Blog

Strategic Planning for Information Security: An Imperative for Tomorrow’s Businesses

shutterstock_163861235In the world of information security, keeping up with the constantly evolving threats to an organization’s sensitive information is akin to trying to hit a moving target. Rapidly growing and changing technologies inevitably bring about new security risks and vulnerabilities and present information security with a never-ending series of challenges.

Many organizations find that increasing security challenges come hand in hand with increasing costs. It is a vicious cycle that causes frustration and may necessitate a balancing act between security and profitability. A well-balanced information security strategic plan can greatly impact the cost effectiveness of an organization’s information security.

An information security strategic plan gives an organization a clear advantage by ensuring that everyone is on the same team and on the same page. When all the members of an organization know, understand, and follow the plan, the organization can:

  • take measures to avoid security breaches;
  • rapidly react to infractions so as to minimize damage and loss; and
  • lay out infrastructure to support long-term security to accompany growth.

A Defensive Strategy

Well-funded attackers are always in a state of adaptation as they probe security measures for weaknesses, evaluate the results, and revise their strategies. If ignored, they will eventually find the weak spots in any defense. For this reason, it is imperative that cyber defenders and security specialists have a strategy in place to take proactive measures to be aware of hacking trends, watch for emerging discoveries of weaknesses, and anticipate potential exploitation of new technologies and operation platforms.

An Action Strategy

When an attack occurs, even the best static defenses can be circumvented given time. A well-planned strategy for active dynamic defenses allows an organization to implement contingency measures which will isolate the security breach and lock down vulnerable information assets. When a security breach occurs, there is no time to circle the wagons and discuss what to do. Time lost can mean information lost. An adequate information security strategic plan allows for rapid, effective responses to attacks.

A Progressive Strategy

Planning for future information security is a process based on anticipating the needs of an organization’s information system architecture in comparison with developing security systems and adversarial trends. A clear and concise vision of where an organization intends to go allows for the organization’s security measures to be provisioned and implemented with a minimum of unwanted duplication and waste. Knowing what is down the road allows an organization to seek out and build relationships with information security providers who can meet the organization’s future needs in a timely and efficient manner.

Beyond the walls of an organization, an information security strategic plan provides positive visibility within an industry or enterprise. Existing and prospective customers appreciate the reassurance that comes with knowing their business partners treat their information with utmost confidentiality and safeguard it against theft.

Top

Build a Customer-Centric IT Team

shutterstock_134102588IT personnel are an integral part of businesses and are instrumental in making sure processes run smoothly by monitoring and ensuring the health of the company’s networks and applications. Until recently, IT professionals primarily performed an internal role, providing services to employees but having little to do with external, customer-facing assignments.

However, that dynamic is changing. As network functions become more integrated with customer-service functions, companies must ensure their IT teams are ready and able to provide customer-facing IT functions. Attracting and retaining IT personnel who can deliver both the critical internal IT service and the customer-facing services necessary in today’s environment can offer a competitive advantage.

Break Away From the Typical IT Mold

When looking for IT personnel who will work well in customer-facing processes, consider candidates who deviate from the typical IT stereotype. IT personnel tend to be introverted and more comfortable working with code than with people.

When identifying internal or external candidates for customer-focused IT roles, seek a different personality type than the typical IT employee. Consider candidates with different skills and personalities that can expand the IT team’s capabilities. Outgoing, passionate, socially focused people will typically function better in customer-centric roles than quiet, shy individuals.

To identify and attract such candidates, examine hiring processes and develop a strategy for meeting the company’s core customer-service requirements. It’s important to show candidates how their contributions will be valued and offer flexibility and opportunities to grow and advance.

Offer Customer-Focused Opportunities

Many IT departments have adopted systems that streamline interactions with the IT department but also tend to eliminate interpersonal interactions that are critical in customer-focused processes.

In order to regain customer-facing skills, companies can offer opportunities for internal IT employees to interact with customers. This might mean visiting customer operations or shadowing customer-facing employees. In addition to sharpening customer-service skills, such opportunities can help IT staff better understand customer needs, requirements, and the relation to the company’s IT systems.

