IT security

Kerry Butters

Security and the Cloud

Security and the Cloud https://quadratek.net/wp-content/themes/fildisi/images/empty/thumbnail.jpg 150 150 Kerry Butters Kerry Butters https://secure.gravatar.com/avatar/?s=96&d=mm&r=g July 29, 2014 July 29, 2014

There’s been a lot of talk in recent years surrounding security and the cloud and it was something that delayed initial traction in the market until reasonably recently. However, as more and more businesses have made the transition, it’s clear that faith in cloud services has grown.

Despite a recent Ponemon Institute study, which found that moving to the cloud could triple the cost of a data breach, there’s still plenty of evidence to suggest that the cloud is much safer than many business premises.

45% of Network Attacks Due to Malware

A recent study by NTT Group found that businesses are still not doing enough when it comes to securing the company network. In fact, it was found (somewhat worryingly) that many businesses don’t even have the most basic protection, such as antivirus software and vulnerability scanning, in place.

The research looked into more than three billion attacks that had taken place affecting businesses in 2013. It found that more than half of all the unpatched systems detected had had patches available for two years. This lack of carrying out even the most simple and important tasks can of course significantly increase the risk of attack.

Further to this, it was found that a whopping 78% of those companies that suffered an attack didn’t have any kind of response planning. This means that in the event of an attack, firms would have been completely unprepared and would inevitably lost money.

The Cloud vs the Office Network

Cloud services tend to be based in data centres which have much more robust security than those seen in the study. Not only is data regularly backed up, but it’s also protected by layered security such as hardware firewalls and antivirus solutions. Unlike many of the businesses which the study looked at, good data centres also generally have disaster recovery plans set out and available as documentation for customers.

According to the report, the problem often lies with the board when it comes to network security. It seems that a basic lack of understanding when it comes to just how much an attack can affect the company leads to a shortfall in IT budgets.

For the IT manager, this is obviously something that’s very frustrating. After all, without the budget in place, it’s very unlikely that a manager can do enough to protect the network. However, it should be pointed out that vulnerability scanning and applying patches is not an expensive solution and is something that’s vital to every business.

Security-as-a-Service?

The report goes on to suggest that companies would be well placed to work with security experts and buy this as a service. This would take the pressure off IT managers and help to mitigate the risk to the business network. There’s no reason that this couldn’t take place in the cloud either, it’s quite usual for external auditors to access the cloud service in order to be able to prepare for an audit.

This could complement the skills of existing staff and that of data centre security to provide an overall complete solution.

Cost of a Breach to Business

Furthermore, it’s really very necessary that companies begin to educate executive staff on the effects of poor security at work. The outcome of a data breach is often a loss of business and of course, impact on profits.

Whilst the board might not understand the need for security, executives are often concerned with any impact a situation might have on profits, so it’s perhaps better to educate based on numbers, rather than IT.

It does seem something of a paradox in the wake of the report that businesses still claim not to trust the security of the cloud and yet have little in the way of basic protection, planning for attack or risk mitigation.

Hosted Desktops and SaaS

The most firmly established cloud offering is also the most popular and security concerns aside, SaaS (software in this case, not security) is providing many businesses with the means to gain more agility. The pay monthly model reduces capital expenditure and if the data, as well as the apps is stored in the cloud, then there’s little doubt that it’s better protected than it would be on many business premises.

Of course, there are many other benefits, not least that services such as hosted desktop allow employees to work remotely. Given that remote working is rising hugely in popularity as the work/play divide becomes narrower and narrower, the pluses certainly seem to outweigh any concerns that a company may have about security.

Image: T-Systems

Simon Randall

Windows 8: An Open Door for Cybercriminals?

Windows 8: An Open Door for Cybercriminals? https://quadratek.net/wp-content/themes/fildisi/images/empty/thumbnail.jpg 150 150 Simon Randall Simon Randall https://secure.gravatar.com/avatar/dee20463cac74ec371a1c134b2ba37b8?s=96&d=mm&r=g January 15, 2014 January 15, 2014

Simon Randall

Choosing a Unified Threat Management Vendor

Choosing a Unified Threat Management Vendor https://quadratek.net/wp-content/themes/fildisi/images/empty/thumbnail.jpg 150 150 Simon Randall Simon Randall https://secure.gravatar.com/avatar/dee20463cac74ec371a1c134b2ba37b8?s=96&d=mm&r=g October 20, 2013 October 20, 2013

While each
organization will have its own criteria for choosing a Unified Threat
Management vendor, performance and reliability are likely to rank highly on
their list of criteria. At the end of
the day when choosing a Unified Threat Management vendor many companies will
simply be looking for a product which does the job and does it reliably.

