# Macrium security notice, 15 Dec 2021:

# Log4j vulnerabilities update

A number of vulnerabilities have been recently identified, known collectively as Log4shell. 

Macrium software and services are **not** impacted.

Log4j, the component impacted, forms part of Apache's Java platform.

The list below are the ones currently reported, but this is a rapidly evolving situation so more may be reported in time.

[https://nvd.nist.gov/vuln/detail/CVE-2021-4104](https://nvd.nist.gov/vuln/detail/CVE-2021-4104 "nvd.nist.gov")

[https://nvd.nist.gov/vuln/detail/CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228 "nvd.nist.gov")

[https://nvd.nist.gov/vuln/detail/CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046 "nvd.nist.gov")

A summary is posted here.

[https://www.kb.cert.org/vuls/id/930724](https://www.kb.cert.org/vuls/id/930724 "kb.cert.org")

Note our vendor page is slightly out of date ... the CERT/CC team is rather busy at this time.

## Which Macrium software and services are impacted?

None. 

Neither Log4j, or any part of Apache's java platform, form part of the Macrium stack, this class of vulnerability poses no risk for anyone using our software and services.

Last updated: 2021-12-15 16:00 UTC

large_macrium-security-notice.jpg

medium_macrium-security-notice.jpg

small_macrium-security-notice.jpg

thumbnail_macrium-security-notice.jpg

macrium-security-notice.jpg

Data disasters come in all shapes and sizes, from personal to global. From fires and floods to theft and old fashioned human error, it can feel like they lurk in the shadows waiting to pounce.

Log4j vulnerabilities update

User-macrium-icon-white.svg

large_CompanyLogo.PNG

medium_CompanyLogo.PNG

small_CompanyLogo.PNG

thumbnail_CompanyLogo.PNG

CompanyLogo.PNG

Buy Now

Workstation

Server

Server Plus

Site Manager

MultiSite

Starter Pack

Virtual Server

SiteDeploy

Deployment Kit

Macrium Reflect Home

Upgrade License

Renew Support

Technicians License

Protect your documents, data and operating systems using our advanced disk imaging technology.

Products

Disaster Recovery

Ransomware Protection

Scalable Backup

Find out how Macrium products can help solve your problems.

Solutions

Submit a Ticket

About Macrium Support

My Order History

Upgrades

Renewals

Forum

Knowledgebase

Our dedicated Support Team are ready to help with any technical issues or problems with Macrium Reflect.

Support

Find a Reseller

Find a Distributor

Become a Partner

Become an MSP

Reseller Log In

Reseller Registration

Find a Macrium Reseller or become a Macrium Partner.

Partners

Contact Us

Our Story

Resources

Media Pack

Careers and Culture

Blog

We’re dedicated to creating dependable software, providing quality service, and maintaining superior relationships with our customers and partners. 

Company

Social icon-1.svg

Social icon-3.svg

Social icon.svg

Social icon-2.svg

Social icon-4.svg

infosec

# What do we know about Windows 11’s security strategy?

_And more importantly, will it work?_

In previous posts [here](/blog/will-macrium-reflect-work-on-windows-11-63dc8e81b865) and [here](/blog/what-to-do-before-you-upgrade-to-windows-11-eab85153cf7a), we discussed how Macrium Reflect and Microsoft Windows 11 work together. In this article, we wanted to take a closer look at the new operating system itself, and what Microsoft’s choices indicate about their plans for what’s to come. But with many things, to get a clear picture of the future, one must briefly look at the past.

### Windows 10 Vulnerabilities

BeyondTrust, a company specializing in Privileged Access Management tools, recently released their annual Microsoft Vulnerabilities Report for 2020. The results were… not great.

> _“A total of 1,268 were reported, which marks a colossal 48% rise over the previous year (858). This is in fact the sharpest spike since the inception of the Microsoft Vulnerabilities Report, and means that, since 2016, total vulnerabilities have increased by 181%.” — [BeyondTrust](https://www.beyondtrust.com/blog/entry/microsoft-vulnerabilities-report "www.beyondtrust.com")_

In any system, in any structure, physical or digital, you’re only as strong as your weakest link. So what doesn’t come as a surprise in their report is how a large number of these exploits could be mitigated by simply removing certain administrative privileges. People — users — will always be the weakest point. BeyondTrust goes on to say:

> _“90% of Critical vulnerabilities in Internet Explorer would have been mitigated through the removal of admin rights_
> 
> _85% of Critical vulnerabilities in Microsoft Edge would have been mitigated through the removal of admin rights_
> 
> _100% of all Critical vulnerabilities in Microsoft Outlook products would have been mitigated by removing admin rights”_

It’s worth noting that these numbers have a double-edge. Microsoft products and services are the biggest in the market — over 1 billion people rely on Windows — making them obvious prime targets. At the same time, recognizing these exploits goes to show that the discovery and patching process is working exactly as it should. Shoring up the weakest link (users) seems to be a foundational pillar of Windows 11.

### Zero Trust

Up until now, Windows has largely operated on the Principle of Least Privilege (PoLP) when it comes to administrative access. Users are granted the least amount of access as is necessary for their job. For years, Microsoft encouraged users to shore up weaknesses in their security by actively using and maintaining admin rights. It’s fundamental to proper PoLP.

PoLP has been a foundation of computer security for decades. However, to work it needs constant care and vigilance from both software developers and users to be effective. Further, it makes the assumption that the platform (OS, firmware, hardware, storage, and network) upon which the application runs is itself secure. With the increasing value of data, threats to its security and increasing use of diverse computing resources, PoLP is proving insufficient to provide protection.

Zero Trust security is similar, but not exactly the same. The idea is to never trust anyone, anything, at any time. Or, [as Microsoft themselves say](https://www.microsoft.com/insidetrack/blog/microsofts-digital-security-team-answers-your-top-10-questions-on-zero-trust/ "www.microsoft.com"):

> _“Microsoft has adopted a modern approach to security called “Zero Trust,” which is based on the principle: never trust, always verify. This security approach protects our company and our customers by managing and granting access based on the continual verification of identities, devices and services.”_

But for various reasons, users mismanage or simply don’t bother with differentiating privileges, leaving entirely preventable gaps ready for exploitation. Like a parent enforcing stricter house rules for your own good, Microsoft has stepped in.

[Zero Trust policies](https://www.ncsc.gov.uk/collection/zero-trust-architecture/introduction-to-zero-trust "www.ncsc.gov.uk") are a new approach to secure system design that promise to deliver where PoLP cannot. In the simplest terms, it enables confidence and trustworthiness in a system to be established dynamically and continuously via a series of user and hardware verification (attestation) steps.

To execute Zero Trust verification and authentication, the platform must support a range of [Trusted Computing](https://en.wikipedia.org/wiki/Trusted_Computing "en.wikipedia.org") principles to enable a verifiably secure computing, storage and networking environment. Microsoft’s approach is to utilize the same protections used to securely separate hypervisor virtual machines along with a TPM device to provide a secure host for credential storage and operations.

As an aside, DRM implementers face a challenge; they have to embed the decryption key in all devices that can play the protected content. The most celebrated attack was probably the public disclosure of the DVD encryption key. Since then, they have been an early adopter of many Trusted Computing principles. For an example, see the [Protected Media Path](https://en.wikipedia.org/wiki/Protected_Media_Path "en.wikipedia.org"). Trusted Computing does raise a number of ethical issues, championed notably by the [EFF](https://www.eff.org/issues/trusted-computing "www.eff.org").

The hardware features for VBS have set the controversially high minimum hardware threshold for Windows 11. Limiting the CPU generation also eliminates a range of ‘side channel’ exploits.

To use MS nomenclature, Virtualization Based Security (VBS) provides a secure pathway in Windows 11 to implement some of the following:

*   “Kernel Data Protection” enables protection from rogue kernel mode software (drivers) from compromising the Windows kernel.
*   “Application Guard” utilizes VBS to isolate untrusted websites and documents and “Credential Guard” uses VBS to similarly secure access to credentials.
*   “Windows Hello Enhanced Sign-In” uses VBS to create secure pathways to external components like the camera and TPM when used for authentication.

These principles extend to Microsoft’s Azure ecosystem providing remote attestation features for cloud storage and computing resources.

Microsoft is clearly making an aggressive push to set the baseline for a secure computing platform. However, it remains to be seen how quickly the industry will upgrade both its hardware and the vast base of current applications and systems to utilize modern zero trust principles and services. In the meantime threat actors will continue to target the weakest link, whether that be legacy systems, legacy applications running on modern hardware, or social engineering techniques such as BEC.

It should also be noted that bugs in hardware protections will continue to be discovered and exploited, Meltdown and Spectre being two recent examples (more about that below); it is typically more difficult or impossible to patch such issues.

### From chip to cloud

In 2019, Microsoft announced Secured-core PCs as a proactive solution to growing firmware attacks, which are notoriously difficult to detect and remove.

> _“Secured-core PCs combine identity, virtualization, operating system, hardware and firmware protection to add another layer of security underneath the operating system. Unlike software-only security solutions, Secured-core PCs are designed to prevent these kinds of attacks rather than simply detecting them.” — [Windows Blog](https://www.microsoft.com/security/blog/2019/10/21/microsoft-and-partners-design-new-device-security-requirements-to-protect-against-targeted-firmware-attacks/ "www.microsoft.com")_

The concept of Zero Trust is now firmly rooted deep within the hardware of your PC, not just in the software that sits on top of it.

### Windows 11 hardware requirements

Given all the above, the [hardware requirements Windows 11](https://www.microsoft.com/en-gb/windows/windows-11-specifications "www.microsoft.com") demands make more sense. These demands mostly likely come in no small part because of [Meltdown and Spectre](https://meltdownattack.com/ "meltdownattack.com"), two computer processor security bugs discovered in 2018.

Patrick Moorhead, president and principal analyst at Moor Insights and Strategy spoke about it in a recent article in The Verge.

> _“Microsoft’s CPU selections for Windows 11 don’t appear much at all to do with performance but look like security mitigations for side-channel attacks.”_

The scale of these vulnerabilities honestly can’t be overstated — nearly every single device created over the span of decades was at risk. Even more, the problems were OS agnostic, but clearly Microsoft learned valuable lessons.

### Welcome to the real world

Sure, Microsoft is building upon an established foundation for future security steps, but it’s almost as though they’ve ignored conditions in the real world. Some of these were unforeseen, like the pandemic and subsequent supply chain issues, but they’re huge issues to contend with nonetheless.

*   Over [55% of enterprise workstations](https://www.lansweeper.com/itam/is-your-business-ready-for-windows-11/ "www.lansweeper.com") do not meet the requirements for automatic upgrades.
*   Manufacturers across all industries are experiencing a [global semiconductor shortage](https://www.bbc.co.uk/news/business-58230388 "www.bbc.co.uk").
*   [Millions of perfectly good](https://www.theverge.com/2021/6/29/22555371/microsoft-windows-11-cpu-support-hardware-requirements-tpm-response "www.theverge.com"), new(ish) PCs are suddenly “obsolete,” creating untold costs and waste.
*   The post-pandemic economy [has not completely recovered](https://www.brookings.edu/research/october-2021-update-to-tiger-the-global-economic-recovery-is-in-danger-of-stalling/ "www.brookings.edu"), and many firms are still keeping a close eye on their bottom line.

