RCR 034: Amazon Glacier Deep Archive - CISSP Study and Training!

TRANSCRIPT:

welcome to reduce cyber risk podcast 2019 episode 34 welcome to the reduce cyber risk podcast for we provide you the training and tools you need for your cybersecurity career hi my name is Sean Gerber and I'm your host for the action-packed informative podcast join me each week and I provide you the information you need to grow your cybersecurity knowledge while taking practical and actionable steps to protect your business from the evil hacker horn hey otter buddies Sean Gerber again with reduce cyber-risk I hope you all are having a wonderful wonderful week had some great stuff has been happening this week in the cybersecurity space as well as in the training space to where the can I go over that here in just a minute but before we do just wanted to pass on I'm feeling much better now thank you that's like a really cool voice now that allergies are in the season and yeah I sound pretty cool actually that's what I tell myself and rolls her eyes at me it routinely when I do that so yeah if you are married out there that that you probably have experienced that at some point in time we do think we are much better than we really are but that's okay as long as I think that in my little pea brain mine then that's all that matters all right I hope you guys are doing well this weekend in the cybersecurity space we've had a couple things that have come out and I will come back to this fact that I've always said this it it's a very lucrative Market to make money in the cybersecurity space especially if you are a bad guy however the downside of being a bad guy is not so good yeah I really don't want to go to prison in a third world country and that therefore if I did this stuff in the United States that probably would get caught cuz I'm a gerber and Gerber is always get caught it's just kind of how we roll my children and the FBI today around that this past week about that I'll WordPress if you got to WordPress website you will get into some topics around that that you need to be concerned about as a release to the social share plugin the real real real or maybe give me from a small farm in can't even pronounce English very well so therefore I have no idea what they mean by that what is rebuke went somewhere went went somewhere tonight I sound like Elmer Fudd somewhere that's affecting a small town in Florida and looked it up on the map is a sweet little town I'm actually looking forward to going there I got these things happen if people get hacked I need to put on the map where I'm going to go visit in my motorhome my mother home and I'll go check it out cuz it's I think it'd be a lot of fun if it's a really cool place at Stuart Florida pretty cool magnetic poles or a geomagnetic disturbance yet so military little bit of background on that and will give us some interesting stuff got there alright let's get into it well the first article we got to talk about his recent article I was in about FBI and there was the cult of BTC Bravo Echo Charlie scams and what the eec is basically business email compromise has and what the FBI is saying right now is that they are expecting 1.2 billion dollar losses as it relates to be easy scam losses the thing I come back to her crime was kind of on the nursery and people didn't pay much too too much attention to it now though if you're talkin 1.2 billion dollars now I'm not sure what the make some chili make gazillions right in drugs alcohol alcohol so much depends on the country you're in butt drugs prostitution racketeering all those things I'm sure there's a lot of money to be made but this is 1.2 billion dollars being made to scam people out of money nobody dies of sick people lose their savings and money gets lost but nobody dies and nobody's traffic traffic traffic all those things that would typically very negative that go along with all of that there is just basically scamming people out of money I said basically and that's all but that's not true cuz it's the people's livelihoods are gone but again 1.2 billion dollars as last year this from the air they totally reported scams this year around 351000 scams on this is the US government's FBI at 2.7 billion dollars and now that's up from last year's scamming what was around 1.4 billion and I remember that number came out and I thought that was extremely high but so that's a $700 increase in one year so percentage-wise I mean to talk and see if I can't do math in public increase in compromise in money that's crazy that's crazy money so that's his interesting thing about the FBI when they talked about it out of social engineer where they have a wire payment that's come you say I have our people have to send there is some expediency that's put in place going when you just now and you should contact the song so now I need you to send this money here now and that is basically a Foster and some a lot of losses to these businesses now they're using spoof emails texts and phone calls and the precepto phone calls we used to do this in the military when I was looking at his red team is I would do a preceptor phone call and I would actually call into a place and say hey I'm Fred Smith and my guy George Soros butts so you need to let him in and do what you need to do I'm Legit but because I've made a phone call and I acted like I was who I said I was they let George Soros in and so that's different things that come into the spoof emails texts and phone calls now in the pets will also learn those and I've seen this happen firsthand where they would say go ahead and use a gift card at versus the wire transfer transfer