Tag Archive | security

Security – “To see further we no longer need to stand on the shoulders of giants”

The security market is continuing to heat up. For once it’s less aligned with the potential for immense revenues (that potential and reality has been ever present in the security arena), but more to do with an acknowledgement that do nothing results in – “nothing”.

I have enjoyed meeting numerous enterprise customers at such an early stage in the year and the consensus is the same – “not sure which elements to keep or kill, not sure if investment in traditional platforms vs. accelerated deployment of new software centric or cloud security elements is the way forward”? And for once the concerns are common and consistent (less trail blazers or total laggards than you may think).

As someone working within a company calibrated by customer desires, I am already revisiting the security vendor strategic stories of 2015 to determine how they intend to navigate customers to a better place through 2016. And I am sensing a change across the board with new messaging, revised strategies and arrow head focus on a handful of key strategic attributes. The first one is visibility. Management and visibility of security (and networking) assets and outcomes has been an age old point of concern for many years in IT. A handful of vendors have successfully placed security infrastructure and solution management at the core of their value based offering and reaped the rewards, but even those vendors haven’t emphasised with real assertion the importance of seeing all robustly enough.

And the second key attribute is one of integration. The days of multiple, siloed platforms with individual consoles, ring fenced data repositories and inconsistent interaction with other platforms may soon be the solution behaviour of a bygone age (I’m an optimist) – every vendor is now emphasising the importance of increased visibility and superior integration as the cornerstone of their solution playbooks. Thankfully integration doesn’t mean, “Single vendor” with the normal mode one that welcomes third party and even competitive interaction via open APIs or data exchange frameworks. And the end result will be one of enterprises able to see more, therefore do more, therefore defend / remediate better than ever before.

But surely (and I feel the vultures circling) capturing or seeing more without additional layers to correlate, aggregate, evaluate and accurately isolate relevant events erodes more time than it delivers value? Agreed, however at first glance, this is an area of high investment from existing vendors and new market entrants often utilising human insight to augment systems based logic to deliver the best of both worlds.

This may be an early call but I feel the future is looking brighter in the security arena (maybe because finally we can actually see it). With vendors now delivering platforms and solutions enterprise customers can embrace immediately to unlock value immediately, now really is the time for change. But not without thorough understanding of business expectations and security impact aligned with desired operational and posture centric benefits.

Until next time

Colin W

Twitter: @colinwccuk

Chief Technologist – Computacenter UK, Networking, Security and Digital Collaboration.

2016 – Time to act as the stage is set – but tackle the “elephants” first.

Happy New Year and may 2016 be your most successful and effective yet. It’s the time of year where every analyst, strategist and technologist delivers a number of market or technology based predictions for the year. In reality they are educated guesses because no one really knows what will happen, but the activity is essential (and one you should personally undertake) because it ensures you have an outward focus (external focus) that is as fundamental to your business success (or at least viable) as your internal view. And best of all with market predictions, they are not guarantees of change as they are based on all of the indicators, assumptions, dependencies or guesses remaining consistent. Over the coming months I will share three 2016 perspectives for the Security, Networking and Digital collaboration (UC in old school terms) marketplaces. The views are my own but leverage extensive market and customer research most notably based on real world customer dialogue and challenges through 2015.

The Security challenge in 2016 could be the back breaker the industry is currently dreading. There are numerous forces and events that will ensure 2016 requires so much business change (positive change) that the door will be widened to any party focused on attacks and breaching defences.  There are numerous (too many to actually affect or process) security related impacts that any forward thinking enterprise must consider through 2016 – many are documented heavily within industry white papers and vendor solutions updates. However I will concentrate on six, a few common, others not that are currently giving me most food for thought as I work on strategies for 2016.

The relentless rise of the mobile enterprise (Mobility):  Mobility delivers one of the most acute security challenges today. The mobile worker, enterprise, user is no longer a fad or a secondary persona – it is the norm for many enterprises and will ultimately become the norm for all. Driven via the smart device (most commonly a phone) bonded permanently to the hand of many a user and an almost infinite pool of “relevant” applications, the need (not desire) for every digital activity to be available, everywhere, all of the time will deliver a security challenge second to none.