### Big leap? More like a small step

Given all these problems, it’s not surprising that Microsoft has stepped back slightly and announced that users can technically manually install Windows 11 on older PCs. As long as you have a 64-bit 1GHz processor with two or more cores, 4GB of RAM, and 64GB of storage — and you’re happy to do it — upgrading shouldn’t be a problem, even if you get some [scary warnings about possible “damage”](https://www.techradar.com/uk/news/windows-11-warning-mentions-possible-damage-to-unsupported-pcs "www.techradar.com") to unsupported systems. As it stands now, Microsoft will not offer updates or vital security patches to computers running Windows 11 that don’t meet the above CPU requirements.

 ![Windows 11 upgrade warning from The Verge.](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/20211013_what_do_we_know_about_windows_11s_security_fig_1_e06a8d4ccd.jpeg)

#### Windows 11 upgrade warning from [The Verge](https://www.theverge.com/2021/9/21/22686457/windows-11-health-check-compatible-supported-cpu-old-pc-waiver "www.theverge.com").

For the home and small business user who has a PC that ticks all the boxes, there is probably little practical security advantage in moving to Windows 11 at this time. The new features are either already available in Windows 10 (though not necessarily enabled by default or supported on all hardware) or only relevant in enterprise or highly secure environments. This stance may change if the Windows 11 enhanced kernel space protections prove resilient against a new class of exploit. The end of support date for Windows 10 may prove to be the biggest upgrade motivator for the security-conscious home and small business user.

What Microsoft is trying to achieve from a security perspective is commendable and certainly a move in the right direction. But considering the current issues of economic uncertainty, supply chain disruption, and the fact Windows 10 will be fully supported until 2025… it all sort of feels like much ado about nothing, for now.

And more importantly, will it work? In previous posts we discussed how Macrium Reflect and Microsoft Windows 11 work together. In this article, we wanted to take a closer look at the new operating system itself, and what Microsoft’s choices indicate about their plans for what’s to come. But with many things, to get a clear picture of the future, one must briefly look at the past.

What do we know about Windows 11’s security strategy?

product

backup

# BackupFAQ — If my support expired does it affect my software licence?

**In this thread of #BackupFAQ blog post you can find answer to common questions we receive from our customers, where we explain all you need to know about Macrium Software, our Products and the Backup industry. Leave a comment if you have suggestions for our next publication.**

This week we explain how support works and how its renewal may affect your licence.

### [Macrium Support & Maintenance](/support)

### What does Standard support include?

Macrium Reflect business editions (Workstation, Server, and Server Plus for Exchange and SQL), all include 12 months free **Standard Support & Maintenance** included in the purchase of each license, which is renewable for subsequent years. Standard Support includes access to support **via email**, our KnowledgeBase and our customer forum.

We also offer a **Premium Support** option which includes priority response and telephone support.

Both Standard and Premium Support include **Upgrade Protection**, so Minor updates (for example v7.1 to v7.2) and Major upgrades (for example v7 to v8) are free while the subscription is current.

### What does Home Essentials support include?

When you purchase Macrium Reflect Home Edition, Macrium Home Essentials Support is provided free for one year.

Macrium Home Essentials Support includes access to support **via email**, our KnowledgeBase and our customer forum. Many problems can be solved by finding solutions within the Forum, KnowledgeBase (KB) Tutorials, Help Tutorials and YouTube videos; these are instant solutions rather than having to wait for Macrium Support to respond (usually within 24 hours during weekdays).

After the year of Home Essentials ends you will still have full and permanent access to our active and helpful customer forum and KnowledgeBase.

### Does Home Essentials support include upgrades?

Minor updates (for example v7.1 to v7.2) are free. Major upgrades (for example v7 to v8) are chargeable but with an upgrade discount — usually around 40% to 50% off the price of a new license.

### What is the difference between the Macrium Reflect Home Essentials Support and Macrium Reflect Standard Support?

Workstation licenses include eligibility for support when using Reflect in a business environment, which is explicitly NOT supported for users of the Home edition.

Workstation licences have Standard Support and Maintenance that can be upgraded to Premium 24x7 Support, and is renewable as an optional fee each year. It also allows you to get Major updates for free.

With the Home Edition, Essentials support cannot be renewed after 12 months unless a new license is purchased.

NB: 30-Day Trial users (of any edition) receive email support and we will answer any questions while evaluating our software for the full 30 days of the trial.

### What are the big differences between standard and premium support?

Both offer access to the Support Forum, KnowledgeBase, Upgrade Protection and remote support via email. But Premium support offers benefits that can be key when a disaster strikes: It offers the option of receiving Telephone Support, having Case Priority, 24x7 coverage and a typical response time of 12 hours instead of 24 hours.

### Do you offer email and Forum support for the Free Edition?

The free edition is not supported although users do have access to view the Forum, KnowledgeBase and YouTube videos. We have over 6 million users of Macrium reflect Free worldwide and there is no way we could provide support for a free product. Of course we hope the Free Edition will demonstrate the value of Macrium Reflect and result in people who are willing to pay for additional value. But if you want to keep using the free version, you’re welcome to do so: it is not time limited in any way (unlike the 30-Day Trial).

### How does the support renewal process work?

The Business Support and Maintenance subscriptions are for 12 months and must be renewed to retain access to support and maintenance. All business edition licenses without a current support subscription are eligible for an upgrade with a discount of up to 50%.

Any business edition of Macrium Reflect (Workstation, Server, Server Plus, and Technicians Licenses) that have a current support subscription, are eligible for a free upgrade to the current version. If the support subscription for a license expired within the last 90 days it is still possible renew it, so the license will be eligible for a free upgrade.

Home Essentials Support is for 12 months only and cannot be renewed, unless a new license is purchased.

Please note: the upgrade discount only applies to previous purchased versions, it does not apply when upgrading from the free or 30-Day Trial to the latest full purchased version.

### Will my licence still work if my support has expired and I don’t renew it?

Yes, Macrium Reflect Home, Workstation, Server, and Server Plus licenses are perpetual and independent of the support subscription.

Each Macrium Reflect Workstation, Server, and Server Plus Editions license key is for one computer and it should be only transferred to another computer for legitimate upgrade/replacement purposes. When you purchase any of these editions you have the software licenses for life, there is no annual fee to pay, independently of having renewed your support or not.

The exception is when you upgrade an old version to a current version. Your old license key becomes invalidated and replaced by the new upgrade license key.

### What about the Technicians and Deployment Kit Licenses?

These two license types run alongside the other business editions. These license are ideal for IT technicians or service companies who might maintain a large number of PCs and may wish to back them up prior to carrying out work. Without the Technicians License, each PC requires separate licensed copy of Macrium Reflect, because the usual licensing arrangement is machine specific. Using a Technicians license allows the technician to backup or image each PC using a single license.

The Technicians Deployment Kit License allows up to 5 technicians to create “Master” or “Golden” images and deploy them to an unlimited number of workstations and servers. This enables internal IT departments and commercial IT specialists to set up PCs without having to purchase a separate license for each workstation or server providing the software is not installed on more than one PC at a time.

The Technicians and Deployment Kit licenses last for one year, after which they can be renewed. If the subscription is not renewed they will downgrade to a standalone Server Edition license and Portable Application Support\* will no longer function.

Macrium Support & Maintenance is included with Technicians and Deployment Licenses, while the license subscription is active.

### What is Portable Application Support?

Portable application support ships exclusively with Macrium Reflect Technicians Licenses. In addition to allowing you to create a bootable USB stick from which you can rescue your systems, you can also optionally add Portable Application support to your media. This will allow you to run Macrium Reflect on your licensed PCs directly from the USB stick, without needing to install Reflect on the workstation or server first. The base install of Macrium Reflect may only be installed on a single PC at a time. If you wish to move this install, you will have to uninstall and reinstall the software.

We hope you have enjoyed this post. We will come back soon with more #FAQs updates.

You can download a 30-day Trial of [Macrium Reflect Workstation](/products/business/standalone/workstation) or [Site Manager.](/site-manager) Technical support for Trial users evaluating our software is available via [email.](/support)

In this thread of #BackupFAQ blog post you can find answer to common questions

#BackupFAQ — If my support expired does it affect my software licence?

# 6 best ways to love your data

It’s been said and repeated countless times, but data is the most valuable resource in the world. Your data. Everyone’s data. Companies are still clamoring to learn everything and anything about you to sell on to the highest bidder, hackers are hoping to get a valuable nugget for ransom leverage, and others are just collecting… collecting and waiting for a time when it can be best used. 

Sounds more like a horror story than a romance, but you aren’t powerless! There are a few important ways to show your data some love, and what better time to do it than International Love Data Week? 

## Check out these International Love Data Week events

First of all, let’s have a little fun and schedule in some great online events that are going on! Here are a few that jumped out, but be sure to check out [the complete list here](https://www.icpsr.umich.edu/web/ICPSR/cms/4544 "www.icpsr.umich.edu"). There are plenty of online and in-person events to choose from. 

[**Falling in Love with Data**](https://villanova.zoom.us/meeting/register/tJElcOmorzksGNT1cyET8YgVcX2yAOAnRLbu "https://villanova.zoom.us") - This beginner workshop will provide an overview of ICPSR, an online data archive available to social science researchers.

[**Dating with Data: 50 Years of Romantic Relationships**](https://calendar.lib.vt.edu/event/10275825 "calendar.lib.vt.edu") - How have US attitudes toward inter-racial, inter-religious, and LGBTQ+ relationships changed over the past half century? Find out what surveys from 1972-2022 say while sharing some Valentine's Day treats as part of International Love Data Week!

[**Love Data Week - Data Privacy**](https://library.temple.edu/events/1389 "library.temple.edu") - Learn about data privacy from Dina Gayanova, a data privacy and cybersecurity attorney in Holland & Knight's Philadelphia office.

[**Data for Social Good**](https://uncw.zoom.us/meeting/register/tZ0lcuCurTgrHtfdskbF47WpbT4f5Gap_kHO#/registration "uncw.zoom.us") - Data can be used to bring about changes that matter. Hear from various researchers about how they have used data to make an impact on society. They will reflect upon how they first recognized what impact their data could have, and how they then worked towards turning that data into a form to be practically used beyond academia.

**[Love Data Week: Introduction to Data Visualization with Tableau](https://library.temple.edu/events/1436 "library.temple.edu")** - Do you like data? Do you like good looking graphs? Do you like presenting information in eye-catching ways? If you answered yes to any of those, you might be interested in learning more about data visualization.

## Choose a privacy-focused alternative search engine

Google isn’t the only kid on the block anymore. There are new alternatives every day, but if you’re looking for an option that keeps your privacy front and center, why not give these a spin? Ecosia even plants trees the more you search! 

[DuckDuckGo](https://duckduckgo.com/ "DuckDuckGo.com")

[Startpage](https://www.startpage.com/ "www.startpage.com")

[Ecosia](https://info.ecosia.org/privacy "info.ecosia.org")

Disclaimer (and minor rabbit hole for you to fall into)

[Global surveillance alliances are an important](https://www.techspot.com/article/2515-surveillance-intelligence-alliances/ "www.techspot.com"), and sometimes invisible, piece of the cyber security puzzle. It’s important to educate yourself on your country’s laws and alliances, as all the good intentions a company may have are still subject to the law.

