Hyper-flexible deployment of cloud-managed networks… why should you care? [Blog]

Hyper-flexible deployment of cloud-managed networks… why should you care? [Blog]

Head of Connectivity Mark Hall explains why complete deployment flexibility of cloud-managed networks is so important for multiple business sectors and scenarios

If you’ve read our recent blog on the transformative potential of cloud-managed networking (“Why Should You Care?”), you’ll know that flexibility of deployment is one of several compelling reasons why all kinds of organisations are already making the switch.

You’ll also know that our partners at Extreme Networks are the fastest growing provider in this already rapidly developing market (set to triple by 2024)… not least because they take simplicity and flexibility to a whole new level, giving you and your network the best possible journey to the cloud.

Why is this flexibility so important?

All businesses operate differently and have different networking needs – often combined with strong existing preferences as to their cloud provider (Azure, Amazon Web Services, Google Cloud Platform etc.) and type of cloud environment (public, private or “cloud edge”).

With ExtremeCloud™ IQ, Extreme Networks’ end-to-end cloud management solution, you can deploy and consume cloud-managed networking in whatever way suits you best, while enjoying all the benefits it brings in terms of business efficiency, reduced capex/opex and, most importantly, transformative use of data, analytics and insight. Read more about how cloud-managed networking can enhance your competitive edge and bottom line.

Just how flexible is ExtremeCloud™IQ… and how do I benefit?

 

1. Public cloud users

Because Extreme is the only cloud networking vendor to deploy on all the major cloud platforms, organisations can stay with their cloud provider of choice – with no fuss and no disruption to their preferred way of doing business:

  • Countless organisations have a strong existing relationship with Microsoft, which provides the bulk of their IT software estate. In cases like these, ExtremeCloud™ IQ can be deployed on Azure. This is frequently the case in healthcare and education.
  • For retailers and others who seek a cloud provider with strong data analytics capability, we’re often asked to deploy on Google Cloud Platform.
  • Other customers prefer to work with Amazon Web Services, the biggest public cloud provider, again, Daisy and Extreme are happy to oblige.

As well as being a scalable, flexible and convenient option, deployment through a private cloud allows ExtremeCloud™ IQ to aggregate metadata from a wider selection of client networks and analyse it using artificial intelligence (AI) and machine learning (ML). This in turn yields richer, more robust insights to help optimise individual clients’ network performance.

2. Private cloud and “cloud edge” deployment options

What about organisations (often in finance, law and other professional services) who want to combine the benefits of public cloud with total data sovereignty? We enable you to manage a private, contained cloud environment that sits within the public infrastructure of Azure, Amazon Web Services or Google Cloud Platform, leveraging three ISO certifications. Read more about Extreme’s data security certifications and compliance with global standards.

For organisations who operate at a maximum level of data sensitivity, security and environmental control (we’re thinking government, defence contractors and the like), we offer the same cloud-managed networking services in a “cloud edge” (or on-premise) environment via your own datacentre, or as a managed service through Daisy’s ultra-secure equivalent installations.

Simple, transparent licensing

This ethos of flexibility extends to Extreme Networks’ licensing approach. “Pilot” licences are the same for networks of any size and sophistication, while feature licences range from standard to premium, depending on the management features required. Better still, all licences are fully portable to ensure maximum convenience. And now, you have all five of the ‘Essential Applications’ (Wireless Intrusion Prevention (WIPS), location services, IoT, guest management and compliance) included at no extra cost with ExtremeCloud™ IQ’s standard Pilot subscription license.

We hope you enjoyed this overview… remember, deployment flexibility is just one factor that makes cloud-managed networking such a must-have. What next? Learn more about how to leverage your investment after switching to cloud-managed networks.

 

Interested in how you can start transforming your network into something more powerful?

As an Extreme Networks Black Diamond Partner, we can help you connect your people, applications and information in the most simplified and secure way, whilst streamlining all aspects of your network from deployment to maintenance.

>> Discover eight benefits of ExtremeCloud™ IQ in our infographic

Contact us for a no-obligation chat on 0344 863 3000.

 


Cloud-managed networks: why should you care? [Blog]

Cloud-managed networks: why should you care? [Blog]

Head of Connectivity Mark Hall explores the powerful reasons why companies in all sectors are waking up to the benefits of cloud-based management

Cloud-managed networks: why should you care?

One answer goes like this: because even if you don’t care yet, the chances are you’ll soon have to.

Given the way network technology is developing, companies in all sectors are waking up to the benefits of cloud-based management… and of switching sooner rather than later. Small wonder that cloud-managed networking grew by $2.6bn (the equivalent of £1.8bn) in 2019, a 29% increase from 2018, and is set to triple by 20241 (for perspective: traditional managed networking grew just 3% in 2019).

So if you don’t care, your competitors most likely will. But here’s another answer…

Why is it so powerful?