The connectivity issue that previously stalled the mobility drive is somewhat alleviated with fast wireless connectivity available in the home and enterprise and pretty fast connectively (sometimes) outside and on the move. That has moved any business obstacles to launch a mobility drive away from networking and connectivity and pushed it straight into the hands of the security team to ensure where a connection is made it is sure, and where data is accessed it is controlled. Some say it is an impossible task but that is conceding defeat too easily. It is a challenging but not an impossible task and an enterprise serious about affecting security change could start with:

  1. A top down perspective on the attitude towards risk for the enterprise (what really are “business breaking events”)
  2. A rigorous understanding of the regulatory framework that governs the enterprise (compliance)
  3. Comprehensive visibility of data assets within (where are they, what are they, how important are they, do they need to be protected, and to what level)
  4. Full understanding of how can someone get to them (connectivity and access)
  5. A real time, dynamic view of the secure persona or posture of the users.

I have simplified the workflow and challenge greatly (and many other perspectives must be considered and the order could change) but tools, processes, services and systems exist today that will really make a dent in the “secure mobile enterprise” challenge. It’s too easy to blend a “mobile enterprise” persona into existing and potentially legacy approaches to mobilising users and delivering business services – resist the temptation and use the time for change to undertake a “back to basics” information security review. Do nothing or do slowly because only a small group are mobile is a flawed theory – now is the time to act.

The next big thing – IOT:   The Internet of Things (and or the internet of everything) has captured the imagination of analysts and marketers alike. The connected world of “things” sending and receiving data, commonly over IP protocols but others are emerging, opens the door to a 21st century world previously impossible to imagine. Picture the world of connected cites, healthcare devices talking directly to medical professionals, smart homes exchanging data with utility companies – in fact forget the picture those services, solutions and “outcomes” are already here today. And there lies the problem, the IOT use cases are currently very fluid, personalised and often driven by imaginative use of existing and sometimes emerging technology. With IOT implementations and ideas so cutting edge, the challenge of securing the outcome becomes even greater.

At the risk of becoming an innovation “kill joy” only one recommendation exists of real validity, design any IOT / IOE solution with security acting as the core design frame to minimise the unthinkable challenge of a security retro fit to a solution beyond go live. This sounds like a simple and obvious recommendation (obvious yes, simple no) but is often bypassed due to the enthusiasm, complexity and excitement surrounding the implementation or benefit of the “things” solution. It is fundamental to success to challenge all vendors, integrators and consultancies on secure IOT principles as soon as the “drawing board” solution development phase begins. I fear the IOT security challenge with so many current and future unknowns will be one of the ticking time bombs of the greatest impact over the coming years.

It’s too early in the year for extra long blogs (you have barely cleared your Christmas inbox) so part two of this blog will be next week. I hope the richness of the outline above adds colour to your strategy and planning activities through Q1 to allow you to identify security topics that really require top priority focus through 2016. Two more topics next week and before January concludes the complete story will be told.

Until next week

Happy New Year

Colin W

Twitter @colinwccuk

Chief Technologist Computacenter UK, Networking, Security and Digital Collaboration (UC)

Good defence exists, attacks still happen, breaches occur – “Time for security to change.”

“Cybercrime may now be bigger than the drug trade”, quoted the City of London police commissioner Adrian Leppard.

Security breach announcements that were once a rarity in the non IT world are now BBC front page news on a regular basis. Whether it’s the attack and successful removal of data from a previous unknown (but now well known) dating site or the more recent attack and potentially successful data breach of a major consumer telecoms services provider, Cyber attacks are the norm. Is it time to accept them as a necessary by product of the relentless creation and consumption of digital data, sadly yes. But to accept they exist does not mean an acceptance that an attack should be effective when there are so many steps that can be taken to reduce the potential for success. Defending and securing IT systems are not an easy task as the approach includes people, process and systems. To keep all three security aware and congruent at all times is a challenge with that one “out of sync” moment the attack window for a hacker. Do nothing or “do something but slowly” is a sure-fire way to be the next big story on the front page of the BBC news broadcast. It’s time for new thinking, new skills and better visibility EVERYWHERE or the enterprise will NEVER be secure.

Many years ago a large IT company ran a brilliant ad campaign about the need to think differently. In the case of IT systems and Cyber security, thinking differently should include a rigorous appraisal of existing defences, a perspective on the most valuable digital assets within the organisation (and the additional protection they require) and most importantly the need for people to change the way they interact with digital systems (vigilance). To defend against an attack, it’s time to “think like an attacker” and not based on a viewpoint that attacks follow standardised behaviour, are seeking random targets and lack rigour and planning. Today’s attackers or attack teams are extremely well trained, often well funded and have razor sharp focus on the target and expected outcome. Old school thinking based on technology will fall short in this new digital age. It’s time for new school thinking based on the psychology of an attacker as that will surely deliver greater value (protection).