## Regularly check your app security settings

You’ve heard the saying, “If you’re not paying for the product, you are the product.” Luckily, in most jurisdictions, the law has finally caught up with technology and we’re now able to choose what information we share. The apps we love to use have a tendency to love using us back, but it’s important that all parties involved are okay with that trade.

So keep an eye on [your security settings](https://www.wired.com/story/how-to-check-app-permissions-ios-android-macos-windows/ "www.wired.com"), actually [read your EULAs](https://measuringu.com/eula/ "measuringu.com") (or at least give it a good college try), and take a few moments to consider what you’re giving in exchange for that “free” product or service.

## Learn about the most common cyber security threats

[Cyber criminals are constantly changing and adapting their techniques](https://www.ncsc.gov.uk/cyberaware/home "www.ncsc.gov.uk") for getting their hands on your info, but the absolute best protection against it: knowledge. Learn about the different ways your information can be accessed and stolen so it’s more obvious to you when you see it.

Even things as simple as keeping different passwords for different accounts, and turning on 2-factor authentication can go a long way.

## Best VPNs in 2023

This could be a blog post in itself (and probably will be soon) but we’d be remiss if it wasn’t included in this list. There are a variety of VPNs out there to suit your needs and price point, whether it’s just a browser extension or something for your whole household.

[TechRadar](https://www.techradar.com/vpn/best-vpn "www.techradar.com") has done a really great review of all the major VPNs out there right now, so have a read for the most current info and get started. Most offer free 30 day trials!

## Protect your data with backup and recovery software

And of course, rely on Macrium Reflect to protect your home PCs. Whether your data is compromised by hackers, lost due to human error, or destroyed due to a natural event, a well-planned backup strategy will protect you when you need it most.

Running regular backups is like a good insurance policy, and routinely checking you can restore them is the easiest way to trust your data is in good hands. And with [Macrium Image Guardian (MIG)](/mig), you can rest easy knowing that even your backup files are safe from ransomware.

![macrium-software-adoption-certificate-lovedateweek23.png](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/macrium_software_adoption_certificate_lovedateweek23_84a3327e78.png)

It’s been said and repeated countless times, but data is the most valuable resource in the world. Your data. Everyone’s data. Companies are still clamoring to learn everything and anything about you to sell on to the highest bidder, hackers are hoping to get a valuable nugget for ransom leverage, and others are just collecting… collecting and waiting for a time when it can be best used. 

Sounds more like a horror story than a romance, but you aren’t powerless!

6 best ways to love your data

Similar to the [federal government](/the-federal-government-and-cybersecurity-risks "The Federal Government and Cybersecurity Risks"), state and local governments have cybersecurity threats. While the federal government is in charge of the U.S. as a whole, state and local governments manage cities, towns, tribals, and municipalities. This difference also leads to shifts in the way governments establish cybersecurity. On a state-to-state or city-to-city level, applications may change based on a number of factors. 

## What Does Cybersecurity Look Like on the State and Local Level?

State and local governments are vulnerable to cybercriminal activity as “they collect, process, store, and transmit vast amounts of sensitive data.” The wrong hands can weaponize and misuse data.

In 2020, hackers carried out 79 individual [ransomware attacks against U.S. government organizations](https://icma.org/blog-posts/practical-measures-local-government-avoid-ransomware "icma.org"). It cost downtime and recovery of nearly $18.88 billion. Clearly, ransomware is pervasive. The attack suspended “municipal operations, ultimately disrupting infrastructure services for 911 systems, utilities, and payment platforms with state and local governments.” 

[Cybercriminals target local governments](https://www.nlc.org/wp-contenthttps://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/2020/04/SML_2020Report_web-1.pdf "www.nlc.org"), which can “threaten to erode the trust that residents have in critical institutions.” The increasing reliance on IoT and automated systems may invite cyberattacks. They take advantage of gaps in security and the multiple entries of technology. Inadequate security measures and negligence within municipalities generate cyber risks.

![1406439_state-and-local-gov-graphic-3-2_071522.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406439_state_and_local_gov_graphic_3_2_071522_3fc6314d14.jpg)

From a [review of local government cybersecurity in 2020](https://icma.org/articles/pm-magazine/look-local-government-cybersecurity-2020 "icma.org"), local governments have three ways of cybersecurity structure: 

1.  **Centralized**: A single IT department is responsible for managing all the cybersecurity in a town or city. As a benefit, it ensures an extensive coverage of risks.
2.  **Decentralized**: Every department must run its own cybersecurity. Unlike centralized, a police department or building division in a town government must deal with IT matters individually.
3.  **Federated**: For local governments that operate with federated, it’s shared. The chief information security officer (CISO) assumes part of the authority for cyber protection. Local offices and departments take on the rest. The disadvantage of this model is that the CISO does not set the precedent for local government departments. A lot of breaches and cyberattacks can happen from a lack of education surrounding proper cybersecurity protocols. If a CISO is unable to totally control a local government’s cybersecurity, departments may be susceptible to hackers.

## Cybersecurity Preparedness

As with federal government agencies, local and state governments commonly take action post-attack. 

An example comes from the Riverside Ohio police and fire department in 2018\. The department servers suffered an unrecoverable data loss from 10 months of information. Unfortunately, it “effectively shut down the police department’s records management system.” Surprisingly, Riverside went through another data loss only a month after the initial shutdown. Since the first time, they ran daily backups in case it happened again, which it did. In March 2018 and May 2019, [two attacks occurred in the local government](https://icma.org/blog-posts/practical-measures-local-government-avoid-ransomware "icma.org") of the city of Baltimore as well. 

An [IBM news report](https://newsroom.ibm.com/2020-02-27-IBM-Survey-Only-38-of-State-and-Local-Government-Employees-Trained-on-Ransomware-Prevention "newsroom.ibm.com") examined the results from a poll. In it, U.S. city and state employees assessed their readiness for cyberattacks. Overwhelmingly, more than natural disasters and terrorist attacks, 73% of government employees feared “impending ransomware threats to cities across the country.” 

![1406447_stateandlocalgovgraphic1_071922.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406447_stateandlocalgovgraphic1_071922_969ebd5e0d.jpg)

Moreover, respondents revealed the prevalence of ransomware attacks. A poll showed that the departments of 1 in 6 employees had a ransomware attack. This evidence has not stimulated proactive prevention. Only 38% of employees received “general ransomware prevention training.” 

Along with cybersecurity structure in local government, there are obstacles to achieving uniform and effective cybersecurity across states, towns, and cities.

## Problems in Governments that Cause Cyber Risks 

Other factors contribute to the flaws in cybersecurity at this level of government. [IoT emerges as a feature in buildings](https://www.researchandmarkets.com/reports/5356053/global-smart-buildings-market-by-technology-ai "researchandmarkets.com") that will only continue, according to Smart Buildings Market for 2021-2026\. The research estimates that “over 78% of new construction will involve at least one facet of IoT and/or related smart buildings market-related technologies over the course of the next five years.”

More state and local governments will incorporate these types of technologies into their offices. "[T]hese internet-connected devices and systems greatly increase exposure to cybersecurity risks.” IMCA reviewed the [consideration for IoT safety in municipalities](https://icma.org/blog-posts/cybersecurity-considerations-implement-iot "icma.org"). They go in hand with the accessibility and streamlined application that IoT offers. Technology is not dangerous but a lack of cybersecurity resources is.

![1406375_stateandlocalgovgraphic1_071422.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406375_stateandlocalgovgraphic1_071422_91111930fa.jpg)

Risks for administering IoT devices:

*   Weak or hard-coded passwords
*   Old and unpatched embedded operating systems and software
*   Insecure data transfer and storage
*   Lack of secure updates

![1406389_state-and-local-gov-graphic-2-2_071822.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406389_state_and_local_gov_graphic_2_2_071822_43e47181bc.jpg)

The Center for Digital Government (CDG) surveyed 103 state and local officials to [determine why governments lacked an effective security strateg](https://www.govtech.com/sponsored/how-state-and-local-governments-can-make-their-security-operations-ready-for-the-future "govtech.com")y:

*   46% said lack of cybersecurity skills among their workforce
*   40% said issues with integrating security tools
*   36% said the inability to rapidly respond to threats

The following security and compliance challenges include: 

*   Legacy 
*   Unpatched and non-supported networks increasing exposure
*   Excessive manual processes 
*   Limited enterprise visibility around the endpoints connected to networks

From the survey, 66% of participants acknowledged that “their data-sharing practices are only somewhat mature or not mature at all."

Governments experience challenges with data accessibility and sharing. They have difficulty transforming data into actionable intelligence. It's a result of different data formats and storage environments. “At the same time, governments must deal with an ever-evolving regulatory environment and an increasingly privacy-focused landscape that makes it safer for them to limit data sharing rather than expose themselves to added risks.”

Data analytic challenges from a CDG survey:

*   41% said security
*   38% said privacy concerns
*   35% said data quality
*   34% said data silos

The article poses a few solutions:

*   Governments need to better align their data with people, technologies, and processes for the connection to be seamless.
*   Storing and indexing data calls for reconfiguration for security. 
*   Muncipilatites must leverage modern technologies to support data sharing across departments.
*   Cybersecurity is a necessity and data contains confidential information that demands protection. 

On top of this, 52% of state and local government IT/Security professionals agreed their budget hasn’t improved. This could hinder [training on ransomware prevention](https://newsroom.ibm.com/2020-02-27-IBM-Survey-Only-38-of-State-and-Local-Government-Employees-Trained-on-Ransomware-Prevention "newsroom.ibm.com/").

## What Regulations Constitute State and Local Cybersecurity? 

The EU implements the [General Data Protection Regulation (GDPR)](https://gdpr.eu/what-is-gdpr/ "gdpr.eu"), a data privacy and security law that provides regulations for organizations worldwide to control cybersecurity. Some states have begun implementing cybersecurity mandates on their own. Following this, the U.S. is starting to catch up with statewide mandates such as the [California Consumer Privacy Act (CCPA)](https://oag.ca.gov/privacy/ccpa "oag.ca.gov"). The act provides guidance for California businesses and organizations, mostly to protect consumers and let them have greater control over their personal information and what businesses can take advantage of. 

Additionally, the [2018 California Civil Code on Security of Connected Devices](https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201720180SB327 "leginfo.legislature.ca.gov") places a new requirement on manufacturers. On January 1, 2020, manufacturers began following these guidelines. IoT devices are now sold with the right security features to protect data and privileged information. The code will reduce "unauthorized access, use, adaption, disclosure, or destruction."

The New York City chief technology officer issued the New York City Internet of Things. It defines IoT safety and security practices. The new order creates processes to evaluate city technology. ICMA's “Cybersecurity Considerations to Implement IoT,” also gives recommendations for improvement.’”

The Committee on Homeland Security wants to introduce [The State and Local Cybersecurity Improvement Act](https://homeland.house.gov/imo/media/doc/State%20and%20Local%20Cyber%20Act%20Fact%20Sheet.pdf "homeland.house.gov"). The proposal stems from fears that the federal government is slow to cybersecurity. Stretched state and local budgets and current defenses cannot stand against foreign hackers.

