Today’s threat environment is forcing organizations to rethink their security tools. Traditional firewalls no longer provide adequate protection at the network perimeter. They are being replaced by next-generation firewalls, which use deep packet inspection, application-level policies and other features to detect and block modern security threats.
These advanced capabilities have made security more effective – and more complicated. That’s why many smaller organizations are looking for a simpler way to manage the security infrastructure.
Unified threat management (UTM) was introduced as a new approach to security management that integrates various security technologies. Typical UTM solutions include a firewall, gateway security, intrusion detection and prevention, anti-malware software, content filtering, and other security features. This functionality is integrated into one solution, making it easier to install, update and maintain than traditional security tools.
In addition, the integration of multiple security engines makes it possible to detect blended threats that employ a combination of attacks — such as a mix of viruses, worms, Trojans and denial-of-service attacks — crafted to circumvent a single line of defense. With UTM, the integrated security engines work together, enabling the system to inspect real-time traffic from multiple vantage points.
For example, a seemingly harmless e-mail that might pass through any antivirus system could contain an HTML-based attachment that ultimately points to a Trojan. Because a UTM solution can use a combination of antispam, antivirus and other security engines, it can detect such blended threats more readily.
Single-console management makes it easier for administrators to enforce detailed security policies throughout the organization, and eliminates the need to investigate multiple alerts generated by various systems for the same event. Automatic security updates protect against emerging and evolving threats without administrator intervention.
In addition to reducing management complexity, UTM solutions can be configured to meet regulatory compliance standards. The more complex the infrastructure, the more complex those configurations will be. However, configuring a single UTM appliance is simpler than separately configuring several security tools.
When selecting a UTM solution, there are a number of things to consider:
Note that the industry lacks consistent nomenclature with regard to UTM. Some vendors call UTM products “security appliances” while others refer to them as next-gen firewalls. ICG can provide you with objective advice on security solutions and help you implement the right tools to protect your business.
The Q2 2015 Cyber Threat Report from cybersecurity firm CYREN reveals that phishing attacks increased 38 percent overall during second quarter. Phishing is a technique used by criminals to bait you into sharing sensitive corporate or personal information. Usernames and passwords, financial account information, social security numbers and basic contact information are the most common targets of phishing attacks. Consumers with PayPal, Apple and Gmail accounts are frequent victims of phishing.
Phishers mimic the logos and websites of legitimate organizations, and pose as friends, business partners, clients, bank officials or IT staff. They hook their targets by fooling people into clicking malicious links or opening attachments that automatically engage and activate viruses and malware. Then, these criminals can use these compromised accounts to spread the misery to others.
Common phishing scams include:
For its Q2 2015 report, CYREN looked beyond these types of attacks to examine phishing campaigns that seek intelligence or financial gain from businesses. The security analysts grouped these sophisticated attacks into two categories:
There are simple ways to protect yourself and your business:
Phishing attacks are reaching epidemic proportions. Make sure your security systems are working properly and your staff is using common sense and extra caution when checking email.
Many organizations first resisted the bring-your-own-device (BYOD) model in which employees use their personal laptops, smartphones, tablets and other devices in the workplace. IT managers were concerned about device and data security, supporting and managing a wide variety of devices and applications, and a general lack of IT control in a BYOD environment.
However, as employees have continued to push to use their own devices at work, many IT managers have relented and even embraced the BYOD model. Proponents say BYOD boosts productivity and employee satisfaction, enables greater flexibility, and reduces technology costs. In fact, Gartner predicts that nearly four in 10 organizations will stop issuing company devices and rely exclusively upon BYOD by 2016. By 2020, 85 percent of companies will have a BYOD policy of some kind.
While BYOD has garnered much of the attention, the choose-your-own-device (CYOD) model has experienced slow, stealth-like growth. Somewhat of a compromise between BYOD and the traditional model, CYOD requires employees to choose from a group of company-approved devices. The desire to corral BYOD, eliminate management and security complexity, and create a more standard corporate IT environment led IDC to predict in 2013 that CYOD would render BYOD obsolete.
