Confused about cybersecurity? You’re not alone
At one point or another, nearly everyone has had a moment of cybersecurity gone wrong. Whether it’s a bit of spyware downloaded from your personal email or a distributed denial of service (DDoS) attack launched against your company’s network, experiences with security threats are not especially rare these days.
But understanding the odds and ends of cyberthreats is something that still eludes the casual computer user. Terms like malware, spyware, DDoS, botnet, advanced persistent threats, we know they’re bad news, but beyond that they’re just jargon used by IT guys and technology pundits. Even those who do claim to understand the nuances of cybersecurity have a tendency to confuse the details or explain them unclearly.
Why it’s important to know your network traffic
Investing in bandwidth upgrades without knowledge of traffic is like filling a bucket with a leaking hole
“We are growing and need more bandwidth.”
“We’ll need to double the bandwidth as we are over-utilizing the existing pipe.”
These are common complaints – or requirements – of CIOs and Network/IT managers. Upgrading bandwidth to meet business demands is critical. But equally important is the need to know what traffic types are flowing across the network. Are users making right use of the current bandwidth? Is a DS3 being fully utilized with production or business traffic?
Most companies do not identify their traffic flow due to lack of time, resources, or skill. Budget is commonly available to upgrade the bandwidth but not to analyze the traffic, which is rarely considered a necessity under the assumption that all traffic is legitimate traffic. As a result, it’s comparatively easy to make a business case to upgrade bandwidth than it is to invest in identifying the traffic.
Cloud computing can be traced to 3000 B.C.?
As humans evolved, they started earning income. And with regular income, a secure way to store currency became important. That’s when people began using safes at home, and many were happy with this approach.
However, they eventually realized that moving safes from their home to the cloud was more effective in safeguarding their wealth rather than keeping it in-house. Records suggest the earliest “cloud safes” started around 3000 B.C. And the oldest cloud safe – dating back to 1472! - is still in operation today.
A day in the life of a SOC Engineer
Arrive at work a little early to get ahead of the day. I have some tickets to confirm, work, and close. On top of that there are new engineers to be trained on Virtela processes and tenured engineers to be trained on new, more advanced features. And then there is refresher training for all.
Today my focus will be training. Virtela’s Managed Security Services is growing and our group has doubled in engineers in all tier groups. We have a very diverse group of minds and experience. There’s a significant amount of collaboration and cross-training. There are expert engineers for every device and every security concept.
POS security challenges persist, but managed security service providers can help
In recent years, cyber security threats to point-of-sale (POS) devices have become a growing area of interest for many of our customers. Given the threats that now face companies handling credit card information – with the resources of small to mid-market businesses – and the new standards of the updated PCI DSS, many of our clients are wisely looking for ways to ensure their POS security practices are as effective as possible.
I recall, not too long ago, one of our clients in the airport restaurant business had installed an airport kiosk POS system and also offered free WiFi which people could browse the web while waiting for their flights. In most cases, securing this service shouldn’t be a problem. However, during lulls in the workday, some employees would sometimes attempt to plug their own personal laptops directly into the access link, thereby circumventing the security gateway measures, such as network access control, IPS, URL filtering, port security, and logging. This poses several issues with physical security, as well as acceptable use policies, etc. The most critical issue is potentially compromising the POS system security and logging altogether. Due to gaps in monitoring processes/capabilities, these issues would often times go unnoticed by the IT staff – when the local area management points this out, it would be a black eye for the IT director
The Security Side of Mobile Device Management
Previously, Ben had blogged about Why Mobile Device Management (MDM) is necessary for today’s enterprises. Today, I would like to touch on how to secure mobile devices. The main two components of securing mobile devices are 1) securing the connection between the mobile device and the corporate network, and 2) securing the device itself.
Securing the Connection
There are several ways to secure the connection to the corporate network while providing seamless access from any device, anywhere.
The votes are in! Top 10 IT Priorities for 2011
More than 400 IT professionals at multinational companies responded to Virtela’s recent survey on top IT infrastructure priorities for 2011 and improvement areas for managed service providers (MSPs), and the results provide an exciting glimpse into the year ahead.
Topping the list of priorities are infrastructure management, security, data center consolidation, application acceleration and cloud solutions. Not surprising, really. Having just come back from PTC ’11 where cloud services seemed to be a recurring topic of conversation amongst our global partners, to the customers we speak to on a daily basis, cloud solutions are in high demand given their ability to deliver better, cheaper and faster ways to meet security, application acceleration and other needs. And with today’s IT leaders being tasked with security and compliance initiatives on top of the ongoing management and monitoring of networks, data centers, application speeds and overall business efficiency – it’s no wonder they ranked these as their top priorities for 2011.