We are in the midst of an enterprise business landscape with an aging work population aligned with traditional IT skills needing to evolve to a revised “digital rich” skills portfolio. This new skillset is likely to be software influenced and will definitely drive the need to think differently, learn now and learn very differently. And to further compound matters the emerging work force of Generation Y and Z thinkers may not be viewing Information Technology as the “must join” profession of circa 25 years ago. Modern enterprises face the quandary of an old workforce with dated security skills, coupled with a new workforce with skills too new to make an impact – who then will solve the security challenges we currently face? Sadly the skills problem will not be resolved overnight with a major investment in academic level cyber awareness, new age security skills training on mass for existing networking and security personnel plus enhanced employee security education as a mandatory activity within all enterprises. It’s time for enterprise organisations to encourage everyone who embraces the benefits of IT to also part be of the solution to the cyber security challenge.

There has been an age old management quote highlighting the difficultly managing things that can’t be seen – so why believe it to be different with data and information technology outcomes. Digital data is now the DNA of modern enterprises with the potential to ignite ongoing success or collapse an organisation to failure. Full visibility of data from edge to core with the potential to preempt attacks or fast remediate breaches is now an essential element of the enterprise IT systems operational playbook. Breaches will occur in a digital data rich enterprise due to the challenge of continually appraising human, IT and non IT systems behaviour in context and in sync. However enhanced visibility leveraging optimised data analytics can highlight anomalies or areas for further investigation earlier with the hope it’s early enough for the correct intervention prior to a breach. And if an when a  breach unfortunately occurs, “flight recorder” type data playback of the pre and post breach state will accelerate the time to triage and remediate plus reduce the potential for a mirrored attack. Many highlight “encryption everywhere” as one of the most impact full strategies for data protection and the emerging and very interesting “s‎oftware defined perimeter (SDP)” approach (zero trust access control and data movement) as instant fixes. There is no doubt that both will be highly effective protection elements but only as part of a wholesale rethink of security defence, protection and breach remediation.

Enterprises MUST now change their approach and security solutions expectations. The increased use of mobile solutions, cloud computing and virtualisation are not creating a problem for security professions but instead delivering the potential to “reset” security protection and defence within the enterprise. The days of “adding more layers”, often bigger or higher than previously delivered are no more – instead it’s time to design a solution for an enterprise in a state of continual attack not in “comfortable defence”. Effective digital systems security WILL be a primary business enabler in the digital age as enterprises that fail to defend well, remediate quickly and understand attacks may not survive for long enough to fully recover.

Act Now.

Until next time.

 

Colin W

Twitter: @colinwccuk

Chief Technologist – Networking, Security, UC – Computacenter UK

 

 

Not visiting Infosec this year is “not an option” – Knowledge really is power (Computacenter stand L69)

Computacenter will be exhibiting at Infosec Europe, the industry leading “must attend” security event this week (2nd– 4th June) at Olympia, London.

Normally as Computacenter we send a delegation of sales, strategy and technology professionals to listen, observe, exchange viewpoints and take away as much security insight as is possible across “three days”. The customer benefits of Infosec are numerous but the potential to access “everything security in one location” is the one that makes it so compelling for all. This year the Computacenter approach is very different – for the first time Computacenter will be presenting from its own stand at Infosec Europe (stand L69). Why this year over previous years – with the security challenges faced by the social and professional world now regular “dining table” conversations, this year is the year all enterprises must make “right sight security, right way, right now” priority one.

Whether its identity theft, corporate hacking, data loss, protecting users, cyber threat or the myriad of other breaches and issues, security is the board level topic that now cannot slip down the board level agenda. This for Computacenter places security at the top of the list of customer engagement areas which in turn means our investments in capability and solutions will positively affect the security challenges faced by our customers. As Europe’s leading systems integrator for enabling the users of enterprise customers, Computacenter is keen to help organisations tackle the security challenge head on. ‎It’s no longer a case of waiting to remediate on mass when a breach occurs or over equipping the enterprise with an excess of security defences in the hope that it will make breach near impossible.

Attacks are ongoing, breaches happen ‎and even the best defence is only as effective as its last successful defence. The picture painted is now one of the need to maintain a state of continual but relevant awareness aligned with a more rigorous understanding of critical vs non critical information assets. With an increasingly mobile, always on workforce a new state of security awareness and visibility required that is a very different in stance from those of past eras. The Computacenter stand at Infosec (location L69) will allow attendees to discuss datacenter grade core security and the impact on the enterprise edge of the new “work anywhere on any device” employee.

