Archive by Author | Colin Williams

It’s time for remote web conferencing meetings to positively change the game.

It’s time to act different to get different. Outside of the core fundamentals of life I value KNOWLEDGE and TIME higher than most things. Remaining knowledge hungry ensures the world is forever a captivating and interesting place to be. Optimum use of time ensures both essential and desirable socio-personal and business outcomes can be achieved with metronome like consistency and efficiency.

Home or remote working can deliver a mass of advantages including the removal of time lost to commuting, the potential to maximise time available for non-work activities, the chance for services to remain available through times of crisis and the potential to offer work opportunities to different demographics. However, it requires a rethink of work behaviour or meeting etiquette to ensure the remote collaboration or meeting experience is beneficial to all. Web and video remote conferencing services used effectively have the potential to “change the game”.

The points below are a handful of ideas to optimise and unlock measurable value from the use of remote web or conferencing platforms. Many are well known and common sense practices, but at this challenging time should be applied with increased levels of consistency:

Prepare the remote working space and web collaboration tools in advance of the remote meeting. Clear background clutter in the room if broadcasting yourself or your environment using video or web conferencing. At its most basic, move your seating position into a hallway with a blank wall behind you if you don’t want family pictures or your home environment on display.

If you do or don’t not want to use video during the remote web conferencing meeting, explain to all participants the need or benefits of using video (ability to see and interpret body language, etc). Video within a conferencing platform can be selectively used with participants either interacting via voice, video or both. Unless company policy forces the use of video, engage in a manner that feels most comfortable for all participants and if that means no video for the individual participant, it should be their choice.

Web remote conference meeting recording is a very important issue to address at the start of any meeting. The meeting host must convey their desire for the meeting to be recorded or not. If a participant for legal, privacy or other reason explains they do not want the session recorded the recording option must be turned off or the participant must leave the remote meeting. Background recording of a session by stealth contravenes all privacy guidelines and statutes.

Check to ensure the web conference remote access device (laptop, smartphones, tablet) is working and connects successfully at least 15 minutes before the call. It stops all parties losing the first 10 minutes of the call due to connection issues.

Send any pre read content for the remote meeting participants by Email 24 hours before the meeting or at least an hour if it’s a last minute request. Explain in the email the importance of the pre read email content to be absorbed ahead of the remote session to deliver context and additional insight. This will save 15 to 20 mins at the start of the session ensuring all participants are at the same knowledge level.

Circulate, ideally in the same email as the pre read content, the need for the remote meeting, the outcomes of the actual remote conferencing session (what does good look like at the end), a few bullet points to consider as topics for “discussion” or topics for “decision”. This ensures the remote conferencing meeting participants attend the meeting with views already formed to be discussed and tangible outcomes in mind.

If the main speaker will be occupied answering questions during the meeting from the start, appoint an alternative meeting chair to keep the meeting flowing, stop a single point or person dominating the meeting or to keep referring back to the meeting objectives and outcomes highlighted in the pre read email.

And lastly consider the impact of the duration of remote conferencing meetings. One hour is a time frame all can accommodate with enthusiasm and energy. One to two hours should also deliver valuable remote conferencing meeting outcomes applying the meeting etiquette techniques previously mentioned. Longer than two hours may be challenging for all parties based on keeping all participants fully engaged without human, person to person, proximity based energy. Longer remote conferencing or collaboration meetings are possible prepared and managed well but shorter, direct remote engagement seems to be effective.

I hope the content above is useful as we all expand the well-known and effective remote web conferencing approach and flip it for the short to medium term into the primary organisational, societal and personal user engagement platform.

Used well remote web conferencing (audio and video) will help to maximise the value of that golden component of life, “TIME”. Remote collaboration and conferencing tools used as the norm, in primary engagement mode have the potential to change the way we interact and work forever. But as people we need to re-calibrate our remote or home working engagement expectations first because the platform is only a vehicle or channel to achieve that engagement.

Until next time.