The act develops "a new Department of Homeland Security (DHS) grant program." Advocates plan to tackle cybersecurity risks for state and local governments.

A National League of Cities report, “[State and Local Partnerships for Cybersecurity](https://www.nlc.org/wp-contenthttps://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/2020/04/SML_2020Report_web-1.pdf "www.nlc.org"),” believes in a collaborative approach. Cities and states can strengthen national cybersecurity infrastructure together. 

Currently, “Delaware is the only state that offers voluntary statewide cybersecurity training for state non-executive and local government employees.” Out of the 50 U.S. states, only 16 mandate cybersecurity training. Nine states lack cybersecurity training programs completely. 

Organizations are fighting to unify and structure the inconsistencies among states.

## How to Secure Critical Local and Government Data 

Beyond firewalls and antivirus software, a simple and inexpensive (compared to ransomware costs) solution is keeping backup images and copies of data. In this way, governments will have another layer of protection in case of ineffective cybersecurity. 

Security is central to software design at Macrium. Our applications give you complete control over where your data is stored and will operate fully offline for the most secure, air-tight networks.

Macrium Software provides extensive backup imaging for this reason. Check out our website to learn about installing effective backups to prevent data loss at [Macrium.com](https://www.macrium.com/ "macrium.com").


State and local governments are vulnerable to cybercriminal activity as “they collect, process, store, and transmit vast amounts of sensitive data.” The wrong hands can weaponize and misuse data. In 2020, hackers carried out 79 individual ransomware attacks against U.S. government organizations. It cost downtime and recovery of nearly $18.88 billion. Clearly, ransomware is pervasive. The attack suspended “municipal operations, ultimately disrupting infrastructure services for 911 systems, utilities, and payment platforms with state and local governments.” 

State and Local Government Cybersecurity Risks

Here in the northern hemisphere, summer has rolled round again, bringing record temperatures across Europe and North America with it. While a cold shower or an icecream might be enough to cool us down, things aren’t so simple for the devices that we trust to store our data. Have you ever wondered why data centres are so cold? The answer is slightly more complex than “to keep the IT people cool”.

We all know that excess heat is bad for our devices. You may have even seen pictures or videos of competitive overclockers using liquid nitrogen to stop their CPUs overheating, and if you haven’t: [tomshardware has got you covered](https://www.tomshardware.com/reviews/how-to-competitive-overclocking-overclocker-tips,5636.html "tomshardware.com"). However, proper cooling isn’t just important for CPUs, it is also important for storage devices.

First, it can be beneficial to define what is a good temperature for a storage device. Although the exact numbers will vary from manufacturer to manufacturer, some basic outlines are

Solid State Drive (SSD) - 0 °C to 60°C (32°F to 140°F)

Hard Disk Drive (HDD) - 0ºC up to 70ºC (32ºF to 158ºF)

For more information you should read the manufacturer’s specification. This example is from a [Samsung 870 EVO](https://www.samsung.com/uk/memory-storage/sata-ssd/870-evo-1tb-sata-3-2-5-ssd-mz-77e1t0b-eu/ "samsung.com"):

![20220725-why-you-should-keep-your-data-cool-this-summer.png](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/20220725_why_you_should_keep_your_data_cool_this_summer_1f814025b5.png)

What happens if the temperature of the drives rise above this? Well, basically, nothing good. Many modern devices are smart enough to monitor their own temperature via their firmware. If temperatures reach a certain level, they may throttle their own performance to prevent further overheating. Whilst this is good as it prevents the drive from further overheating and potentially damaging components, this may also lead to reduced performance including reduced I/O performance. This [large-scale case study](https://users.ece.cmu.edu/~omutlu/pub/flash-memory-failures-in-the-field-at-facebook_sigmetrics15.pdf "users.ece.cmu.edu") of flash memory failure in the field at Facebook’s datacentres notes:

_“Higher temperatures lead to increased failure rates, but do so most noticeably for SSDs that do not employ throttling techniques.”_

Not only have they noticed a correlation between shorter flash storage lifespan with higher temperature, but drives that don’t implement performance throttling at higher temperatures had noticeably shorter lifespans than their counterparts that do.

In [this whitepaper](https://aiot.innodisk.com/wp-contenthttps://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/2020/07/Achieving-Extensive-Data-Retention-in-High-Temperature-AIoT-Applications-1.pdf "aiot.innodisk.com"), innodisk also draw a correlation between temperature and a decrease in data retention. 

_“Data retention decreases in higher temperatures and with increasing program/erase (P/E) cycles as both these factors induce a higher rate of charge leakage.”_

Charge leakage occurs when the dielectric barrier designed to trap a charge in the flash cell degrades, if the dielectric degrades too much, the cell can no longer hold a charge and thus can’t be programmed. For more information about the structure of NAND flash cells, I recommend reading [this blog post](/how-do-ssds-work#:~:text=SSDs%20are%20fundamentally%20made%20up,SSD%20and%20the%20host%20interface. "macrium.com"). Higher temperatures mean that charged particles in the flash cell move more, further eroding the dielectric layer. 

As for HDDs, [in this article by Backblaze](https://www.backblaze.com/blog/hard-drive-temperature-does-it-matter/ "backblaze.com") they indicate that in their datacentre there was no significant correlation between drive temperature and drive failure rate. In their ‘Hard Drive Temperature Takeaways’ they state:

_“As long as you run drives well within their allowed range of operating temperatures, keeping them cooler doesn’t matter.”_

However, this leaves a lot of room for speculation if the HDD exceeds the operating temperature, something that might not be that difficult as temperatures spike globally, and the average user does not have datacentre cooling to rely on.

The good news, however, is that there are steps we can take to help our storage devices out. Most methods to keep data cool may seem like common sense: from keeping devices away from direct sunlight, placing the device in an area with good air circulation, to avoiding heavy workloads in high temperatures and turning the device off when not in use; there are a lot of things we can do to reduce the temperature of our devices.

On the very hottest days, if you can’t keep your storage cool, just turn it off; that’s what Google and Oracle do.

[https://www.bbc.com/news/technology-62202125](https://www.bbc.com/news/technology-62202125 "bbc.com")

Keeping devices as cool as possible will not only prevent potential damage from overheating but many also improve data retention.


Here in the northern hemisphere, summer has rolled round again, bringing record temperatures across Europe and North America with it. While a cold shower or an icecream might be enough to cool us down, things aren’t so simple for the devices that we trust to store our data. Have you ever wondered why data centres are so cold? The answer is slightly more complex than “to keep the IT people cool”.

Why you should keep your data cool this summer

company

# Macrium Software one of UK’s Best Workplaces in Tech™

[Manchester, UK] The 2023 UK’s Best Workplaces in Tech™ list has been launched by Great Place To Work® UK, recognising Macrium Software among the list of organisations in the Small and Medium category.

Macrium Software’s employees anonymously reported that innovation and collaboration within the business make the company a great place to work.

> “The company culture is extremely friendly, I always feel comfortable going to my colleagues for help. Hard work is definitely recognised and management appreciates the extra effort that's made. I have felt extremely welcomed when working with different departments and have always been given help and resources when needed. It's a really nice feeling to enjoy working and knowing that I can ask for help if it is needed!”

An employee survey comment

## Great Place To Work® UK - Best Workplaces in Tech™️ list 

Now in its sixth year, the Best Workplaces in Tech™️ list celebrates companies adept at developing dynamic, collaborative cultures that serve as a catalyst for innovation and personal growth for all.
Great Place To Work® UK administered its research-backed Trust Index© employee survey and analysed the responses of UK-based tech employees to determine the Best Workplaces™ list.  

The surveys asked employees to comment on how their company supports their work-life balance, sense of fulfilment, job satisfaction, psychological safety and financial security. 

Evaluations also included an assessment of how well the organisation was able to deliver consistency of employee experience across all departments and seniority levels. 

Macrium Software is one of just five businesses in the North West to make the 2023 list in the category. The business also received Great Place to Work’s certification and featured on its .. lists earlier in 2023. 

## People are “Our Greatest Asset”

Macrium Software’s CEO, Nick Sills, said:

> “At Macrium Software, we recognise that our people are our greatest asset. We take great pride in fostering a supportive and positive working environment, where each individual can thrive and reach their full potential. We believe that by investing in our employees' professional and personal development, we can achieve the highest levels of success and innovation as a company. As a team, we are dedicated to creating a culture that values collaboration, creativity and mutual respect and we are committed to providing our employees with the resources they need to excel both in and outside of the workplace.”

## Keeping People “At the Heart of the Business”

Benedict Gautrey, Managing Director of Great Place To Work® UK said:

> “The Best Workplaces in Tech™️ list is created using the anonymous feedback collected from employees within the technology industry about their workplace experience. In one of the country’s fastest-growing industries, it’s fantastic to see these Tech organisations putting their people strategy at the heart of the business and implementing policies, practices and programmes that sustain an impactful and consistently great employee experience for all. A huge congratulations to Macrium Software for making one of our most prestigious lists.”

---ENDS---

### About Macrium Software 

Macrium Software is the industry leader in image-based backup and recovery software. We’re a vital part of digital security and business continuity plans for enterprise businesses, SMBs, and IT professionals across all industries and sectors. In a world where data is the most valuable resource, we've made it our business to protect yours. 

[www.macrium.com](https://www.macrium.com/)

Follow Macrium Software online: [Twitter](https://twitter.com/macrium), [LinkedIn](https://www.linkedin.com/company/paramount-software-uk-limited), [Facebook](https://www.facebook.com/macrium/), and [YouTube](https://www.youtube.com/macrium/)

© 2023. Paramount Software UK Limited. Macrium Reflect® is a registered trademark of Paramount Software UK Limited. 

### About Great Place To Work®

Great Place To Work® is the global authority on workplace culture, on a mission to make every company a great workplace for all. Every year, they receive direct feedback from over 10 million workers around the world telling us how they really feel about their employer. 

Their survey is completely confidential and anonymous, so people can feel comfortable to be honest about their workplace, and companies can gain detailed insights into how they can better serve their people.

Only those employers who have the highest levels of trust, job satisfaction, and who empower ALL their employees to thrive both in and outside of work are awarded official Best Workplaces™ recognition.

For more information, visit [www.greatplacetowork.co.uk](https://www.greatplacetowork.co.uk/)

Macrium Software has been named as one of the UK's Best Workplaces in Tech™ by Great Place To Work®, the global authority on workplace culture.

Macrium Software one of UK’s Best Workplaces in Tech™

cybersecurity

windows-backup

macrium

disaster-recovery

# Introducing Macrium Site Manager 8.1

We’re pleased to announce that we’ve made a series of improvements to Macrium Site Manager. The latest version, Site Manager 8.1, will be available for you to use from Wednesday 14th June 2023. This update improves the user experience and includes integrations for seamless use alongside other products.

## How do I Upgrade to Macrium Site Manager 8.1?
You’ll be able to update Site Manager from Wednesday 14th June 2023. When you log in, you’ll see a notice explaining some steps you need to take before doing so. Please note - The change is not automatic. You will need to actively opt into the update by clicking the button presented to you after login.

