Who’s Afraid of the Big Bad Cloud? [INFOGRAPHIC]

October 10, 2012

The following infographic from CA Technologies’ CloudViews is based on a recent survey of IT leaders; it shows just how and why some companies have been slow to adapt.

Among its more interesting findings: While 80% of respondents say cloud computing drives innovation, more than 50% say they had no immediate plans to implement it. Why the disconnect? Job anxiety could be one reason. A shade under half of respondents say they believe companies will have to create entirely new IT jobs to accommodate a transition to the cloud, while 56% say cloud computing will require current employees to learn new skills.

Thanks to Mashable

Leave a Comment » | Application Hosting, Managed Service Hosting, Marketing, Retail IT Solutions | Tagged: , , , , , | Permalink
Posted by david ricketts

5 Step Guide to Reducing the #1 Data Security Risk

September 20, 2012

Last week I had the opportunity to attend an event on 3rd party data security and risk. Throughout the event, I talked with folks from many different industries and in many different roles. I spoke with auditors, general IT managers, storage administrators, CIOs, and of course, security professionals.

What is the Top Priority for Reducing Risk?

Everyone shared one common concern:

How can we reduce risk and protect our clients’ data?

One executive was asked, “Which area would you consider your number one priority for reducing risk?” His decisive answer was that, of all the areas of risk his massive enterprise faces, priority number one is unstructured data security.

This shocked me a bit at first, but when you think about it, it makes perfect sense. According to Gartner, unstructured data accounts for more than 80% of all organizational data, and it’s growing approximately 50% every year.

Even data that is normally stored in databases or apps is regularly being dumped into spreadsheets for analysis, PowerPoint slides for presentations, PDFs for reading, and email for sharing between teams.

When you think about it this way, it becomes very easy to see why unstructured data is the highest risk area for many IT departments.

Compliance and Regulations

In addition to the intrinsic motivation for securing unstructured data, external regulations such as SOX, HIPPA, and PCI are forcing organizations to put processes in place to ensure the protection of 3rd party data. Unfortunately, most organizations don’t have an efficient and affordable way to put these controls in place and prove that they’re being enforced.

An auditor I spoke with mentioned how difficult and time-consuming it is to perform attestations, and how, for most companies, entitlement reviews are manual and painful processes that don’t really accomplish the end goal of protecting data.

Where Do We Begin? A 5 Step Guide

If you are trying to start a risk management project in your organization, here are some actionable ideas on what to focus on:

1. Identify your most valuable assets

All 3rd Party data is valuable. Our clients trust us to manage and protect all of it. But it is critical to pick a starting point. To do this, talk with data owners and key stakeholders to find out which types of data are the most sensitive or most valuable.

2. Locate your most valuable assets

You can’t protect sensitive data if you don’t know where it resides. Is it in the CEO’s mailbox? Is it propagated across all your Windows file servers and NAS devices? In order to do this at scale, you’ll need a data classification framework that can scan files on your network for sensitive content indicators.

3. Identify where sensitive data is overexposed

 

You probably found a ton of high value data in step #2. Now you have to figure out who can access that data and prioritize data sets that are wide-open to everyone.

Many of us, when we move to a new home, we tend to change the locks. Why? Because we don’t know who has had a key in the past – the owners, realtors, past owners, builders? This represents a big risk for us and our families.

The same principle applies with 3rd party data. We need to identify who can access it, and what type of access they have. Then we can identify which data is overexposed, and where permissions need to be tightened up and assigned owners.

4. Monitor Data Access

As my good friend @rsobers says: Context is king. Part of reducing risk is monitoring who is actually accessing the data and what are they doing with it. If we’re constantly monitoring access, we can identify patterns in user behavior and alert when suspicious activity occurs. And if we store the audit data intelligently, we can use it for forensics, help desk, and stale data identification.

5. Use Automation

Are you ready to implement steps 1-4? Do you have an army of IT staff with nothing planned for the next 50 years? Luckily, that won’t be needed. You can use automation to identify the most critical data, understand who can access it, and monitor what they’re actually doing with.