so go to Walmart or your local store and buy a bunch of gift cards because I've got something coming up that I want to give them out to and then sit give them to someone so and so and so will take this gift cards or send them to someone so because the gift card can we turn around and use this cash a New Jersey town where they because of these bees in this was in the article they transferred about a million dollars to a fraudulent account now if you're in the United States and you're familiar with how we roll their these towns are pretty small and I had a friend that was just recently and talking with a friend that could come over here United States and one of the comments when this young lady came over United States that after I said so what did you think of the United States and her comment was it's so big and I said yeah it's pretty large right you know it is about the size of the one third of the United States and she said there so few people we we don't have large cities like Shanghai mongeau Mumbai we don't have these big cities like this you have 20 million people are so like 10-15 thousand music as well Rod Stewart Florida but bottom line is that tiny will they transfer $2000000 to a fraudulent account that can affect a small Township a real estate transaction that occurred where the closing agent transfer through wire transfer 50 Grand to some offices in New York again this is big money and that this can affect people dramatically but this is just off of email because just off a scam and it stalking significant cash no longer are pickpockets if Brett hits your email is a problem that was interesting about that not in this also article talked about think of operation of wire wire and wire wire June 2018 resulted in 74 arrests and this was a basically a wire transfer fraud thing that occurred other was 40 to US citizens 29 Nigeria's inerrancy there's like a great Nigerian Uncle who steals all his money from Canada Ratatat Ratatat Mauritius and Poland they were able to retrieve 2.4 million dollars in cash and then also were able to recover about 14 million in wire transfers that had occurred so that's a good win for the FBI especially as you're doing with all this stuff going on but sad to say out of 1.2 billion dollars that's a little bit of drop in the bucket for the companies that lost the money they're happy badass think of romance scams which I didn't know this existed but what it basically comes down to is to trust relationship to persuade people to send money and I seen these where you say hey you'll send out an email so I'm Sean and my long lost brother from Nigeria says hey Sean I missed you but Mom is in trouble and she needs money and so send some money immediately well first off I don't have a boss long lost brother from Nigeria so that would be a quick flag but it does happen but because of that 360 cuz of romance scams pretty easy just because people are buying off the fact that hey I know you again this is all comes on a psychological operations you just got to get people to trust you a little bit and I'll give you everything payroll diversion this one here is kind of interesting is that their phishing email setup to steal banking login credentials and what people happens they click on the link now we're loaded they see people login other banking account and they steal their banking information and is only a hundred of these a hundred complaints of these however Hunter complaints there was over a hundred million dollars in losses you were going to use do not click on plushie do not store your passwords on your computer allows you to use LastPass and someone installed malware on your system they will steal your keep your credentials so I highly recommend you use multi-factor on that and you just copy paste now you can use on LastPass ubill just to copy the the password without seeing it that would be helpful but therefore it's it's imperative that you utilize the tools are out there especially ones we recommend overdue cyber-risk to help protect you and your company but again that's a payroll diversion hundred million dollars complaints let the FBI scam and again BECU in their loss is about 1.2 billion dollars now the next thing we're talking about is WordPress K WordPress is God is a great media platform that you can utilize your websites on and of course what they have is a plug-in called social share this plugin has been recently that typically reduces risk I don't care to go into all the WordPress plugins cuz I had a WordPress web can I put out there were persecuted daily that I put out that I've got some content that will be out on the site later but bottom line is that there's a lot of plugins to plug in so it's kind of hard to keep track of all of them saw this one had a 900000 downloads was about a million people that download this social share in the purpose of this provide share buttons for WordPress and and therefore because it was such a large exposure I thought I'd bring it up in today's news cat around what's going on but they basically version that's 3.5.3 that was designed to address to security concerned and it came out about a month ago now the thing is though the reason I bring this one concerned with WordPress because it's just it's so expose right there so many different versions of it so many people use I should say but we had this one is it allows someone to run arbitrary PHP code and that allows me to take full control of the site and the server with there's no authentication required to basically just run some code bun they own it that's bad that's that's not good and so therefore it's imperative that you've got this