IT Concerns About Targeted Malware Rising

April 4, 2013

When it comes to servers, IT and security professionals’ concerns about targeted malware and data breaches are escalating while their confidence in their ability to identify and stop advanced threats is on the decline, according to a new survey by security firm Bit9.

“Targeted malware was the top security concern for the second year in a row,” says Ilana Goddess, product marketing manager for Bit9, noting that 52.4 percent of survey respondents (up 15 percent from a year ago), cite targeted malware as their primary concern.

“The whole thing with targeted malware is that targeted threats are aimed at you,” says Goddess. “They are the most difficult to defend against because it’s like a virus that only affects you. And the attackers are not stopping. They’ll persist until they get in whether it takes months or years. Antivirus isn’t going to work because people haven’t seen the signatures before.”

In November and December of 2012, Bit9 polled 966 IT and security professionals worldwide for its second annual Server Security Survey. Most respondents (58 percent) administered up to 50 servers; 29 percent administered 100 to 500 servers; and 13 percent administered, on average, 2,000 servers. About one-half (51 percent) said they are running Windows as their primary platform (i.e., Windows comprises more than 75 percent of total servers); 12 percent said they are running Linux as their primary platform (up 13 percent from last year); 2 percent said they run Unix as their primary platform.

One-Quarter of Firms Have Been Victims of Targeted Malware

Goddess notes that it comes as no surprise that respondents again identified targeted malware and data breaches as a top server security concern, given the proliferation of such attacks in 2012. Attacks like Flame, Gauss, mini-Flame and the Flashback Trojan garnered significant media attention last year. Twenty-five percent of Bit9′s respondents say they had been the victims of advanced malware (up 8 percent since 2012), while 18 percent said they didn’t know whether they had been attacked (according to the F.B.I., two-thirds of breaches are detected by a third party). And according to security firm Mandiant, attackers have, on average, been in place for 416 days prior to detection.

At the same time, server data has become much more vulnerable to attack. Verizon’s 2012 Data Breach Investigations report found that 94 percent of all data compromised in 2012 involved servers (an increase of 18 percent from 2011). Goddess says IT and security professionals are losing confidence in their ability to identify and thwart these advanced threats: Only 18 percent of respondents said they were very confident in their ability to stop advanced malware; 59 percent said they were somewhat confident, 20 percent said they were not confident (up from 10 percent in 2011) and 4 percent said they were unsure.

Security Pros Mistakenly Believe Virtual Servers Are More Secure

In addition to an increase in the use of Linux as the primary server platform, companies are increasingly going virtual. One-third of survey respondents say that more than 50 percent of their servers are virtual. Also, half of the respondents said they had deployed virtual desktops, are in the process of rolling them out or have plans to do so.

Goddess says many IT and security professionals believe that their virtual servers are more secure than their physical servers, despite a 2012 Gartner study that found 60 percent of virtualized servers were less secure than the physical servers they replaced.

“People think their virtual servers are more secure than their physical servers, but that’s just not the case,” Goddess says. “They’re really the same vulnerabilities that you find elsewhere in physical servers, but somehow they think of virtual servers as not being as much on the frontline.”

For instance, she says, many professionals think the frequent re-imaging of virtual servers protects them from advanced threats. However, she notes, these threats frequently get in and do their damage within 15 minutes, moving on to other areas quickly.

In fact, when asked to rank types of servers according to the risk they represent, only 6 percent of respondents considered virtual servers to be high risk. Most respondents (66 percent) felt Web servers were the most high risk; 38 percent felt file servers were high risk; 34 percent pointed to email servers; 26 percent cited domain controllers; 14 percent labeled application servers high risk; and 11 percent ranked databases as high risk.

Goddess says that may indicate that IT and security professionals are looking in the wrong direction. After all, the most valuable enterprise information is found on file servers (e.g., intellectual property), databases (e.g., customer information) and especially domain controllers (e.g., passwords, administrative rights).

IT and security professionals are also concerned about the administrative effort required by security solutions. When asked to rank their top concerns about server security, nearly 12 percent cited “too much administrative effort on security solution” as a top concern, ranking it even higher than an actual attack.

“These results highlight the need for greater control in identifying and stopping advanced attacks on valuable server resources-before they execute-while decreasing the security-related administrative workloads of IT and security professionals,” said Brian Hazzard, vice president of product management for Bit9. “The key to securing enterprise servers-both physical and virtual-is to allow only trusted software to execute and prevent all other files from running.”

via IT Concerns About Targeted Malware Rising – Network World.