By leveraging automation to provide your security intelligence dashboard, you can spot problems and then use automation (again) to simulate changes and automatically execute the remediation.

There you have it! Go forth and protect your customers’ data! Oh, and by the way, there’s a 6th step that doesn’t require IT involvement at all. Ask us about it.

Are you curious to see how your company measures up? Get a free data protection assessment. We’ll scan your infrastructure for holes and help you plug them with automated data protection and management software from Varonis.

1 Comment | Application Hosting, Managed Service Hosting, Marketing | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Defensible Disposal with Automation

September 13, 2012

It’s no secret that the data on corporate servers is growing exponentially. Documents, presentations, media, spreadsheets, and other files are constantly being created and moved onto servers, and after a while, most of it is rarely used, if at all. However, much of this stale data also must be retained in order to comply with regulatory compliance, or to maintain business continuity.

Many IT departments are faced with the reality of having to either continually expand their storage infrastructure or try to accurately determine which data can be safely disposed. The first option is costly and results in basically paying for information you’ll never use, while the latter can be costly in terms of man-hours and brainpower, especially without an automated process in place.

Let’s examine the options a bit closer.

Do Nothing

While it seems like a simpler solution to keep expanding your hardware and try to hold onto every bit just in case it is needed some time in the future, this sort of inaction with regards to defensible disposal is simply not a viable option. Allowing vast amounts of data to accumulate will make it increasingly difficult for users to find relevant data, slow down e-discovery, cause servers to perform poorly, and possibly even crash them, costing your business precious time and money.

Do Anything

Taking the wrong action can be just as damaging. Deleting your CEO’s old email archive might result in a very uncomfortable conversation; disposing of files that you are legally obligated to retain (for HIPAA, HITECH, SOX, etc.) can cost people their jobs, and possibly result in legal action. That’s something no IT professional ever wants to have to deal with.

Do the Right Thing

It should be clear by now exactly why proper defensible disposal techniques are integral to the survival of any business, especially those with sensitive data. Proper disposal techniques can save money and time by streamlining the process of deleting useless data and allowing for admins to focus on other more pressing needs.

If you’re finding the process itself takes quite a bit of planning and/or some sophisticated technology to do most of the heavy lifting, consider automating with technology like the Varonis Data Transport Engine. Varonis DTE simplifies the process of defensible disposal by leveraging our Metadata Framework, allowing admins to automatically and continually delete or migrate data based on a wide array of criteria, such as the content of the file or the date it was last accessed by a human user. This ensures that information that needs to be retained isn’t disposed of by accident and the data that can be safely deleted proceeds safely to bit-heaven, or bit bucket, or /dev/null.

Leave a Comment » | Managed Service Hosting, Marketing, Retail IT Solutions | Tagged: , , , , , , , , , | Permalink
Posted by david ricketts

Grolsch Beer: Interactive Multi-Screen Ads

September 7, 2012

This Grolsch multi-screen campaign is an interesting example of extending a TVC into interactive an online video and mobile experience, that in turn drives retail foot traffic. Starting with a TVC introducing a bold character, the ad then challenges you to go online to continue the conversation.

Users are then introduced to the character more personally over a beer and are asked to text him their name in real-time as the online video plays… For users who’s name the character recognises, he sends them back a text message, literally buying them a beer in real life, with the text linking straight to a coupon code and store finder to claim. Created by the BMB Agency.

Leave a Comment » | Marketing, Retail IT Solutions | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Understanding the Technology Hype Cycle

September 3, 2012

There are situations in your work life where you are in a meeting – your boss will always talk about cutting edge technologies and throw in few technology jargons like Cloud Computing , Social Media etc and will stress about how the company need to build competency in areas surrounding that.

But the question is how does your boss get to know abt these upcoming trends and start pushing the organisation in a direction so as to plan and leverage these technology in business ?

Leave a Comment » | Application Hosting, Marketing, Retail IT Solutions | Tagged: , , , , , , , , , , , , , | Permalink
Posted by david ricketts

Number of phishing websites reach record high in 2012 while many phishing attacks go unreported

July 25, 2012

The number of phishing websites detected reached an all-time high earlier this year, a sign that the business of creating fake websites to spoof real ones is still lucrative for cybercriminals. In its recent report the Anti-Phishing Working Group (APWG) said 56,859 phishing sites were detected in February, this beat the previous record from August 2009 by nearly 1 percent.