on your WordPress website just because it's being used for crypto mining but it's also being malicious code as well so I guess that's WordPress it's got a social share plugin and I would recommend that you get it updated and download it as soon as you possibly can and get it fixed vulnerable to this vulnerability so I recommend that you take care of that immediately if you have WordPress for your business or if you are security professional and you are utilizing WordPress for your business or for anything else that you may not be aware of security one more thing to keep in your back your brain the real ransomware okay is this okay get its typical ransomware but the Riu group is the fact that has been used in various other situations are different use cases that are similar to the one we talked about right now now this happened on 13th of April 2019 now rebuke hit a small town and Eastern Florida okay it's called Stuart Florida Eastern edge of Lake Kissimmee and he's a big old like it's in the middle of Florida it is to the east of that and just pulling up some Google maps of the place it looks awesome just cute little town just in the middle of Florida at 17,000 people so it is a drop in the bucket if you anybody's listening from anywhere else outside the United States and you probably live in if your listing is somewhere China obviously India someplace like that you're coming 70,000 people I have that in my neighborhood small town really cool looking town but bottom line is they were they had a phishing attack that occurred to them in the city itself so against small town probably not allow computers in this town as well but it affected them and it took down their system so that the Rio Grande somewhere Force the city offline and the reason I bring this up is because it's very is the same version of Ransom what it was using his Jackson County Georgia and Albany New York now that being said is that somebody is potentially targeting small towns to do this now if you are a security person or if you are someone who's managing it4s for a small-town bottom line you better make sure you get your stuff together cuz this is bad T support with email ID north and south from a third-party that's doing this as well but bottom line you need to talk to if your business already at your business owner talk to your city council if your security Personnel looking at this make sure that you have plans in place to eat for the contingencies to deal with it the service has been restored however there's no email access to individuals within that the city I should say that on the city's payroll but this is a key Point Police and Fire Departments are still offline but bottom line is is that that. Good right to see if your main support your police in your fire department are not longer online because of these things that it's just a bad situation so if you are a cybersecurity and I'm stressing this if your cyber security person who is supporting these or if you live in a small town go talk to city council say yo dudes do that I'm a security person I have a good understanding this stuff what are you doing and by the way do you mind if I just chat with you about it and I'll get their Network because the simple fact that you got to have the right paperwork for that so if you're in a business if you're just a cybersecurity person do not I repeat do not go and say hey bad idea just you if you got to have the proper crepe paper with your legal paper with the city and with the right folks to do that however you need to go at least pretend city council and then and utilize your experience to say is something you need to consider I'm have you thought of that you want me to talk to your it person just going to give them some guidance in some ideas do not I repeat do not say I can fix it for you unless you have the proper just just to say it just ain't there expected to return the capability within the next week and a half so bottom line if you got small towns help him out if he can there is lots of opportunities to help us specially small businesses to help these these towns and help them with their i t support especially as it relates to cybersecurity also tell him to listen we talk about your own bucket alright EMP in GMD events so electromagnetic pulses and geomagnetic disturbances if the first one happens EMP we're all having a bad day to fly a nuke goes off in the atmosphere over a city and in some cases probably would just be over like a large part United States would go black what would end up happening is as we go back to the Dark Ages and then the reason is it will electromagnetic pulse will fly out most in their integrated circuits it was not designed to be hard now when I flew military airplanes we had hardened planes for this EMP bulb burst design was that when I flew be one's the whole goal was that we were designed to attack Mother Russia and we would it was a one-way trip going in yet coming out right but emps. Just a bad day we don't want that so planning a article in the jeep jeep security officer CSO the interesting part about that was his that talks about emps and that you need a business plan for him pee and yeah I get their point and what they're trying to get at me to have more of a business plan for a geomagnetic disturbance that because me Abby goes off we're all going to be struggling with financial issues going forward because it'll be ugly it would just be really really really bad example all switches agmd right ear geomagnetic disturbance call Sky and at that time they had didn't have a whole lot of integrated circuits like none but they did have a Telegraph and it