Managing your networks the traditional way is cumbersome, resource-intensive and costly. And as the number of connected devices (think phones, tablets, laptops, and IoT devices) grows by the second, these challenges will exponentially increase. Tracking, understanding and optimising your network will just get harder and more expensive.

But there’s more: with traditional network management, it’s nigh-on impossible to leverage the true power of the data that flows in your network, thus depriving you of a readily available competitive advantage.

Cloud-managed networks change all that, turning burdensome complexity into its fitter, better-dressed cousin: simple sophistication. With ExtremeCloud IQ, an end-to-end cloud management solution created by our partners Extreme Networks and delivered by Daisy Corporate Services, this happens with mind-blowing flexibility and the highest certified levels of security and data compliance.

The result? We’ve yet to find a business – in any sector – that couldn’t transform its efficiency and costs by making the switch.

We’ve seen organisations of all sizes in retail, education, health, defence, and an array of other sectors implement cloud-managed networks and benefit on multiple fronts.

So how does the magic happen?

1. A smarter, more powerful and responsive business

With ExtremeCloud IQ, the huge volume of data flowing through modern networks turns from an amorphous, unmanageable mass into something you can use. Why? Because only cloud-managed networks can aggregate and analyse secure, encrypted metadata from your network and those of thousands of other clients, using artificial intelligence (AI) and machine learning (ML) to enhance business insight and take away the pain of the day-to-day operation.

  • Give your administrators a 360° view of all devices, clients, apps and network health indicators.
  • Detect anomalies and implement targeted fixes to instantly improve performance.
  • Give your IT team their time back, turning their attention from firefighting to innovation, which improves performance even further.
  • Make sure your network tools are fully up-to-date, all the time, with instant, architecture-wide upgrades.

ExtremeCloud IQ is also the only cloud-managed network solution to offer full data duration – yes, that’s all of your network data from the beginning of your deployment right up to the present moment – offering the boundless potential for granular analysis that improves customer experience and business performance.

But that’s just a taster. Learn more about how to leverage your investment after switching to cloud-managed networks.

2. Complete deployment flexibility

No matter how you want to deploy and leverage cloud-managed networking, we have it covered. Whatever your size and sector, we can provide the best possible journey to the cloud, from design and configuration through to simple, transparent licensing.

How do we do this? For a start, ExtremeCloud IQ is the only solution to work flexibly and seamlessly with all public cloud providers (Microsoft Azure, Amazon Web Services, Google Cloud Platform).

But it also offers the same benefits to organisations who prefer a private cloud architecture, or those who operate “cloud-edge” solutions through on-premise or private datacentres.

The result? The maximum choice to run your networks the way you want and need to… but with greater insight, control and efficiency.

Want more details on what this means for your organisation? Read more about ExtremeCloud™ IQ’s ultra-flexible deployment options, with examples from multiple business sectors and scenarios.

3. We know what you’re thinking…

“All this sounds great… but can it be that secure?”

Every business asks this, and if they don’t, we make sure they know the answer anyway.

Without watertight security and data compliance, endorsed by the highest levels of certification, our customers couldn’t take advantage of the benefits outlined above.

That’s why ExtremeCloud™ IQ is the only cloud networking solution with its own ISO27001 certification. ISO27001 is gained through a painstaking process of yearly audits covering everything from the technology itself to Extreme’s operations, human resources, supply chain management and even engineer access to datacentres. Also, notably, ExtremeCloud™ IQ stores none of its clients’ data (which is held in encrypted form by the primary cloud provider), relying instead on metadata for its remarkable insight and trouble-shooting power.

ExtremeCloud™ IQ also holds ISO27701, ISO27017 and Cloud Security Alliance (CSA) STAR Level 1, as well as accredited compliance with GDPR, HIPAA and PCI standards. Extreme has also expanded its UK-based Regional Data Centre footprint, allowing more organisations to keep their data local and ensure compliance with data privacy.

We hope all this goes some way to explaining why cloud-managed networking is such a growing area within networking and why Extreme Networks is the fastest-growing cloud networking provider.

1 Omdia Cloud-Managed Networking Report 2020

 

Interested in how you can start transforming your network into something more powerful?

As an Extreme Networks Black Diamond Partner, we can help you tailor ExtremeCloud™ IQ to your particular requirements and get the most from your investment.

>> Watch our video to see how we help you create a more efficient network environment with cloud-driven networking

Contact us for a no-obligation chat on 0344 863 3000.

 


board meeting

What Senior Executives Need to Know About Cyber Breach Management [Guide]

Colin Jeffs, Head of BCM Consultancy at Daisy Corporate Services, explains the difference having an overall strategy for resilience, sponsored at board level, can make.