## What’s New With Macrium Site Manager 8.1?
Here is a breakdown of the improvements we’ve made since version 8.0.

### Speed Improvements
Macrium Site Manager 8.1 includes all Reflect 8.1 changes, including speed improvements.

### Macrium Boot Media Agent
- There’s now an automatic connection to the Macrium Site Manager server. This allows server-initiated restores and full monitoring and control of all rescue media-based operations.
- You can now restrict access to rescue media to specific users or groups using the permission management systems in Macrium Site Manager, including full active directory integration.
- Auto-repository mapping reduces time to manually restore backups using Macrium Site Manager rescue media. This removes the need for the user to manually map a repository and provide server paths, username and password (for logged-in users).
### Macrium SiteDeploy Integration
- Add license keys and start trials from the improved first-run wizard for both Macrium Site Manager and Macrium SiteDeploy.
### Simplify Disaster Recovery
- For disaster recovery from rescue media, computers can automatically be identified and backups for that computer can be listed directly in the Macrium Reflect restore interface, with no manual steps required.
### Improved Interface
- Improved computers page which gives you better visibility of repository usage and easier access to backups.
- Improved intuitive rules for partition selection makes partition selection easier than ever.
- The Macrium Site Manager initiated restore wizard has been updated to make the process of restoring a computer simpler and faster.
### Post-Backup Power-Saving Options
- Better management of out-of-hours backups, with added ability to shut down, reboot or suspend computers after backup completion. This is especially the case when combined with the existing Wake-on-Lan features in Site Manager.
Find out more about the upgrades in Macrium Site Manager 8.1 in our [video demonstration](https://www.youtube.com/watch?v=ZQRHp36T4fQ) and access the [release notes here](https://knowledgebase.macrium.com/display/MSM8/Release+Notes). 

We hope you enjoy exploring the benefits Site Manager 8.1 has to offer and encourage you to [share your thoughts](https://www.macrium.com/contact) and feedback to assist with our continual improvement programme.

The latest version of our sitewide backup system, Macrium Site Manager 8.1, is now available for you to use. Here's the improvements we've made.

Introducing Macrium Site Manager 8.1

# Data disaster stories that'll keep you up at night

Data disasters come in all shapes and sizes, from personal to global. From fires and floods to theft and old fashioned human error, it can feel like they lurk in the shadows waiting to pounce.

It’s that time of year where it’s perfectly acceptable to gather loved ones in a dark place, hold a flashlight to your chin, and tell terrifying stories all in the name of fun. So if your old ghost, ghoul, and vampire stories are getting more eye rolls than goosebumps nowadays, these tales of data loss are sure to scare the bits and bytes out of them. 

## Rattling Blockchains

In 2013, James Howells made a mistake that will probably haunt him for the rest of his life. He threw out an old, unused hard drive that’d been sitting in a drawer for years, forgetting the drive held 7,500 bitcoins. He’s tried several times to get permission from his local government to excavate the landfill where the drive most likely ended up, offering a reward of [25% of the total value if they allow him to dig](https://www.bbc.co.uk/news/uk-wales-55658942 "www.bbc.co.uk"). 

At the time of writing, the price of bitcoin (BTC) is just over $62,000, making the lost fortune approximately $465,755,250. What a nightmare!

## Bump in the Night 

Imagine you’re a busy data analyst working for the Department of Veterans Affairs. Perhaps it was a dark and stormy night, but you had some work you needed to finish. As you’d done for years, you bring your unencrypted laptop home, complete your work, and head off to bed. But in the dead of night, a burglar [ransacks your home and steals the laptop](https://epic.org/privacy/vatheft/  "epic.org"). 

That laptop contained the personal information of 26.5 million veterans, information including Social Security numbers, birthdates, names, and even disability status. It also held the same information for over 2 million additional active duty military members. 

This is exactly what happened in 2006. The laptop was recovered and the VA says none of the information was accessed, but the consequences of what could have been are enough to send shivers down your spine. 

## Invasion of the Data Snatchers

1.1 billion. That’s how many people were potentially affected by one of the [world’s largest data leaks](https://www.zdnet.com/article/another-data-leak-hits-india-aadhaar-biometric-database/ "www.zdnet.com"). Aadhaar is India’s national ID database, and it holds a variety of incredibly sensitive data about nearly every citizen in the country. Biometric information like fingerprints and eye scans, what government services they use, even financial and commercial data is all attached to a 12-digit code. In 2017, a data leak from a state-operated utility company led to the exposure of all this info, some of it even ending up for sale on Whatsapp!

### The Library of Alexandria Massacre

In some context or another, you’ve most likely heard of the [fire that destroyed the Library of Alexandria](https://time.com/5912689/library-of-alexandria-burning/ "time.com"). For centuries we’ve lamented the loss of countless historical documents, wondered at the golden knowledge we could have built upon if it hadn’t been for such wanton destruction. 

Experts now say that the story, as we know it, is largely a combination of multiple historical events. The end result is an allegory that’s been used to teach many lessons throughout time, one of which is the importance of protecting knowledge and information we value most. The mere idea of its loss has been told as a scary story for hundreds of years. 

## 28 Days Later...

And for a data disaster that’s still unfolding, look no further than major broadcaster [Channel 4 in the UK](https://www.channel4.com/press/news/whats-happened-access-services-channel-4 "www.channel4.com"). A month ago, their broadcast center’s fire suppression system went off. Many British TV channels were temporarily affected, but because of an issue with C4’s data recovery, they lost the ability to offer access services like subtitles, audio descriptions, and sign language support. They had backups but their backups failed. It’s a frightening, and very public, reminder to practice the industry standard 3-2-1 backup strategy no matter how big or small you may be. 

## To be continued

If some of these scary tales chilled you to the bone, rest assured - they were all entirely preventable with the right data recovery plan in place. Now might be a good time to double check your backups, ensure you know what to do in case the worst happens, and get true peace of mind. It’s like turning on the lights and enjoying some Halloween candy after a good horror film!

And of course, if you’d like to chat with one of our experts to make sure you’re doing all that you can, [we’d be happy to help](/contact "Contact us").

Data disaster stories that'll keep you up at night

# 2023 Data Disaster Horror Stories

This Friday the 13th, we’re taking a look at some of the biggest and scariest data disasters of 2023. But don’t let these tales cost you sleep at night! We’re also offering 20% off on Macrium Reflect Home Annual plans until Halloween. (And what’s the spooky season without some scary movies? How many references can you spot?)

## [3CX attacked in all new way](https://www.wired.com/story/3cx-supply-chain-attack-times-two "wired.com")

It's enough to make you Scream. State-sponsored attacks aren’t a new threat, but when a group associated with North Korea attacked VoIP company 3CX, they made history. Over half a million 3CX customers were affected thanks to a single employee’s PC being infected with a previously infected app. 

“This is the first time we've ever found concrete evidence of a software-supply-chain attack leading to another software-supply-chain attack,” says Mandiant Consulting's chief technology officer Charles Carmakal. “So this is very big, and very significant to us.”

Don’t Look Now, but this may be the first of many such events. 

## MGM Resorts and Caesars Entertainment

They’re heeeerrreee… Nope, it wasn’t a poltergeist in the slot machine, or a ghost in the elevator. Many sources point to ALPHV and Scattered Spider as the hacking groups who spun webs around two of the biggest casino resorts in the world, marking one of the biggest ransomware attacks in years. Not only were daily operations disrupted for days, the hackers were able to access personal information of many loyalty card members, including Social Security numbers. The MGM Resorts and Caesars Entertainment attacks have cybersecurity experts around the world doubling down on warnings about social engineering.

“[The hackers](https://fortune.com/2023/09/13/mgm-caesars-hacked-ransomware/ "fortune.com") first breached an outside IT vendor before gaining access to the company’s network…” 

Indeed, one of the most complex issues security pros face isn’t technical at all; it’s the end user. Technology like encryption and remote monitoring and management (RMM) has gotten so good, it’s becoming easier for hackers to target people themselves. Social engineering and phishing scams have always been consistent money makers for cyber criminals, but for a few days they made Las Vegas the Village of the Damned. 

## [UK Electoral Register](https://www.electoralcommission.org.uk/privacy-policy/public-notification-cyber-attack-electoral-commission-systems "electoralcommission.org.uk")

Get Out the Vote! While this one technically happened a few years ago, the public is only just finding out now. The United Kingdom's electoral registers fell victim to a “complex cyber-attack” which resulted in 40 million people’s personal information being compromised. Information like full names, email addresses, home addresses, and telephone numbers might not be critical info in of themselves, but if they were to be joined with other personal information gleaned in other ways, it certainly adds a few important pieces to the jigsaw puzzle that is our personal lives.  

## [Is AI already a hacking threat?](https://www.grantthornton.com/insights/articles/advisory/2023/anticipate-cybersecurity-and-privacy-risks-in-ai "grantthornton.com")

If 2023 tech had to be summed up all we’d need is two little letters: AI. A tsunami of hype and fear and speculation seemed to wash over all corners of the planet as ChatGPT and other AI platforms filled the social conversation. It really did seem like it was everywhere all at once. 

It’s not that an AI itself could start posing a direct threat (yet), but that its ease of use has made scamming so much easier for hackers around the world. Not only can they use AI to scale their schemes faster, but the software’s abilities help make the language they use in phishing emails sound native and natural. This means that even the most suspicious of us could fall victim, and parts of the world that have largely been ignored due to difficult language barriers are at greater risk. 

And all that’s not even touching on the Frankenstein’s Monster of Deepfake video and audio that looms in the future. 

## Natural disasters in the US

Beware The Fog and The Mist aren’t exactly threatening, but it’s important to note that not all data disasters are malicious. Natural disasters like fires, floods, earthquakes and hurricanes can have devastating consequences on life and property. But if data systems aren’t properly protected, that destruction may be even further reaching. 

From January 2023 to date, the United States alone has experienced over [23 separate billion dollar disasters](https://www.nytimes.com/2023/09/12/climate/billion-dollar-disasters.html "nytimes.com"). That’s over [$57 billion in damages](https://www.cnbc.com/2023/09/11/2023-severe-weather-57-billion-in-damage-and-253-people-dead-so-far.html "cnbc.com"), with a few months of the year left to go. As our climate changes and weather becomes more severe, it’s important to prepare for the unpredictable. 

## Avoid the Nightmare

If you’re ready to Let the Right One In and join millions of others who trust Macrium with their data, now is a great time to get started with our [Reflect Home Annual plan](/halloween). From now until October 31st, you can get your subscription for 20% off. That means you’ll get access to exclusive support, a free setup call with one of our team, all updates and fixes, plus entry to our customer forum and knowledgebase. 

And if you can’t get enough of the scary stories, be sure to check out our [previous posts](/blog?tag=halloween "macrium.com/blog")!

This Friday the 13th, we’re taking a look at some of the biggest and scariest data disasters of 2023. But don’t let these tales cost you sleep at night! We’re also offering 20% off on Macrium Reflect Home Annual plans until Halloween. (And what’s the spooky season without some scary movies? How many references can you spot?)

2023 Data Disaster Horror Stories

# How to avoid backup nightmares this Halloween

From accidental deletion to hardware failure, theft and malware, there are many ways to lose your valuable data aside from ghoulish foul play.

We have put together a few things to think about to help you setup your backup.

Remember, any backup is better than no backup; start off simple and optimise later but _do it today_.

## What should I backup?

You have two options. They have different attributes. Depending on what you want to protect choose either one or both for the following.