did cause issues with the telegraph during that solar flare event with the Borealis and so basically what happened is it shut everything down now an 89 I believe there's also another GMD that occurred and it caused outages with him Global aspect right when it we didn't have I see in a circus all over the place at that time they were pretty significant but it wasn't like it is today but it did cause an outage biggest concern is that will we have this at some point in time well Global magnetic disturbances do affect places more on the poles than they do in the middle of the of the planet and a lot of it comes down to the fact that it's a grazing thing right so if the if you're getting a flare and it hits the middle of the of the planet it will spread out but what ends up happening is it hits and again here's my geospatial knowledge North and South poles and it spreads out and causes a larger event that would occur so Canada and Southern South America would probably be affected more likely from a solar flare event or GMD and looked like they also mentioned in the article is that the grid is prepared in the US grid is prepared for a solar flare event now the US air quotes is prepared there's a probably a highlight highly likely that most of the planet is not prepared for this now I would say that I use the air quotes because I do know some of our infrastructure is based on 1930s 40s and 50s technology however they have been working hard to upgrade some of that cuz there was an event in 89 that did take out like part of the Eastern Seaboard so those are things that are in place as far as an EMP or a GM be more likely you're going to run into a g MD EMP take away on this again we talked about emps and nukes and solar flares and less than what does that really mean for you in a business or cyber security professional if you get legal language as a relief disaster recoveries and the disaster recovery facility in the reason I say that if you do have a gmv event and it does affect a large significant group you're going to have a lot of people are to be impacted nobody's going to be asking and clamoring for their DVR capability and may not be able to get it so you got to kind of figure out are you high on the list or low on the list for your facility also need to find out is your facility that maybe your is your Datacenter that you're using EMP / GMP certified facility that can withstand a situation that could occur so you need to consider that and I would look at the language in your s o w is with them with your statement of works just to kind of see if they have that capability built into it so it is it a hardened facility for an EMP or agmd event and if your critical infrastructure so like in United States if you are electrical power chemical and so forth new clear you will have to be at your phone or critical infrastructure so you may want to definitely spend time and understand the EMP ramifications for your Disaster Recovery capability so about with the E M P & G MD events a train is waiting to get out of this before we do I do want to put a plug out there for reduce cyber-risk go out to reduce Everest and I've got some awesome stuff for you to check out there's some great things around if you're working on your cissp which is your certified Information Systems security professional certification check out some stuff I got them free Godfrey for you check it out you'll like it it's really really good I'll help you with your cissp certification also if your business owner or if you are a security person that is supporting a business I have some also free stuff out there as well get on my mailing list if you do that I will be passing you all kinds of free stuff as a relates to this training that comes out available to you they'll be on my website be sitting up here soon a membership site that will be available for individuals to sign up TravelNet will not be available just so you can go out and just get some stuff set up for in training for your individual for yourself also in addition to that if you have a person that maybe on your IT staff that is wanting to learn some information like today's article today's topic they can just go out to the reduce risk and they can see these topics specifically as I talk about recording video that will go along with it. you can use and it's available for you just by signing up with reduce cyber risk all right so all right so let's get into the training Amazon Glacier deep archive archive that would fit under domain 7th and this is under Dr and business continuity wisdom key terms and Concepts and the first one is backup and Recovery not typically was we deal with a backup and recovery for the traditional backups are tape backups that are kept off-site you will do in a backup situation and again if you're a security professional you're probably going to eat on I know this this is a rocket science however is Amazon's going really cool service that I think could be helpful to you if your business owner or security professional that's responsible for the Dr and the tape backups for your site what happens is U of A backup software that will then use right to a tape backup people take the take the tape backups and they take them off-site store them somewhere grab the other tapes that are there bring those back and then reroute rinse repeat rinse and repeat over and over and over and over again daily okay and sometimes it just depends on what you are back at strategy is but the thing is is we usually what happens is testing should occur when recovering from a DSO you set up a process and then never actually tested Foundation is that you