As the threat landscape evolves and adversaries find new ways to exfiltrate and manipulate data, more organizations are adopting a zero trust strategy. However, many are only focusing attention on endpoints, leaving the database vulnerable to malicious attacks. Databases are the last line of defense against data exfiltration by cybercriminals. To combat this, it’s essential that zero-trust security controls are applied to critical database assets.

The zero trust information security model denies access to data and applications by default. Threat prevention is achieved by granting access to only networks and data utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices. Zero trust advocates these three core principles: 1) All entities are untrusted by default, 2) least privilege access is enforced, and 3) comprehensive security monitoring is implemented.

The traditional scope of cybersecurity was once considered to be perimeter protection of the enterprise network and associated data and applications. This castle-and-moat security model extends trust to all users and devices within the perimeter, allowing extensive or even unlimited access to assets within the castle. Despite massive investments in perimeter security defenses, cyber attackers can still access sensitive data. Zero trust is an evolution of security that no longer relies on castle-and-moat security to protect data environments. It moves enterprise cybersecurity away from over-reliance on perimeter-based security, including firewalls and other gating technologies, to create a barrier around an organization’s IT environment. 

The 2022 IBM Cost of a Data Breach Report, conducted by the Ponemon Institute, found the average total cost of a data breach reached an all-time high of $4.35 million. Implementing zero trust has a direct impact on potentially lowering the cost of a breach by limiting the risk of unauthorized access, insider threats, and malicious attacks. Just 41 percent of organizations in the study said they deployed a zero trust security framework. The 59 percent that didn’t deploy zero trust incurred an average of $1 million in greater breach costs compared to those that did deploy. 

While the initial goal of zero trust is to prevent data breaches, the core goal is data protection. Zero Trust Data Protection (ZTDP) is a new and evolving term for an approach to data protection based on the zero trust security model. Achieving ZTDP requires an effective data security and governance solution that can implement the zero trust model within the data environment. Privacera’s approach is built on three pillars:

Least privilege access control: Most cyber attacks occur when an attacker exploits privileged credentials. By imposing least privilege access-control restrictions on software and systems access, attackers cannot use higher-privilege or administrator accounts to install malware or damage the system. Strong user authentication and authorization: Providing a granular level of data access control across systems for different users by the client, partner, business unit, sub-contractor, customer, franchise, department, or by contractual terms requires unified authentication and authorization controls capable of scaling across large, distributed hybrid and multi-cloud environments.Data obfuscation, using encryption and/or masking: Organizations must be able to granularly encrypt or mask data at the table, column, row, field, and attribute level, not just the entire data set. This enables data science and analytics teams to use more data to build models and extract insights, drive new business opportunities, garner increased customer satisfaction, and optimize business efficiency.

The Cost of a Data Breach Report also noted security automation made the single biggest difference in the total cost of a data breach, making it more likely security best practices will be followed without fail. Zero trust should inform both what is protected and how access is controlled, while security automation can more efficiently put those zero trust principles into practice. The powerful combination of zero trust and Privacera security and governance automation helps your security team to more effectively apply data security controls as well as remediate incidents as quickly as possible — ensuring you maintain a stronger and more resilient security posture while reducing your cybersecurity risks.

Learn more about the emergence of data security governance for evolving zero trust strategies and get your roadmap to business success here.

Zero Trust

Nowadays, the world seems to experience once-in-a-century storms almost monthly. These cataclysmic weather events often cause extensive property damage, including major disruptions to the power grid that can cripple IT systems. More commonly, human error and power fluctuations can be just as costly and devastating to continued IT service delivery. To avoid costly outages and data loss, businesses must ensure continued operations with power protection delivered by a smart solution like Dell VxRail and the APC by Schneider Electric Smart UPS with PowerChute Network Shutdown software.

If the outage is prolonged, the Dell-APC solution enables remote shut down to protect IT systems and ensure a non-disruptive restart.

When the power goes out, gracefully shutting down connected IT devices — like servers, storage devices, and hyper-converged infrastructure (HCI) — helps prevent further damage to those devices. It also prevents loss of business data and damage to enterprise workloads and helps ensure a smoother process for restarting and getting the business back up and running.

Why is this so important? Because the cost of downtime can be catastrophic. Estimates of IT service downtime costs range from $80,000 an hour on the lower end of the scale to $5 million an hour for larger enterprises. And that doesn’t account for damage to business reputation — whether a retailer loses its POS systems, or a larger organization loses its online customer service and sales systems.

Dell Technologies VxRail

With so much at stake, a UPS with remote management capabilities is critical to protect the HCI system and workloads it supports. HCI systems, like Dell VxRail, have become the backbone for data centers and larger organizations. HCI has historically been used to support specific workloads like virtual desktops (VDI). However, it has emerged as a workhorse for running mission-critical workloads that require elevated levels of performance and availability. Enterprises should consider deploying an intelligent smart UPS like the Dell-APC PowerChute solution to protect those mission-critical workloads running on HCI.

