AI for IT Services Firms – Backup, Recovery, and Cybersecurity

Millicent Abadicio

Millicent is a writer and researcher for Emerj, with a career background in traditional journalism and academic research.

AI for IT Services Firms - Backup, Recovery, and Cybersecurity

IT services firms are doing their best to keep up with the changing landscape as AI begins to dominate the tech conversation. Many IT services firms have recently started branding themselves as AI companies without having the requisite talent to back up their claims. In reality, many of the older IT services companies are struggling to hire PhD graduates in machine learning who would rather use their skillset at global AI firms like Google and Amazon.

Although IT firms might find it difficult to procure and retain AI talent for themselves, they can certainly benefit from AI capabilities. There are several AI vendors offering solutions to IT services firms, particularly for the following use cases:

  • Data Backup and Recovery
  • Cybersecurity

In this article, we’ll be exploring the solutions that these companies offer to provide business leaders at IT firms with an idea of what’s currently possible for them when it comes to AI. We’ll start our analysis with a data backup and recovery solution from CommVaul:

Data Backup and Recovery

CommVault

CommVault offers a software suite called Complete Backup & Recovery, which it claims can help IT services firms and large enterprises protect, backup, and recover data in the cloud and user data repositories in an optimized way using machine learning technology.

CommVault claims the machine learning model behind the software was trained on millions of data points, such as performance statistics, change rates, access speed, and performance insights every time data is backed up and restored. This data would then provide the baseline for properly stored and recovered data, for example. Once the data is labeled to reflect this, the labeled data would then be run through the software’s machine learning algorithm. This would have trained the algorithm to discern the sequences and patterns of 1’s and 0’s that, to the human eye, form the data patterns and characteristics that relate to properly stored data.

The user could then use the software to analyze and optimize the stored data according to the user preference based on data gathered from previous actions, backups, and restores to provide the desired outcome.

Below is a short 4:00-minute video demonstrating how to create a Microsoft Azure Hot storage account before adding it as a cloud target in Commvault:

CommVault claims to have helped digital tech service company UST Global optimize backup and recovery operations across operations in 25 countries. UST Global needed to duplicate and consolidate data from multiple off-site virtual machines under one central control and interface. UST Global integrated the CommVault’s software into its primary tape-based disaster recovery location. According to the case study, UST Global was able to restore data more quickly and reduce data loss by as much as 50 terabytes, helping them save on costs and mature its data management capabilities for a competitive edge.

CommVault also lists Dow Jones, Expert SE, and ACENS as some of their past clients.

Pavan Bedadala is Engineering Leader and Coder working on Search/Analytics and Machine Learning/Data Science at CommVault. He holds Master’s Degree in Data Science, Finance, Strategy from New York University – Leonard N. Stern School of Business. Previously, Bedadala served as Associate Engineer at Symantec.

Unitrends

Unitrends offers software called Backup Software, which it claims can help managed service providers and IT companies optimize data backup and recovery, and protect them from ransomware using machine learning technology, including predictive analytics.

Unitrends claims security and IT administrators can integrate the software as a virtual appliance that can fit into any networking environment and platform, including physical and virtual drives, the cloud, Windows, and Linux, and run it from one user interface.

We can infer the machine learning model behind the software was trained on numerous incidents of backup and recovery data from previous ransomware attacks. The data would then be run through the software’s machine learning algorithm. This would have trained the algorithm to discern which data points correlate to random file changes that indicate a ransomware attack.

The software would then be able to predict when a ransomware attack is likely to occur. It would flag backups with suspicious activities with a warning icon, and alert the IT or security administrators through the dashboard and email. This may or may not require the user to upload information about their methods and behaviors when backing up and restoring data into the software beforehand.

Below is a short 5-minute video demonstrating how Unitrends’s Backup Software works:

Unitrends claims to have helped Robinson Tech develop a more efficient and reliable data backup and recovery service for its clients. Robinson Tech integrated Unitrends’s software into customer sites that are currently on another backup platform. According to the case study, Robinson Tech experienced a significant increase in the efficiency of the backup and recovery process, resulting in cost savings and more time spent on being “proactive” with their customers.

Unitrends also lists Fortech IT Solutions and Federal Credit Union as some of their past clients.

Akshitha Muthireddy is Software Engineer at Unitrends. She holds a Masters in Computer Science from Stony Brook University. Previously, Muthireddy served as Senior Research Aide at CA Technologies.

Cyber Security

LogRhythm

LogRhythm offers software called NextGen SIEM Platform, which it which it claims can help IT service providers as well as other enterprises identify, moderate, and recover from security threats using predictive analytics. The company claims it helps security operations centers (SOCs) using a detection and response framework called Threat Lifecycle Management or TLM.

LogRhythm claims IT and security professionals can integrate the security platform into existing software and systems using scripting support that customizes and configures firewalls and manage security events.

We can infer the machine learning model behind the software was trained on log and machine data of each enterprise as well as data from custom network and forensic sensors such as security cameras. The data would then be run through the software’s machine learning algorithm, which classifies, contextualize, and normalize the data. This would have trained the algorithm to discern which data points correlate to normal activities and potential security breaches of different types.