Colin W

Business Line CTO UK (Networking & Security)

Twitter: @colinwccuk

Its time to redefine the meaning of “Work” – signposting the new normal for remote users

It could be said the word “WORK” has been misunderstood forever. Its neither a location or something to do with business only endeavours but a description of the product or effort applied to deliver an output. The current virus outbreak is encouraging us to reset historical perspectives on the nature of WORK and perform a cultural reset, with work for many shifting from the defined confines of a corporate address and instead to a location neutral “output” delivered wherever the employee or customer may be.

The effective use of digital platforms is key to a successful remote employee and customer experience when it delivers the value expected by both parties. This is hardly new, with evidence daily of the value of digital collaboration and engagement platforms used to bridge geographical, social boundaries, for human engagement and access to services based on our use of social media platforms every day. However, the use of remote user, remote access and digital collaboration platforms as a critical success factor of business continuity through this time of unknown unknowns may result in some organisations determining existing processes, platforms, security and governance are insufficient.

There are number of steps organisations should consider to ensure they are well positioned through this challenging time and continue to deliver a positive employee and customer experience.  Firstly, ensure the lines of communication are clear with corporate guidelines explaining the approved way to perform company activities using remote or digital platforms. Simplicity is everything and organisations must strive to simplify user engagement via corporate digital collaboration platforms to make them as easy to use as the social media platforms accessed regularly by users. Simplicity is also key to successfully crossing the cultural adoption chasm. The creation and publication of easy on-boarding or quick start guides for users (and potentially customers) to reduce the load on helpdesk teams and to encourage self service should be available to all.

The network will play a massive role in the success of any remote worker, digital collaboration or remote user engagement programme. It’s important to check the network capacity, availability and resilience of inbound communication links to ensure sufficient bandwidth exists with latency optimised based on the unforeseen increased volume of remote users and external customer interaction. Increased use of video conferencing may place additional loads on networks via links previously not used meaning a thorough review of user paths, devices, workstyles and engagement expectations will deliver real value (consider how a user works, not how the network “should” operate). This may require discussions with telecommunications carriers from an operational and contractual perspective to gain confidence the user and customer experience delivered remotely is not sub-optimal and positive.

Remote access VPNs (virtual private networks) and digital conferencing platforms for both users and customer are in use today but a short term cultural shift may be required to use them as the primary engagement mechanism. Additional levels of employee guidance and potentially customer facing communication to convey the best way to maximise engagement and customer satisfaction via a predominantly digital engagement method should benefit all.

If remote access or conferencing platforms of the scale required do not currently exist or capacity augmentation is required it is straightforward to on-board functionality via cloud based VPNs, collaboration and remote access solutions that seamlessly integrate with existing platforms with minimal levels of reconfiguration required (consider the operational overhead or security impact). One button meeting join / start whether desk, mobile or other device is used is essential.

Security as expected must be at the heart of all remote employee and customer engagement. It’s important to issue security related policy guidelines explaining how to conduct business via remote or digital platforms to ensure both organisations employees and customers are protected (for example discussions about session recording). Security is best delivered “built in by design”, automated and requiring minimal user interaction.

In summary remote user and customer engagement using digital remote access, collaboration or conferencing platforms can deliver and maintain a positive customer experience through this challenging time. However, organisations must prepare well (in an accelerated timeframe) and operationally configure platforms to ensure this different way of working is as is simple, secure, seamless and beneficial as any previous way of working. And who knows, for many positive reasons aligned to work life balance in the digital age, the current challenge may signpost opportunities and benefits that help us to make this new way of working “the” way of working for many more in the future.

Until next time.

Colin W

Business Line CTO Computacenter UK (Networking and Security)

Twitter: @colinwccuk

 

RSA Security Summit 2020 Summary – Make the “Human Element” your strongest element.

The RSA security event was hosted last week in San Francisco. Circa 40000 people converged together at the immense Moscone Centre to understand information security challenges & solutions old, new and very very new that may help to protect and defend us all in an increasingly complex digital world.