*   **Image** This will contain everything on your hard disk. If your disk fails or your computer is lost, you can use this to restore everything to new, booting hardware.  
    You can mount or open this backup file as a virtual drive and open or copy out file.  
    If you are using a compatible windows version, you can [instantly boot](/viboot) a backup as a virtual machine.
*   **File and Folder** This enables selective backup of folders or specific file types. For example, you may want to just backup your documents folder.  
    A file and folder backup is roughly analogous to a very high performance zip archive with the same Macrium backup features as for image backups.

## Where should I save my backups?

*   [**USB disk**](https://en.wikipedia.org/wiki/Disk_enclosure) This is quick and cost effective solution. You can also [rotate](https://knowledgebase.macrium.com/display/KNOW72/Alternative+Locations+For+Backups) two or more devices, keeping one in a separate location.
*   [**USB memory stick**](https://en.wikipedia.org/wiki/USB_flash_drive) These devices are fine for your bootable rescue environment, but are typically too small and too slow for efficient backup file storage.
*   [**NAS**](https://en.wikipedia.org/wiki/Network-attached_storage) This is more expensive than a USB disk but is more convenient; you have nothing to plug it, and you can share it between multiple computers.
*   [**Cloud**](https://en.wikipedia.org/wiki/Cloud_storage) Hosted remote storage removes the risk of hardware failure, fire, flood or theft. However, it is slower and can be prohibitively expensive for large files such as image backups.

You may want to consider a hybrid, storing large image backups on a USB disk and keeping a copy of your, smaller, file and folder backups of your documents in the cloud.

## When should I backup

Automate your backups with a [backup plan](https://knowledgebase.macrium.com/display/KNOW72/Scheduling+backups). A backup plan is a combination of a schedule, sequencing and maintenance of the backup chain (purging or consolidating the oldest backup points).

To simplify the process, Macrium Reflect Home includes predefined plans. Read more [here](https://knowledgebase.macrium.com/display/KNOW72/Scheduling+backups).

## How to keep your backups safe

*   **Fire and theft**: Rotate your backups, storing one device in an alternate location
*   **Malware**: Use [**MIG**](https://www.macrium.com/mig) and apply all security updates
*   **Corruption**: [**Verify**](https://knowledgebase.macrium.com/display/KNOW7/Verifying+image+and+backup+files) your backups and make a 2nd copy
*   **Encyption**: Use AES to prevent anybody else accessing your data

## What to do when things go wrong

This is why we backup, and yet is often overlooked. There are three basic scenarios:

*   **Recover a deleted or corrupted file**: [Choose](https://knowledgebase.macrium.com/display/KNOW72/Browsing+Macrium+Reflect+images+and+backups+in+Windows+Explorer) a backup, [mount](https://knowledgebase.macrium.com/display/KNOW72/Browsing+Macrium+Reflect+images+and+backups+in+Windows+Explorer) it and copy out the file.
*   **My computer boots but something is broken** : [Choose](https://knowledgebase.macrium.com/display/KNOW72/Restoring+a+system+image) a backup, and select restore.
*   **My computer won’t boot :** In this case, don’t panic, you can [boot](https://knowledgebase.macrium.com/display/KNOW72/Restoring+an+image+from+within+the+Rescue+Media) your rescue media. This contains a number of tools to directly [fix booting issues](https://knowledgebase.macrium.com/display/KNOW72/Fixing+Windows+boot+problems) and restore an image backup to the same, or [new hardware](https://knowledgebase.macrium.com/display/KNOW72/Re-deploying+to+new+hardware).

It is important to test that you can boot your rescue media. Don’t forget to check that you can access your backups and your system volume (c:\\) from the rescue media. You should also check that you can mount a backup.

## Summary

If you only do one thing today, setup your backup. And [build rescue media](https://knowledgebase.macrium.com/display/KNOW72/Creating+rescue+media). OK, that is two things.

Please read the [KnowledgeBase](https://knowledgebase.macrium.com/display/KNOW72/) including the [quick start guide](https://knowledgebase.macrium.com/display/KNOW7/Macrium+Reflect+Quick+Start). We also have a range of [videos](https://www.macrium.com/resources/videos) illustrating common usage of Macrium Reflect.

### Buy Macrium Reflect Home

For a fully featured backup, you should consider purchasing [Macrium Reflect Home](/products/home).

From accidental deletion to hardware failure, theft and malware, there are many

How to avoid backup nightmares this Halloween

The retail industry is not exempt from cyberattacks. The Covid-19 pandemic has changed shopping from in-store to online. However, our overall reliance on digital technology has transformed retail. Cyberattacks cost retailers millions of dollars in ransomware prices. With today’s digitally focused business environment, investing in cybersecurity is a top priority.

Let’s review the current state of cybersecurity in retail and how preparation can save this sector from corrupt hackers.  

## How Is Retail a Target for Cyberattacks?

A main driving force for why cyber attackers target the retail industry is customer information. Credit card payments and personal information are highly advantageous to cybercriminals. Storing online data to re-enter shopping accounts is risky if there is not proper cybersecurity established. 

![1406759_Retail-Graphic-1-1_080122.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406759_Retail_Graphic_1_1_080122_4cd6d06fba.jpg)

IT Pro published an article about [why retail is ranking in cyberattacks](https://www.itpro.com/security/cyber-security/360747/why-retailers-are-the-most-targeted-sector-for-cyber-attacks "itpro.com"). Criminals who have access to customer databases “can send phishing emails pretending to be a legitimate business.” At this time, they can “ask for personal details, send malicious links, or include malware that can wreak havoc on a customer’s PC.” 

The article also signifies this risk is not exclusive to online shopping. The Internet of Things (IoT) is practicable in today’s business environment. Physical objects integrate with technology to be more available and adaptable. IoT devices in the retail industry include point of sales (PoS) systems and security cameras. As they incorporate technology features, there is more access for hackers. Malware-infected PoS systems are a threat to the private information of businesses and customers.

Progressive technology gives cyber attackers multiple points of entry. The retail industry can avoid costly repairs and preserve the image of its business. For either online shopping or in-person, establishing basic cybersecurity protocols is a preventative defense. 

[The Consumer Goods Forum](https://www.theconsumergoodsforum.com/global-learning-mechanism-resources/cyber-attacks-the-increasing-risk-for-retail/ "theconsumergoodsforum.com") reports that “retail is more vulnerable to cyberattacks due to the nature of its online traffic and the design of its e-commerce websites.” Phones, stored customer data such as payments and personally-identifying information, and online shopping convenience make enforcing cybersecurity a challenge.

User-friendliness is a conflict. Retailers worry that “robust security measures can make the purchasing process seem time consuming and difficult, driving customers to abandon purchases.” If a customer-focused retail approach overshadows security measures, hackers will continue to plague retail industries. This is one obstacle the retail industry encounters when balancing between security and customer satisfaction. 

However, retailers who have not yet experienced cyberattacks or are unaware of current threats will soon realize that it’s not one of the other. Cybersecurity plays a considerable role in the authority, trustworthiness, and reliability of a company. In the worst cases, customers will leave a company when their personal security is at risk. 

![1406766_Retail-Graphic-2-1_080122.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406766_Retail_Graphic_2_1_080122_770d7c7acb.jpg)

## Aftermath of Ransomware on the Retail Industry

Beyond the first sting of a cyberattack hit, there are other consequences that ruin a business. [Retail Touchpoints](https://www.retailtouchpoints.com/blog/cybersecurity-data-privacy-and-esg-highlight-risk-trends-for-retail-and-consumer-markets "retailtouchpoints.com") lists five impacts regulations and investigations have on retail companies:

*   Financial exposure
*   Reputational risk
*   Limited options given the optics of litigating against the government
*   Time and resource-intensive
*   Business disruption

These impacts are critical for retail businesses to see that there are not only financial losses, “but also the potential for brand damage and loss of data.” The article shares two types of data: customer-related and intellectual property linked to confidential business operations. 

Online shopping opens the doors for us to purchase global goods and services. The U.S. economic regulations don’t always agree with those in Spain or the Netherlands. Cybersecurity practices from one country to another can lead to gaps in cyber safety across the marketplace. Along with the changing landscape of how technology is distributed and used in retail, it can be hard to keep up and maintain standardized cybersecurity. 

![1406779_Retail-Graphic-3-1_080222.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406779_Retail_Graphic_3_1_080222_efe22548db.jpg)

## What Are the Responses for Ransomware and Encryption in Retail?

[The Sophos’ State of Ransomware in Retail 2021](https://assets.sophos.com/X24WTUEQ/at/8c5hfmh8h8w3sh72b8v65hr/sophos-state-of-ransomware-retail-2021-wp.pdf "assets.sophos.com") (PDF) surveyed “5,400 IT managers across 30 countries [with] 435 respondents from [the] retail sector.” The key findings from the survey showed: 

*   Ransomware hit 44% of retail organizations in 2021
*   Cybercriminals encrypted 54% of organizations’ data after a ransomware attack
*   32% of businesses paid the ransom after their data was encrypted
*   On average, ransom payments cost US$147,811
*   Most often, only 67% of data is recovered when businesses pay the ransom
*   The average bill to resolve a ransomware attack is US$1.97 million for retailers who must factor in lost opportunity, downtime, network cost, device cost, ransom paid, and people time
*   For retailers who went through encryption, 56% use backups to restore data
*   Compared to the global average, the retail industry isn’t as equipped with encryption prevention: 34% vs 39%
*   The global average for cyberattack preparation is 82%, while the retail industry is only 78% 
*   50% of retail respondents who don’t believe they will be attacked are relying on strategies proven ineffective from ransomware
*   13% of participants do not have any concerns about ransomware

![1406785_Retail-Graphic-4-1_080222.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/1406785_Retail_Graphic_4_1_080222_d32fed45ed.jpg)

Among the recommendations Sophos provides the retail industry, they suggest making backups. In the line of defense, backup is a crucial aspect. They point to the downfall of losing data, regardless of paying the ransom. As there is rarely a full data recovery from cyberattacks, having backups is reassuring. 

Firewalls may fail and cybercriminals are becoming far more advanced than existing infrastructure security. Even with layers of cybersecurity protection, once a hack occurs, backups can redeem stolen data. They may eliminate the need to pay the ransomware.

The report also referenced the “3-2-1” backup plan. Companies should have three separate copies, two types of backups, and one offline and offsite copy that cyberattackers can’t reach.

Security is central to software design at Macrium. Our applications give you complete control over where your data is stored and will operate fully offline for the most secure, air-tight networks.

Macrium Software is a backup and image recovery solution. Along with other malware plans and protection software, backups are valuable ways to keep data despite malicious cyber activity. Check out our website to learn about installing effective backups to prevent data loss at [Macrium.com](https://www.macrium.com "macrium.com/8-home").

20220801-the-retail-industry-and-cybersecurity-risks.png

The retail industry is not exempt from cyberattacks. The Covid-19 pandemic has changed shopping from in-store to online. However, our overall reliance on digital technology has transformed retail. Cyberattacks cost retailers millions of dollars in ransomware prices. With today’s digitally focused business environment, investing in cybersecurity is a top priority.