Address Company Culture

While attracting and training customer-focused employees is important, making sure the company’s culture and reputation reflects strong customer-centric values is also critical. Potential candidates are likely to be attracted to companies that are stable, innovative, and willing to take risks. Clearly demonstrating how employee contributions affect customers can motivate candidates to become a part of the team.

Customer-service values should not just be presented to outside candidates but be embraced by internal IT teams, contractors, and business partners. Emphasize the value of both the internal and external customer as well as the critical role the IT team plays in both areas.

Finding, hiring, training, and retaining IT personnel capable of providing traditional internal IT services and customer-facing interactions is a likely key to success. For a successful and long-term fit, companies must not only find the right candidate for the job, but also demonstrate why they should want to be part of the company.

Top

SIP Trunking: A Compelling Choice for Improved Collaboration

shutterstock_66093994Traditional voice services have had their heyday. Today, developing technology trends are shaping a new future for business communications. Automation, the Internet, mobility, cloud, and more are triggering shifts in new services that meet changing customer demands. Session Initiation Protocol (SIP) Trunking is emerging as not just an option but a compelling choice for the modern business.

 

Focusing on the benefits

Even as voice converges with text, image, video, desktop, mobility, and social media technologies, many network administrators still fear the unknown. Their priority is to maximize and protect their investment so it’s understandable that many proceed with caution. However, in order to steer their business forward, network managers should consider what could go right.

For instance, SIP Trunking has many benefits if best practices are observed.

  • Savings. In an SIP environment, IT managers start realizing savings when they phase out costly infrastructure. SIP Trunking eliminates Primary Rate Interface (PRI) and Integrated Services Digital Network (ISDN) rentals. Businesses can also save costs by using centralized public switched telephone network (PSTN) access. This can eliminate costs for maintenance, operations, and unused services.
  • Scalability. SIP eliminates the problem of having too many channels when they are not needed and too few channels when more are needed. It can be scaled up or down on a per-channel basis to suit specific business needs. It also enables businesses to add trunks as demand dictates.
  • Flexibility. As a Unified Communications (UC) package, SIP offers significant flexibility with an array of collaborative options. End-users can enjoy web, voice, video conferencing, instant messaging, chat, voice traffic re-routing, and mobility options.
  • Reliable disaster recovery. Security and recovery can be major fears. SIP Trunking features reside in the IP provider’s network in multiple sites, not in the customer’s premises. Should a disaster occur, businesses are assured of timely disaster recovery (DR) and business continuity. This allows calls to be redirected to locations not affected by the disaster, ensuring a recipient for each incoming call.

Hurdling the obstacles

While SIP is a versatile technology, moving to an SIP model has its own challenges. The most common one is interoperability issues. Different vendors interpret SIP specifications differently. This can create complications when integrating legacy systems with the SIP provider network. A good provider should re-evaluate the customer’s existing architecture and suggest modifications that can support the new services.

Bandwidth capability is an important consideration for SIP connection. Bandwidth determines the quality of calls. The wrong amount of Internet bandwidth and such issues as latency, packet loss, and jitter can result in echoes, garbled messages, and call disruptions.

Connecting to the Internet exposes any network to security threats. Brute force and Denial of Service (DoS) attacks are common issues that can cause entire networks to crash. Solid firewalls, session border controllers, and other security devices can help ward off such attacks.

For IT executives, transitioning to SIP Trunking is a critical decision. Decision-makers should consider an SIP deployment that can support present business needs and easily adapt to unforeseen collaboration services well into the future.

Top

Internet of Things: How Telecoms Can Adjust to Meet New Data Realities

shutterstock_270920006The rapid development of the Internet of Things (IoT) has left many companies scrambling, trying to adapt to the explosive volumes of data that just weren’t predicted (or even imagined) 5-10 years ago. Infrastructures that were designed with maximum anticipated load usage back then simply aren’t prepared to meet growing IoT demands.

In fact, many experts now speculate that by the year 2020 there will be more than 50 million connected devices forming the Internet of Things. And although that amount may seem staggering, with constant innovation taking place in the form of wearable mobile technology and smart everything—from cars to coffee pots—that number may end up looking like a mere drop in the ocean.

This situation is especially relevant for network operators in the telecom industry. Surging amounts of data coming in and the various new ways that business users need to analyze and access that information is placing a huge strain on systems. And typically, call centers are valiantly trying to cope with massive CDRs (call data records) from increased device connectivity and usage requirements.