The core thread of this year’s event, the “Human Element” is the most important aspect of the IT security world. Human behaviour guided by a proactive security persona can deliver positive defence against all but the most focussed and complex attacks. However, humans are equally the ideal vector targeted for compromise to ensure attacks are successful.

The recent virus outbreak of Covid-19 (Coronavirus) did affect the RSA event in numerous ways. For the first time a number (not many) of large segments of floor space remained empty based on the last minute withdrawal of a handful of security vendors. The normal on stand giveaways contained a “must have” in various forms and packages – “hand sanitizer” (thankfully something finally got rid of stress balls). The fear of virus transmission via handshakes was highly evident with a ” will they, won’t they” shake hands mental dance undertaken by many even with hand sanitizer available to minimize the spread of the virus. I fear the fist and elbow bumping used by many continue through the year (please “no”).

With so many vendors, activities, people sensory overload quickly overtook physical tiredness. The “Human Element” remained the key theme for the event but wasn’t alone as the main story. All attendees will summarise their own event messaging take aways based on their own rationale for attendance but the following resonated from my personal perspective.

  • The “Human Element” of course
  • Security automation
  • The impact of threat intelligence (fundamental)
  • Next generation security operations
  • The growing importance of the Mitre framework
  • Device, connection and person security visibility
  • Cloud & application development secure outcomes
  • The benefits of a platform approach to security architecture

There were many many more topics than the eight above, but I noticed they were most prominent from my perspective in the underpinning storyboards of many vendors.

It was pleasing to see increased numbers of vendors reinforcing optimum security is not about prevention or detection but instead both with accelerated remediation to a known good state the ultimate security operational goal. It is impossible to prevent all inbound attacks especially when “the Human Element” remains the most important and accessible part of the digital engagement chain. Simplification, enhanced visibility, a dynamic platform plus a single page view integrating all vendors must be the essential goal for any vendor aiming for mastery.

I have mentioned a few times on these pages the benefits to all of “brilliant basics”. It’s time for us to strive for operational simplicity always (automation can help) to make a secure outcome, the default outcome for the system or application user whether it is a person or a “thing”. The user should not need to consider “switching on security” for a particular task or outcome, it must be inherent, automatically appear (ideally invisibly) and protect the user activity by design. We can do this today in both application development and security operational delivery environments but in too many cases allow culture and traditional ways of working to stall our progress towards a secure by default digital world. Synergy is the way forward to ensure a win win for all.

In summary the RSA security event remains a “must attend” event for anyone in enterprise information technology and security operations. The focus by attackers using the “Human Element” as the most effective control stack to breach should highlight to all that simplicity, knowledge and potentially automation of security controls to empower those same humans will ensure they become the first & best line of defence. We must be on our guard. Be aware on this same note, large scale email phishing campaigns with information updates about Covid-19 are circulating in the wild and starting to have an impact as increased numbers of curious users engage to gain more information. Turn up your defences, warn and educate yourself and your users.

The “Human Element” is without doubt the most important element in the security chain – working together we can also make it the strongest one.

Until next time.

Colin W

Business Line CTO Computacenter UK (Networking and Security)

Twitter’ @colinwccuk

Enterprise Networks – “Make IT and business WORK”

Last week we talked about security however this week we will discuss networking and connectivity.

Time for the basics – why do we have networks? Networks only exist to facilitate engagement, communication, creation and sharing, points often forgotten in the midst of features and endless buzz words. By holding onto those key points summarising the purpose and drivers for network existence, at the heart of all discussions and chunking the conversation up, the reason (s) for network need or change is exposed. It may be a user need, an application requirement, a service orientated outcome, but without doubt the outcome “isn’t the network” – the driver of the networking need is the main story.

It’s time to overtly challenge all enterprise networking discussions – “Why does this network exist, what are the user / applications that drive the need for this network, what user or application measures validate network activities and so on”? It’s time to hold the network to account and unlock the business value of a secure connected enterprise.