The Retail Industry and Cybersecurity Risks

# Macrium Software Wins 'Small Business of the Year' at the Prolific North Tech Awards

Macrium Software, the industry leader in image-based backup and recovery software, has been awarded 'Small Business of the Year' at the 2023 [Prolific North Tech awards](https://www.prolificnorth.co.uk/awards/tech-awards/). 

Organised and hosted by Prolific North, the North's independent news and events publisher for the digital and creative sectors, the tech awards are now in their fifth year. They celebrate the innovation, achievements and success of businesses and entrepreneurs across the region. 

## The 2023 Awards Ceremony

The [awards ceremony](https://www.prolificnorth.co.uk/awards/tech-awards/tech-awards-2023-event-and-tickets/), which took place on Thursday 9th November at Manchester United Football Club’s stadium in Old Trafford, brought together industry leaders, entrepreneurs and innovators. 

Hosted by actor and presenter Tom Wells, the awards were sponsored by companies such as [Bruntwood SciTech](https://bruntwood.co.uk/scitech/), [FinTech North](https://www.fintechnorth.uk/) and [The Growth Company](https://www.gceducationandskills.ac.uk/). 

The panel of over [20 judges](https://www.prolificnorth.co.uk/news/meet-the-prolific-north-tech-awards-judges-2023/) hailed from a diverse range of organisations, including Booking.com, FatFace, Manchester Metropolitan University, UKBlackTech and SkyParlour. 

## About the Award

'Small Business of the Year' was sponsored by private equity investor [YFM Equity Partners ](https://yfmep.com/) in 2023. It aims to recognise small businesses demonstrating consistent growth, commitment to innovation and positive contributions to the industry and tech community in the North.

Macrium Software, which was nominated alongside seven other businesses, was commended by the judges for its drive to set and achieve ambitious targets, its determination to adapt to a rapidly evolving tech landscape and an unwavering commitment to providing the highest quality solutions and support to its clients.

## A Word From Our CEO

"We’re honoured to have been awarded 'Small Business of the Year' at the Prolific North Tech awards,” said Nick Sills, CEO of Macrium Software. 

“This achievement is testimony to the hard work, determination and successes of our team in 2023. We look forward to continuing this momentum in 2024 and beyond."

"Congratulations to all those nominated, thanks to the judges for giving their time and expertise and well done to Prolific North for hosting another successful ceremony and its continued efforts to celebrate the North.”

## A Defining Year for Macrium Software

In 2023, the business launched OS imaging and deployment solution [Macrium SiteDeploy®](https://www.macrium.com/products/business/technicians/sitedeploy-imaging-deployment-software), its first new product in six years. It also met increasing demand for more flexible payment options by introducing a subscription service. 

June saw the company [announce updates](https://www.macrium.com/blog/introducing-site-manager-8-1) to its product [Site Manager](https://www.macrium.com/site-manager), enhancing its capabilities according to client feedback, while improving user experience.  

Macrium also achieved three recognitions from [Great Place To Work®](https://www.greatplacetowork.co.uk/), the global authority on workplace culture, in 2023. These included [Best Workplaces in Tech™️](https://www.macrium.com/blog/uk-best-workplaces-tech-2023), counting itself among one of only five businesses in the North West to make the list in the category. 

## Further Info on the 2023 Prolific North Tech Awards

- View the full 2023 shortlist [here](https://www.prolificnorth.co.uk/awards/tech-awards/techawards-2023shortlist/)
- Access the 2023 winners list [here](https://www.prolificnorth.co.uk/tech-awards-2023-winners/)
- Browse the awards ceremony photo gallery [here](https://www.flickr.com/photos/193772232@N03/albums/72177720312564285)

### About Prolific North

Prolific North exists to celebrate, connect and inform the North’s creative and digital sectors. With a focus on providing insightful content and hosting industry events, Prolific North plays a pivotal role in fostering collaboration and recognising excellence in the regional business landscape. [https://www.prolificnorth.co.uk/ ](https://www.prolificnorth.co.uk/)

### About Macrium Software

Macrium Software is the industry leader in image-based backup and recovery software. We’re a vital part of digital security and business continuity plans for enterprise businesses, SMBs and IT professionals across all industries and sectors. In a world where data is the most valuable resource, we’ve made it our business to protect yours. ©2023 Macrium®. Macrium Software is a trading name of Paramount Software UK Ltd. [https://www.macrium.com/](https://www.macrium.com/)






Macrium-Software-Small-Company-of-The-Year-Nov-Prolific-North-Awards-2023.png

Backup and recovery industry leader Macrium Software has been awarded 'Small Business of the Year' at the 2023 Prolific North Tech awards.

Macrium Software Wins 'Small Business of the Year' Award

# Macrium Software Announces Partnership with Aquion

Macrium Software, the industry leader in image-based backup, recovery and OS deployment solutions, has announced its partnership with value-added IT distributor Aquion. 

Covering Australasia, New Zealand and Asia Pacific (APAC), Aquion will assist Macrium Software in developing new relationships and supporting existing resellers and partners in the region. 

As Macrium Software continues to build its channel sales programme, Aquion will play a key role in bringing the business’ solutions, including [Macrium SiteDeploy®](https://www.macrium.com/products/business/technicians/sitedeploy-imaging-deployment-software), [Macrium Site Manager](https://www.macrium.com/site-manager) and flagship product [Macrium Reflect®](https://www.macrium.com/products/business/standalone/workstation) to resellers and end users in APAC. 

![A photograph of Sydney Harbour Bridge](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/Sydney_Adobe_Stock_325725372_93eb9a2dc8.jpeg)

Based in Sydney, Australia, [Aquion](https://www.aquion.com.au/) is a well-established value-added distributor with a broad portfolio of solutions and excellent sales support. 

Stephen Macpherson, Global Sales Director at Macrium Software, said: “We’re delighted to announce our partnership with Aquion. This will enable us to bring our software to the region at a time when quality data security, backup and deployment solutions are in more demand than ever. APAC is a key region and holds a lot of potential for growth. We look forward to a long and fruitful partnership with Aquion, forging new relationships and offering our APAC resellers a seamless changeover. “

"We're pleased to announce that Aquion will now distribute Macrium products in Australia and New Zealand. Macrium's reputation for fast, efficient backup and disk imaging solutions aligns with our dedication to offering dependable tools. Their proven track record in data protection is a clear indication of the value we aim to deliver to our customers through this partnership," stated Stephen Balicki, CEO of Aquion. 

--- ENDS ---

#### Contact
- Macrium Account Manager: Maytrik Thaker                                                                                                                                                                                                                                                                                
- Email: mthaker@aquion.com.au                                                                                                                                                                                                                                                                                                      
- Phone: 1300 000 480 (within Australia) or +61 2 8036-8000 (from overseas)

#### About Macrium Software
Macrium Software is the industry leader in image-based backup and recovery software. We’re a vital part of digital security and business continuity plans for enterprise businesses, SMBs, and IT professionals across all industries and sectors. In a world where data is the most valuable resource, we've made it our business to protect yours. www.macrium.com

#### About Aquion 
At Aquion, we take pride in identifying and introducing innovative vendors to the market and developing strong revenue streams through our Enterprise channels in ANZ/APAC. We specialise in delivering tailored software distribution solutions, catering to specific needs rather than broad, mass-market volume. As a value-added software distributor, our expertise lies in market development, business development, customised sourcing, efficient software licensing management and the seamless management of renewals for our resellers. https://www.aquion.com.au/  

© 2023. Paramount Software UK Limited. Macrium Reflect® is a registered trademark of Paramount Software UK Limited.


Macrium-Software-Aquion-Partnership-Announcement-1200-600px.png

Macrium Software, the industry leader in image-based backup, recovery and OS deployment solutions, has announced a new partnership with Aquion.  

Macrium Software Announces New Partnership with Aquion

2023-data-disaster-horror-stories.png

Macrium Software Great Place To Work Tech Sept 2023

Macrium-Software-Great-Place-To-Work-Tech-Sept-2023-1200x630.jpg

# What is a Sysadmin? Celebrating the Quiet Heroes of IT

Today is system administrator (sysadmin) [appreciation day](https://sysadminday.com/). As a company operating in the tech industry, we want to stop and highlight the crucial, but often underappreciated, work of these professionals that keep our computers and servers alive, our people in communication and organisations around the world in business.

In this blog post, we will delve into the world of sysadmins, explore their roles and the traits that make them successful. For those curious about a career in this field, we’ll also provide insights into how to get ahead in the profession.

## What Does a Sysadmin Do?

Sysadmins are so ubiquitous and manage so many tasks that it’d be easier to ask, “what don’t they do?” But here are some of the responsibilities their roles may cover on a daily basis. 

![Macrium-Software-Sysadmin-Day-Graphic-LinkedIn-Twitter-1200x627-July-2023-01.jpg](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/Macrium_Software_Sysadmin_Day_Graphic_Linked_In_Twitter_1200x627_July_2023_01_60939b1463.jpg)

### Build Machines

A fundamental task of a sysadmin is building and configuring machines that meet their business’ specific needs. This includes setting up workstations, servers and other hardware components, ensuring they function optimally to support the company’s operations.

### Data Security

Data security is crucial in today's digital landscape. Sysadmins play a critical role in implementing and maintaining security measures to safeguard sensitive information from unauthorized access, data breaches and cyber threats.

### Virus Protection

Protecting systems from viruses and malware is an ongoing battle. Sysadmins are responsible for installing and managing antivirus software, conducting regular scans and promptly responding to any security threats that may arise.

### Write Code

Automation is key to improving efficiency. Sysadmins often write code or use scripting languages to automate repetitive tasks, manage configurations and streamline a business’ processes.

### Keep Users Connected

Sysadmins are the bridge between technology and end users. They provide technical support, troubleshoot issues and ensure that users can connect and collaborate seamlessly.

### Maintain Servers

Maintaining servers is a core responsibility of sysadmins. They monitor server performance, address hardware and software issues and ensure that critical systems operate smoothly.

### Configure Servers

Sysadmins also configure servers, which involves setting up user accounts, managing permissions and optimizing server performance.

### Update Servers

Keeping software and operating systems updated is vital to their security and performance. Sysadmins are responsible for applying patches and updates to servers and other systems to ensure they remain secure and efficient.

## What Traits Do You Need to Be a Successful Sysadmin?

Being a sysadmin requires a unique set of traits that go beyond technical skills. Successful sysadmins possess a combination of technical expertise and personal qualities that allow them to excel in their roles. Essential traits a sysadmin needs include the following. 

### Clear Communication

Effective communication is essential for sysadmins, as they often need to explain technical concepts to non-technical users. Clear and concise communication helps them provide instructions, troubleshoot issues and collaborate across teams.

### Responsiveness

In the fast-paced world of IT, being responsive to user requests and technical issues couldn’t be more important. A successful sysadmin promptly addresses problems and ensures minimal downtime to keep business operations running smoothly.

### Curiosity

Curiosity drives sysadmins to continuously learn and explore new technologies. Staying curious enables them to adapt to the ever-changing IT landscape and find innovative solutions to complex problems.

### Problem Solving

Sysadmins are natural problem solvers. They possess the ability to analyze issues, identify root causes and implement effective solutions to resolve technical challenges as quickly and painlessly as possible.

### Proactiveness

Being proactive is essential for Sysadmins. It allows them to anticipate potential problems and address them before they escalate. Proactive sysadmins implement preventive measures and monitor systems to prevent issues from occurring in the first place.