The Anti-Phishing Working Group (APWG) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that result from phishing, malware and email spoofing of all types. In its report the APWG noted that the increase in the number of phishing websites was partly due to new technology it employed earlier this year to detect fraudulent sites.

Cybercriminals create thousands of phishing sites each week

Phishing sites are websites that look nearly identical to the legitimate ones, Cybercriminals are pushing out fake web sites branded as well known company’s like eBay, Amazon, banks, and other financial companies to the tune of tens of thousands every week. Oftentimes these sites mimic the well known brands very well and therefore leverage the trust users have in the legitimate companies. The new report showed the US hosted the most fake sites. With almost 50% of the phishing sites for the first quarter of 2012 using a know brand name in their URL, this is a well know trick often used by phishers.

On the bright side, though, phishing sites are being taken down faster than ever, one of the reasons is the ever increasing sophistication of email and web security solutions. In a SpamTitan survey from earlier this year 70% of companies reported incurring financial losses through not reporting spear phishing incidents to their IT department. The results showed that 70% of companies that believe their organisation have been a victim of a spear phishing attack are unsure that such attacks are reported to I.T. and dealt with appropriately. The lack of proactive measures to deal with the attacks can cost companies financially through the loss of data and system downtime. Spear phishing is a growing issue where a targeted false email that appears to be legitimate is sent to individuals or a company in order to access data.

Lack of proactive security measures can cost companies financially through the loss of data & system downtime

These findings highlight the importance of a company security policy and the importance of communicating this policy effectively so that all employees know how to deal with the myriad of security issues they are regularly faced with. This includes what actions to take if they receive a suspicious and unsolicited email, what to do if they receive an email requesting information but the sender is not known to them, what internet activity can they reasonably pursue within company policy, if their role requires them to access a site that is blocked company wide how do they request access?

Most people are now aware of various prevalent banking phishing scams or similar, spear phishing is another advanced attempt at a breach of security that appears legitimate and should therefore be highlighted even more as it is a much more sophisticated form of phishing. Educating employees around a range of security issues is an important step but crucially the most important step a company can take is to put in place robust and powerful security solutions. This doesn’t mean that companies can afford to ignore the ‘softer’ behavioural issues associated with security, it only takes one employee to open the wrong email to give access to sensitive company data bring a whole company’s IT systems to a halt.

Related articles

Leave a Comment » | Application Hosting, Marketing | Tagged: , , , , , , , , | Permalink
Posted by david ricketts

Gartner predicts that by 2017 the Chief Marketing Officer will control the technology spend

July 18, 2012

The Wall Street Journal just posted this article in advance of IBM’s 2Q earnings announcement tomorrow, leading with this sentence: “Technology companies have found a new customer—the marketing department.”

The story goes on to highlight the fact that marketing organizations are increasingly taking the lead in technology acquisition, and that “Companies are de-emphasising traditional productivity tools like PCs and standard business software in favor of advanced programs that help them boost revenue, for example by tracking customers across channels and better targeting offers and advertising.”

In the Journal article, author Spencer Ante points out that Gartner recently predicted by 2017, the chief marketing officer will control more technology spending than the company CIO. Gartner estimates that around a third of marketing department expense budgets is devoted to purchases such as systems to manage customer relationships, predict customer behavior, and run online storefronts, and that the global spend on marketing software already rose from $20 billion to $25 billion over the past year.

Anyway interesting video below:

Leave a Comment » | Application Hosting, Managed Service Hosting, Marketing | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Big Data, it is all about it at the moment

June 18, 2012

The IT industry has a penchant for inventing new buzz words for topics that have been around for years in one form or another and perhaps Big Data is another example.

Yet just this week Capgemini announced the findings of a report (“The Deciding Factor: Big Data & Decision Making”) which showed that, in a study of over 600 C-Level execs, 9 out of 10 leaders believe data is as fundamental to their business as people and capital.