Leave a Comment » | Application Hosting, Managed Service Hosting, Retail IT Solutions, Tier 4 Hosting | Tagged: , , , , , , , , , | Permalink
Posted by david ricketts

C24 client wins major IT award from the magazine ‘The Manufacturer’

November 30, 2012

C24 are extremely proud to hear that one of our major clients, Origin Enterprises, has recently been presented with the award ‘ICT in Manufacturing’ by the magazine The Manufacturer. It was awarded for ‘the implementation and management of an effective information and communication technology infrastructure that has brought improved competitive positioning and operational excellence through an engaged user-base’.

The considerable judgement criteria evaluated a number of strict areas that included:

a) Is the ICT’s deployment aligned with the business aims and objectives with clearly defined short-term and long-term goals

b) Has the ICT infrastructure investment been effective in the last three years

c) Is the ICT infrastructure streamlined so that it is fully integrated across all business functions

d) The level of success the project has shown in fulfilling its objectives

e) Quantifiable returns on the ICT investment

f) Is the company assessing or applying leading and/or advanced IT solutions

Comment from Paul Hemming MD C24 Ltd

This is fantastic recognition for Origin Enterprises and is reward for all the hard work their team has done over the last 18 months. The C24 and Origin Enterprise teams have been working together on various key IT projects; both on-premise and hosted, for a considerable time and we are proud to have helped them achieve such a prestigious award.

Comment from Derek Wilson CIO Origin Enterprises

C24 provide Origin Enterprises, and our associated businesses, a range of managed IT services including the management and deployment of our Microsoft Dynamics ERP infrastructural solution and the delivery of our warehouse management system. Since our initial engagement the two companies have developed a key strategic relationship, that has seen C24 not only manage the day to day delivery of our business applications infrastructure but them also being involved in a number of other critical on premise IT deployments.

The C24 relationship is a key element to the success of our current hosted IT infrastructure and we can only see the relationship continuing to develop in the future.

For more information about C24 please visit www.c24.co.uk

Leave a Comment » | Application Hosting, Managed Service Hosting, Marketing, Tier 4 Hosting | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Top 10 Reasons for Choosing Microsoft Dynamics GP

May 23, 2012

Microsoft Dynamics® GP is a comprehensive ERP solution that goes beyond basic business management and reporting to help your people—and your organization—work at peak performance. Designed for rapid implementation and ease of use, Microsoft Dynamics GP gives all your people fast, familiar ways to access and work with business information and processes, and it delivers ongoing innovation that can work for you now and into the future.

Download the following Top Ten PDF:

TopTenReasonstoInvestinMicrosoftDynamicsGP2010

For information about C24 and our professional Microsoft Dynamics Hosting solutions please visit our website

Leave a Comment » | Application Hosting, Managed Service Hosting, Retail IT Solutions, Tier 4 Hosting | Tagged: , , , , , , , , , | Permalink
Posted by david ricketts

The Consumerisation of ERP Software – Software Advice Microsoft Dynamics

May 23, 2012

Derek Singleton, at Software Advice, got to have had a short meeting with Christian Pedersen, Microsoft’s General Manager of Enterprise Applications and Services on the topic of how IT consumerisation affects Enterprise Resource Planning (ERP) software in general and what Microsoft’s plans are on it’s own line of products, that is Microsoft Dynamics (GP, AX, NAV, SL & CRM).

For information about C24 and our professional Microsoft Dynamics Hosting solutions please visit our website

 

Leave a Comment » | Managed Service Hosting, Marketing, Retail IT Solutions, Tier 4 Hosting | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Stuxnet: Anatomy of a Computer Virus

April 30, 2012

Great video about the Stuxnet virus. It really makes you think about your data but also where the next major issues could be found.

Leave a Comment » | Marketing, Tier 4 Hosting, Uncategorized | Permalink
Posted by david ricketts

Cloud types, Private, Public and Hybrid – team C24

October 7, 2011

Cloud computing comes in three forms: public clouds, private clouds, and hybrids clouds. Depending on the type of data you’re working with, you’ll want to compare public, private, and hybrid clouds in terms of the different levels of security and management required.