Senior executives are justifiably concerned about cyber risks and the need to recover quickly and safely if their organisation is hit by a breach. But, what involvement should they have in order to help make the business more resilient, and a recovery more successful? If you think all you need is cyber insurance, then please read on…

Read on or click here to download a printer-friendly version.

If you sit on the board of directors, you need to know that there’s a comprehensive plan in place that covers exactly what happens when a cyber breach hits, and you need to know that there is a defined reporting structure that keeps the flow of information and decision-making around the incident management and the recovery effort, open and effective.

It is common for one board member to have overall management of risk, but an important part of achieving resilience should be communication and decision-making relating to risk, across the full board of directors. It is really important for all senior executives to be prepared, and this means having high-level knowledge of the plan, and doing your part to shape the strategy.

Here’s why it’s so important if you are a C-level executive:

  1. You are responsible – as a member of the board of directors, it is your responsibility to ensure that the area of the business that you oversee is resilient and has appropriate plans in place to manage any business interruption. Being active in the strategy ensures you have this covered for your area.
  2. You are accountable – as far as regulators and the law is concerned, accountability for any resulting loss of data and the penalties associated with that, starts with the CEO and the company board of directors. It is literally in your own best interests to ensure the correct processes are in place for data protection.
  3. You are visible – internally and externally, you are a known representative and policymaker for your business and as such, you set the expectations for resilience both internally for your staff to follow and externally for the peace of mind of your customers and supply chain. Your involvement in the planning and execution of the strategy raises the profile and the focus on resilience, helping to embed resilience internally and send all the right messages externally.
  4. You are vulnerable – last but by no means least, board level executives are prime targets for cyber criminals. Not only do you have great access within your organisation, but you also have access to the most high-level and valuable company secrets and are more likely to have influential contacts and reach within your industry sector. Being part of your planning means you are more aware and alert to the potential risks and how to keep safe.

Top board-level action points

I recommend three over-arching steps that are overseen at director level. These steps will help to embed a resilient culture throughout the organisation and ensure the business can bounce back or avoid major impact altogether following a cyber breach and naturally, disruption from other causes:

1. Establish unified ownership across your resilience staff

Make sure there are clear reporting lines and decision-making processes relating to cyber risks and cyber breach management. This needs to include business continuity, information security, risk management, and IT. It’s important to remember that resilience incorporates and transcends all of these areas.

2. Promote information sharing

Internally: to understand what the cyber threats to your organisation are and how they are changing

Externally: to exchange intelligence across your industry sector and business network to help identify and manage emerging threats

3.Promote your information security policy

Ensure there are processes in place so that information security is understood by all staff and supported by regular staff training. Most cyber breaches occur because a member of staff has clicked on something they shouldn’t have, or opened an email and attachment that they were not sure about.

And if you are still not sure that resilience needs to have such a big focus on your corporate agenda, there are some compelling benefits:

Business benefits

Digital transformation or any change in the way your organisation functions needs an element of risk management to be undertaken. A focus on resilience at the heart of your decision-making is critical to your continued success, understanding and mitigating threats, identifying opportunities, and ensuring confidence in your strategic direction.

Operational benefits

Every boy scout will tell you that you should be prepared. When you are prepared for the unexpected in business, you are not only more likely to endure any setbacks, but you have a culture that means that relationships, dependencies and processes are understood at an intrinsic level. This not only drives innovation and productivity, it ensures decision-making does not occur in silos.

Financial benefits

Greater productivity from more collaborative working is a natural result of a resilience-first approach and provides welcome financial benefits. But there are more tangible benefits including the continuation and potential reduction in insurance premiums, that come from having cyber secure backups in place, for example. And don’t forget, the reduction in losses and downtime and the peace of mind for your customers and the market you operate in won’t harm your sales potential either! Remember that customer and market confidence is everything in business and if the market has confidence in your business because you’ve shown you have resilience in place, you are far more likely to ride out any storm.

So, the best way to take your business forward, is to keep resilience at the heart of everything.

About Colin Jeffs MBCI

Colin moved into the realm of business continuity from IT project management where, as part of implementing IT systems, he had to implement resiliency. Colin has worked in business continuity and crisis management for more than 25 years, holding senior roles in both disciplines for many years at major financial institutions in the city. Colin now heads up Daisy’s award-winning business continuity management division.

 

Windows server end of support

Windows 2008 R2 End of Support – Now What?

Windows Server 2008 and 2008 R2 End of Support: Discover your options

On January 14, 2020, support for Windows Server 2008 and 2008 R2 came to an end. End of support or end of life refers to the date when Microsoft no longer provides automatic fixes, security updates, or online technical assistance. As a result, any vulnerabilities in the operating system that are discovered after this date will not be fixed by Microsoft. What’s more, Microsoft will no longer offer any type of support for the operating system meaning it won’t be long before those systems are specifically targeted and exploited.

