• March 16, 2021
  • Catagory endpoints

What to look to for in an endpoint protection platform

By : Sanjeev Spolia

In the era of remote work, having a robust endpoint protection platform (EPP) in place is even more critical for maintaining network security. If you’re struggling to scale up to effectively secure each and every endpoint, you need to consider a cloud-based solution.

Even after many employees return to the office post-pandemic, a cloud-based EPP will continue to be essential for safeguarding organizations that have a great deal of remote workers because it makes it easier and more cost-effective to protect any workstation regardless of location, whether it’s desktop or laptop computer, or a smartphone or a tablet.

Prevention is just the beginning

An EPP is more than just anti-virus—it combines next-generation antivirus with more advanced security tools that leverage detection technologies such as signature matching, behavioral analytics, anomaly detection, and machine learning.

While different EPP offerings vary in features and functionality, there are a few things that should be included in any solution you may be considering. For starters, it should be able to prevent bad things from affecting your systems, such as malware and ransomware attacks, by applying behavioral analysis and machine learning to ward against file-based and fileless malware. It should also provide a great deal of endpoint control, including the ability to configure firewalls, ports, and devices.

But while prevention is table stakes in an EPP, you should be looking for more proactive capabilities if you’re to keep pace with the threats to your cybersecurity

Be more responsive

You shouldn’t just settle for comprehensive detection capabilities in an EPP. Because there are so many threat vectors to manage, you want to be able to respond automatically and effectively whenever possible.

To this end, EPP solutions are adding detection and response (EDR) capabilities so that you can detect, investigate, and remediate through automation capabilities, while also having the ability to customize the platform for your environment. Today’s EPP and EDR platforms recognize that the sheer volume of security alerts are far more than cybersecurity analysts can address without being able to automate some tasks.

Ideally, you want to streamline the number of tools implemented by your cybersecurity team—one per category is enough, although it’s fine if you want to take a best-of-breed approach rather than a single solution. However, having multiple firewall products to manage creates more problems than it solves. Open source solutions may also make sense because you can leverage the community support optimize them for more effective security. You should also keep the door open for integration with third-party solutions that add specific capabilities you need to secure your environment.

Ideally, an EPP implementation should not only improve security but also productivity of your IT staff, which is why it’s important to avoid complexity.

Simplify security with a partner

An EPP doesn’t have to be yet another costly cybersecurity implementation that must be maintained and managed. Cloud-based solutions facilitated by a managed service provider along with their team can help with detection and incident response, and even proactive activities such as hunting and penetration testing.

For smaller organizations, tapping into the expertise of a managed security services and availing itself the capabilities of a modern, cloud-based EPP can go a long way to keeping up with endpoint security requirements and mitigating the threats that come with a remote workforce.

  • February 25, 2021
  • Catagory Security

Remote work will continue to drive cloud security trends

By : Justin Folkerts

The ability to work anywhere was already driving cloud security trends before the pandemic hit, but remote work played a heightened role in 2020 and will continue to do so as employers maintain a hybrid approach to staffing—many will continue to work from home even once others return to the office.

That means many of the cloud security trends we’ve seen over the last year will continue for the foreseeable future, and the cloud will be part of the solution in securing proliferating endpoints.

More attacks

Remote work has led to more attacks and shoring up of cloud security as endpoints proliferate. Mix in adoption of 5G networks and SD WAN, and you’ve got a recipe for even more attack surfaces that look tempting to hackers. Cybersecurity teams need see every endpoint connected to the network and how they impact cloud security as users connect to public services as well as those still run on-premises and some delivered by managed service providers.

Cloud security misconfigurations

As remote work remains a reality for many employees, it unfortunately means misconfigurations of cloud security will continue to pose a risk to the organization. Easily providing access to applications and data to many users and endpoints requires a robust security strategy that enables IT teams to see all the data traffic traversing its corporate network and across various cloud services. It’s critical that they understand who is responsible for securing what, as it can differ depending on the cloud service provider while improving identity and access management adding better cloud security controls. This should include the use of multifactor authentication to protect user credentials and help to avoid common threats such as phishing attacks.