With the amount of data being generated reaching astronomical levels (and accelerating) buzz word or not, Big Data is a problem all business leaders need a strategy for.

Ever wondered just how much information is created? Domo produced an eye-opening infographic which you might be interested in.

Leave a Comment » | Managed Service Hosting, Marketing | Tagged: , , , , , , , | Permalink
Posted by david ricketts

85% of 569 business executives and IT leaders report obstacles in managing and analysing data

June 7, 2012

This is one of the results that Global Survey: The Business Impact of Big Data produced.

It’s not surprising. In the survey’s definition, “Big Data” comprises – in descending order of sources:

Key findings show us that the data deluge is real. In fact, the majority of respondents report being overwhelmed by the amount of data in the workplace. Many employees feel constantly distracted by multiple streams of information – this is especially true of C-level executives.

Despite feeling overwhelmed, executives have an insatiable desire for more data. Companies appear to be addicted. The majority of respondents believe information will fundamentally change their business. And yet today, only a minority views their company data as a strategic differentiator. Most, instead, see it as a consequence of doing business.

Check the link out to read the survey

 

Leave a Comment » | Application Hosting, Marketing, Retail IT Solutions | Tagged: , , , , , , , , , , | Permalink
Posted by david ricketts

When it comes to backup, recovery is key

March 20, 2012

When it comes to the cloud backup of data, it seems that we’re constantly bombarded by technologies, speeds and feeds, expensive and low cost solutions, and who’s best out there. We all know backup is important, but sometimes I think that because backup is such a main focus for so many vendors, we often forget WHY we backup in the first place. (So now everyone is saying, “to recover data you idiot.” Keep reading…)

When we look at the SMB space, we’re typically looking at an IT staff of one or two people. These people are also heavily over tasked, and backup is just one of the unglamorous and mundane tasks that has to be done. Not only is the IT staff heavily over tasked, more often than not they’re constantly juggling a “break and fix” solution because of being heavily under budgeted. So at 5:00pm every day, IT has to go into the server room/wiring closet and put in today’s backup tape in hopes that a successful backup is completed by the morning. Sounds simple enough right?

Now, everyone’s entitled to a little time away from work now and again. This is where everything that is bad that can happen, WILL. Now that our faithful IT person is away, this usually gets delegated over to the office manager. Prior to taking vacation, there is a quick meeting that takes place to show our office manager where the tapes are, and what to do on a daily basis in order to get our daily backup done.

Unfortunately what that IT person FAILS to do is show our office manager how to RECOVER data and systems should they need to. Doesn’t it make sense that a backup is useless if we can’t recover from it? So how does showing our office manager how to backup protect the business from downtime should there be a data or system loss event? IT DOESN’T! What if our IT person was out for an entire week and the company lost their Exchange, SQL or other critical server on the first day with nobody having the competency to restore it? The company won’t close down until it’s restored, but how are we expected to continue operations?

I hope that if you’ve gotten this far in this story your head is nodding in agreement to some degree.

Now, let’s look at this exact same scenario if our IT staff from the same SMB Company offloaded the mundane task of backup to a service provider. There would be no need to worry about that tape at 5:00pm every day. No need to hope and pray for a successful backup job to be completed the next morning as our service provider monitors this on our behalf. No need to worry about having to go and ask for capital budget because we have out-dated backup hardware. No need to worry about going on vacation (and yes, IT guys worry about things going wrong when they go on vacation), and no need to train non-technical staff to perform technical operations that effectively don’t serve much of a purpose in the absence of the IT people to begin with.

While that IT person is enjoying their vacation, should there be any data loss, or system outage, our trusted service provider is available 24×7  for anyone in your organization to call to enlist their help to recover (yes, they provide those type of SLA’s for you!).The best part of all of this is that it’s all rolled into a low cost monthly service.

If you’re ready to alleviate the pressure on your internal IT staff, please visit www.c24.co.uk

1 Comment | Application Hosting, Managed Service Hosting, Retail IT Solutions | Tagged: , , , , , , , | Permalink
Posted by david ricketts

« Previous Entries
Next Entries »
Follow

Get every new post delivered to your Inbox.

Join 752 other followers