“We believe security is not a short term topic of interest but will continue to be one of the most fundamental enablers of business success or demise within modern organisations.” For that reason and many others I look forward to welcoming you to the Computacenter stand at Infosec Europe (Stand L69) from 2nd June to 4th June.

Until next time (at Infosec Europe this week)

Colin W

Twitter: @colinwccuk

Software defined security (SDS) could this be the SDN “killer outcome”

Software defined networking (SDN) continues to be a major customer discussion within both the specialist networking and enterprise datacenter arenas. After bubbling under in the mindshare league well below cloud, virtualisation and mobility for quite a while SDN is starting to move up the ranking. ‎However this is not without a fair degree of murmured discontent.

Enterprises, whilst digesting the technical concepts behind SDN are struggling to understand the most effective SDN solution design approach and focus in on the business problem / outcome resolved by SDN. At the highest most strategic level, there are numerous benefits that can include operation efficiencies, network agility and simplicity to name a few. But however compelling they all are, they currently do not seem compelling enough (unless a convenient infrastructure upgrade requirement is often factored into the SDN discussion). This could be the result of looking at something so hard that the some of the more obvious benefits are overlooked and in the case of SDN one said benefits is certainly security.

Networking in software (prior to SDN) had already found its home in the middle of a hypervisor as part of a virtualised compute environment, with the result some degree of understanding of the use of software in enterprise computing to realise networking outcomes is already known. But with the unrelenting growth of server virtualisation beneath a hypervisor with the resulting change to network traffic flows (much of it remaining within the hypervisor or physical host) a hidden challenge became the norm – securing virtualised workloads. The drive by many towards a virtualised enterprise changes decades of traditional design norms of physical perimeter security device placement with the requirement to reproduce a revised ideal for the virtualised workload world.

Enter software defined security (SDS) included within or as a by-product of an SDN strategy. The ability to micro Security image 2segment virtual workloads using internal virtualised firewalls and controls in software with the reduced need for traffic to flow out of the virtual environment and back to determine the security state is surely a “killer outcome mobilised by SDS or SDN. And before you state it, a secure environment in a virtualised context can be realised today without the use of SDN and software defined security implementation, but SDN makes it much easier, tightly couples it with management and automation frameworks with the result reduced time to value. There are numerous software defined security approaches from standard functionality within specialist SDN overlay networks through to dedicated SDS (software defined security) solutions from specialist vendors with next generation security at the heart. And with enterprises wrestling with the urgent need to secure physical, virtual, hybrid and cloud environments working together as one, a new approach to solving this KEY enterprise IT infrastructure security challenge is surely required.

Software defined security alone isn’t the answer, SDN in isolation isn’t the answer but they are both serious and viable considerations to deliver security outcomes today aligned with problems of tomorrow. To that end, software defined security (SDS) may well be the “killer outcome” that kick starts the SDN change.

Until next time.

Colin W

Twitter: @colinwccuk

 

 

Black Friday, DDoS and another IT headache!

Linear Scalability would have made some retailers a lot more money on Black Friday and left them better prepared for the peak in internet traffic. Why might you ask is this possible? Anybody watching the news, surfing the web or actually leaving the comfort of their armchairs to visit a shop in person this weekend can’t have missed the phenomenon called “Black Friday” arriving in the UK.

Now I’m not one to dismiss new trends and indeed I would consider myself an “early adopter” on the axis of the maturity curve; however Black Friday bought two big issues out in to the open for retailers. The first and not my interest today, was the requirement for many of the UK Police forces to deploy teams of police in riot gear to manage the hysteria as waves of people flocked to the stores to pick up a bargain. The second was the legitimate Volumetric Denial of Service (DoS) attack that retailers invited to their sites on the back of the torrent of advertising emails that were sent out in the run up to the event.Black Friday

For those of you who don’t understand what Volumetric a Denial of Service attack is, Arbor Networks classifies it as an “attempt to consume the bandwidth either within the target network/service , or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.” And that’s exactly what happened on many commercial websites with the number of visits and site requests swamping them and causing so much congestion that people couldn’t get on them to find a bargain let alone buy one!

Now we’ve all seen this kind of issue with ticket sites – you want to buy tickets for the latest band and spend hours waiting to get in to a queue to buy them. But retailers were caught out and several implemented queuing systems through the course of the day which I’m sure infuriated many people as they had to wait up to an hour to get access to the site. Some might say that this isn’t an issue as it’s a British tradition to queue patiently for things – however the internet isn’t British and in this “always on, always connected world” we are moving towards, a queuing system quite frankly doesn’t cut it with today’s “always on, always connected” internet consumers.