Cloud Model

Public Clouds

A public cloud is basically the internet. Service providers use the internet to make resources, such as applications (also known as Software-as-a-service) and storage, available to the general public, or on a ‘public cloud. Examples of public clouds include Amazon Elastic Compute Cloud (EC2), IBM’s Blue Cloud, Sun Cloud, Google AppEngine and Windows Azure Services Platform.

For users, these types of clouds will provide the best economies of scale, are inexpensive to set-up because hardware, application and bandwidth costs are covered by the provider. It’s a pay-per-usage model and the only costs incurred are based on the capacity that is used.

There are some limitations, however; the public cloud may not be the right fit for every organization. The model can limit configuration, security, and SLA specificity, making it less-than-ideal for services using sensitive data that is subject to compliancy regulations.

Private Clouds

Private clouds are data center architectures owned by a single company that provides flexibility, scalability, provisioning, automation and monitoring. The goal of a private cloud is not sell “as-a-service” offerings to external customers but instead to gain the benefits of cloud architecture without giving up the control of maintaining your own data center.

Private clouds can be expensive with typically modest economies of scale. This is usually not an option for the average Small-to-Medium sized business and is most typically put to use by large enterprises. Private clouds are driven by concerns around security and compliance, and keeping assets within the firewall.

Hybrid Clouds

By using a Hybrid approach, companies can maintain control of an internally managed private cloud while relying on the public cloud as needed. For instance during peak periods individual applications, or portions of applications can be migrated to the Public Cloud. This will also be beneficial during predictable outages: hurricane warnings, scheduled maintenance windows, rolling brown/blackouts.

The ability to maintain an off-premise disaster recovery site for most organizations is impossible due to cost. While there are lower cost solutions and alternatives the lower down the spectrum an organization gets, the capability to recover data quickly reduces. Cloud based Disaster Recovery (DR)/Business Continuity (BC) services allow organizations to contract failover out to a Managed Services Provider that maintains multi-tenant infrastructure for DR/BC, and specializes in getting business back online quickly.

Related articles

1 Comment | Application Hosting, Managed Service Hosting, Tier 4 Hosting | Tagged: , , , , , , , , | Permalink
Posted by david ricketts

Choosing a cloud provider

September 16, 2011

There is a significant amount of attention being paid to computing “in the cloud”, with many organisations now offering this type of service. The volume of noise surround cloud computing has seen a number of usually risk averse business sectors now looking seriously at using the
internet and cloud providers for the delivery of critical business applications. However there are also a number of horror stories emerging about companies having 24 and 36 hour service outages because their providers’ cannot cope with the demand put on them.

The main issue, like all things in life, is not all solutions are equal. And the even stranger thing is that most organisations take the cheapest option available for their most mission critical IT infrastructure. As a provider of cloud based solutions we work with some of the UK’s leading companies most of the time after they have been burnt because they initially didn’t do their due diligence on their initial suppliers.

The market is certainly saturated at present with most IT companies now offering a cloud service of one type or another. The challenge is that usually it is not their primary activity and the investment, both in terms of people and infrastructure is done when they win a piece of business. It is really important that quality, ability, history, knowledge, pricing and relationships be looked into before you enter into a business relationship.

When we ‘pitch’ for a piece of work the other companies have their own way of operating and usually the hosting part of their business is relatively small. This has its advantage and disadvantages as usually the solutions they offer are cheaper and so sometimes usually more attractive especially if the client is price sensitive. This approach has in the long run the potential to be more expensive as the client usually sees their solution running on substandard hardware with the communication technology running without failover or backup leaving them open to significant downtime.

There are a number of factors that we have discovered over time that clients should consider before that look to outsource:

1)      The business needs to financially sound which in the current climate is easier said than done. A significant proportion of IT operations rely on monthly sales just to keep the lights on. A number of disastrous sales months and the company could have cash flow issues.

2)     What experience do they have in and around the delivery at speed of business applications? Is there investment in the training for their staff and do they or are they striving to achieve ISO27001 accreditation.  Is there a ‘passion’ in the business for hosting and application delivery is this in their DNA.

3)     Data security is imperative, not only in terms of backups and storage but also in terms of who has access the data and do they abide by the data protection act. Is there a standard anti-spam and anti-virus solution that they offer and do they work closely with the vendor in case of support. It is important to look at the data-centre, we have a significant foot print in a tier IV which is the best quality available, however there are some very good tier III. The hosting centre visit is extremely important, looking at the not only the data security but the physical building security and guards.