Now is a great time to transform your applications and infrastructure to take advantage of cloud computing and the latest versions of Windows Server. Here’s a few options and tools to help you and your business manage the transition:

Migrate to Azure

Now you might be thinking that end of support is an ideal time to transform your IT estate with the cloud – and you’d be right. But it can be difficult to have upgraded everything before an end of support timeline.

To address this need, Microsoft has made Extended Security Updates available for free in Azure for 2008 and 2008 R2 versions of Windows Server to help secure workloads for three more years after the end of support deadline.

These workloads can be rehosted to Azure with no application code change allowing businesses more crucial time to plan their future paths, including upgrading to newer versions such as Windows Server 2016 and utilising the set of platform and data services available in Azure.

Upgrade on-premise environments

For any apps and data that you want to keep running from your premises, your best option is to upgrade to the latest version of Windows Server to get the strongest security and latest innovation. Windows Server 2016 are the new standard for performance and efficiency, and include built-in security features that help harden your platform.

If you are staying on-premise, this is the ideal time to look at your entire server infrastructure. Whilst today’s server solutions can deliver important security features, as well as dramatically increase both performance and cost-efficiency, they can still be a burden to manage and take up valuable space within your office footprint.

Talking to a Managed Hosting partner who can manage your journey from your traditional on-premises environment to an environment hosted in a purpose-built datacentre can be advantageous. You can focus on your business whilst they focus on your IT estate.

It you really do need more time to upgrade your on-premise servers, Extended Security Updates are available for purchase for up to three more years and are a great option for achieving continual security updates while upgrading or migrating to Azure. This option is available to organisations with Software Assurance or Subscription licenses under an Enterprise Agreement enrolment and can be purchased annually to cover only the servers that require the updates.This option can be expensive though and is only really postponing the inevitable.

Next steps…

Now that we’ve covered more of your options, it’s time to get started. We know that every good migration project begins with a good plan, so start by identifying any applications that are being supported by 2008 and 2008 R2 versions Windows Server, inventory the workloads, and choose the right migration and upgrade path for each one.

You have options and your data doesn’t need to be vulnerable. Whether you are looking to quickly mitigate your risk or using Windows Server end of life as a catalyst for business innovation, Daisy can help.

As a leading partner of Microsoft, we’re ideally placed to combine the globally available Microsoft Azure cloud service with the advanced capability of our own data centres, bringing you a bespoke way to deliver software-as-a-service, infrastructure-as-a-service, unified communications, better collaboration and much more.

 

Maximise your investment in Microsoft 365

Three Key Steps to Getting the Most from Microsoft 365 [Article]

Cloud Solution Delivery Manager Michael Wilson reviews some of the “best bits” of Microsoft 365 and how to leverage some key benefits.

Remote working and online collaboration tools have become key for many organisations during the pandemic. With so many of us working from home, we’ve relied on technology to keep us connected with colleagues and able to do our jobs. Looking to the future, more than a quarter of UK employees are considering working from home permanently or occasionally when life returns to normal.

Microsoft 365 represents a great way for organisations to empower employees. Many businesses have already turned to Microsoft 365, where the enterprise suite can transform the way businesses work, with best-in-class productivity applications, simple device management, and always-on security. If you’re yet to make the change to Microsoft 365, or feel you aren’t fully realising the benefits, we’ve put together three key aspects of Microsoft 365 you should be aware of.

1. More secure and better compliance

With the increase in cyber threats, cyber security is hugely important for all organisations. In fact, the UK Government’s 2021 Cyber Security Breaches Survey found that four in ten (39%) businesses  reported suffering a breach or attack in the last 12 months. Microsoft 365 provides tools that can help organisations improve their cyber security practices, for instance by introducing enhanced user access management. As part of this, it can be configured to mandate the use of multi-factor authentication and can even flag risky users and sign-ins. The systems can also be set up to block access from specific locations and can take a more data-driven approach to managing user access.

To better the understanding of cyber risk, Microsoft 365 creates a security score for the organisation. This way, stakeholders can take stock of security position and ensure risks are minimised over time. Additionally, Microsoft 365 can be used to manage the security of systems through several security and compliance focused dashboards, helping businesses to keep information secure by highlighting which employees have access to what company data.

2. Increasing productivity and improving the user experience through advanced analytics and monitoring

With the rise of remote working, productivity is something many businesses have been taking a closer look at. One of the biggest bugbears of many organisations is IT downtime. As part of implementing Microsoft 365, businesses can configure the software to flag slow booting computers and crashing programs to IT teams, allowing them to proactively fix or replace hardware to ensure a better user experience. This can result in happier employees with better performing devices, reduced downtime, and greater productivity.

