple20.
The SCADAfence Platform creates an asset inventory with product and software versions passively and actively, and allows you to manage your CVEs across all embedded and Windows devices.
Prioritize patching or other mitigation measures based on: Exposure to the internet, exposure to insecure networks (business LAN and others), criticality of the asset.
This prioritization can automatically be obtained from tools such as the SCADAfence Platform.
Detect exploitation based on network traffic analysis.
The SCADAfence Platform detects usage of these exploits in network activity by searching for patterns that indicate usage of this vulnerability in the TCP/IP communications.
If you have any questions or concerns about Ripple20, please contact us and we’ll be happy to assist you and share our knowledge with you or with your security experts.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.

INDIANAPOLIS, August 4, 2020 — Scale Computing, a market leader in edge computing, virtualization, and hyperconverged solutions, today announced it is experiencing increased demand for its HC3 virtualization platform across the healthcare industry.

The healthcare industry is consumed with the need to simplify the management of IT assets and reduce the time and effort expended on maintaining the current IT environment. Paris Community Hospital, Riverwood Healthcare Center, Costa Salud Community Health, and North Valley Hospital all faced significant IT challenges. These included a need to enable virtualization without complexity, improve availability of critical workloads, improve disaster recovery, and solve single vendor support of infrastructure, all while needing to meet an affordable price point.

Paris Community Hospital, part of Horizon Health, is a 25-bed critical-access hospital located in Paris, Illinois. It is a full-service provider that includes emergency medicine, surgery, rehabilitation services, radiology, diabetes education, and more. The company’s four-person IT team turned to Scale Computing to simplify the management of its IT assets and reduce the time and effort expended on maintaining the environment. Scale Computing HC3 provided a cost-effective way to simplify its IT infrastructure and VDI management as well as improved performance. It also delivered enhanced security and control and enabled rapid deployment of virtual desktops, cutting time-to-implementation from a week to two hours.

Edgar Weeks, information services manager, Paris Community Hospital, comments: “With the previous environment, the high cost of maintenance and replacement, as well as the overhead required to go through so many devices and workstations individually, was a serious issue for a small, lean organization like us. Scale Computing delivered a solution that has addressed all the challenges we faced more cost-effectively than all other options. We can add users faster, manage connections more effectively, provide better control over user access and deliver vastly improved security.”

Riverwood Healthcare Center has been providing care to residents of Aitkin County in Northern Minnesota for more than 60 years. Riverwood IT leadership turned to Scale Computing to help virtualize their operations and fortify their disaster recovery efforts with a single vendor. The Scale Computing HC3 solution simplified the center’s efforts, working across its entire infrastructure and reducing the time the Riverwood IT team spends managing its infrastructure by nearly 25%, and with a much smaller footprint.

Mike Kongsjord, IT administrator, Riverwood Healthcare Center, stated: “HC3 reduced time in implementation, making our response to requests more efficient, thus increasing satisfaction. Overall maintenance of the device is much less than supporting physical servers.”

Costa Salud Community Health is located in Rincon, Puerto Rico. The health center’s general practitioners provide comprehensive, continuous and primary healthcare services to patients. Costa Salud Community Health was looking for a single vendor solution to support its infrastructure and improve disaster recovery, all at an affordable cost. It turned to Scale Computing’s HC3 for hypervisor licensing renewal and to support higher uptime SLAs for critical workloads. Thanks to its built-in high availability, HC3 decreased the time spent recovering from a hardware failure running a critical workload from 1-8 hours to less than 10 minutes (an 83-97% reduction in recovery time). Scale Computing’s solution also reduced the time the IT staff spends managing infrastructure by more than 75% after deployment of HC3.

Ismael Ruiz, IT vice president, Costa Salud Community Health, commented: “The Scale Computing solution was very interesting from the beginning. Employees do not need certifications to use the platform. Also, we do not have to be constantly upgrading. One opportunity we saw apart from the cost was support. No matter the time, a service engineer always helps us by phone in a short time. In our case, we evaluated a lot of products and HC3 was the best suited for our operations.”

North Valley Hospital, located in Washington state, strives to provide quality patient care and education that enhances the health and well-being of its communities. While struggling to find availability to accompany its critical workloads and enable virtualization without complexity, North Valley Hospital looked to Scale Computing. Scale Computing’s HC3 not only addressed those issues, but also improved disaster recovery. The high availability built into HC3 allowed North Valley Hospital to decrease the recovery time needed for a hardware failure running a critical workload, from 8-24 hours to less than 10 minutes (97-99% reduction in recovery time). In addition, after deploying HC3, the amount of time the IT staff spends managing infrastructure was reduced by 50-74%.

Carlos Antuna, IT manager, North Valley Hospital, commented: “HC3 reduced complexity and increased availability.”