While HCI is also well-suited for supporting multiple sites, losing power at remote sites can still cause system damage and data corruption. To prevent this type of damage, organizations must install a UPS at every HCI installation. Ideally, the UPS will keep systems operating throughout an outage. However, if an outage lasts too long, businesses must have a process in place to ensure an automated graceful shutdown, followed by a sequenced infrastructure restart. 

To gracefully shut down the HCI, the UPS must be able to communicate over a distributed network. Then it has to initiate a step-by-step restart sequence to ensure hardware and data protection. The automated restart should begin once power is restored. This automated remedy for power interruption can save time and money — and, ultimately, minimize downtime.

Integrated systems like Dell VxRail HCI and the APC by Schneider Electric Smart UPS with PowerChute Network Shutdown software can help businesses simplify and automate the process during catastrophic power outages and ensure business continuity by enabling graceful shutdown and the ability to simply move virtual machines to another system. This level of network protection acts as insurance against catastrophic downtime that could otherwise lead to the loss of all IT services.  

To learn more about how integrated IT solutions like Dell VxRail and the APC by Schneider Electric Smart UPS with PowerChute Network Shutdown software protect business data assets and ensure business continuity, please visit us here.

Watch this video to learn more:

Infrastructure Management, IT Leadership

Employee happiness is the hidden heartbeat of your business — especially for developers who require deep, uninterrupted focus to do their best work. So what’s the key to keeping everyone on your team engaged, focused, and forward-moving?

Step 1: Go deeper than surface-level task metrics

Pull requests, commits, and code reviews are the first start. Yes, your team is accomplishing tasks. But there’s more to the narrative. When busywork is high, so are these output metrics.

Step 2: Gain a humanized perspective through data

Take a holistic, human approach to measure the following using anonymous surveys:

Efficacy and satisfactionPerceptions about their own productivityFeelings about job satisfaction over time

Developer happiness is crucial to measure and leads to better engineering outcomes. We feel good when we advance meaningful goals.

Step 3: Gain a humanized perspective through data

Productivity drops when developers aren’t able to sustain a flow state — when interruptions, conflicting priorities, or unanswered questions disrupt their work. Here are a few common culprits.

Image

1. https://features.inside.com/were-living-in-a-world-of-distraction

2. https://ieeexplore.ieee.org/document/8666786

Stack Overflow

Step 4: Commit to proactive support

As problem-solvers and knowledge workers, developers work with their minds for a living. There’s a unique mix of emotional and mental health considerations to ensure that people do their best work. Here are some recommended areas for leadership teams to focus upon:

Image

Stack Overflow

Step 5: Level up your collaboration foundation

On engineering teams, neurodiversity is a superpower. With more perspectives, we can uncover new pathways to solving problems. The key to helping everyone feel supported is to create systems for knowledge-sharing and community. As a leader, one of the most powerful steps you can take is to bring your team into the discussion. Truly listen to their concerns and needs. Here are some high-level goals to strive towards:

Support remote work to help technologists focus on their work and control their work environments.Ensure that people have the right balance of collaboration time with long periods of protected time for deep work.Enable autonomy so that engineers can focus on remaining empowered and doing their best work.

To learn more, visit Stack Overflow.

IT Leadership

Due to Nigeria’s fintech boom borne out of its open banking framework, the Central Bank of Nigeria (CBN) has published a much-awaited regulation draft to govern open banking procedures. And at its core is the need to secure customer data through a robust set of requirements.

The regulations streamline how entities who handle customer banking information will secure their systems and share details within protected application program interfaces. They’ll also seek to standardize policies for all open banking participants, and come at a time when the country is enjoying a boom of fintech and banking services that have attracted international funding in the startup space.

According to the Africa Funding Startup 2021 report, Nigerian fintech has brought in more than half of the US$4.6 billion of total African startups, which underpins the growing need for more financial products, and facilitates greater data sharing across banking and payments systems that open banking provides.

For Emmanuel Morka, CIO at Access Bank Ghana, open banking is the future and enterprises should seize on the opportunity.

“Traditional banking is fading away,” he says. “Open banking is the only way you can set systems like agency banking, mobile banking and use dollars.”

He notes that fintech has been at the forefront of the open banking system in the region and believes it will spread across the continent. But wherever there’s money, there’s insecurity and the free exchange of application programming interface (API) across banking platforms has opened opportunities and risks as well. Unsecured systems and API channels can be a point of vulnerability.

Securing customer data

“One of my headaches as a CIO is no one is fully protected,” Morka said, adding that open banking has to ensure that customer data and assets aren’t compromised, so all endpoints in his organization must be fortified. The Operational Guidelines for Open Banking in Nigeria published by the CBN stress that customer data security is critical for the safety of the open banking model. The preliminary draft will guide the industry discussion before the final guidelines are put in place by the end of the year.

The foremost thing to secure data, according to Morka, is to expose fit-for-purpose data for consumption. This means that CIOs need to limit data accessibility to what is requested and can be used.

“I see open banking as an exposure of some data over a secured standardized channel to third parties for consumer banking,” he said. “I am the bridge between business and technology.”

He also says that it’s not only the core banking products that need protection but also tools on CRM and other software that centers on customer data.