Advantages of Adaptation

A major advantage to the Internet of Things is the capacity to analyze vast quantities of data in relation to patterns and other actionable information. However, this necessitates being able to store huge volumes of historical data for lengthy times frames.

And if database infrastructure and analytics are adapted appropriately, the competitive advantages include a host of customer service improvements such as:

  • The inclusion of value-added and customized services through enhanced analytics
  • Isolating patterns in archived CDRs to identify service issues and allow alterations in network configurations designed to eliminate them
  • Identifying the similarities in usage patterns and service tickets to develop new offers and targeted marketing plans

Strategies for Adaptation

Adapting to the sheer volume of data engendered by the Internet of Things involves strategic planning. Employing innovative approaches to data analytical infrastructure design will help to position telecoms, and their service providers, with the flexibility necessary to meet current and upcoming IoT challenges.

A traditional approach would involve investing in a monolithic relational database, but this type of solution is little more than a temporary fix. Specialized technologies such as cloud-based ad-hoc analytics and real-time investigative database structures (like RAID) offer functional solutions for the hefty network loads present with the IoT. Being able to mine large quantities of records quickly and efficiently will allow operators to identify and react to network issues swiftly, as well as troubleshoot possible situations on an ad-hoc basis.

Possible network issues include:

  • Problems with various factors captured in call records such as voice, video, or data transmissions
  • Performance functionality of certain device types, operating systems, browsers, or applications
  • Communication technology, i.e 4G, LTE

Thinking about database infrastructure and analytics in new ways will help telecoms adapt to the incredible opportunities created by the Internet of Things.

Top

VoIP vs PBX: The Benefits and Disadvantages

shutterstock_264466157With more available options for communications, many businesses are looking at what service they should use for their telephone line: a more traditional Private Branch Exchange (PBX) or the newer Voice over IP (VoIP).

Both services have their advantages and disadvantages, including cost and reliability. PBX may be an easier option for internal employees, because it allows businesses to connect all their internal phone lines to a single leased external phone line. In most cases, this means that employees would only need to dial an extension number rather than dialing the full number to call a coworker.

VoIP, on the other hand, uses the Internet to make phone calls by transferring audio information as digital data. It possesses many of the same benefits as a PBX, but it has a lower cost. However, there are also some disadvantages to a VoIP system, leading some businesses to consider an IP PBX system, a combination of the two.

Cost

For large businesses or those that are geographically dispersed, cost may be the single biggest factor in whether to choose PBX or VoIP.

Using a PBX system comes with a monthly charge that can fluctuate depending on how many phone calls are made. In addition, whether or not these calls are made internationally can increase the price. However, VoIP systems use the company’s broadband connection to place phone calls, meaning that the majority of the calls are free no matter where in the world the person is calling. Another benefit of VoIP is a low initial cost; instead of an entirely new system, businesses only need to purchase phone adapters that will change their system from analogue to digital.

Reliability

While cost is lower for VoIP, its reliability can sometimes come into question when compared with a PBX system. Because VoIP relies on the company’s Internet connection, loss of power or connection means that phones will also be unavailable. In contrast, PBX systems are powered by the telephone wire itself and will still work even if the power is out. Some businesses are looking into an IP PBX system for this reason: The ease and cost of a VoIP system with a few PBX lines is ideal for emergencies.

Quality

The company’s Internet connection will also affect the quality of phone calls made over VoIP. Small companies with slow or low-capacity Internet will find that voice quality is lower than with PBX. Fortunately, there are many features in a VoIP system—such as the ability to access a work phone number no matter a person’s physical location—that will encourage businesses to upgrade to a more robust Internet connection.

IT professionals and business leaders should have a good understanding of the pros and cons of VoIP and PBX before deciding which one to purchase. While cost is lower for VoIP, PBX has the advantage in reliability and will still work even without power or an Internet connection. However, with the speed with which today’s digital world moves, businesses may find that VoIP allows them the mobility to keep up – with PBX lines as a backup.

Top

Three Cloud Choices for Enterprises

shutterstock_108845345With the growing popularity and use of cloud services, IT administrators continue to face the choice of whether to maintain their network operations in house, or outsource operations to a third party. There are pros and cons to each approach.