Microsoft 365 also includes some of the best productivity apps for businesses, such as Microsoft Teams and OneDrive. But these apps are only useful if they have been configured effectively. Microsoft 365 also includes powerful metrics and usage monitoring so businesses can see how each user is interacting with and using the applications. The platform highlights where tools could be used more effectively and even help them to use the right applications in the best way. Businesses should be looking to use these tools regularly and tweak their implementations to get the most out of Microsoft 365.

3. Save some money on wasted licences

Many enterprises often rely on a myriad of different Microsoft products each of which have their own set of licensing requirements.  However, with changing working practices the traditional licensing model isn’t the most cost effective… With software licences being a significant outgoing optimisation is key to ensure money isn’t wasted.

Microsoft 365 gives organisations more options, to ensure that users have what they need, and to remove “shelfware” that they don’t use. Varying packages from business basic to business premium, and everything in between, allows businesses to customise who gets what tools, and to optimise licences accordingly. Taking the time to look closely at who needs access to what applications is hugely important and analytics tools built into Microsoft 365 can be used to simplify this process.

Making the most of Microsoft 365

The good news is that organisations don’t need to go it alone. Daisy’s technical architects help to implement and optimise Microsoft 365 deployments and if you are already using Microsoft 365, our consultancy assessments can make sure you reap all the benefits for better performance and security.

We can also provide a choice of enterprise-class support and management packages to fulfil a range of support level and budget requirements, and with any of these great value-added services, you’ll be a Microsoft 365 power user in no time at all.

Additional services

  • When you buy Microsoft 365, remember that Microsoft manages the infrastructure but does not back up your data – we can help
  • We deliver training for users who are new to the Microsoft 365 product suite, to help them be more productive and collaborate with ease

About Michael WilsonMichael Wilson Cloud Expert

Michael is a Technical Delivery Manager with more than 20 years’ experience of designing, implementing, and managing enterprise grade, highly available solutions. Michael leads a team of Professional Service Architects and Solution Engineers, assisting them in the delivery of cutting edge, high performance, future proofed solutions into public or private cloud environments. Michael is passionate about keeping abreast of the latest technology released to market, empowering his team to investigate, produce and develop exciting solutions for our clients.

How Can Cloud Networking Drive Digital Transformation in the NHS?

Director of Sales Andy Riley highlights how cloud networking can improve the healthcare experience.

We have seen over the past year that the healthcare sector can transform at pace when it needs to. For instance, NHS Digital temporarily updated Summary Care Records with additional information on patients that health and care professionals could access to give the best care possible during the pandemic. More widely, COVID-19 vaccines and treatments have been developed on a global scale, with digital collaboration helping to make this possible. Often, healthcare at the patient level can also be one of the slowest sectors to evolve, with outdated IT systems and legacy infrastructure holding back change.

A more connected approach

With cost cutting still a focus, how can patient outcomes be improved whilst increasing efficiency and effectively using resources? The answer is by using a connected approach, with a focus on making data easily accessible. As we start to see increased use of connected healthcare devices, and with increasing amounts of patient information available digitally, it’s vital that a flexible and robust network infrastructure is in place to support these growing data volumes. Networks also need to adhere to the highest levels of security, as patient information is something many cyber criminals might try to get their hands on.

Looking to the cloud for answers

Healthcare providers today need effective cloud networking, which connects all the organisation’s resources, without the need for in-house servers and other associated infrastructure. Furthermore, modern cloud networking can make it far easier to access and integrate with other systems and they are secure, easy to deploy and simple to manage. As an on-demand service, cloud networking can help both to keep costs down and reduce the workload for healthcare IT teams.

More importantly, cloud networking can act as the conduit between different sources of data, giving healthcare staff the ability to view real-time information, and work efficiently with other team members across the health service. It can also make it easier to monitor users, and data from connected healthcare devices, to spot trends and deliver enhanced patient care. As new technologies come onstream, the NHS can make immediate use of them without being weighed down by legacy infrastructure, with cloud networks being easier to update.

The NHS is in a period of great change, but we must learn what the pandemic has taught us about the importance of having strong networks that make data easily accessible, whilst keeping it safe. ExtremeCloud™ IQ managed by Daisy provides that reliable and stable networking solution. Delivering clinical-grade cloud infrastructure management and built on a 4th generation cloud platform, networks can be monitored, managed, and continually optimised via a single interface. Giving the advantage of agility, security, scalability and the intelligence required of any health organisation.

This article was originally published in Public Sector Focus Magazine March/April 2021 Issue

SD-WAN FAQs

We answer some of the most frequently asked questions about SD-WAN

The buzz around SD-WAN has been around for a while. But with COVID-19 driving many UK businesses to evaluate and improve network agility, there are still understandably a lot of questions about the technology. Whether your company already uses SD-WAN or you are just starting your journey, here we answer some of the common questions that customers ask when they are considering SD-WAN to help inform your decisions when choosing the best-fit solution for you.