The framework provided by the CBN also considers constant monitoring of systems of third-party API users in the open banking system. TeamApt, a Nigeria-based fintech startup, has helped over 300,000 businesses use its digital banking platform and is anchored in open banking.

The company sees legislation such as the Nigeria Data Protection Regulation (NDPR) as a big consideration for companies dealing with personal data.

“Due to the sheer size of personally identifiable information being shared, in the hands of bad actors, this data can be used to pilfer bank accounts, erode credit ratings, and conduct identity theft on a large scale,” said Tosin Eniolorunda, founder and CEO of TeamApt.

Organizations like banks also suffer using resources to recover stolen data, losing customer trust in the process, he said.

“These regulations ensure that customers have some sort of control over how their data is collected, processed and shared,” he says.

The Central Bank’s regulation has also factored in the NDPR requirements to craft how financial institutions manage customer data, and the regulations outline that consent is needed for use of customer data in open banking to avail them of financial products and services.

Six steps to achieve a secure open data platform

There are several steps IT experts can take to make sure customer data are in line with privacy laws, and that security across all systems is in place to shield these data points from leakage.

1. Technology leaders must have their systems and processes adhere to privacy laws and the final guidelines to be published by the CBN. “It’s important that executive teams work closely with lawyers who have the necessary data experience to advise on the requirements and implications of applicable regulations and guidelines like those released by the CBN on open banking,” says Eniolorunda.

2. Morka suggests that only a customer’s information that’s relevant to a transaction should be used—something he calls fit-for-purpose data. Not all data points need to be exposed during transactions. CIOs need to ascertain what type of data can be enough for transactions to securely take place.

3. Eniolorunda encourages the use of technology in know your customer (KYC) processes. Morka also says that the use of artificial intelligence (AI) should be implemented to make the process of KYC easier on financial institutions while making it accurate and efficient.

4. There needs to be constant evaluation of banking systems and APIs used in transactions, according to Morka. In terms of supply chains, Eniolorunda adds that companies must ensure that third-party vendors they use have the highest possible security standards, and the security programs of these vendors must be routinely audited and validated.

5. Customer education is key. Morka agrees that some technologies like smartphones and internet access have not reached most rural regions in African countries. This hinders the appropriate use of banking technology and slows down its adoption. For those who have embraced digital banking, constant education on how to keep their accounts secure is essential.

6. The collaboration between stakeholders will make the banking ecosystem robust and guide its growth. The CBN, through its Open Banking Guidelines, seeks to ensure that its oversight affords more collaboration for superior digital banking products for customers.

Banking, Data and Information Security

Cloud-based platforms, the “work from anywhere” culture, and other trends are upending traditional network monitoring. This is because some or all of the infrastructure is no longer owned by the IT organization, instead, relying on home network infrastructure, the Internet, and SaaS/public cloud networks.

A study by Dimensional Research reveals that current monitoring solutions are inadequate when it comes to supporting this growing scale and complexity as well as new technologies, devices, and network architectures. Some 97% of network and operations professionals report network challenges, for example, with the primary consequence being the impact on employee productivity (reported by 52%), followed by executives being brought into the loop because network issues are impacting the business (39%).

Network delivery of the user experience does not exist within the four walls of the data center anymore. With more employees working remotely and more workloads running on cloud platforms, it is harder to gain visibility into the end-to-end user experience. Network monitoring must reach services beyond the edge of the corporate infrastructure; it must utilize user-experience metrics through standard operating procedures and workflows to not only ensure reliable network delivery but an exceptional customer experience.

This large contact center outsourcer, for example, at one time managed 14 sites. Owing to the pandemic and call center agents working from home, that number has risen to 8,000 sites – and every connection is different. The challenge for the outsourcer is to keep operations running smoothly and to maintain the same quality as when call center services were centralized.

How network professionals can reimagine the digital experience

Network teams need a modern, innovative approach to managing digital experience in this new, complex ecosystem. Teams that transition will align themselves better with core business metrics and provide more value to their organization. Those that don’t will quickly be marginalized, becoming yet another IT organization where the CEO says, “they just don’t get it.”

Understanding the digital experience can be a moving target in a highly decentralized and hybrid enterprise world. As a result, network teams can’t choose between network performance monitoring and digital experience monitoring. They really need both. To solve this dilemma, IT leaders must rethink their network operations and evolve traditional NetOps strategies into modern Experience-Driven NetOps.

With Experience-Driven NetOps, organizations benefit from unified network visibility of digital services running on traditional and modern software-defined network architectures. This single pane of glass insight enables network professionals to understand, manage and optimize the performance of every digital service – through their standard troubleshooting procedures – from the core network to the edge, to the end-user.

Now is the time for action. To stay in front of change, organizations need to deliver experience-proven connections and ensure network operations teams are experience-driven. This modern monitoring approach is closely aligned with key business outcomes, improving customer experience and making the IT organization a better partner driving accelerated digital transformation.

You can learn more about how to tackle the challenges of modern network monitoring in this eBook, 4 Imperatives for Monitoring Modern Networks. Read now and discover how organizations can plan their monitoring strategy for the next-generation network technologies.

Networking