The first
and most obvious point to check when choosing a Unified Threat Management
vendor is whether or not they are capable of supporting the core security features
you require. Typically these would
include: a firewall, URL filtering and malware-detection capabilities.

It’s
important to remember that unified tools are generally good all-rounders rather
than being top-performers in any particular field. In other words, they are a bit like modern
smartphones, which have decent cameras and decent music players, but which no
professional photographer or DJ would consider using in place of dedicated,
stand-alone devices.

Many people
however are perfectly happy with their smartphones, at least for day-to-day
purposes, and UTM devices can work perfectly well, particularly in an SME
environment. If, however, your company
fits into a particularly high risk profile, for example you have extensive
access to sensitive data, or you are working in a controversial industry, then
it may be better to look for individual, dedicated, solutions.

UTMs – a layered approach to IT
security

Decent
management controls are also likely to feature highly on any company’s
wish-list. Given that the core market
for UTM vendors is SMEs, which tend to have limited IT resources, it is usually
important to make sure that the solution chosen can be managed by the IT team
along with their current responsibilities. Of course, it can also be outsourced
to technology support companies, such as Quadratek.

Forward thinking is necessary for IT
support

The
question essentially becomes: how simple does simple need to be? In a very small company, realistically, a
straightforward and basic web interface will probably be the best approach, as
the IT team may very well be a one-or-two-person operation with limited skills
and resources. In a bigger company, it may be more appropriate to look for
solutions which have more options for customization and support; for example
the ability to customize security according to the type of device if not at
actual device level.

Think about
future-proofing. Companies can scale up
and down for various reasons. As a rule
of thumb, the greater the number of people in an organization, the higher the
security requirements. Basically, the
more links there are in any chain, the greater the chance that one of them will
break.

Consider hardware SLAs

Companies
with a reasonably stable workforce and plans for steady growth may be prepared
to accept solutions which would require the purchase of new hardware if any
significant changes were to be made, but companies whose business is more
cyclical or who may potentially need to upscale operations at short notice
should look for solutions which offer flexibility.

Look at the
vendor’s reputation. Leaving aside
support and service for a moment, look at the vendor’s reputation in terms of
product management. The fact of the
matter is that new security threats are emerging all the time, which means that
companies in the market of IT security need to be constantly monitoring for
them and updating their solutions, whether this means updating definitions of
malware of creating a brand new product to cope with a brand new threat.

The current
major players in the UTM world are all established brands and many of them
offer UTM products in addition to standard networking equipment. They have all demonstrated a commitment to
ensuring a safe future for users of network-based services. Smaller players and new entrants may add
options and may have solutions which are every bit as good as their larger
counterparts, but should arguably be looked at with particular care.

Reliable IT support

Once it has
been established that a vendor can provide a reliable level of product
management, then it is also worth looking at their reputation for service and
support. In short, can they be relied on to be there for you when you need
them?

Look
carefully at whether or not a product will support your company’s style of
work. If you are a small company with
everyone working out of the same location, then your UTM needs will be fairly
simple, but as soon as you start adding in extra business locations and/or
home, mobile and remote working into the equation then you will either need to
deploy UTMs at multiple locations or have a UTM solution which support
sufficient VPN connections for your staff.

This is
also where previous comments about scalability can be important. By the same token, if your company is makes
use of Wi-Fi connections for any reason, then make sure that your UTM solution
can support them. Admittedly this is
becoming increasingly common, but it never hurts to check.

ISO and other regulatory needs

Last but by
no means least, it’s important to be aware of any regulatory requirements and
to make sure that your UTM solution is fully in compliance with them. While regulatory requirements tend to be in
line with the value of the data held by companies, for example they are hugely
strict for companies which hold confidential financial data. These days many companies are data
controllers and need to comply fully with all the requirements of the Data
Protection Act.

In short,
everyone who uses any sort of network-based service needs online protection. This applies as much to individuals as to
organizations. Choosing the right UTM
can provide a simple, affordable and effective way for SMEs to manage these
threats. Companies in high-risk
environments may be better using threat-specific products and either hiring the
resources to manage these in house or out-sourcing IT security altogether.

Companies
with large numbers of remote or mobile workers might do better with cloud-based
security services, which often have straightforward web-based management tools.