Administrators must carefully evaluate a company’s needs and requirements to determine if a cloud solution makes sense. Not all cloud services are created equal. When deciding among Public, Private, and Hybrid cloud solutions, cost, capabilities, and security needs should be considered.

Public Cloud

Public cloud offerings are affordable, flexible and easy to access but offer less stringent security capabilities. Security is top of mind for network administrators, who have likely taken notice of recent high-profile data breaches.

Public cloud solutions create an additional point of risk by allowing employees to access information from the cloud from potentially insecure networks. Such breaches cause IT administrators to be cautious about the security risks associated with entrusting sensitive to data to servers they don’t control.

Private Cloud

Private cloud offerings, on the other hand, allow enterprises to maintain a certain level of control of data resources. This control allows enterprises to ensure critical company data is kept secure. Other benefits include the ability to control costs. A careful evaluation of the company’s security position is also crucial to determine what data, if any, can be transported and used via a public cloud, and which must remain within the private network.

Private Cloud solutions also provide the ability to customize and optimize services to fit the enterprise’s specific needs. However, private networks sometimes have limited data access, due to fewer interfaces with existing systems. In addition, private networks require in-house support and maintenance, which costs money and personnel resources.

Hybrid Cloud

Hybrid cloud solutions are a relatively new offering that can give enterprises the benefits of both public and private approaches by allowing enterprises to offload some resources to the public cloud while maintaining control over others. In particular, enterprises may be attracted to the limitless capacity of the public cloud and the ability to buy into that capacity as needed.

With a hybrid solution, companies can take advantage of those benefits, while still selecting which mission-critical data it must keep within the private network in order to protect that data from breaches. While adoption rates are still low for hybrid solutions, research shows an increasing level of interest in such services among enterprises, driven in part by a market that values the ability to customize IT solutions.

Choose Wisely and Succeed

Ultimately, each enterprise must carefully consider current and future needs when selecting a cloud solution. Once these evaluations are made, the company will be in the best possible position to determine which cloud solution best meets needs and requirements.

Top

Three Critical Infrastructure Elements for Network Uptime

shutterstock_85778392In today’s fast-paced world, where business is increasingly conducted electronically, infrastructure reliability and network up-time are crucial. Infrastructure weaknesses can lead to network downtime, and outages can prove costly for businesses.

Network uptime can be affected by three primary factors. Focusing on adding redundancy to these three elements can help ensure network reliability and decrease the likelihood of an outage.

Overheating

Servers, like any piece of equipment, have the potential to overheat if proper steps are not taken to control their temperature. Servers typically run uninterrupted, unlike desktop PCs that are powered down, or go into idle mode throughout the day. Servers also are often housed in small rooms, and in close quarters with other network equipment. These server rooms can quickly warm to levels that can jeopardize equipment.

Whether a business is housing its own equipment, or outsourcing network and server functions to a third party or cloud provider, it is critical to ensure that network infrastructure is properly cooled. At least two cooling methods should be employed to ensure there is a backup in case one cooling method fails. Possible cooling solutions include rooftop air conditioning units, external condensers, and computer room air conditioning units.

Power Failures

Sometimes the most obvious point of weakness is the most overlooked. Infrastructure equipment requires power to function, and reliable data center power with a backup power solution for redundancy is critical.

An A+B power feed, which creates two independent channels from the public power source to the infrastructure equipment, should be at the top of the requirement list for data center power. This eliminates potential single points of failure when power channels are shared at any point.

Some of the power options that can be included in each feed are uninterruptible power supply, utility power, back-up generator, maintenance bypass panel, internal server power, mains distribution panel, and an automatic transfer switch. Each power feed should have at least one of these options, and should be able to handle the entire server load at peak usage independently to create redundancy.

Network Connections

The equipment used to connect infrastructure to the Internet is another potential point of weakness. Routers and switches wear out relatively quickly, and should be properly maintained and replaced in a timely manner. Integrating backup connections to create redundancy can help prevent network downtime. In addition, connections from the data center to the external Internet network are crucial for network uptime. Peering arrangements with multiple connections create redundancy and reliability, and can optimize performance.