4)     What level of customer support is there,24/7/365 is this telephone based or is there on premise support. Is there anetwork operations centre that is constantly looking at any network issues? What service level agreements are in place, this is to include network, communications and support to resolution. Does the provider have vendor relationships and can they supply vendor care packs and ticket support. Is the infrastructure future proofed and is there room for expansion.

5)     Do they have experience in the delivery of applications at speed over comms lines? This is important as latency is critical with user experience if it gets too high then the application is virtually un-usable. If we experience these issues we have access to application acceleration technology and more recently solid state IO solutions that enable you to operate databases in RAM overcoming latency and increasing the speed of the application. Each application has different needs and we have a depth of knowledge when it comes to the delivery of, ERP, Email, Office
Applications, Practice Management Systems, Finance applications, EPOS and many more.

6)     Sometimes clients overlook the fact that they will be working with the supplier potentially for many years. The million dollar question is can you work with them, do you like them and can you trust them. It is a massive decision and so all things being equal who would you prefer to work alongside whom would you put your job on?

7)      Does the company understand and offer different pricing models, do they have flexible licencing models and can they offer the solution as an op-ex rather than a cap-ex. True cloud providers are in line with major vendors and offer costs per user per month models. This type of pricing allows you to understand the true cost of IT of over the length of the contract and the Finance Director is able to project accurately future costs.

The above are seven areas that we would suggest you look into when engaging with a cloud provider. There are numerous others but these are some of the most important. If on reading this you would like to speak to C24 and understand how we are delivering value to our client base please do not hesitate to call us to talk through your requirements.

Leave a Comment » | Application Hosting, Managed Service Hosting, Retail IT Solutions, Tier 4 Hosting | Tagged: , , , , , | Permalink
Posted by david ricketts

The Rise of the Home Worker

March 18, 2011

C24 are pleased to have another blog post from one of our partner companies. We see the business intelligence space as very important and are really pleased to be working with these guys.

With all the issues in the Middle East and the UK Government’s continued efforts to Tax us into surrender, the cost of fuel is now prohibitive.

I was going to say, “ starting to become prohibitive” but I think things have gone way too far already.

With the exception of the cash rich or generous companies paying out decent mileage allowances, a lot of people are genuinely trying to cut down travel expenses. People are finding it increasingly difficult to leave their homes.

Ever thought, “ what should I buy my wife for her Birthday?”

How about something rare, something valuable, something that will rise in value? An investment?

Buy her a can of petrol and see how your investment will rise in value quicker than any diamond or gold jewelry that’s for sure!

From a company perspective, there have been cases, too numerous to mention, where sales and sales support staff have travelled hundreds of miles only to be contacted just as they pull up to their destination to be told that their meeting has been cancelled due to an unforeseen dentist appointment or clash of diaries.

Why do we continue to do it when there are so many other ways of communicating that don’t mean you getting up at five in the morning to avoid the traffic for a four hundred mile road trip and a one hour meeting?

With everything else that is going on in the economy, people are constantly re-evaluating what they spend and how they spend it.

When I wrote http://www.connexica.com/blog/strip_back_the_excess in November I was talking about how everyone was looking at tightening their belts and what this might mean from a consumers point of view in IT. I think these views still stand true and are in many ways exacerbated by the current fuel pricing and stalling economy.

But stiff upper lip and all that, we can beat this. We can turn it to our advantage. We can improve the quality of our lives, we can save money and we can still run our businesses and produce and sell products.

Technology has made and is making life easier and easier by mobilising the work place.

We have Skype, GoToMeeting, WebEx, iPhones, Androids and Tablets. We have access to information from the web through Google and social networking applications such as Facebook and Twitter.

From a business-to-business perspective, we have Video Conferencing, Webinars, Linked-in and Plaxo and of course the Cloud (my personal favourite).

All of these are not only convenient but save money… and fuel. It is inevitable that the virtual office and home working is going to be increasingly acceptable in modern day computerised businesses.

People can be just as efficient and in many cases more efficient by logging on via VPN and chatting to the team over Skype.

Everything is in place to revolutionise the way we do business.

Stick a couple of well-directed fingers up to the politicians and oligarchs and make them start to realise that we can’t be played with.

Business will find a way of surviving and flourishing against adversity.

We have never been in a better position to innovate and shift old-fashioned dependencies away from oil and petrol.