That hasn’t happened. BYOD is doing just fine. Cloud services have become more widely used, and employees can access cloud resources from their own devices without going through the corporate network. Organizations are relying more upon temporary and contract workers, and it doesn’t make sense to supply each of these individuals with a company-owned device. In some cases, BYOD is used on a limited basis for certain departments. For example, a simple change in phone number could affect a salesperson’s relationships with industry contacts.
But CYOD is growing, too. As data breaches continue to occur at an alarming rate, organizations and employees are becoming more sensitive to the issue of cybersecurity. CYOD enables IT to simplify device management and control how devices are used. Devices are preconfigured and security software is preinstalled. Also, concerns about employee satisfaction are overblown at times, as employees will typically end up with a device that makes them happy when CYOD is properly implemented.
Many organizations turn to CYOD because of the legal complications of BYOD. How do you differentiate work time from personal time and compensate employees accordingly? Where do you draw the privacy line between personal data and company data? Does your BYOD policy hold water with various state, federal and industry regulations?
When deciding between BYOD, CYOD and a hybrid approach, start by analyzing how employees use their mobile devices. Find out what applications are most popular with your employees and how these tools help them perform their job functions. If you don’t have employee buy-in, your model won’t work.
Once you choose a model, make sure you develop a security strategy that will protect your data inside and outside of the workplace, and create an incident response plan to minimize the impact of a breach. All of these decisions involve more than IT, so include legal, human resources and finance from the planning phase through implementation.
ICG understands pros and cons of CYOD and BYOD as they relate to the unique needs of small businesses and their employees. Let us help you devise a plan that prioritizes security and strikes the right balance between productivity, cost efficiency and employee satisfaction.
The Bring Your Own Device (BYOD) phenomenon has spawned an array of new product categories that promise to help IT cope with the onslaught of user-owned devices. In our last post we talked about mobile device management (MDM), which focuses on provisioning, supporting, securing and controlling the mobile devices themselves.
Mobile application management (MAM) provides a somewhat different set of functions, including enterprise application delivery, security, configuration, licensing and maintenance, along with usage tracking, reporting and policy enforcement. MAM enables IT to control which applications are provisioned to which devices, based upon device type, user, role and other criteria.
There is some overlap in functionality between MDM and MAM but the viewpoint is different. Instead of deciding which devices can access which corporate resources, IT is deciding which applications can be pushed out or downloaded to each device and securing those applications.
MAM also reflects the shift in how enterprise applications are provisioned and used. Traditionally, IT supplied and managed both the endpoint device and a set of enterprise applications the employee was allowed to use. The user experience was limited to those devices and apps. Today, end-users bring not only their own devices but their own apps, including apps downloaded from public app stores. Because IT does not have complete control over the device or app, a new application management strategy is needed.
Locking down the entire device does not address the security concerns associated with third-party apps. Changing usage patterns warrant a more granular approach to security in which authentication, encryption and remote wipe take place selectively, at the application level.
So-called “app wrapping” forces third-party apps to use multifactor authentication or a VPN, and ”geofencing” limits app usage based upon the user’s location or the time of day. IT should enforce passcode policy compliance across all app types and maintain control over organizational data. MAM enables IT to do all that instead of tinkering with the user’s device.
MAM also facilitates a transition toward a device-agnostic paradigm. This is increasingly important as mobile technology evolves. Organizations are beginning to manage tablets as well as smartphones and each has its own application management requirements. The number and type of devices is only going to escalate, making device-agnostic management imperative.
Google just announced that its MAM solution is now supported on iOS as well as Android. The solution allows Apple device users to separate personal and business apps, gain single sign-on capabilities across Google Apps for Business, and download and install approved iOS apps from Google’s Device Policy.
As BYOD continues to grow and evolve, a number of experts have debated whether it makes more sense to manage the applications accessed by mobile devices or the devices themselves. Some contend that MDM is still needed to provide end-to-end enterprise mobility management. However, end-users often balk at giving IT controller over their personally owned devices. MAM shifts the focus from managing devices to securing the applications and data the devices access.