The software would then be able to predict incidents and events that may be threats to the security of the data and system. This may or may not require the user to upload information about their previous experiences with cyber attacks and security threats into the software beforehand.

Below is a short 4-minute video demonstrating how the software can automate cases using LogRhythm’s SmartResponse feature:

LogRhythm claims to have helped Conduent cope with the security issues of managing more than 180 servers and 100 networks across the IT infrastructure of its client Northampton County. Increased regulation made it necessary for Conduent to provide its client with a more efficient method of monitoring network security. Conduent claims Northampton County only had a small IT security team that had to monitor security threats to the network of more than 2,200 employees.

Conduent integrated LogRhythm’s software into Northampton County’s IT infrastructure by customizing the script to configure the firewall and log security events. According to the case study, Conduent was able to identify potential security threats to the IT infrastructure as well as possible violations of County Information Security Policy immediately upon deploying LogRhythm’s software. Conduent senior information security analyst Bob Mace states LogRhythm’s software cut SQL injection attacks by 90%.

LogRhythm also lists EPC, McColl’s Retail Group, and Sera-Brynn as some of their past clients.

Phil Villella is Co-Founder & Chief Scientist at LogRhythm, Inc. He holds a PhD in Physics from the University of Colorado Boulder. Previously, Villella served as Researcher at the Surface Physics Laboratory of the University of New Mexico.

Darktrace

Darktrace offers a software called Darktrace Enterprise, which it claims can help detect and neutralize threats of cyber attacks before it happens using unsupervised learning and predictive analysis based on an adaptation of the Recursive Bayesian estimation mathematical model.

Darktrace claims security professionals can integrate the software into any existing network of devices and virtual machines used in the enterprise without the need to train the algorithm on any data prior to deployment. The company claims it typically takes only an hour to deploy the software and does not require any tuning or tweaking. The software starts analyzing the data immediately, and produces results within hours.

The company states the machine learning model behind the software does not need training on historical data of threats or patterns of activity to identify a potential threat. The company claims its AI-based Enterprise Immune System works like the human body in that it learns a “pattern of life” for each point or device in the network iteratively. The data would then be run through the software’s machine learning algorithm. This would have trained the algorithm to discern which data points correlate to normal patterns in the network, and identify and neutralize anomalous patterns.

The software would then be able to predict in real time when these anomalous events and patterns emerge in real time, and alert human operators using the 3D display for threat notifications called the Threat Visualizer.

Darktrace claims to have helped digital credential management company Parchment protect large quantities critical and sensitive information from increasingly fast-moving and targeted cyber attacks. Parchment integrated Darktrace’s software into its network that includes thousands of secondary and postsecondary schools in the US. According to the case study, Parchment was able to obtain a complete picture of its entire network within an hour of deploying Darktrace Enterprise, and quickly find anomalous events and patterns of activities.

Darktrace also lists MACOM and Apave as some of their past clients.

Jack Stockdale is Chief Technology Officer at Darktrace. He holds a degree in Computer Science in Particle Physics from Lancaster University. Previously, Stockdale served as Chief Architect and Director of Research and Development at blinkx, now RhythmOne plc.

Versive

Versive offers a software called Versive Security Engine, which it claims can help enterprises sort out critical risks from regular network activity by identifying patterns and activities that potentially represent cyber threats using predictive analytics for “continuous situational awareness.”

Versive claims users can integrate the software into any standard infrastructure in a physical, cloud, or hybrid environment.  The Versive Security Engine is a software-only solution, which does not require additional proprietary hardware.

The company states the machine learning model behind the software was trained on the Netflow, proxy, and DNS data from a customer’s specific environment as well as data from other cybersecurity products. The data would then be run through the software’s machine learning algorithm. This would have trained the algorithm to discern which data points correlate to what comprises “normal” activities and patterns for that particular environment automatically, with no human interference or assistance.  

The software would then be able to predict activities that might fall under the category of threats to network security, or ThreatCases. The company claims this feature automates compilation and classification of the data to find anomalous or potentially risky activities. This may or may not require the user to upload information about their transactions into the software beforehand.

Below is a short 1:00-minute video demonstrating how ThreatCases in the Versive Security Engine works.

Versive claims to have helped Raiz Invest Limited to protect customer data as well as comply with regulations of the Australian Stock Exchange. The investment company Raiz integrated the software-only Versive Security Engine into its network without the need for proprietary hardware.  According to the case study, Raiz CEO and managing director George Lucas believes that the Versive Security Engine enabled the company to meet customer and regulatory expectations as the software is at the “cutting edge of cybersecurity.”

Canada-based security company eSentire acquired Versive in October 2018 for an undisclosed amount. Part of the acquisition was the retention of Versive CTO Dustin Rigg Hillard as CTO of eSentire. The site does not list any Versive Security Engine customers or provide any case studies.

Dustin Hillard is Chief Technology Officer at Versive, now part of eSentire. He holds a PhD in Electrical Engineering from the University of Washington. Previously, Hillard served as Senior Scientist at Microsoft.

 

Header Image Credit: Torque IT

Stay Ahead of the AI Curve

Discover the critical AI trends and applications that separate winners from losers in the future of business.

Sign up for the 'AI Advantage' newsletter:

Subscribe