Got a question that is not listed here? Then please get in touch and our expert team will be happy to provide a personal response.

With much of the UK’s workforce now working from home, businesses must ensure they provide a secure, efficient remote working environment. Unsurprisingly, many home Internet connections are struggling to cope with the increase in bandwidth demand as well as provide the same watertight levels of security that an office network offers.

Working as an extension of your company network, SD-WAN maintains network security while maximising the performance and availability of business-critical applications, with homeworkers connected to the wide area network (WAN) via a secure overlay. This means staff can always depend on the applications they need to do their jobs – regardless of where they are working from – and employers can enjoy peace of mind knowing productivity and security are fully optimised. Oh, and families enjoy minimal disruption to their home connection!

As well as providing a better overall experience, SD-WAN can help businesses operate safely as they start to reopen offices, shops and branches. Whether you have one site or one thousand, you can deploy and configure network and security settings for every site with minimal effort or time spent. Additionally, SD-WAN gives you visibility and control of your networks, devices, users and traffic, helping you respond to changing demands and plan your business’ evolution. With the help of SD-WAN, businesses can rest assured that they can deliver a safe and secure post-pandemic environment, and deal with unexpected events or situations in the future.

SD-WAN is a key tool in the networking industry’s arsenal because it builds on the premise of software-defined networking (SDN), which we’re seeing as prevalent in the industry today. SDN allows you to implement more intuitive-based policies and rules on the network, and when you extend this over the wide area network (WAN) it allows more meaningful access to cloud and software-as-a-service (SaaS) applications. As businesses rely more on cloud-based data and applications, and support a larger distributed workforce, networks need to adapt to this new reality. SD-WAN makes the network more flexible than ever before, keeping pace with new customer requirements and changing business conditions.

As an overlay to an existing network, SD-WAN is easy to implement. By overlay, we mean we don’t necessarily have to change all of the circuits and Internet connectivity, rather start running proof of concepts, putting SD-WAN technology in certain points of the network, and building out a journey with the customer on how they want to adopt SD-WAN technology throughout their entire estate.

SD-WAN enables employee productivity by providing certain sets of features. For example quality of service (QoS) around certain applications such as voice, where voice traffic is prioritised over Internet traffic or email access. This means the QoS on a voice call is retained at all costs over other traffic on the network. Additionally, primary circuits and secondary circuits can be used to direct traffic in certain ways. For instance, accounting information can be routed back to head office using the primary MPLS link, while using standard Internet access via FTTC for email and non-business critical applications. With the introduction of LTE technology into the SD-WAN portfolio, you can rely on 4G or 5G connectivity to keep your sites up and running in the event of a primary circuit failover, all of which means your employees can carry on working while your circuits are being looked after.

An ever-growing skills shortage means businesses can’t always allocate engineers to go on training courses which in turn stops them from adopting new technologies. As an alternative, they can use service providers like Daisy to complement and extend their existing IT capabilities, helping them adopt modern technologies like SD-WAN while they concentrate on the day-to-day running of their business. A Managed SD-WAN service helps bridge the skills gap over both the short and the long term, providing project-based professional and engineering resources, as well as support services around change management, incident management, and break-fix maintenance.

Cyber Security Framework

Getting to Grips with NIST, Time to Focus on Discovery, Prevention and Response of Cyber Threats

The National Institute of Standards & Technology’s (NIST) cybersecurity framework is seen by many as a global gold standard when it comes to keeping businesses safe from cyber threats.

In many ways it’s the cyber security ‘bible’, so while it contains a huge amount of useful information, it’s all too easy to get lost in the detail…

To help you use the NIST framework more effectively, we are going to specifically look at the discovery of threats, how to prevent a breach, and how to respond to a cyber security incident.

No one wants to be breached, but speed is of the essence if you are…

The timely discovery of a cyber breach is critical to any organisation. The ‘identify’ and ‘detect’ elements of the NIST framework advises organisations to develop and implement effective ways to detect the occurrence of a successful cyber security breach. This can take many forms, but some of the key tools in an organisation’s arsenal include behaviour anomaly detection and the continual monitoring of systems.

However, scanning for breaches, anomalous behaviour and constantly checking data that hasn’t been infected by a virus is time consuming work – especially if conducted manually by internal staff. Automating this process can go a long way towards helping to lighten the load on security teams.

Powered by the latest AI and machine learning capabilities, a Security Information & Event Management (SIEM) platform can help automate many of your cyber security processes. This frees up cyber security teams to investigate potentially more serious breaches that can’t be dealt with automatically. If you do fall victim to a cyberattack, knowing about it quickly is an essential and can go a long way towards helping you minimise the damage.

Avoiding an attack in the first place

Not being breached in the first place should always be the aim. This is where the ‘protect’ element of the NIST framework comes in. At its core, protection is about developing and implementing appropriate safeguards to ensure critical business infrastructure is protected and services delivery ensured.