If your employees are using their own devices for work, you need to take steps to protect sensitive applications and data. Contact ICG to discuss the best approach for your mobile device strategy.
In our previous post, we discussed that small-to-midsize businesses (SMBs) are turning to the cloud to take advantage of “anytime, anywhere” access to applications, data and infrastructure through mobile devices. These capabilities give employees the flexibility to work remotely while maintaining the highest levels of productivity, collaboration and customer service. As a result, small businesses are investing in mobile-friendly, cloud-ready infrastructure.
Once considered a nice-to-have luxury, mobility has become essential for day-to-day SMB operations. According to Manta’s SMB Wellness Index, four in five small business owners use their mobile phones for business purposes every day. One in four use mobile phones at least every hour, and 78 percent use them while sitting in front of a desktop computer. Some of the most common tasks include scheduling, customer communication, creating to-do lists and banking.
While mobility delivers obvious business benefits and makes employees happy, it also creates a number of risks. Are employees using applications or software that could drag down network performance, increase the risk of compliance violations, or open the door for cyber criminals? Is data being stored securely? Are company data and applications getting mixed up with personal data and applications? How do you keep them separate? What happens if a mobile device is lost or stolen? These and other questions need to be answered before diving headfirst into the mobility pool.
Mobile device management (MDM) software can help SMBs address these concerns by enabling IT to centrally deploy, manage, monitor and secure both company-owned and employee-owned devices. Security and compliance policies, antimalware, access controls, passwords, encryption, and applications are updated and managed remotely. Data can be remotely wiped from a lost or stolen device, and jailbroken devices can be automatically detected and flagged. MDM not only protects company data and applications, but also ensures optimal performance and functionality for employees.
MDM software can be licensed to a single device or to a single user who utilizes multiple devices. One license per device is ideal for small companies in which each employee uses a single mobile device. For companies with employees who use smartphones, tablets and laptops, a per-user license is typically the more cost-effective approach.
This is the model most SMBs use with Microsoft Windows Intune, which provides MDM capabilities for Office 365 products. In addition to Windows, Intune can be used to monitor, secure and optimize Outlook clients on Android and iOS devices. Intune is capable of defining and enforcing policies and access controls at the device level. If a device is lost or stolen, Intune uses selective wipe functionality to remotely delete company data and applications without touching personal data.
Of course, Intune is just one example of an MDM solution for SMBs. There are a number of other products available, as well as free software and apps built into the devices themselves. Some enterprise-class MDM platforms are now available in a cloud model, making them more affordable for small businesses.
Although MDM helps SMBs reduce many of the risks associated with mobility, it is rather complex to implement and manage. Let us help you deploy, configure and remotely manage your MDM software and keep your mobile environment secure.
One of the core drivers behind the emergence of cloud-based services for small-to-midsize businesses (SMBs) is flexibility. Having the flexibility to access applications, data and infrastructure anytime, from anywhere, leads to faster decision-making, improved customer service and responsiveness, greater productivity, more collaboration and more innovation.
In fact, a recent study found that 91 percent of organizations using the cloud have at least one employee working remotely. Nearly one in five companies say the majority of their workforce works remotely.
SMBs are increasingly turning to an Infrastructure-as-a-Service model in which applications, hardware, software, storage and other tools and services are hosted by a third-party service provider and accessed on virtually any Internet-connected device. These resources can be scaled on demand and shift the financial burden of IT procurement, management and maintenance to the provider.
Of course, another big reason for the popularity of the cloud is the popularity of smartphones and tablets. Mobility and the cloud are speeding forward side by side as employees demand the highest levels of performance and reliability when accessing the corporate network from their favorite mobile devices. To meet this demand, organizations are making investments in mobile-friendly infrastructure and ensuring that devices, applications and data are running in the cloud.
The cloud fills a very basic need for the mobile workforce – the ability to remotely access files and applications. Documents can be reviewed, edited, stored and sent from any device. Manager approvals no longer require a trip back to the office.
Unified communications and collaboration tools allow employees to use a variety of channels to seamlessly communicate with colleagues and customers. Videoconferencing no longer requires high-tech conference rooms and complex planning. All an employee needs is a smartphone or tablet and login information.