Continued reliance on VPNs

Virtual Private Networks (VPNs) have always been an essential tool for enabling remote work, and they will continue to be necessary to enable employees to access the corporate network securely. Provisioning, maintaining, and securing them through robust encryption will continue to be a high priority task for cybersecurity teams as relying on consumer grade VPNs downloaded by home users for personal devices present too much risk to the organization.

Security awareness training

End user behaviour has always had an impact on cloud security, but as remote work continues, organizations must make sure they put time and resources into cybersecurity awareness training from the C-level on down. Every employee, including remote workers, must understand how data breaches and other security incidents, whether caused by threat actors or honest mistakes, can disrupt business operations and the resulting consequences.

The answer is in the cloud

As much as remote work poses a threat to cloud security, the cloud is likely to provide the solution. The traditional network perimeter has arguably been long gone for years with the rise of the cloud, distributed and global workforces, and the Bring-Your-Own-Device (BYOD) trend that is now par for the course.

Just as many applications and data now reside in the cloud, organizations need to transition to more security being delivered via the cloud, and that includes the securing of endpoints. Cloud-delivered endpoint protection platform (EPP) will become essential for safeguarding organizations that have a great deal of remote workers, even after many employees return to the office.

EPP will make it easier for you to protect any workstation regardless of location, whether it’s desktop or laptop computer, or a smartphone or a tablet. And while this may look like yet another time-consuming and costly cybersecurity implementation that must be undertaken, it’s something an experienced managed service provider can help you to cost-effectively deploy and manage to maintain both security and availability of applications and data as remote work continues.

  • January 14, 2021
  • Catagory Security

IT teams must balance remote work productivity and security

By : Sanjeev Spolia

It’s still open for debate as to whether remote work is here to stay for everyone, or if a year from now everyone will back in the office. Reality is probably somewhere in between, which means IT teams must find a balance between security and keeping employees productive.

In many ways, the Covid-19 pandemic accelerated trends already in play as better connectivity and cloud computing have made it easier for workforces to be more geographically distributed. Instead of corporate satellite offices with small teams, however, we have home-based offices of one.

IT teams need to assume that there will be at least a hybrid workforce for the foreseeable future and that security for remote work will continue to be a high priority. The trick is to keep the organization secure without impeding productivity.

Hybrid workforces work odd hours

The age of remote work is more than just applying security to more endpoints accessing the corporate network. IT teams need more management tools to support remote workers while extending support hours as employees embrace less traditional schedules to accommodate their home life. Digital workers are expected to embrace “time blocking” and “time slicing” to juggle all their commitments.

IT teams will need to bolster their own remote collaboration capabilities so members can work more efficiently with each other, but also with other departments, such as human resources to onboard new staff remotely. This includes provisioning new remote workers with corporate-issued equipment or configure their personal devices.

In addition to supporting remote work, we are likely to see a move toward “hoteling,” which is when employees book an on-site work site for a few hours or a day. These facilities must also be equipped and provisioned with connectivity and hardware, as well as maintained for cleanliness.

This hybrid workforce means IT teams must rethink how they deliver service to employees and view their relationship as partnership that supports productivity for everyone—this includes delivering a high-quality user experience that helps employees work better without compromising security.

Productivity should not compromise security

The trend toward more remote was always going to have security implications.

In the early days of the pandemic, the focus was getting employees productive at home. However, the price tag appears to have been a spike in malware incidents and other poor security behaviors. According to Wandera’s Cloud Security Report 2021, 52 per cent of organizations dealt with a malware incident in 2020 compared to 37 per cent in 2019.

The rise in incidents can be attributed to a more relaxed work environment for employees, who are likely using a single device for most of their online activities—personal and professional. Employees feel free to install whatever applications they want, whether it’s their device or one issued by the company. Adopting cloud-based and Software-as-a-Service (SaaS) applications also impact security as lines of business spin up apps for their own uses without oversight by the IT department.

Keep security simple to enable employees

As much as remote work has created new threats for security, the solutions for IT teams aren’t all that different.