When it comes to prevention, three core areas are worth considering: network, cloud and end point. The network perimeter is changing and becoming ever more virtual, but that doesn’t mean it’s not important to protect with firewall, SD-WAN and DDoS protection technologies. Whether using public, private or hybrid cloud security responsibility lines can be blurred making understanding and enforcement of policy critical to good cyber hygiene. And finally, the end point or user is the most common breach vector so ensuring our users are safe whilst browsing the web, opening emails and downloading files cannot be overlooked as a key step in preventing cyber breaches.

Whilst prevention primarily covers having the right technologies on your side to limit or contain a successful attack, processes and people are important too; according to a report created by the UK government, 48% of businesses have a basic cybersecurity skills gap. Consider outside help in the form of co-managed or fully managed services, or even virtual Security Manager/CISO roles to act as an extension to your IT team.

Great technical defences can also be strengthened with user education. The NIST framework outlines the need for comprehensive awareness and training of all team members. After all, it’s one thing to have systems in place to prevent a hacker accessing sensitive information but quite another if the hacker can’t get in because staff didn’t fall victim to phishing e-mails in the first place.

Where do we go from here? A robust response:

A data breach doesn’t define your cyber security team, but how they respond to it, does. The respond and recover elements of the NIST framework include response planning, mitigation and recovery activities to ensure that the cyber security program is in a state of continuous improvement. Organisations should start with an incident response plan. This means looking at what solutions you have in place and what legal or regulatory requirements need to be taken into account when reacting to a breach (for instance, ensuring you inform regulators in a timely manner). Much like a choreographed fire drill helps to keep everyone calm and move to the nearest exit in an orderly manner, a response plan will ensure you don’t leave systems open to further attack and reduce the damage caused by the attack.

Another aspect to keep in mind is whether you have a backup and way to restore data if it is compromised. Ever-present ransomware attacks pose a huge danger to ‘business as usual’ as they can take systems down for days or even weeks and disrupt global operations. As such, being able to restore systems quickly can minimise the business impact. If the worst does happen, keeping your business running and your customers happy is essential.

Cyber security and operational resilience

This is where your cyber security planning crosses over into other areas of organisational resilience – namely business continuity and ICT continuity (or IT disaster recovery). If a cyber attack has caused a significant IT outage (for example, by corrupting or encrypting data), it’s important that you have the option to recover effectively to the last “clean” backup (your ICT continuity), and that your IT staff have documented, well-practiced procedures to recover the ICT services. It’s equally important that business continuity scenario exercises have been run to practice the senior management team in how they would manage a cyber breach.

It’s important that your cyber response plan links to the business continuity plan and ICT continuity plan to ensure that they will be triggered at the optimal time, and to ensure that the different owners of these plans understand how they fit together.

As part of your response plan, you should also think about what the organisation needs to do after you’ve ensured business as usual operations can continue. The NIST framework outlines that organisations should ensure the swift communication of breaches to all relevant parties, and this is supported in GDPR legislation with significant fines. This doesn’t just mean regulators, but also potentially your suppliers and customers. Once this has been done, it’s also important to take time to look back at what you can learn from a breach in your response planning. By conducting a full investigation, you can learn how cybercriminals breached systems and what can be improved to mitigate future attacks (including updated response plans).

You’re not in this alone

The NIST can be an intimidating framework to put into practice, but it can significantly strengthen your security posture and protect you against cybercrime. Whether it’s providing a complete suite of cyber security solutions that provide end to end protection, including backup and recovery, or filling in the gaps of your current systems, Daisy has your back.

Hiding in Plain Sight – Why IT Complexity is a Hacker’s Dream

By Steve Burden, Head of Security at Daisy Corporate Services

The saying ‘can’t see the wood for the trees’ is an apt one when it comes to cybersecurity. Complex IT environments are a cybercriminal’s dream, as they are typically harder to monitor, more difficult to secure and as a result, easier to breach. The last 12 months has seen IT complexity increase dramatically with the rise of mobile working leading to more devices being connected to corporate systems than ever before, and a proliferation of cloud services reshaping IT environments. Cybersecurity risk management is starting to become a bigger priority for many organisations, with 46% of respondents to a recent survey we conducted saying it was an essential part of ongoing homeworking strategies. But what do organisations need to focus on to improve cybersecurity in complex IT environments?

Forging a path through the forest

Today’s cybercriminals are becoming increasingly sophisticated at identifying and targeting weaknesses. It is therefore essential that organisations are able to forge a path through the complex forest of IT and map out all their endpoints and potential security vulnerabilities. However, as IT environments become more complex this is becoming increasingly difficult to do, requiring a huge team of cybersecurity professionals when such skills are in short supply. It’s clear that if organisations are to say ahead when it comes to cybersecurity, they need to take a technology-led approach.