“When it comes to IT, healthcare organizations face many of the same challenges as any other organization, including limited budgets and scalability. Healthcare organizations also face challenges related to storing, managing and protecting critical patient data and research data and keeping systems available to handle critical care,” said Jeff Ready, CEO and co-founder, Scale Computing. “Healthcare organizations of all types have been choosing HC3 hyperconverged infrastructure from Scale Computing to serve their IT infrastructure needs. HC3 offers simplicity, scalability, availability, and affordability to organizations who need to streamline operations with a reliable solution. Whether a healthcare organization is specialized in emergency services, mental health, medical imaging, research or any other aspect of care, HC3 is the smart choice.”

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Scale Computing
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

使用備份和恢復進行快速簡單的電子發現

What is eDiscovery?

Electronic discovery (sometimes known as eDiscovery, e-discovery) is one of those terms that means slightly different things in different contexts. 

For example, in legal spheres, eDiscovery involves identifying, preserving, collecting, processing, reviewing, and analyzing electronically stored information (ESI). The term also shows up in digital forensics, which focuses on identifying, preserving, collecting, analyzing, and reporting on digital information—clearly very similar, but not quite equivalent. 

In general, eDiscovery is the electronic aspect of identifying, collecting, and producing electronically stored information, such as emails, documents, databases, audio, and video files, and also includes metadata such as time-date stamps, file properties, and author and recipient information. In other words—regardless of the specific driving need—eDiscovery refers to finding and retrieving electronically stored ‘stuff’. 

Sounds easy enough, right? But as anyone who’s performed eDiscovery knows, today’s information-enabled organizations produce an awful lot of that stuff. In fact, the tendency for every single action we take to produce a digital trail led public-interest technologist Bruce Schneier to observe that “data is the exhaust of the information age” [Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, pg. 4].

Consequently, the sheer volume of electronically stored information makes eDiscovery a logistical challenge. Now, add in the time-specific nature of many requests—as in, needing to retrieve a file or record as it existed at a certain time on a certain date, a certain number of years ago—and the challenge becomes even greater. 

Beyond backup: enabling quick and simple eDiscovery

While the retention utilities included with software-as-a-service (SaaS) applications and cloud services may be adequate for retrieving something that’s a few weeks old, they certainly aren’t intended to provide—nor are they capable of providing—a substitute for long-term backup and the use cases it enables, including disaster recovery and eDiscovery.

To be resilient in the face of outages, compromises, and misconfigurations (or simply to find a crucial piece of information), your organization needs to be able to search and access SaaS and cloud data quickly and easily. Imagine the difference between a recovery mission aided by coordinates and a map versus a vague notion that someone is somewhere. 

Fortunately, with the right backup solution in place, eDiscovery really can be a breeze. Let’s look at a real-world example. 

ALPLA’s experience

With around 22,000 employees across 45 countries, ALPLA is one of the world’s leading manufacturers of high-quality plastic packaging.

The company’s rapid global expansion and cloud migration required an agile Microsoft 365 backup and recovery solution that could meet ALPLA’s need for 10-year data retention, and Keepit is proud to fulfill this need.

With other solutions, finding the right data to restore can be a tedious task, especially when very little information is provided by users—but Keepit’s unique and intelligent search features make it easy. In the words of Stefan Toefferl, Senior Data Center Engineer at ALPLA: “Keepit provides search filters that make eDiscovery simple, allowing us to quickly find and restore an exact file.”

One of the features most valued by ALPLA is the option to share a secure link to download a file, quickly getting the data back to the users. It’s features like this Public Links (40-second demo video) that makes Keepit more than just an ordinary backup and that helps our customers to become more efficient in their daily IT operations. Read more about the ALPLA customer case here.

Risk management in the digital age

The nature of backup and restoration is that you often don’t know when something might be needed: unexpected audits, legal discovery, cybersecurity incidents, or even an employee needing to recover something that they deleted years ago—these can all happen at any time.

That’s why truly managing risk requires a third-party backup solution that: 

  • Protects users and groups by providing snapshot-based restoration and timeline-based comparative analysis 
  • Preserves roles and permissions, with change tracking and straightforward comparisons 
  • Enables compliance and eDiscovery, for instance by capturing audit and sign-in logs, supporting log analysis, ensuring long-term retention, and enabling restoration to another site 
  • Accommodates growth into policies and devices by preserving device information and conditional access policies 

To help enterprises avoid disruption due to lost or inaccessible SaaS data, Keepit has architected a dedicated, vendor-neutral SaaS data backup solution that is resilient, secure, and easy to use.

You can see Keepit in action on our YouTube channel, or head to our services page to learn more about what we offer.  

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.