Regardless of they work, security awareness training for employees continues to be a key tool for defending against threat actors. IT teams must engage regularly with users to remind them of how they should log into applications, which applications are approved by the organization, and how they should report an incident if it occurs. Employees should understand they play a role in protecting the organization and its mission-critical business information.

If IT teams are work in partnership with users to balance remote work productivity and security, simpler is better so that any solutions implemented enable a pleasant user experience. This encourages users to follow protocols rather than bypass them because they’re seen as a barrier to getting their work done.

Sanjeev Spolia is CEO of Supra ITS

  • December 29, 2020
  • Catagory Security

Bring in a security partner to ensure effective penetration testing

By : Sanjeev Spolia

Penetration testing must be proactive, but many organizations often do theirs in response to an incident. Since the worst time to learn how to fight a fire is amid an inferno, the right security partner can help create an effective program to ensure regular testing that improves cybersecurity posture.

Before you even select a security partner for network penetration testing, you should set up guidelines for what might prompt such a test—and it’s not an emergency such as a data breach. Instead, think of milestones within the organization that might require a test of your information security. Aside from compliance obligations, common examples include a new web-based application that allow employees to access data remotely, a desktop or operating system refresh, or new network access points such as routers.

All these potentially can be misconfigured and present vulnerabilities that may not be immediately obvious to internal IT teams, who already have a lot on their plate.

Get a second security opinion

A security partner with deep and extensive penetration testing capabilities has experience that enables it to poke holes in information security and find vulnerabilities their customers won’t. It’s their business to be up to speed on the misconfigurations and current threats, including those in the latest software and hardware that might allow a threat actor to steal data or take control of a system.

An outside security partner can put together a penetration testing plan that considers your infrastructure, including new switches and servers, as well the motivations for doing the test: Is to meet compliance objectives? Satisfy a potential customer? Meet industry standards? If you’re not sure why you’re doing penetration testing but do understand it should be part of your information security program, a partner can help you understand the benefits.

Partner for the long term

Just as all penetration tests are created equal, neither are security partners who perform them, so you need clear selection criteria.

Ideally, you want partner with an organization over the long term, so you should take the time to evaluate the methods of a potential service providers, as well as the skill sets of the testers they employ. Understanding your compliance requirements to guide penetration testing is a good start, but you should work with your security partner to define your goals and make sure their capabilities are in alignment with them.

You also need to be prepared for them to find problems—set your ego aside. The whole point of penetration testing is to be able remediate problem areas and improve your overall security posture. Most of all, remember that testing shouldn’t be an occasional, scheduled, tactical activity to tick off boxes on a compliance checklist. It’s part of a broader exercise for protecting sensitive data and is a contributor to your competitive advantage—documenting and certifying your penetration testing can differentiate you in your industry and build trust and credibility with customers.

The right security partner can help you develop a penetration testing regime that’s driven by milestones in your IT environment as well as compliance requirements and critical business information that allows you to remediate threats iteratively and effectively.

  • October 29, 2020
  • Catagory remote work

Improving security for remote workers should be a priority for IT teams

By : Sanjeev Spolia

Improving security for remote workers will hopefully be an inevitable consequence of the Covid-19 pandemic, and despite the inherent challenges, it should be a priority for IT teams.

Recent reports by Cisco looking at the future of secure remote work and consumer privacy found that IT buyers had been caught off-guard by the sudden shift of employees working from home, but are now speeding up adoption of technologies to support remote work. A majority of the 3,000 IT decision makers surveyed by Cisco rate cybersecurity as extremely or more important than it had been before the beginning of pandemic.

Guaranteeing access, securely

The biggest challenge for all IT teams regardless of an organization’s size has been improving security for remote workers, although providing the necessary access to the applications and data they needed came first. It comes at a time when the average consumer also values security and privacy as a social and economic issue, according to Cisco.

However, the company’s own research found there was a lot of work to be done toward improving security for remote workers by IT teams as just over half were somewhat prepared for the accelerated transition earlier this year. Endpoints, including those owned by organization, were cited as being the most difficult to protect, according to the Cisco survey, followed by customer information and cloud systems  with the ability to securely control access to the enterprise network being the biggest challenge.