The key advantage of the cloud – anytime, anywhere access to network resources – also creates a downside. Organizations that rely upon the cloud to support mobility are also relying upon mobile employees to establish and manage their own Internet connectivity. This can lead to service degradation, which prevents users from taking full advantage of a flexible working arrangement. The cost of access to cloud resources, if not monitored and controlled, can quickly wipe out any financial gains of cloud computing. Finally, security can be compromised by users who visit questionable websites, download malicious software, utilize unsecure networks, or fall prey to phishing scams.
Mobile policy management (MPM) can overcome these issues by establishing and automatically enforcing policies that provide greater control over how the cloud is used. Networks used to connect to the Internet are prioritized and selection is controlled by policy. This can significantly reduce support costs and optimize data usage while simplifying the user process for accessing cloud resources. From a security standpoint, MPM protects corporate data and applications by preventing the use of rogue networks that are often labeled as “free Wi-Fi.” It also allows users to roam between networks without security or compliance issues.
ICG’s IT-as-a-Service (ITaaS) solution is focused on making businesses more flexible and agile. It includes virtualized server infrastructure, hosted email, automated and managed backup, Microsoft Office licensing, remote desktops, and a comprehensive suite of security tools. Let ICG show you how our cloud services can help you take full advantage of mobility and flexible working.
Even the smallest of small-to-midsize businesses (SMBs) have finally let go of their old-fashioned paper filing systems, and now store most of their data electronically. Many have become more advanced, using sophisticated applications and leveraging data in new ways to support business strategy. Of course, advanced use of technology and data requires more advanced data protection.
Even if you have implemented a data backup solution, you’ll lose a certain amount of data because of an outage, whether it’s caused by equipment failure, a major weather event, or a downed utility pole outside of your office. How much data can you afford to lose? How fast can your data be restored? What kind of impact will an outage have on your business?
By establishing recovery point objectives (RPOs) and recovery time objectives (RTOs), organizations provide concrete answers to these questions. The RPO is the maximum age of a file that needs to be restored in order to resume business operations. In other words, RPO tells you how much data loss will be tolerated. For example, if a certain type of data is backed up every night at 10 pm and that system crashes tomorrow at 1 pm, any data changed between 10 pm and 1 pm will be lost.
The RTO is the maximum period of time that an application, service or network can be unavailable after a failure occurs. Basically, the RTO tells you how much downtime and lost revenue your organization can tolerate. Of course, the impact of downtime isn’t just financial. A prolonged outage can affect the confidence of customers, business partners and vendors.
RPOs and RTOs help you determine how frequently backups should occur, what kind of backup infrastructure you need, and what your disaster recovery strategy should be. Generally speaking, as RPOs and RTOs become shorter, the risks associated with downtime and data loss are reduced.
There are several technologies organizations can use to meet the increased demand for faster RPOs and RTOs:
Without an advanced data protection infrastructure and strategy, downtime can potentially cripple an SMB. Let the experts at ICG help you better understand these issues and technologies so you can implement a solution that minimizes the risk of downtime.
In our previous post, we discussed the pending deadline for switching to Europay, MasterCard and Visa (EMV) payment cards. Although switching to EMV cards is voluntary, merchants who process fraudulent purchases with non-EMV card readers after October 1, 2015, will be liable. The cards themselves will provide additional security at the point of sale (POS), but organizations will need to update their POS systems to minimize the risk of fraud.
In the midst of all of these changes, the 2015 Mid-year Point-of-Sale (POS) Security Health Assessment from Bit9 + Carbon Black revealed that more than half of organizations are using POS systems with unsupported Windows XP operating systems. 94 percent of organizations use antivirus software, but 26 percent believe antivirus is not enough. Also, one in four companies that increased their security budgets continued to invest in antivirus protection. While antivirus is an essential part of security, these statistics indicate an overreliance on tools that are incapable of detecting or stopping advanced threats.