actually go back and restore these from a tape to verify that you're actually getting real date and it's not corrupted time to do this the backups you got opportunity cost from people that are going and having to take taste back and forth effort you've got time wasted you got to spend money on tapes you got failure on tape sometimes it takes failing you don't know it so it ends up being a very manual laborious process and you need to consider is there other other options now there are other options just depends whether feet meets your needs things to deal with Disaster Recovery you have backup and Recovery meal swipe Disaster Recovery what does that recoveries integrating everything together that's your tape backups you have a process in place for instant response all of those things are part of your Disaster Recovery Solution and of that is off-site backup that's a piece of this and there's a recovery Point objective and recovery time objective and we talked about this reduce cyber-risk run Dr and and BC and those are areas that which you have on your data at what point do you want to recover to and it what time do you want to recover so at a point in time where you have you only have certain amount of time that's that's dropped your recovery Point objective and then you have your recovery time objectives how much time are you willing to or how fast are you willing to recover from an event so those are the key pieces that are will be important as relating to take backups as well these are all aspects that you will record because some backups you made do daily some people may do tape backup once a week so I lose a week of data because I'm only doing my tape backups on Friday and during the week if I lose my data and everything goes to the heck in a handbasket I'm only lose a week of data every Wednesday I go in and take my dates and take him to an off-site location so it just depends but those are all pieces that fall into the ER Disaster Recovery Solution compliance and regulatory requirements that may require you to do tape backups Financial transactions are there is transactional archives activities and audit log May force you to do Financial this article I got all these links in the show notes for again all of the security topics we talked about as well as is Amazon article around training around deep archive that the thing is is it and I took a lot of the information from there and can I merge it into my background but again it's if you have transactional archives activities in audit logs those are things that you may want to put into this deep archiver you may want to put into tape backups Healthcare & Life Sciences they also may have EMR in which is your emergency your electronic medical records images you may have scanned images so for that you may want to put out there so that a lot of times they have requirements to keep this data forever so in the event that you want to go search It Whatever might be at the ending interesting part about all this is one thing that we've learned my mother-in-law's had cancer and and there's there's like all these different tests that are going on in the one thing that I think was going to be a ground-breaking technology Innovations when they can connect all of this so let's just Bayer Healthcare Company you download all this information and you put it in deep pleasure will you can end XD play sure you can utilize it and so therefore I think as we getting more into Ai and machine learning there's going to be a capability to get this information more available to people just by having it out there in Amazon order my b you put all the stuff and Glacier and I can just sit there and if you want to get access to it down the road you can do that key Concepts around us storing your data now so we can Amazon Glacier deep archive what are some key things to think so the purpose of this is that if you want data that's to be stored for years I mean like eons right cuz it takes forever to make a glacier then you may want to look at this capability up and down up and down deep archive or in Glacier is not in a glacier itself or Glacier deep archive is not the best choice for you just an S3 bucket with an Amazon would be your better choice but if you'll take backs up for disaster recovery and business continuity if you ever have those that would be another good option for Amazon update bleep bleep Glacier Glacier deep archive and also it's a cost-effective and simple matter to store data and I want to go a little bit into the cost and you'll see the differences in its relatively I mean like dirt cheap is designed for you to store stuff up there in the cloud and not pull it down it's designed to be just that's where you stick it okay so something to consider I'm at the architecture so we're going to get into and around the architecture tools and capabilities and he's our terms and Concepts that we're going to go over that will help a lot with understanding the overall deep Glacier situation so there's worse Upstate Gateway AWS storage Gateway Amazon S3 Amazon Glacier deep archive and Amazon S3 analysis location on what is that going to fall asleep with the valley girl kind of those are the six areas were going to talk about I take Gateway okay so it's work dealing with Amazon the tape Gateway it's a storage gateway to your current backup Solution that's on Prime now what it basically means is it it's a you have your own print backup solution that sitting in here environment and it reports to the tape Gateway and that you can put this on a virtual machine in your data center and basically what a tax is it acts like a buffer to the Amazon