Another important key to making sure potential network failure is mitigated is to choose network and infrastructure providers that are committed to reducing or eliminating single points of failure by adding backups and redundancies. Network downtime is costly and unacceptable, but there are simple ways to build in redundancy. Cutting corners on infrastructure reliability leads to network downtime and service interruptions that can ultimately cost more than building redundancy in from outset.

Top

Are Today’s Students Developing Remote Work Habits?

shutterstock_207163516Adults who grew up in the northern areas of the United States and experienced harsh winters may fondly remember the unfettered joy of “snow days,” those unscheduled days off from school due to inclement weather conditions. However, snow days may soon go the way of mimeograph paper and typewriting classes. In fact, some school administrators have instituted the concept of remote work. This means students learn remotely from home when dangerous weather conditions close schools.

These progressive school districts equip students with the necessary devices, like iPads and laptops, to access the day’s lesson plans online from home. Public funding allows these “loaner” devices to be given to the students who need them over the course of the school year. It eliminates the need for sharing electronic devices in school-based computer labs.

Future Workplace Trends

One possible outgrowth of this trend is that a generation of students will be accustomed to flexibility, unsupervised productivity, and self-sufficiency in the workplace. It has the potential to permanently alter the employment culture for businesses in the years to come.

Web-based applications allow employees to access and enter data from virtually anywhere in the world. While brick-and-mortar offices will never be completely eliminated, requiring workers to remain physically present in their workplaces every day can be curtailed. Supervisors will still be able to monitor employee productivity from their remote work locations, enabling them to target any “cyberloafers” and respond appropriately.

Flexible Employment Benefits

The business community has been flirting with the concept of remote work for decades, with flex-time schedules offered as part of some benefit packages. But the concept has never fully taken flight. Below are benefits for companies that implement flexible employment options for their workers.

  • Recruitment value. Remote work on either a full-time, part-time, or as-needed basis can be a part of an appealing benefit package offered to talented prospective employees. Under the right circumstances, it can be the deciding factor for a job candidate weighing several employment offers from competitors.
  • Decreasing operational costs. Heating and cooling an office building is a considerable expense. Some calculations indicate that American companies could see profit increases up to $665 billion annually, or anywhere from $10,400 – $13,200 per worker each year by implementing telecommuting for only half of the time.
  • Increasing employee morale. Smart business owners realize that content employees who have flexible work options are more likely to remain with their companies, reducing worker turnover and training costs.

Remote Work Options

Companies can pave the way for this employment sea change now. Some options include:

  • Putting it on the cloud. Embracing cloud-based unified communications (UC) in the workplace enables remote work and telecommuting for employees.
  • Formulating a disaster plan. Some disruptions to workflows can be anticipated, but others are unexpected and can wreak havoc on businesses. Businesses with proactive and well-understood plans for remote work is key to keeping operations up and running smoothly.
  • Having the right technologies in place. Remote networking tools, like virtual private networks (VPNs), assure accessibility and security.

Change for companies with a 9-to-5 culture isn’t going to happen overnight. However, considering the future workforce is growing up with remote learning in place at school, a transformation is on the horizon. The movers and shakers of tomorrow are sure to influence the employment landscape that was established centuries ago.

Top

IoT Market Demands Data Security

shutterstock_65198842In just a few short years, industry experts predict that the Internet of Things (IoT) will have a tremendous growth explosion. By the year 2020, research suggests 30 billion devices will be connected in a $3 trillion marketplace. Assuring that this avalanche of data is protected by layers of security is paramount to the industry’s success.

Soon there will be homes where the front doors unlock with a smartphone, its temperature is controlled remotely, and even the oven is turned on by punching a code. “Smart homes” are already on the technological horizon, but the security features must keep pace for viability.

Consumers own many devices that are not just unencrypted, but with marginal to non-existent security features enabled. Some end users leave the factory-set passwords in place, making illegally accessing a device’s data mere child’s play for the average hacker.

Making IoT Devices Secure

Certain qualities are required in order to make the security on IoT devices effective. The security must:

  • Possess cloud capabilities
  • Be platform agnostic
  • Have the ability to facilitate IoT technological ecosystems
  • Be lightweight

The ability to manage security via a cloud platform is a vital component to any implemented system. Cloud management enables manufacturers to patch changes to security configurations once a weak spot is detected – even after consumers purchase the device. The hardware itself can be tethered to private key exchanges to simplify authentication, provisioning, and configuration.