Most Windows XP embedded operating systems, including some used on POS devices and ATMs, are still being supported until early next year, but that shouldn’t give merchants peace of mind. POS systems generally are weakly supported by IT. Most are using outdated platforms that are rarely if ever patched and maintained. Many use default configurations and passwords, making them easy targets for hackers. In addition to inadequate defenses, POS malware attacks continue to increase in number because POS systems provide a gateway to a number of systems within the corporate network.
New forms of malware have been designed specifically to attack popular POS systems, scrape credit card data, steal passwords, and upload data to remote servers. Some of these threats are capable of downloading updates on their own to add features and eliminate bugs. Although Windows XP users are easy targets, newer versions of Windows are also at risk, and hackers are always looking for new ways to infect POS systems.
Just as hackers understand the opportunity created by outdated POS systems, merchants need to understand the risks, be more proactive and follow security best practices. Around-the-clock network monitoring enables organizations to track network activity in real time, monitor remote access software and detect suspicious behavior. Two-factor user authentication, as well as updated firewalls and antivirus software, will help to prevent unauthorized access to the POS. Of course, all systems must be regularly patched and maintained in order to be effective.
Organizations that continue to use Windows XP on their POS systems are knowingly increasing the risk of a security breach. In the very near future, all XP support will be cut off. Those who don’t start planning now will be left scrambling for an effective replacement. This is bad for business and bad for your customers. Let ICG evaluate the state of your POS systems and implement the updates you need to keep criminals at bay and protect your data.
Small-to-midsize businesses (SMBs) are struggling with the complexity, cost and time commitment of building and managing IT infrastructure, according to the 2015 State of SMB IT Infrastructure Survey from ActualTech Media. Scaling server and storage infrastructure is a challenge for more than a third of respondents, while nearly a quarter have difficulty with complexity, troubleshooting and keeping technology up to date. Many SMBs have understaffed IT departments, with the majority of respondents claiming to have an IT staff of seven or fewer.
The study also shows that SMBs have made strides with virtualization, although a large percentage of workloads have yet to be virtualized. In fact, only 50 percent of respondents have virtualized at least half of their servers. Researchers suggest this is the case because it’s not easy to virtualize all workloads, and many organizations remain hesitant to virtualize mission-critical applications.
A key conclusion drawn from the study is that hyper-converged infrastructure would help to alleviate many of these challenges. Traditionally, an IT team or an outside party would design and build data center infrastructure from the ground up, often using hardware and software from multiple vendors. This process tends to be expensive and slow. Hyper-converged infrastructure tightly integrates various data center components – compute, networking, storage and virtualization resources – into one pre-configured, pre-tested solution. Hyper-converged infrastructure also adds functionality such as de-duplication, compression, backup, snapshots, disaster recovery and WAN optimization.
Essentially, hyper-convergence provides organizations with an IT infrastructure in a box, which directly addresses the complexity challenges commonly faced by SMBs. This approach reduces the risk of compatibility issues and technical glitches, simplifies deployment, and accelerates time to value. All resources are pooled, which minimizes the risk of downtime, and the entire environment is centrally managed and maintained through a single interface. This allows time-strapped IT personnel to devote more time to strategic, revenue-producing initiatives.
Branch offices typically face the same challenges as SMBs, thanks to limited IT staff and resources. A single, integrated hyper-converged infrastructure streamlines deployment and management of technology at multiple locations. This is much simpler and less expensive than trying to build and manage a more conventional infrastructure. Hyper-converged infrastructure also requires less space, cabling and power, which drives down total cost of ownership. Because of hyper-converged infrastructure’s modular architecture, scaling is as simple as plugging in new appliance modules.
Hyper-converged solutions are not inexpensive, and so far there are a limited number of options available that are designed for SMBs. However, when you add up the cost of purchasing the same functionality as individual products, coupled with increasing complexity of the traditional IT environment, hyper-converged solutions may prove to be an attractive alternative.
The business benefits of hyper-converged infrastructure are just as valuable and relevant to SMBs and branch locations as they are to large enterprises. Companies looking to simplify the IT environment, virtualize more workloads, scale their IT infrastructure and operate more efficiently would be well served to research hyper-converged solutions.