SIEM’s the way

Implementing a security information and event management system (SIEM), is a great start, as it can gather intelligence across on-premises and cloud environments. Solutions such as Azure Sentinel can monitor each and every corporate device and user, alerting IT teams to suspicious activity or when systems have been compromised. Early detection is critical in helping minimise the impact of a breach.

One size can fit all

A good SIEM by itself isn’t enough to provide complete security. Businesses need core security systems to run alongside a SIEM: such as anti-virus/malware protection and data backup. All-in-one security solutions such as Acronis provide backup and security to cover mobiles, laptops, desktops, servers and virtual machines, alongside cloud suites such as Microsoft 365 and Google Workspace.

By using an integrated all-in-one solution, organisations can eliminate complexity and deliver new security capabilities while keeping costs down. Acronis, for example, lets organisations mix and match options across their IT estate for a solution that protects everything they need, in a way that suits them. Beyond the fast and reliable recovery of applications and data, such solutions also offer next-generation security based on artificial intelligence and machine learning for added protection.

With digital transformation continuing at pace as a result of the pandemic, IT complexity is only likely to increase. However, by using the right combination security solutions, organisations can keep their IT environments secure without having to hire huge numbers of staff.

This article first appeared in Networking Plus magazine

Networking: Trust Issues, Insecurity and How to Fix It All [Blog]

Product Manager Steve Burden gives practical, straightforward ways on how to keep your networks, your employees and your relationships with both on track.

67% of all cyber breaches involve credential theft, phishing, social engineering, or business email compromise[1]. Users are often the weak link in an otherwise secure environment; the unpredictable bull in the china shop of your security layer and this often creates an air of mistrust, which can sometimes lead to strained relationships between you and your employees.

But it isn’t their fault. They are fighting an uphill battle where they must perform every action relating to cybersecurity perfectly. It takes only one mistake to fall victim to a phishing attack, click on a link containing malware, or use the same credentials for multiple sites. This makes your organisation vulnerable to cyberattacks which completely bypass your expensive next-generation firewalls with complex policy configuration.

Training is important (and in fact is one of our main recommendations). However, deploying technology which complements human capabilities and bypasses human error is the most crucial step towards securing the workplace. There is no bad time to re-evaluate your end-user security technology stack but with today’s prevalence of homeworking and the increase in cloud apps, now is arguably a better time than ever.

Five key cybersecurity considerations:

Verify before you trust

Vulnerabilities can lie undetected for months – sometimes years.  Once one is discovered, attackers are quick to act before vulnerable end points are patched. Just because something is up to date today doesn’t mean it can’t be vulnerable tomorrow, and that means constant vigilance is paramount when dealing with end point security. Taking a zero-trust approach to security with technology such as Cisco Duo can help ensure every user and their device is properly authenticated and posture is assessed before accessing the network or applications.

Leverage the cloud

With more and more users working remotely, network-based security can only go so far. Protecting users as they roam, or even those working semi-permanently from home given recent events, is just as important as protecting them whilst they are in the office. Cloud-based solutions such as Cisco Umbrella make this easy, as well as allowing you to scale the solution up and down easily as requirements change, and protect users while they are on the move or on the sofa at home.

Train your staff

People make mistakes, we know this. However, it is pragmatic to provide regular and varied cybersecurity training to ensure these mistakes are minimised wherever possible. Make sure your users understand important preventative measures such as not reusing passwords, what not to share on social media and how to spot a phishing or malware website or email.

Don’t rely on passwords alone

The prevalence of credential theft and phishing shows the importance of not relying on password authentication alone and instead using multi-factor authentication (MFA) technology such as Cisco Duo. MFA requires multiple types of credentials before allowing access to a system – whether that is the remote access VPN or a particular application. Frequent additional authentication methods can include text message, hardware-based tokens (such as RSA keychains), or, as is now more frequently used, an application on a mobile phone.

Block the attack, not the consequences

It is significantly easier to prevent a cyberattack by stopping the payload rather than attempting to stop the result. For example, preventing an email with a phishing link from being delivered is more effective than relying on the user to identify a phishing attempt. And denying web traffic requests based on their reputation and content is more effective than relying on antivirus software to prevent a subsequent malware install. Cloud-based web security technology such as Cisco Umbrella, can provide a first line of defence in stopping threats as close to the source as possible.

How can Daisy help?

Daisy has many years’ experience in providing security technologies, with a longstanding partnership and accreditations with Cisco – as well as many others. If you know the solution you require, we can help scope and design it, before deploying and managing it on an ongoing basis. Alternatively, our Security Health Check is available to review your current cybersecurity policies and technologies, providing recommendations on which areas require the most attention. Please contact one of our security experts to find out more.

 

[1] Verizon 2020 Data Breach Investigations Report