In keeping with last week’s security summary, this outline will focus on three networking aligned areas of “interest” for 2020 (without doubt there are many more).  No predictions, purely areas that may stimulate valuable discussion and ideally actions.

Secure networking – secure connected outcomes.

It’s important that we link security and networking together at all times with no discussions about networking in isolation. Its time to intentionally switch all conversations to signpost secure networking or secure connectivity. The addition of the single word secure will change the mindset of all concerned and ensure the only outcome validated as successful is a secure one. Networks are the technological digital transport umbilical cord of the digital age therefore inherent security is fundamental to ensure successful, connected digital outcomes.

See all – secure all.

Next up, visibility is the hidden jewel within networks but only if explicitly leveraged for the value it delivers. Networks as the digital transport in the midst of all digital transactions see all of the traffic they transport and connect. By utilising data packet by packet “see all” capability within enterprise networks with end to end visibility from user, though system, through application, though cloud and back, networks are as powerful as security control layers as they are digital data transport layers. Its time to exploit the network as one of the best digital security sensors available.

Optimum operations – time for NetDevOps.

And finally network operations MUST change. I write with no ambiguity when positioning the importance of network operational change now, to unlock tomorrows benefits, today. There is no digitisation without secure network connectivity, no digital user experience, no world of “smart” technology and human engagement – nothing.

Networks must not only understand the language of applications, they must proactively and consistently “enable” applications to deliver user & business outcomes. Network automation isn’t the story, it’s a component of a bigger story of applications, operations and network technology working in perfect harmony.

The changing face of network operations must result in enhanced platform efficiency, operational consistency and network automation bound into the application and software development life cycle. Without an intentional business and cultural shift to leverage the network intentionally and proactively beyond digital data transport, business agility, user experience and application value may be compromised.

Start now – change now

Enterprise networks have become a victim of their own reliability, performance and effectiveness. Networks are often invisible as technology entities, however complaints appear in an instant when problems or network failure occurs but with little said during times of “normal”. Networks are expected to “just be there”, “always on” delivering optimum reliability and performance for both known and unknown requirements. This is a tough ask, however by using the network as a security control layer, proactively using the network for optimum levels of end to end visibility and accelerating the evolution of network operations, the enterprise network will act as a springboard to every good in the digital age. That’s got to be worth it.

Until next time

Colin W

Twitter: @colinwccuk

Business Line CTO UK (Networking & Security)

Security 2020 – “Intentional Security to accelerate digital business success”

Email inboxes around the globe are filled though January with a flurry of IT market and technology predictions. I’ve been guilty of writing them in the past but chose not to this year. However, a few people have nudged me and requested at least a summary or a few ideas on a few significant IT security areas to consider through 2020 (not predictions). One thing I can convey with certainty, is that fact we actually don’t know what will happen in the security arena moving forward, we can assume and theorise but don’t really know. The business and technology landscape has never been more uncertain, with well skilled and financed attackers (at times more so than the defenders) due to the potential for immense rewards. To that end organisations need to be aware, pragmatic, agile with effective security controls and actionable remediation strategies to help them deliver “Secure IT”.

So, what might happen

The “Windows 7” platform will be a highly targeted attack vector (whether embedded, full function or other). Whilst many users remain emotionally and operationally wedded to the now reliable and robust legacy operating system, the end of operating system support and patches for Windows 7 software platforms means enterprises as a minimum must evolve away from Windows 7 to Windows 10 or to another secure and supported operating environment. If a move from Windows 7 cannot be undertaken in a timely manner, compensatory controls for example the use of virtual patching may add a layer of defence but that will very short lived. A move from the Windows 7 operating platform is the only outcome to maximise user and system security.