### Patience

Technical issues are frustrating and sysadmins often encounter complex problems that require patience and time to solve. Patience and persistence are essential traits for a sysadmin, equipping them to work through challenges methodically and solve problems - both for users and themselves.

## How Can I Become a Sysadmin?

If the role of a system administrator has your attention, there are various skills you can build and paths you can take to embark on a career in this much-demanded area.

- **Education and Training:** Pursue a degree or certification in computer science, IT or a related field. Formal education provides a strong foundation in IT principles and concepts.
- **Gain Technical Experience:** Obtain hands-on experience with computer systems, networks and operating systems. Internships, volunteer work, or personal projects can help you build practical skills.
- **Develop Problem-Solving Skills:** Nurture your problem-solving skills by tackling technical challenges and finding creative, independent solutions to common challenges.
- **Learn Scripting and Automation:** Automation is a key aspect of sysadmin work. Familiarize yourself with scripting languages like [Python](https://www.python.org/), [PowerShell](https://en.wikipedia.org/wiki/PowerShell) or [Bash](https://www.freecodecamp.org/news/bash-scripting-tutorial-linux-shell-script-and-command-line-for-beginners/). 
- **Networking and Collaboration:** Join IT groups, network within communities, attend industry events and connect with professionals in the field to expand your network and learn from experienced sysadmins.
- **Certifications:** Consider completing industry recognized certifications like [CompTIA](https://www.comptia.org/) [Network+](https://www.comptia.org/certifications/network) etc. These certifications validate your skills, catch the attention of recruiters and ultimately, make you more attractive to employers.
- **Stay Updated:** Keep yourself informed about the latest trends and developments in IT by reading [tech blogs](https://techworldtimes.com/top-technology-blogs/), attending webinars, listening to [podcasts](https://explodingtopics.com/blog/tech-podcasts) and exploring online resources.

## Happy Sysadmin Day - Explore Our Open Roles

We hope this blog shows our appreciation for sysadmins everywhere - thank you for all you do! If you’re looking for a career in IT, we invite you to explore our open roles - take a look and apply [here](https://www.macrium.com/careers-and-culture). 

Macrium-Software-Sysadmin-Day-Blog-Hero-July-2023.jpg

Join us in celebrating sysadmin day as we highlight the quiet heroes of IT,  what it is they do and what it takes to become a successful sysadmin. 

What is a Sysadmin? | Macrium Software 

# Trustpilot and Macrium

Macrium has always taken pride in our reputation for not only a technically superior product, but our customer service. No matter what product we’re working on, we try to remember there’s a person on the other side of the screen, not an anonymous user. After crossing the completely arbitrary threshold of 1,000 reviews, we thought it’d be a good time to talk about why we chose to partner with Trustpilot. 

Throughout the years, our users have been kind enough to take the time to send feedback, good and bad. It helps us to know what’s going right and what needs to be improved, so it’s always welcome! Comments like these would be shared within the team and sometimes externally, but never in a formal way. There are inherent issues with sharing reviews like that, not least of which are organization and monitoring. As a developer-led company, we immediately thought of creating our own review portal, but it quickly became apparent that it wouldn't work for our needs. 

A third-party review company seemed like the best solution, but we had high requirements and expectations. Here is why we chose to partner with Trustpilot.** 

### Impartial

One of the main reasons we never shared reviews our customers sent in was the inherent bias involved. Even if internally we knew we were being 100% honest and sharing the good, the bad, and the ugly, because it was coming from us, how could a user truly trust it? After all, we’re people and consumers just like you - we get it. The same thought would cross our minds, too. 

Reviews written on Trustpilot are published instantly, with no moderation or review process. It’s unfiltered and open to everyone. Some review sites allow businesses to remove negative reviews, which is completely counter to what we wanted to achieve. We can’t just delete a comment because we don’t like it. There are very strict guidelines for flagging reviews, take this recent case for example.

A user accidentally left a review for their new, and apparently underwhelming, laptop on our page by mistake. Even though we knew it wasn’t meant for us, we couldn’t just delete the comment. Instead we replied publicly, and the user updated their review.

![screen-shot-2021-10-13.png](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/screen_shot_2021_10_13_6d3565a1ec.png)

More proof of their integrity is the fact businesses can receive reviews, reply, and engage via Trustpilot completely free. One of Macirum’s most popular products is Reflect Free, so to work with a company offering a truly complete, basic service resonates with our core ethos. After exploring the service further, we chose to subscribe to one of the paid plans. 

### Transparent

Subscribing to Trustpilot allows us to automatically send review requests to everyone who purchases Reflect Home. There is no way we can tamper with this process, or cherry pick the users who are asked. We also now have the ability to display all these amazing reviews directly on Macrium.com, as they come in! 

![tp-homepage.png](https://strapistoragemacrium.blob.core.windows.net/strapi-uploads/uploads/tp_homepage_7fe0aab120.png)

You’ll find this section on every company homepage. It gives you a brief overview of how the company has been using (and hopefully not abusing) Trustpilot. Here’s a section you might not be familiar with, which exists for any company you might check out on there. 

If you navigate to the “See a detailed overview” section, you’ll be able to take a deeper dive into where reviews are coming from, how often the company flags reviews, and any other trends. For instance, a company may have a substantial number of negative reviews about long shipping times, but if they’re from the beginning of the year and have dwindled away, you could assume they’ve resolved their logistics issues. 

[Click here if you’d like to explore ours!](https://uk.trustpilot.com/review/macrium.com/transparency "uk.trustpilot.com")

### Trustworthy

Trustpilot is an established company with a good reputation, and continues to grow. We wanted to go where our users already were, and with over 1 million new reviews posted every month, Trustpilot seemed to be the “it” place already. Users who already have a profile on there are familiar with the process, trust their reviews will be published, and know when exploring the reviews of others, they’ll be fair representations.

Of course trust is earned and can be broken. We will always monitor our relationship with any company to ensure we’re still on the same page.

### The bottom line

Reaching the 1,000 review mark feels significant. Working with Trustpilot has been such a positive experience, not only because of the added interaction we have with our customers, but because we’re partnered with a company who shares many of our values. If you’d like to learn more about Trustpilot’s commitment to transparency, check out their [latest comprehensive report](https://cdn.trustpilot.net/trustsite-consumersite/trustpilot-transparency-report-2021.pdf "cdn.trustpilot.net").

** Please note, there are dozens upon dozens of other companies who provide the same type of service. We’re not saying they are less impartial, transparent, or trustworthy than any other. We simply connected with the way Trustpilot operates!

large_trustpilot-and-macrium-2021-10-21.jpg

medium_trustpilot-and-macrium-2021-10-21.jpg

small_trustpilot-and-macrium-2021-10-21.jpg

thumbnail_trustpilot-and-macrium-2021-10-21.jpg

trustpilot-and-macrium-2021-10-21.jpg

Macrium has always taken pride in our reputation for not only a technically superior product, but our customer service. No matter what product we’re working on, we try to remember there’s a person on the other side of the screen, not an anonymous user. After crossing the completely arbitrary threshold of 1,000 reviews, we thought it’d be a good time to talk about why we chose to partner with Trustpilot. 

Trustpilot and Macrium

# Macrium in 2021: A year in review

I’ll refrain from waxing lyrical about this year, I promise. Yes, it was a complicated year with ups and downs, and I could easily pen a Dickensian story ([I’ve invoked him before](/blog/what-can-charles-dickens-teach-businesses-in-the-era-of-covid-19-7f081820cc28 "macrium.com/blog")). Instead, I will channel my inner statistician and together we’ll revel in some interesting numbers. 

## 2021

Within the Macrium bubble, this past year has been one of fantastic growth, opportunity, and optimism. I know I speak for everyone on Team Macrium when I say that our work has served as a steady ship in turbulent waters. Reliability runs deep.

## 8

2021 saw the release of Reflect 8 and Site Manager 8! These releases were not only fantastic technical steps forward for us, they also represent the culmination of years of hard work and dedication, much of which was done working fully remote during the pandemic.

### +%

Team Macrium has grown in leaps and bounds over the past year, 22% to be exact. We’ve been recruiting the best and brightest all year and in fact, our Denver, Colorado office has grown over 200%! With offices in Manchester, London, and across the Atlantic, we’ve been recruiting the best and brightest all year.

## 55%

We have sold licenses to customers in over half the worlds’ countries and independent territories. You can find Macrium Reflect from Albania and the Democratic Republic of Congo, to Jordan, Costa Rica, Vietnam, Suriname, and Papua New Guinea.

## 93%

In comparison, Reflect Free has been downloaded, installed, and run in nearly every country across the globe!

Speaking of global reach, 2021 saw the start of Macrium’s concerted efforts to translate our software into even more languages. Currently, we’ve released German, Japanese, Russian, Ukrainian, and French with Korean up next for 2022.

## 8,600

And if you’re curious, that’s the approximate number of terms it takes to “fully” translate Reflect! I say “fully” because really, it’s a never-ending job.

### 50TB

The amount of installer and patch data downloaded from Macrium per month.

## 1,190

At the time of writing, the number of reviews from genuine, verified customers on [Trustpilot](https://uk.trustpilot.com/review/macrium.com "uk.trustpilot.com"), with a 4.7/5 rating!

## 3,000

Macrium is proud to have over 3,000 active partners promoting, selling, and using our fantastic products.

And a little surprise cherry on top, Macrium also needed to make sure everything was copasetic with a brand new Windows OS. Because of the way our software works within Windows, we took a significant amount of time to ensure a seamless transition - at least as far as Reflect is concerned. It seems the grand majority of you haven’t said hello to Windows 11 quite yet.

## 11

Seems Macrium users aren’t in love with Windows 11\. Only 11% of recent installs are on the new OS. We have found the transition to Win11 to be much smoother than that to Win10 with very few breaking changes. Rest assured that Macrium will continue to have your back if/when you make the transition.

## 2022

Useful features, new products, localizations galore… as we look over the past year and ahead to the next, it’s difficult to not feel excited. At the heart of it all is knowing we have a fantastic family of users who will be right there with us every step of the way.

From all of us here at Macrium, may the new year find you healthy, happy, and prosperous. Here’s to 2022 and beyond!

large_202112-20-macrium-in-2021-a-year-in-review.jpg

medium_202112-20-macrium-in-2021-a-year-in-review.jpg

small_202112-20-macrium-in-2021-a-year-in-review.jpg

thumbnail_202112-20-macrium-in-2021-a-year-in-review.jpg

202112-20-macrium-in-2021-a-year-in-review.jpg

I’ll refrain from waxing lyrical about this year, I promise. Yes, it was a complicated year with ups and downs, and I could easily pen a Dickensian story (I’ve invoked him before). Instead, I will channel my inner statistician and together we’ll revel in some interesting numbers. 

Macrium Software

Macrium security notice, 15 Dec 2021:

Log4j vulnerabilities update

Which Macrium software and services are impacted?

Latest Blog Posts

Latest Video

Products

Standalone

Site Backup

Deployment

Personal

Upgrade Products

Technicians

Solutions

Support

Partners

Company

Macrium Software

Macrium security notice, 15 Dec 2021:

Log4j vulnerabilities update

Which Macrium software and services are impacted?

Latest Blog Posts

Latest Video