The benefits of utilizing agnostic security platforms are clear. Processing capabilities in IoT devices can enable them to be managed and controlled via the cloud. Transmitting large-scale changes in provisioning, authenticating, and configuring can also be handled at cloud level from a centralized location.

Compact IoT devices with security features embedded at the chip is a practical solution for securing data at the core of the device while still utilizing available space. IoT devices can have private keys already embedded to enhance security. This additional layer of security allows compromised components to be identified as “untrusted” and isolated from the other devices on the network. Default passwords would no longer be necessary once key exchanges are implemented within the hardware to authenticate each device. This also allows them to remain lightweight.

Issues to Overcome with IoT Devices

However, the lightweight, compact size of IoT devices limits the space available for security. Another drawback is the multiple levels of vulnerability when connecting devices or at the data host site of the chip. In addition, the limitations of the processing capabilities on devices manufactured by different companies creates security challenges. At present, consumers must use devices made by the same company in order to link them. Cloud-based connections reduce the necessity of standardizing the processing capabilities of IoT devices.

Most IoT devices aren’t currently enabled for cloud management, which is a potential security pitfall. When devices are all tethered to the cloud, it is a simple fix to patch security vulnerabilities – even when they are in the hands of end users. Devices can communicate more readily with one another when cloud capabilities have been implemented.

The bottom line is that the success of the IoT industry is dependent upon the security that is provided by the technology. To ensure that data protection remains a primary focus in an expanding market, networks and devices must be safeguarded. Enabling cloud management capabilities and security features embedded at the chip level can achieve these results.

Top

Preparing For Data Loss

Data lossData loss incidents, when an organization suffers the loss of valuable data, can cause considerable harm to the business. The loss may be as a result of a natural disaster, fire, or theft, and the impact can be irreparable. Yet statistics show that relatively few organizations adopt robust data protection policies. This is short-sighted because sensitive and important data is held in the cloud, and its loss, even if temporary, can hurt the organization.

Risk of Data Loss

The most likely reason for the loss of data is through a natural disaster, and interestingly, significant portions of the country are at risk in one way or other. Heavy flooding, hurricanes, and earthquakes have a wide geographical spread and one incident can affect a large area, so it’s important to consider not only the business location, but also the location of data servers. In addition to natural events, data may also be lost through fire and theft.

An easy way to understand the business risk is to ask one simple question: What if we lose our data?

Financial Losses

According to a 2014 Global IT Study that surveyed 3,300 respondents, 64 percent of organizations experienced data loss in the last 12 months. The research highlighted that the cost to enterprises of lost data and downtime was $1.7 trillion.

Researchers found that although a high percentage of organizations had disaster recovery plans in place, relatively few had implemented effective data protection practices and less than half employed remote, cloud-based data protection.

Impact of Lost Data

There are two aspects of data loss that affect organizations. Firstly, there’s the loss of the data itself that may include essential operational information, critical customer data, and proprietary information, all of which affects the company’s ability to function. Secondly, there is downtime that inevitably arises from the incident as the organization works to recreate or recover the data. In the worst-case scenario, an organization might have to suspend operations for a period of time, resulting in lost revenue.

Long-Term Impact

Apart from the short-term losses, businesses may incur ongoing difficulties that lead to the loss of customers, lower sales, and long-term reduction in revenue. In many instances this can mean closure or bankruptcy.

Based on the Global IT research, companies need to take the risk of data loss seriously and implement a workable disaster recovery (DR) plan.

Disaster Recovery Plan

Although a comprehensive DR plan needs to consider all aspects of disaster recovery, there can be no recovery if the data is not available. Consequently, at the core of the DR plan must be a process for ongoing data backup and remote storage. Should data be lost, this would mean that it can be recovered, operating systems restored, and business resumed with little delay.

Contingency planning must allow for the possibility of partial or complete loss of data. Additionally, apart from allowing for natural calamities, plans should factor in the risk of man-made catastrophes, such as fire, explosion, equipment failure, and data theft.

Every business faces the possibility of losing data in one way or another. It’s imperative to be ready for a disaster to strike, so that when it does, businesses are able to respond promptly and effectively to restore data and get back online.

Top
1 2 3 7 Page 1 of 7