Next up, “connected things”. IOT is the collective term frequently used to describe connected devices, often without an interface for human input but “connected things” collect, process, transmit and sometimes store data. The sheer volume of connected things increases the security challenge with defenders requiring real time visibility, always on controls as they seek to minimise or eliminate the potential for attack. To make matters worse, many of the “things” become invisible to the human eye hidden in ceilings, behind walls or embedded in other devices. But they remain highly visible to attackers are easily located with simplistic scanning tools and can be used to launch highly damaging attacks (or as a beachhead to enter a networked environment). Visibility visibility visibility is everything – you can’t secure things you cannot digitally see. Connected device visibility platforms or advanced NAC systems help to determine the type, status, behaviour of all connected devices. This allows them to determine posture, grant and revoke access, supply data inputs to asset and CMDB databases but more importantly to help organisations to create and maintain a baseline of “normal or known good security”.

And last but not least, “the human vector” remains a key consideration in 2020. Un-informed users have the potential to become the weakest link in the security chain, but informed, engaged, security conscious users become one of the most significant elements of optimum security. Users have the power to make intellectual and dynamic decisions, interpreting situations in a way technology based controls cannot. With users as educated, security advocates and technical security controls working together in harmony, end to end optimum security becomes a reality not a dream.

As a recap, to maintain a security by design and by default in 2020 for users, business & consumers, three areas will be high on my list:

  • Acceleration of the move from Windows 7 (or to secondary compensatory security deployed if a platform move is not possible)
  • Optimum visibility of connected things (traditional connected devices and IOT) to ensure they can be located, patched, secured.
  • Inspirational education of “the human” to intentionally become the strongest security link in the digital chain.

Through 2020 we must strive to make intentional security simple to consume, manage, operate and EFFECTIVE. This will help users, organisations and the industry to shift the current mindset and position security positively as the essential enabler of the digital world. Its time to start now, start today.

Until Next time.

Colin W

Business Line CTO Networking and Security – Computacenter UK

Twitter: @colinwccuk

Stay in the security picture and avoid the ransomware revival

Everyone loves a sequel – just look at how well the latest Toy Story instalment is performing at the box offices. But there’s one sequel that we could all do without: Ransomware 2. It’s back, and like the best horror movie villains, it’s nastier and bolder than ever before.

Ransomware 2 has already claimed a number of high-profile victims. At the end of June, two US cities paid around $500,000 each to get files and data unlocked following successful attacks. The bill for Norsk Hydro, a global aluminium producer, was even higher. It didn’t pay the ransom, but it still paid the price.

The entire workforce had to resort to pen and paper when ransomware took hold across 22,000 computers in 40 different countries – Norsk Hydro is still recovering nearly three months later. On average, a ransomware attack results in seven days of downtime.

Although the Norsk Hydro’s tough stance has boosted its reputation; it’s also damaged its bottom line – the cost of the attack has already topped £45 million. The company is not the first to end up with a multi-million dollar bill: the Baltimore City government was hit with a massive ransomware attack that left it crippled for over a month, with a loss value of more than $18 million.

The resurgence of ransomware is not surprising – it’s a proven business model and a repeatable one. It works not only at an enterprise level but a personal level too. Individuals can be just as willing to pay a ransom to unlock personal data, such as family photos and financial files, if they are the targeted by an attack.

So how do you avoid joining the ransomware ranks? Although ransomware is powered by malicious software, it still needs human interaction to succeed. Just one click on a spam email or an infected ad is all it needs for a ransomware attack to be initiated. Even a visit to a legitimate website can land you in trouble, if the site is infected with code installed to redirect users to a malicious website.

Better user education can help prevent ransomware being unleashed – whether it’s on a home device or a business computer – but it will never completely eliminate the risk. So organisations need to be ready to fight back when the ransomware ball starts rolling, which means they need robust protection from the DNS layer to the email and the endpoint.

Blocking spam and phishing emails along with malicious attachments and URLs is an important first step. But the need to balance employee flexibility with IT security means the net can never be fully closed.

Even if someone clicks on a malicious link or file, organisations can still supress an attack. If ransomware can’t connect back to the mothership, it can’t be activated.