Improving security for remote workers will no doubt continue to be an priority for IT teams, even post-pandemic, as some employees will continue to want the flexibility of working from home and organizations see continued benefits, including cost savings on office space, by not having everyone in a traditional office environment.

Digital transformation can lead to a more secure cloud infrastructure

While IT teams are likely to see some budget increases that will specifically support improving security for remote workers, there are many initiatives that can help improve overall cybersecurity posture for organizations that are already common steps in a digital transformation journey.

If you haven’t already, you should establish a cloud security strategy that’s part of a broader transition cloud infrastructure transition. This will indirectly go toward enhancing security for remote workers while allowing IT teams to have to worry less about on-premises systems that were unprepared for the sudden shift to remote work. While putting more applications and data the cloud come with their own cybersecurity challenges, they can scale better than on-premises solutions and provide the necessary flexibility for supporting a remote workforce.

The transition to the cloud should also include embracing new tools to stay secure, recognizing that IT teams still have some responsibility for securing cloud applications and data, even as the service provider has a role in securing systems, too. IT teams need visibility into cloud infrastructure as well as their on-premises deployments in a single interface.

At the same time, IT teams should consider what experts are calling “zero-trust security strategies.” A zero-trust approach assumes all users and endpoints could present a threat to the organization, so they must be able to prove they are trusted if they are to gain access to the enterprise network, applications and data.

You can be small and secure

For smaller organizations, improving security for remote workers is just as essential but can be challenge for their IT teams. A managed services provider with experience helping small and medium-sized business with their technology infrastructure can play a key role in accelerating their adoption of solutions that can support remote workers with robust security.

Sanjeev Spolia is CEO of Supra ITS

  • January 27, 2020
  • Catagory Multi-Cloud

Multi-cloud security includes securing public cloud instances

By : Justin Folkerts

Effective, robust multi-cloud security can’t be an afterthought. Securing public cloud instances is one of many significant operational considerations when embracing a multi-cloud strategy.

By making multi-cloud security an upfront priority, you prevent a lot of headaches that would inevitably pop up down the road, including interoperability issues. It also gives you a template for best practices and policy when securing public cloud instances in the future.

Draw a map of your multi-cloud security

Effectively securing public cloud instances should be guided not only by today’s needs from the platform but also how it might meet future business requirements as part of a broader multi-cloud environment. You need to align your business drivers for running multiple clouds with a security strategy so you can reduce—if not eliminate—weak links that can lead to data breaches and non-compliance with regulatory requirements and privacy legislation.

Define cloud workload security requirements

Multi-cloud’s reason for being reflects the trend toward lines of business and different areas of IT wanting to use the best cloud for the workload based on feature and performance needs. But multi-cloud security is no different than hybrid cloud environments in that you must keep in mind data confidentiality, integrity and availability.

Evaluate built-in cloud security features

Each public cloud platform comes with its own built-in security controls but securing public cloud instances will vary from provider to provider, even if the service is the same. How Amazon Web Services (AWS) secures a backup service offering will differ from that of Microsoft Azure, for example, so make you must understand the embedded security controls and tools for each cloud platform, and which ones are switch on by default, such as data encryption. Once you’ve established foundational multi-cloud security, you can augment appropriately on a per-platform basis.

Layer on additional security as needed

Multi-cloud security requires consistency. Once you understand what’s already built into the various cloud platforms you’ve spun up for each workload, you can add more layers, including third party tools, so you’re always applying global security policy automatically no matter how your multi-cloud environment grows or changes. Automation is critical to effectively securing public cloud instances in a scalable manner that keeps your overall environment manageable.

Multi-cloud security means 24/7 monitoring

Securing public cloud instances in a hybrid model usually means relying on security tools from a specific provider or one you’ve selected for monitoring your on-premises environment. Multi-cloud security means you must maximize visibility across your entire portfolio of cloud deployments and any other systems with which they may interact.

Multi-cloud security requires significant forethought if you’re achieve and maintain the necessary visibility to mitigate risk and meet today’s ongoing compliance and regulatory pressures. Securing public cloud instances in a multi-cloud environment also means knowing for certain who’s responsibility for what and establishing practices so you can scale and automate security with the pace of business and a cloud-first strategy.