storage Gateway service so it's this little intermediaries so we get some talking right now but you on-prem solution and then you have your Amazon storage Gateway and they all communicate back and forth while your Amazon storage Gateway is in Amazon your tape Gateway is usually on primp and that's where it's at but what does that transfers data back and forth to from your on-prem solution to the Amazon storage Gateway and that's Donald unencrypted with https so that is your it's just basically the intermediary that takes your data from your site and pushes it to Amazon Amazon storage Gateway that is your virtual tape Library so that is the inner peace that sitting up there in the cloud and it's spans the on-premise environment and basically takes her on Prim to the cloud and it's it's basically make a comment it really is compatible to most backup Solutions out that your cam bolts and whatever else is there if it will work with all of those and it should write do you want to do cuz I was it wouldn't be useless all the backup Solutions out there that you want to use at least most of the ones that you want these and it spans various storage options that are available to you then there's basically six different storage options if you go on Amazon you can go check out these out but it is basically are using an S3 bucket and an S3 bucket storage bucket that's out there simple storage something that's how a story standard intelligent tiering have a standard IA have a one zone IA I saw those are the six different ones that are available and you're going to use standard storage yet then the Gateway that's fine just an S3 bucket but it is not the place you want to be putting your your tape information for long-term long-term now there's a possibility that which way you set this up and we'll talk about this is that you go from you put it in storage S3 and then it'll migrate to Glacier or Glacier deep archive after a. Of time so Amazon Glacier would have basically does it allow it's a single archives spot where it will store up 240 Terry be in one single archive I mean a lot of storage unlimited number of archives and you can you can sell limited amount of data that you can store there in Amazon Glacier it's all encrypted Boston arrest and retrieval is usually standards 3 or 5 hours that you can pull it back but they do have an expedited version that you get it back in 1 to 5 minutes F stamp what you must retain it up there for 90 days without a fee once you if you go ahead and you were to put it up there for like 2 weeks and pull it back down they're going to charge you the full 90 days but if you could leave it up there past there's no feet they discharge you for the actual using of the data itself now again is designed to store data for a long. Of time that you don't want to pull back tape backups images that you wouldn't mess with pull-down day that you want to Archive it's usually sit in the microfiche stuff like that that you would just kind of put up there but it's up there at the indexable you can utilize it then with the Deep learning capabilities as time goes on but bottom line is is that it's designed to just be for long-term Cold Storage now deep archive it is the same as your Glacier Rights was Glacier deep archive but the difference is that store across three or more availability zones now so you have an availability Zone California now they just opened up one in Hong Kong so they have various availability zones throughout the globe but it's stored across three or more of these for deep archive and it'll configure transition from Glacier to deep archive you can set it up so that Glacier your data goes into Glacier convened go into deep deep deep archive after 30 days transfer to in the Deep archive from your Glacier account which denim turn keeps your cost lower right so that the one thing about Amazon which is really good at its you pay for the time of use or for not paying for extra stuff that's just sitting there idle running so as your as you get more and more data to put out there I was your cost will go up but you'll see that the cost really are not that much especially for storing data that you really have to store it's it's relatively inexpensive pricing is based on region depending on where you go your region will determine how much your price is going to be and retrieval is usually twelve hours or less for that now Amazon S3 analysis the thing with this is it observes a data access patterns to improve the cycle life cycle what does that mean what is watching what you're doing and that has you're managing the data going to and from where it's being moved and it'll analyze that it'll give you ideas on what you should do with your data and they basically says it takes about 30 days to analyze the data but it was in 2044 8 hours you will see patterns across your data until the purpose of that is then to say is you're constipated accessing this data it'll say d-park I might be a better choice to save you some money in ultimate goal is to save you some cash because Amazon wants to save you money and the reason is because they put more data up there as you put more data up there they'll charge you more money so it's a smart business model now cross-region replication the interesting part with cross-region replication is that does is your automatic and asynchronous copying of objects across regions and you can set this up specifically if you have a disaster recovery requirement that requires you to put that in that situation so example so you have any availability Zone in the East Eastern region and you have all your data in the Eastern region will they