The dilemma facing retailers is that to implement infrastructure that supports that amount of availability when it isn’t used for much of the year isn’t cost effective. Which is why many have resorted to a queuing system that throttles traffic to the back end systems and ensures that the website stays up and running and delivering acceptable performance and reaction times to those accessing it. In doing so however a large proportion of the potential spending population will go elsewhere and therefore whilst no doubt profitable, many retailers failed to maximise the potential of Black Friday.

So what are the alternatives? Linear Scalability is one solution to this problem – the ability to deliver continuous throughput through the provision of on the fly additional infrastructure. This where cloud services can provide the answer and Computacenter can assist. Cloud adoption has been slow in the main as a result of security concerns – why would you trust your crown jewels and intellection property (IP) to a cloud provider when it’s a challenge to protect it within your own datacenters? And this is where we are missing a trick… Most organisations if they looked at the bottlenecks in their systems on Friday would have quickly realised that the issue lay in the web delivery capability which wasn’t able to meet the number of requests being made and not the application or database servers sitting at the back end. By moving or complementing the delivery engine in the cloud, many retailers would be able to maintain performance and the IP would have stayed in the corporate datacenter but the content delivery would have expanded exponentially to cope with demand.

In a “Pay Per CPU Per Hour” cloud model Computacenter can help you implement the necessary architecture to provision and decommission infrastructure on the fly thus allowing you to maximise the money making potential of events such as Black Friday and other peaks in sales throughout the year. Taking the analogy further, if you were able to provision such infrastructure on the fly then why have a DR datacenter sitting idle for much of the year and why not do this to mitigate nefarious Distributed Denial of Service (DDoS) attacks? Equally why tie yourself to one cloud provider when you can go where the most cost effective solution is on a month to month basis?

Computacenter is one of the few organisations that can help you with the end to end delivery of such solutions and won F5’s 2014 “Rising Star” award this year in recognition of our innovation and integration of the F5 portfolio in to our solutions. To implement linear scalability you need a raft of vendors – from load balancing and provisioning to networking and datacenter; we have one of the most comprehensive capabilities in Europe and can build and demonstrate this to you in our Customer Solutions Centre in Hatfield.

In an always on, always connected world where website usability and reaction times are proportional to the profitability, why wouldn’t you come and talk to us?

Just because they make “IT” in your size doesnt mean “IT” suits you ! – Long live ROI

There is a rather brutal statement in fashion that utters “just because they make it in your size doesn’t mean it suits you”. As a somewhat crazy comparison with technology, at times products and solutions are acquired because of familiarity and proximity. There is an awareness of the technology and brand, the funds and access to the solution are within reach – with the result someone will subsequently convince or emotionally justify the need.

Often luck and good fortune ensures the acquisition finds its niche and delivers value (and in many cases not the originally envisaged value but at least some value), in all too many other cases the value can’t be realised, the introduction of a “somewhat distorted” solution adds to the overall complexity across the estate and any likelihood of an ROI just isn’t a discussion.

This journey through the dawn of this IT centric business revolution was previously acceptable, at times the norm and viewed humorously because it was all too common. However in these times of austerity, IT complexity, and the need for “accelerated time to value or real world ROI”, white elephant IT purchases can greatly hinder an organisation and its market leading aims.

The solution is not a difficult one, but does involve a behavioural and psychological shift. It means IT decisions made for technology reasons (upgrade, end of product life, new model) without a business impact analysis should be referred for further scrutiny. And that scrutiny whilst best validated via robust financial ROI aligned ideals could equally be driven via a more operational “value based” validation that may be less numerate (for the non accountants) but will still calibrate technology introduction and change against a realisable “business related” outcome.  You may say, this is surely the norm today and at times you will be correct, but all too often ROI & benefits realisation become afterthoughts over “get the solution in and get it in now !!”.

The onus is on IT systems integrators to help customers via intelligent probing, consultative solution sales engagements and “thought leadership”, to hold all accountable for the measurable benefits expected from the solution. As market aware trusted advisors that’s the minimum duty of care that will not only spotlight “business transforming” systems integrators from general services providers, but equally deliver the success criteria that both the customer solution buyer and systems integrator should measure success.  Its the Computacenter way…..

To return to the start of this blog, great systems integrators like Computacenter will ensure not only your “IT” clothes fit but you will look and feel good in them too (increasing your likelihood of trading with that systems integrator again).

“Happy IT solutions shopping”

Until next time (Happy Christmas and get ready for a fantastic 2013)

Colin W

Twitter @colinwccuk