… Now if they started to charge a fortune for the Internet we’d really be in the…

Leave a Comment » | Application Hosting, Marketing, Tier 4 Hosting | Tagged: , , , , , , , , | Permalink
Posted by david ricketts

Managed Hosted Solutions for Professional Service Companies.

March 15, 2011

C24 are now working with a number of professional service companies and so we thought it was about time to highlight the type of solutions that we offer. Below is an outline of Professional Service Hosting from C24.

Managed hosting is ideal for professional service organisations as the solutions that are now available fit well with the way you work. The choice of partner however is slightly more difficult as there are large and small organisations who can deliver services to SLA’s. Choosing the right business partner is difficult, and we at C24 understand the difficulty in making the right choice.

We are a hosting and application delivery specialists with deep professional services domain knowledge especially within the legal and accountancy sectors. We have invested heavily in our hosting infrastructure, IT management systems and people for the benefit of our existing and future client base to enable us to deliver on ‘our promise’ to be the very best solutions provider in our sector.

Business benefits for professional service companies when hosting with C24:

  • Remove certain business costs, overheads and waste
  • Benefit from flexible software licensing
  • Consultative approach to information life-cycle management
  • Operational expenditure to drive your IT development
  • Fixed cost monthly charges
  • Greater business flexibility
  • Adopt the latest green technology and cut your carbon footprint
  • IT strategy built around data security, application delivery and data management

When engaging with potential clients there are a number of business operational areas that we evaluate the following:

  • Deliver of business applications at speed to potentially multiple locations
  • Security of business data, machines and mobile users, taking into account ISO, PCI-DSS and potentially the Data Protection Act.
  • Data life-cycle management
  • Currently used suite of applications
  • Managed print solutions
  • C24 and client in-house expertise

The evaluation undertaken gives C24 a full understanding of the current situation and if required we could also run our information life-cycle management tools that would enable us to have a snap shot of your current data, when it was last opened, used, number of duplication, location on the network and if sensitive information is accessible by whom. This activity is a real eye opener for the professional services management teams as it clearly shows the current data situation.

Delivery of business applications at speed.

C24 prides itself on our ability to delivery your application at speed to multiple locations using various best of breed technologies. We deliver at present application to over 107 countries around the world for some of the world’s largest businesses, highlighting C24’s hosting and application delivery specialities. One of the biggest issues clients face with application delivery is latency, this we try to minimise by again using the correct technology and suppliers to try to remove this obstacle.

Full audits are done prior to any client being hosted in order for us to get a full understanding of the current infrastructure, communication suppliers and technologies being delivered.

Security of business data.

Security is paramount, from the fact that your solution would be hosted out of a Tier IV datacentre; the highest classification available, to network security and intrusion detection systems, intrusion prevention systems to finally having total data centre physical security, we have your data and systems secured.

Data life-cycle management

Data growth rate for businesses is around 32% year on year and data storage issues are becoming a major issue. Most organisations do not manage their data correctly and will have years of data stored on primary storage and backed-up continuously month after month. This is where C24’s data life-cycle management solution (DLM) enables professional service companies to manage their data properly.

Current applications

C24 understand most of the applications that Professional Services companies use and have delivered them over wide area networks for many clients. It is always important however to recognise how these applications work within a hosted environment with new server software technology etc. This is done as a matter of course by C24. C24 engineers are fully trained in most professional services applications and we carry accreditation from Citrix, VMWare, ProCurve, HP and Microsoft.

Managed Print Solutions

We have found from experience that when you deliver applications remotely that one of the major issues is the ability for clients to print when they need to. This may sound relatively simple but we know that this area is problematic. We bring the ability to overcome this issue when we engage with a client.

In-house experience

C24 is seen as an extension to our clients businesses, as we enable them to do what they do best. Solutions that are purchased from us apart from hosting are, 24/7 helpdesk, internal system monitoring, systems integration and information life-cycle management. These solutions enable C24 to offer complete piece of mind to potential clients.

  • Enjoy industry-class, 24/7 support of their applications with an expert team of product specialists on tap. Bring on stream new software and new functionality very quickly.
  • Focus exclusively on running their own business without the concerns of IT or IT people management.
  • Easily evaluate external performance through KPIs and SLAs.
  • Take advantage of trusted IT strategists to help drive IT and business planning.
  • Benefit from business continuity and disaster recovery.
Related Articles

Leave a Comment » | Application Hosting, Managed Service Hosting, Tier 4 Hosting | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Follow

Get every new post delivered to your Inbox.

Join 746 other followers