With thousands of DNS requests being initiated across an enterprise every day, detecting which ones are genuine and which are malicious requires highly sophisticated technology. Instead of proxying all web traffic, intelligent ransomware defence solutions will route requests to risky domains for deeper URL and file inspection. They will also be able to draw  on contextual security to identify unusual and potentially unsafe requests from individual endpoints.

These insights enable IT teams to make quick risk judgements that block threats without blocking genuine business activity. With new risks emerging all the time, ransomware defence solutions need to receive constant updates on the latest sources of malicious content.

If the call back to a command and control server is successful, there are still ways to contain a ransomware attack before it proliferates across an entire organisation. For example, dynamic segmentation can prevent ransomware from travelling across the network – helping to avoid a full-scale outage as experienced by Norsk Hydro.

By taking a layered approach to security, organisations and individuals can mount multiple defences against ransomware whether it’s launched via the web or email. And they will need every one of these defences because Ransomware 2 looks like it’s going to be a blockbuster. Ransomware damages are predicted to reach $11.5 billion in 2019.

Stay safe until next time.

Colin Williams

Business Line CTO Computacenter UK – Networking and Security

https://www.coveware.com/blog/2019/4/15/ransom-amounts-rise-90-in-q1-as-ryuk-ransomware-increases

https://cybersecurityventures.com/ransomware-damage-report-2017-part-2/

2019 Security Predictions – “Ensure the basics are BRILLIANT”

Happy New Year and I hope the festive break was “a break”. Some continue to work throughout the festive season (or the global economy would meltdown), but for many back to work for 2019 started in earnest this week. I have so far avoided 2019 “predictions”, “prophecies”, “educated articulation of interesting stuff” to date based on so many of them circulating the social media and email landscape. However, a fair few messages asking for a perspective on the networking and security world for 2019 have stimulated me to scribble a few words.

And here comes the shock, I will be quite boring with my summary of the market and technology impacts for 2019 (well at least the first half) because I will continue to encourage to all who will listen that the most important edict they can institutionalize in their own psyche and the organisational operational IT approach is to ensure the basics are “brilliant”. Modern business should only have a single state, secure business with an unintentionally insecure environment almost unthinkable in the digital age. As the creation, processing, analysis and management of digital data streams continue to underpin and energize both user and business outcomes an intentionally secure by design philosophy is the only way to stem the attack tide.

Security isn’t the task of security professionals alone, but every application or system user with a level of consciousness about the consequence of breach or failure must now acknowledge “intentional security” is the responsibility of all.

Ensuring the basics are brilliant, with security controls mapped to business activity, outcome and consequence, with auditing and automation leveraged to optimize operations will increase the level of certainly of a user or organisations security posture.

·        Privileged account security

·        Multi factor authentication

·        Managed encryption.

·        Vulnerability management PLUS

·        Identity management PLUS

·        Enterprise anti phishing with associated user education

·        Intelligent endpoint security (user or things)

Can you embrace how boring the list above may seem – hopefully that’s the case. The list above are subset of the “Brilliant Basics” that MUST underpin the secure defences of all. You are possibly about to click away from this screen buoyed by the view “we have got all of those” and that may be the case. But even with great guidance from Cyber Essentials, CIS, NIST, etc many organisations I meet are a snippet of “luck” away from a comprehensive breach due to absence, failure or poor execution of the controls above with the negative consequence avoidable.

If there is no auditable and actively managed operational state of the items mentioned above integrated together to ensure security is seamless, intentional, proactive why consider the wealth of advanced and esoteric new products showcased daily – get the basics right.

So my 2019 ask so early in the year is to be brutal and rigorously appraise the brilliance of your “basic” security controls. Are they operational consistent, audited, integrated, holistic, bidirectional from an information and threat exchange, automated where possible – score your current state.

Why make it easier to be breached when organisations highly engineered, often very expensive, operational complex defences fail due to the failure to control the controllables or optimise the known basic elements.

Until next time.

Colin W

Twitter: @colinwccuk

LOB CTO – Networking and Security Computacenter UK

Note: This perspective is the viewpoint of Colin Williams and does not constitute an opinion of Computacenter Group.