By Gareth Griffiths, Chief Technology Officer, BridgeHead Software
If it ain’t broke, don’t fix it – it makes me ‘wannacry’…
You know I often hear that, but it holds a huge hidden danger. How do you KNOW it’s not broken? The key point about upgrades and updates is that they often fix things you can’t see. How many windows security issues have you actually seen? The system appears to be running just fine but, in reality, is severely compromised. If you are still using Windows 2003 (or even worse XP) you are exposed! Microsoft extended support for W2003 ended nearly three years ago. It was this attitude of ‘it’s running just fine leave it alone’ that caused 81 of the 236 NHS Trusts across England and a further 595 GP practices to be affected, directly or indirectly. Not fixed because it wasn’t broken – really?
…but applications aren’t the same as the operating system…
Yes, I’ve heard that one as well. But, guess what? Applications can also have vulnerabilities – often not within the application itself, but in the system utilities and libraries they use. Commonly used sub-systems like SSL or web servers may be bound into applications so, if you don’t update the application, you are still running old vulnerable software. Also, some software was designed before the malware avalanche started to break and so, by not upgrading to the latest versions, you are still using older, less secure designs.
If you do update the operating system or apply all the latest service packs and patches – has that old version of the application been tested on that operating system? Almost certainly not. Software suppliers will keep testing their current version on every new patch, service pack or new Windows version and all the associated technology like web servers, Java run-times, VMware versions, etc. but they will not test old out of date versions of the software.
When something does go wrong you are doubly vulnerable
Not only were you running older, less secure systems but, now something has gone wrong, will you be able to get any help or support to get you up and running again? If the system fails (older hardware as well) will you be able to piece things together again? Most software (including BridgeHead’s) has limits on how old a version can be upgraded in place but, if the old hardware dies, how will you recover? New hardware almost certainly means new (latest) version of Windows. The old software may not even run on that – even if you kept the installation disks somewhere. That makes for an expensive, difficult custom upgrade that might even need an intermediate system to step up the versions and get to a supported system – all, of course, while you are down. By the way, you did read your support agreement didn’t you? Will you get support for that old version of software or will you have to upgrade before your problem can be addressed?
New skills for old
You might think that you are protecting yourself because only you know how to work the old system, but really you are making yourself vulnerable because you aren’t learning the current technology. This makes your organization vulnerable, and also decreases your value in the market because your skills are out of date. And what happens if you are unavailable?
Look what you are missing
Not installing new versions also means missing out on all the new functionality – much of which is designed to make your job easier. While we all get used to dealing with the crankiness of old systems and think we have it covered, most of us prefer our modern Android or iPhones to an old rotary landline. Change can be good, and user interfaces have come a long way in a short time; we’ve all got used to newer and better ways to do things. I mean, who would want to go back to starting a car with crank handle or using a rotary phone – they weren’t broken, but there are better solutions today.
OK, so I work for BridgeHead and I’m rightly proud of the solutions we provide, but even I don’t think the software we had 5 years ago was anything like as good as today’s. If you don’t keep up, not only do you run risks, you miss a lot of major improvements. Here are just a few of the things we’ve done over the last few years and I’m not including support for newer versions of storage arrays, VMware, Windows, SQL, Exchange, etc.
- DICOM Archive agent (VNA)
- Export tape wizard
- Saved views in Control Node for ease of use
- Increased security though use of SSL (TLS)
- HealthStore (Independent Clinical Archive for ALL clinical data)
- VMware Clone and Instant Restore
- VMware backup definition wizard
- VMware Master jobs to automatically detect new VMs
- Fast Synthetic full clone backup (CBT based)
- Hyper-V Clone and Instant restore
- Hyper-V backup definition wizard
- Hyper-V master jobs to automatically detect new guests
- Fast synthetic full clone backup (RCT based)
- BridgeHead Monitor and Alert systems
- Improve resilience and detect problems early
- Monitor checks, such as databases being backed up, services stopped, etc.
- Installation Manager
- Easily and centrally upgrade distributed service nodes
- Credential Manager
- Easy to change passwords (one place for each account/password)
- Long and complex password support for security (64 characters)
- FileStore retrieve service for faster unstubbing
- MEDITECH SIRT integration
- Control Node Audit trail
- Who changed what, when, from what to what?
- JBOD (simple scalable storage)
- S3 and Azure support as targets for backup or archiving
- ISB/IDR for Pure, Dell-EMC Unity, Dell-EMC VMAX3, HPE Nimble
- BridgeHead supports EVERY MEDITECH certified array
- … and we are working on more!
Sometimes improvements don’t sound much, but when you use them, you find how much simpler it is to do things. Having a regular password change policy was hard without credential manager. Now, to change the password used for all backup jobs is really simple. Defining a new backup job is also much simpler.
It isn’t hard, but I don’t have time…
That sadly is very true. Upgrading software is not hard, but it is something you don’t do every day so it takes valuable time from your day – that’s why many sites prefer to engage their supplier to perform the upgrades and take a backup health check at the same time to ensure they are up to date not just with the software, but with the latest best practices and solutions. BridgeHead’s consultants do upgrades and system health checks every day, so using their experience is quite simply more efficient and a better use of your time.