have multiple data centers within the Eastern region that they replicate data between but they're usually separated by about between 50 to 200 miles pops but if there's a big significant event that hit the East Coast that may not meet your needs for disaster recovery so you may want to have the ability to have all your data replicated to the western coast of the United States their fourth eastern coast falls off a planet you still have your data on the western coast your issues so don't mean you have to work through there's minimize latency customers in multiple locations that allows for that helps out especially if you have customers in multiple case it also allows for operational efficiency to compute clusters in different interviews reasons so basically your Computing data in multiple places it is basically work between the two to keep your data in the sink and allows you not to have a bunch of latency issues and then also if you have different owners of the day that's owners the data in one region and owners in another region that allows you to send that data across and be replicated and allows different owners in the various regions so it's kind of basically two copies to owners and depend upon your drb BCC situation you may want to consider cross-region replication AWS tape storage Gateway right has written up to that and it switches like it is then stored in the virtual tape Library within S3 and then from there it is moved to either Glacier or to Glacier deep archive and and that's where Storm and then you're charged if you pull it down early and you're charged it there there's are some new ones as theirs in the sentence for you not to do that right they have that setup but if you have to go through in the pricing example I have is that you will select storage Gateway the tape Gateway selected to have data written to the AWS storage Gateway just like that you have data storage to the virtual tape library in as3 looks like that and then you need to decide where do you want your dentist or do you want it in the tape I'm in deep archive Glacier deep archive if you just set it up for Glacier and I use an example of one terabyte so it's basically it's probably not a good example of base on your situation I just want to keep it simple I'm all about keeping it simple stupid and that's me so I put one terabyte going up as per month so 1 terabyte per month going up one terabyte being transferred one terabyte between 3 and 1 terabyte being stored in Glacier and deep deep archive per month okay and then obviously that number with deep archive would continue to grow as you put more data in it but the date of that's within the storage areas with an S3 that would not I would not increase it wouldn't go from one terabyte to two terabytes you just because you would migrate that data out month for Glacier was $37 us a month based on the Eastern region if you did the Deep archive the cost was $34 a month now that being said you're so different swell the difference is that your gateway cost which was the first three areas of gateways the date of written that they distort accounted for approximately $33 per month okay now you're Glacier was about $4 per month and your d-park I was $1 a month so as you get add more terabytes to that it's so easy examples go just Glacier your one month one will be $37 month to will be $42 on three we $46 okay as long as you keep putting up a terabyte every month right now you may not do that yordy Park I will go be 30 for one month 30611 so you can see the pricing can Adam substantially just by going too deep archive so there is just basically a buck for a terabyte now you go down into gigabytes the price drop substantially so standard pricing model around Amazon AWS deep okay that's all I have on that so I hope you enjoyed that turning around a to Amazon AWS deep archive the bottom line with it is if you are at you have a tape backup system if you're a business owner or security professional and you need that capability within your organization it is something to consider now the downside with this is is that when you have to break come back to restore it it will take time it can take substantial amount of time to download the files from your deep archive but that wouldn't matter any Cloud platform has the same way so you got to consider that as you're weighing out whether or not it will work for you or not is are you willing to accept some delays in record recovering from tape backups if if that is not something that you want then it may not be the best option for you at this point however could be something to consider if you have lots of stuff that's just sitting on servers that you want to put in a place that's neat and tidy and can be indexable by Amazon has a brother great way of doing that as well alright you can see on the show available to you as well still recovering from the react with ransomware Chief security officer training school or website talked about the business continuity and EMP and then we had talked about Amazon deep pleasure and the archives that go along with it all right I hope you enjoy the training and it's always get to check us out at reduced diver risk have a wonderful week and we'll catch you on the flip sides yeah so much for joining me today on my podcast if you like what you heard please leave a review on I2 I would greatly appreciate any and all feedback check out my videos are on YouTube search for Sean at sa Joanne Gerber and you'll find a plethora of content to help secure your business had to reduce cyber risk and look for the free stuff lots of free and it's only available for our email subscribers