  • December 11, 2019
  • Catagory Managed IT Services

Be Mindful of Technology Trends for the Coming Year

By : Sanjeev Spolia

Even as 2019 starts to wind down, it’s hard not think about the year ahead and how best to focus our energies—including IT operations. It’s safe to say the more things change, the more things stay the same as many of challenges will continue into 2020 as they have in previous years.

However, these challenges continue to evolve and coming up with a strategy for them can better prepare you for emerging technologies and trends that are bound to affect your business operations and your IT infrastructure, if sometimes only indirectly.

Security

It seems a little obvious to say security is important—most consider it table stakes when deploying and managing IT today—but it can never be overstated that it’s something you must keep on top of. Threats to data and applications, either from human error or malicious threats such as malware and hackers, are never going to go away. If you only make one New Year’s resolution, make it to get your arms around security. The next year will go smoother operationally with better visibility into what’s going on across your network, and what’s happening to your data. Both your C-suite and customers will benefit.

Compliance and Privacy

Security should not be confused with compliance and privacy, and vice versa, but all three are heavily intertwined. Security is an essential part of being compliant with privacy legislation, and there’s consequences for not being able to adhere to the various regulatory frameworks and legislation in play. The European General Data Protection Regulation (GDPR) and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) aren’t going anywhere, and the state of California has its own privacy legislation in the works. Despite their countries of origins, their impact can penetrate many other jurisdictions worldwide. If you don’t know if and how these and other rules affect you, make 2020 the year you figure out for certain.

Data Governance

Part of compliance is data governance, but even without privacy legislation at play, there’s plenty of reasons to have a strategy in place to manage the exponential growth of information. Whether it’s practical considerations such as storing it cost effectively or making it better available for business applications, the time to get a handle on your data is always now because it’s only going to grow in volume and velocity.

Multi-cloud

As public clouds platforms proliferate and widen their scope to offer more services and handle more workloads, a multi-cloud model has emerged that reflects the reality that business requirements from various cloud platforms differ. Some are better suited for handling the application and data demands of marketing and salespeople, while others are better geared for processing a high volume of transactions, rapidly and reliably. Although a public cloud provider may do everything a business needs, it can also mean compromising on features or performance. A best-of-breed, multi-cloud approach reduces dependence on any single public cloud platform while preserving the flexibility to move workloads between providers.

Business Intelligence and Data Analytics

Getting a handle on your data is essential if you want to make good use of it. No matter than size of your organization, it’s full of information that can help you optimize operations and business processes while improving your marketing, whether it’s by helping you land new customers or keep the current ones happy—even upselling them to buy more of your products and services. Business intelligence certainly isn’t new, but because every organization is swimming in information, it’s no longer a luxury. If you’re not tapping into it for competitive advantage, others in your industry certainly are.

The Internet of Things / Operational Technology

Some of that data is coming from new and interesting place as the Internet of Things and operational technology (OT) devices are increasingly comprising enterprise networks. Traditionally segmented from IT infrastructure, OT endpoints in manufacturing and municipal facilities that deliver water and power are being added to existing IP networks. These pose challenges from a management and security perspective, but also present opportunities to innovate based on the data that’s ingested, as well as optimizing business processes.

Automation 

Gone are the days of throwing more people at a problem. Even if money is no object, it’s no longer feasible to do every task manually—people just can’t keep up. In the rush to try, human error can lead to misconfigurations that impact security posture, compliance and the customer experience. It means your IT teams aren’t focusing on strategic initiatives and you’re not focused on your core business. Whether it’s automating through emerging technologies enabled by artificial intelligence or handing off repetitive tasks to a business process services provider, you need to make smart decisions about who does what and why.

A new year always brings new opportunities and new challenges. No matter the size of your business or industry, all these technology trends are bound to affect you in some way. Understanding how is the first step, and that’s where a managed IT services provider can help. They’ve already helped other customers navigate the terrain and develop best practices that you can implement to move your business forward and improve the bottom line.